Skip Navigation

InitialsDiceBearhttps://github.com/dicebear/dicebearhttps://creativecommons.org/publicdomain/zero/1.0/„Initials” (https://github.com/dicebear/dicebear) by „DiceBear”, licensed under „CC0 1.0” (https://creativecommons.org/publicdomain/zero/1.0/)I
Posts
4
Comments
704
Joined
5 mo. ago

  • some people live in the European hellhole

    That's rich, coming from a country that can burn hundreds of billions of Dollars in Iran for abso-fucking-lutely nothing, but is somehow unwilling to give its own citizens universal health care or free access to higher education! 😄 But then again, crushing debt and lack of access to education / higher-paying jobs help make sure there are always fresh "volunteers" for the illegal wars of the oligarchs bringing the world democracy and free'm and shit, right?

  • I got other people on my network who prefer faster internet speeds over privacy, sadly. And I dont wanna be rude and just force them to do something they don’t want to do. (Even if it’s for the greater good)

    This would not impact internet speed for anyone else on your network. Whether they're connected via Ethernet or WiFi, they'd have the same speeds as before.

    As for a Wireguard connection tunnelling in from outside, it has so little overhead that it does not meaningfully impact speed or latency (I'd know, I use it every day).

    Also, you can set up the tunnel as a split tunnel. This means that

    • only traffic directed at your homeserver with the music server goes through the Wireguard tunnel while
    • any traffic directed at the open internet does not go through Wireguard, i.e. zero speed or latency penalty.

    Also attaching it to my router won’t work when I’m out travelling or away from home.

    I'm not sure what you mean by "it" here. Feel free to fill in the blank.

  • Alternative client: Tempus (formerly Tempo).

    If you're even savvier: set up Wireguard for remote access instead of relying on Tailscale. (Possibly simplified by wg-easy or your router's built-in Wireguard support.)

  • Easier solution: some routers have built-in VPN access. Mine supports a Wireguard and OpenVPN tunnel directly into my network.

    As for incorrectly tagged media files, Picard can fingerprint and auto-tag your files in batch.

  • There's more to machine learning than ChatGPT, but you couldn't tell that by reading the social media hot takes.

    No disagreement here. But I think you're taking people's words a little too literally.

    When people say they hate the "AI" at work, that they don't want "AI" crammed into everything and they don't want "AI" data centres to jack up their neighbourhood's water and energy costs, they are actually talking about LLMs. Nobody is objecting to the TTS/STT engine on their phones, to pattern-based threat recognition online or to cancer-spotting computer vision models in modern medicine. Nobody wants to stop or even ban machine learning as a whole. They just use the broad term "AI" for the much narrower AI subclass of LLMs.

  • Oh, hello then, neighbour. I was under the impression that "sunnies" is more of an Aussie expression.

  • We know. And yet: I'd take great peace from not having his demented rambles in my newsfeed every day, reminding me that this diapered buffoon is the leader of the U.S.

  • I don't care about the hill part. Get on with the dying already!

  • Aussie detected (?)

  • I sense a "we can't let Chy-na get there first" type of argument, but I may be wrong.

  • *crickets*

  • You've accurately described why having LLMs cobble together code is a terrible idea. With all the vibe-coded nonsense finding its way into production code because the amount of code generated in a short amount of time inevitably overwhelms human oversight, I wouldn't want to work in cybersec these days.

    That said, I do see applications for LLMs in areas where mistakes will not get people hurt or systems breached: they can

    • provide a first layer of customer and tech support to solve the really stupid stuff that needs no human attention ("Have you made sure that the device is plugged in? Have you tried turning it off and on again?"). This can be particularly useful when paired with a source of truth it can draw from.
    • do tedious tasks involving large amounts of text processing, e.g. automated translation, cross-referencing of legal texts.
    • provide pre-college learners with a tutor that is available 24/7, can explain simple academic subject matters and answer questions that naturally arise as part of every learning process. Again, pair with a source of truth for more reliable results.
  • Imo, LLMs do have a purpose (and their ethical sourcing problems, like you mentioned).

    It's just that right now, Silicon Valley sells it as the answer to every single problem out there when it clearly isn't. A hammer is good for putting nails in the wall. Silicon Valley claims you can also use it to do your toenails, gullible managers mandate its use for that purpose, and now the waiting rooms are chock-full with people with broken toes...

    Also, AI can be so much more than just LLMs.

  • If by "AI" they mean "oligarch-owned and controlled AI", we have common ground here. But then again, that is true of anything owned and monopolised by these people humanoids. Case in point: only few people will agree that...

    • oligarch-owned media empires have a positive impact on society
    • oligarch-owned social media networks have a positive impact on society
    • oligarch-owned space companies have a positive impact on society
    • ...

    The problem is not with the tech. The problem is that the tech is in the hands of a small clique of sociopaths.

  • Word! I wouldn't even say that LLMs and other generative AI are a problem*. Locally run, i.e. in the hands of the people, and used on the right task, they can be a great tool! People are just fed up with centralised oligarch tech shoved down their throats in pursuit of the Epstein class' pipe dream: lay everybody off, automate (almost) all production and keep the profits to yourself.

    * well, as long as you don't look to closely at how they were trained in the first place...

  • My thoughts exactly. If were one of the negotiators, I'd ask staff to leave my half-empty glass of water right where it is on the table. "Tuesday's coming up. I'll drink the rest tomorrow, love!"

  • In the interview, Diachenko put it more succinctly. “The scale is the sophistication,” he said.

    The scale shows dedication (and deep pockets). The methods used - apart from the recursive dictionary attacks - were pretty mundane, as far as the report goes.

    They then used a custom binary with 25,000 threads to spray hundreds of thousands of those endpoints with thousands of login and password combinations. Successful attempts now gave the attackers a “network tap inside the organization.”

    Shouldn't these fairly unsophisticated "spray-and-pray" brute force attempts show up in logs and at least alert security personnel that an active attack was underway?

    the attackers went on to “actively intercept SSL VPN authentication hashes and crack them using a massive, dedicated 45-GPU cluster managed via Hashtopolis.” From there, they used the GPU cluster to crack the hashes, meaning to try massive combinations of plain-text passwords until they found the right one.

    Again, not particularly sophisticated, but supported by heavy machinery to burn energy and money to do the actual work. Again, I ask: shouldn't these types of attempts be mitigated by sufficiently long hashes? Even a 45-GPU cluster can be exhausted by hash length, can't it?

  • Self-cuckage is my favourite type of cuckage!