Long COVID Is Being Erased — Again – The Atlantic
Ed Yong is back writing again!
Most Americans simply aren’t thinking about COVID with the same acuity they once did; the White House long ago zeroed in on hospitalizations and deaths as the measures to worry most about. And what was once outright denial of long COVID’s existence has morphed into something subtler: a creeping conviction, seeded by academics and journalists and now common on social media, that long COVID is less common and severe than it has been portrayed—a tragedy for a small group of very sick people, but not a cause for societal concern. This line of thinking points to the absence of disability claims, the inconsistency of biochemical signatures, and the relatively small proportion of severe cases as evidence that long COVID has been overblown. “There’s a shift from ‘Is it real?’ to ‘It is real, but …,’” Lekshmi Santhosh, the medical director of a long-COVID clinic at UC San Francisco, told me. Yet long COVID is a substantial and ongoing crisis—one that affects millions of people. However inconvenient that fact might be to the current “mission accomplished” rhetoric, the accumulated evidence, alongside the experience of long haulers, makes it clear that the coronavirus is still exacting a heavy societal toll.
(tags: long-covid ed-yong covid-19 health medicine society healthcare)
OpenAI’s hunger for data is coming back to bite it
Spot on:
The company could have saved itself a giant headache by building in robust data record-keeping from the start, she says. Instead, it is common in the AI industry to build data sets for AI models by scraping the web indiscriminately and then outsourcing the work of removing duplicates or irrelevant data points, filtering unwanted things, and fixing typos. These methods, and the sheer size of the data set, mean tech companies tend to have a very limited understanding of what has gone into training their models.
(tags: training data provenance ai ml common-crawl openai chatgpt data-protection privacy)
-
she really gets it. Lots of interesting thoughts
(tags: holly-herndon ai music ml future tech sampling spawning)
Justin's Linklog Posts
-
“Scheduling compute workloads to chase green energy can be counter-productive” — Adrian Cockroft:
I suggest that the best policy is to optimize your workloads so that they can run on fewer more highly utilized instances, minimize your total footprint in Asia where possible, and to use the spot market price as a guide for when to run workloads.
(tags: adrian-cockroft scheduling cloud ops green sustainability cron)
-
TIL you can run ethernet over coax at 2.5gbps. Long gone are the days of vampire taps and 10BASE2
Prompt injection: what’s the worst that can happen?
Good roundup from Simon Willison on this brave new world of exploits. ‘Any time you see anyone demonstrating a new application built on top of LLMs, join me in being the squeaky wheel that asks “how are you taking prompt injection into account?”’
“Why Banker Bob (still) Can’t Get TLS Right: A Security Analysis of TLS in Leading UK Banking Apps”
Jaysus this is a litany of failure.
Abstract. This paper presents a security review of the mobile apps provided by the UK’s leading banks; we focus on the connections the apps make, and the way in which TLS is used. We apply existing TLS testing methods to the apps which only find errors in legacy apps. We then go on to look at extensions of these methods and find five of the apps have serious vulnerabilities. In particular, we find an app that pins a TLS root CA certificate, but do not verify the hostname. In this case, the use of certificate pinning means that all existing test methods would miss detecting the hostname verification flaw. We also find one app that doesn’t check the certificate hostname, but bypasses proxy settings, resulting in failed detection by pentesting tools. We find that three apps load adverts over insecure connections, which could be exploited for in-app phishing attacks. Some of the apps used the users’ PIN as authentication, for which PCI guidelines require extra security, so these apps use an additional cryptographic protocol; we study the underlying protocol of one banking app in detail and show that it provides little additional protection, meaning that an active man-in-the-middle attacker can retrieve the user’s credentials, login to the bank and perform every operation the legitimate user could.
See also: https://www.synopsys.com/blogs/software-security/ineffective-certificate-pinning-implementations/(tags: ssl tls certificates certificate-pinning security infosec banking apps uk pci mobile)
Using DuckDB to repartition parquet data in S3
Wow, DuckDB is very impressive — I had no idea it could handle SELECTs against Parquet data in S3:
A common pattern to ingest streaming data and store it in S3 is to use Kinesis Data Firehose Delivery Streams, which can write the incoming stream data as batched parquet files to S3. You can use custom S3 prefixes with it when using Lambda processing functions, but by default, you can only partition the data by the timestamp (the timestamp the event reached the Kinesis Data Stream, not the event timestamp!). So, a few common use cases for data repartitioning could include: Repartitioning the written data for the real event timestamp if it’s included in the incoming data; Repartitioning the data for other query patterns, e.g. to support query filter pushdown and optimize query speeds and costs; Aggregation of raw or preprocessed data, and storing them in an optimized manner to support analytical queries.
(tags: duckdb repartitioning s3 parquet orc hive kinesis firehose)
Timnit Gebru’s anti-‘AI pause’
Couldn’t agree more with Timnit Gebru’s comments here:
What is your appeal to policymakers? What would you want Congress and regulators to do now to address the concerns you outline in the open letter? Congress needs to focus on regulating corporations and their practices, rather than playing into their hype of “powerful digital minds.” This, by design, ascribes agency to the products rather than the organizations building them. This language obfuscates the amount of data that is being collected — and the amount of worker exploitation involved with those who are labeling and supplying the datasets, and moderating model outputs. Congress needs to ensure corporations are not using people’s data without their consent, and hold them responsible for the synthetic media they produce — whether it is text or media spewing disinformation, hate speech or other types of harmful content. Regulations need to put the onus on corporations, rather than understaffed agencies. There are probably existing regulations these organizations are breaking. There are mundane “AI” systems being used daily; we just heard about another Black man being wrongfully arrested because of the use of automated facial analysis systems. But that’s not what we’re talking about, because of the hype.
-
This is amazing — using GPT-3.5 to convert a natural-language query into SQL applied to a specific dataset, in these examples, San Francisco city data and US public census data:
With CensusGPT, you can ask any question related to census data in natural language. These natural language questions get converted to SQL using GPT-3.5 and are then used to query the census database. Here are some examples: – Five cities with a population over 100,000 and lowest crime – 10 highest income areas in california Here is a similar example from sfGPT: – Which four neighborhoods had the most crime in San Francisco in 2021?
(tags: sfgpt censusgpt textsql natural-language gpt-3.5 sql querying search open-source)
Exploring performance differences between Amazon Aurora and vanilla MySQL | Plaid
This is a major difference between vanilla MySQL and Amazon Aurora (and a potentially major risk!):
because Aurora MySQL primary and replica instances share a storage layer, they share a set of undo logs. This means that, for a REPEATABLE READ isolation level, the storage instance must maintain undo logs at least as far back as could be required to satisfy transactional guarantees for the primary or any read replica instance. Long-running replica transactions can negatively impact writer performance in Aurora MySQL—finally, an explanation for the incident that spawned this investigation. The same scenario plays out differently in vanilla MySQL because of its different model for undo logs. Vanilla MYSQL: there are two undo logs – one on the writer, and one on the reader. The performance impact of an operation that prevents the garbage collection of undo log records will be isolated to either the writer or the reader. Aurora MySQL: there is a single undo log that is shared between the writer and reader. The performance impact of an operation that prevents the garbage collection of undo log records will affect the entire cluster.
(tags: aurora aws mysql performance databases isolation-levels)
-
Comparison site for electric cars; actually has a realistic model of genuine range for each EV. Full details on charging connectors, charge curves (for charging speed), etc.
The Black Magic of (Java) Method Dispatch
Some fascinating details of low-level Java performance optimization, particularly with JIT applied to OO method dispatch:
Programming languages like Java provide the facilities for subtyping/polymorphism as one of the ways to construct modular and reusable software. This language choice naturally comes at a price, since there is no hardware support for virtual calls, and therefore runtimes have to emulate this behavior. In many, many cases the performance of method dispatch is not important. Actually, in a vast majority of cases, the low-level performance concerns are not the real concerns. However, there are cases when method dispatch performance is important, and there you need to understand how dispatch works, what runtimes optimize for you, and what you can do to cheat and/or emulate similar behavior in your code. For example, in the course of String Compression work, we were faced with the problem of selecting the coder for a given String. The obvious and highly maintainable approach of creating a Coder interface, a few implementations, and dispatching the virtual calls over it, had met some performance problems on the very tiny benchmarks. Therefore, we needed to contemplate something better. After a few experiments, this post was born as a reference for others who might try to do the same. This post also tangentially touches the inlining of virtual calls, as the natural thing during the optimization.
Discovered via this amazing commit: https://github.com/quarkusio/quarkus/commit/65dd4d43e2644db1c87726139280f9704140167c(tags: optimization performance java oo jit coding polymorphism)
MariaDB.com is dead, long live MariaDB.org
Oof. Looks like the commercial company behind MariaDB is going south quickly:
Monty, the creator of MySQL and MariaDB founder, hasn’t been at a company meeting for over a year and a half. The relationship between Monty and the CEO, Michael Howard, is extremely rocky. At a company all-hands meeting Monty and Michael Howard were shouting at each other while up on stage in the auditorium in front of the entire staff. Monty made his position perfectly clear as he shouted his last words before he walked out: “You’re killing my fu&#@$! company!!!” Monty was subsequently voted off the board in July of 2022 solidifying the hostile takeover by Michael Howard. Buyer beware, Monty and his group of founders and database experts are no longer at the company.
At least the open-source product is still trustworthy, though.(tags: databases storage mariadb software open-source companies)
Google “raters” say they don’t have enough time to verify correct answers from Bard
Contractors say they have a set amount of time to complete each task, like review a prompt, and the time they’re allotted for tasks can vary wildly — from as little as 60 seconds to more than several minutes. Still, raters said it’s difficult to rate a response when they are not well-versed in a topic the chatbot is talking about, including technical topics like blockchain for example. Because each assigned task represents billable time, some workers say they will complete the tasks even if they realize they cannot accurately assess the chatbot responses. “Some people are going to say that’s still 60 seconds of work, and I can’t recoup this time having sat here and figured out I don’t know enough about this, so I’m just going to give it my best guess so I can keep that pay and keep working,” one rater said.
(tags: google raters contractors fact-checking verification llms bard facts)
CAN Injection: keyless car theft
detailed description of the attack process in use currently by car thieves to steal vehicles by injecting key-unlock signal frames into the CAN bus
(tags: can-bus security cars driving infosec exploits can-injection)
Nintendo Will Repair Out-Of-Warranty Joy-Con For Free In The UK, EEA, Switzerland
FINALLY
(tags: nintendo joycons hardware repair warranty joycon-drift)
Three ways AI chatbots are a security disaster | MIT Technology Review
yyyyyup.
Because the AI-enhanced virtual assistants scrape text and images off the web, they are open to a type of attack called indirect prompt injection, in which a third party alters a website by adding hidden text that is meant to change the AI’s behavior. Attackers could use social media or email to direct users to websites with these secret prompts. Once that happens, the AI system could be manipulated to let the attacker try to extract people’s credit card information, for example. Malicious actors could also send someone an email with a hidden prompt injection in it. If the receiver happened to use an AI virtual assistant, the attacker might be able to manipulate it into sending the attacker personal information from the victim’s emails, or even emailing people in the victim’s contacts list on the attacker’s behalf.
(tags: chatgpt prompt-injection security exploits gpt-4)
-
‘standing for “transhumanism, extropianism, singularitarianism, cosmism, Rationalism, Effective Altruism, and longtermism.”’ Good explainer thread
(tags: tescreal transhumanism extropianism singularitarianism cosmism rationalism effective-altruism longtermism)
-
I’m not sure who is advising GitHub, but the suggestion that the unauthorized use of “publicly available data is consistent with global copyright laws” is a fantastical claim, for any number of reasons, and that’s even before addressing the ridiculous notion that machines learn “much as humans have done throughout history.”
Hey, did you know inkjet cartridges are region-locked? – The Verge
well, looks like I won’t ever buy another HP printer
(tags: inkjets hp region-locking consumer-rights bullshit)
A misleading open letter about sci-fi AI dangers ignores the real risks
This essay is spot on about the recent AI open letter from the Future of Life Institute, asking for “a 6-month pause on training language models “more powerful than” GPT-4”:
Over 1,000 researchers, technologists, and public figures have already signed the letter. The letter raises alarm about many AI risks: “Should we let machines flood our information channels with propaganda and untruth? Should we automate away all the jobs, including the fulfilling ones? Should we develop nonhuman minds that might eventually outnumber, outsmart, obsolete and replace us? Should we risk loss of control of our civilization?” We agree that misinformation, impact on labor, and safety are three of the main risks of AI. Unfortunately, in each case, the letter presents a speculative, futuristic risk, ignoring the version of the problem that is already harming people. It distracts from the real issues and makes it harder to address them. The letter has a containment mindset analogous to nuclear risk, but that’s a poor fit for AI. It plays right into the hands of the companies it seeks to regulate.
Couldn’t agree more.
AI and the American Smile. How AI misrepresents culture through a facial expression
There are 18 images in the Reddit slideshow [a series of Midjourney-generated images of “selfies through history”] and they all feature the same recurring composition and facial expression. For some, this sequence of smiling faces elicits a sense of warmth and joyousness, comprising a visual narrative of some sort of shared humanity […] But what immediately jumped out at me is that these AI-generated images were beaming a secret message hidden in plain sight. A steganographic deception within the pixels, perfectly legible to your brain yet without the conscious awareness that it’s being conned. Like other AI “hallucinations,” these algorithmic extrusions were telling a made up story with a straight face — or, as the story turns out, with a lying smile. […] How we smile, when we smile, why we smile, and what it means is deeply culturally contextual.
(tags: ai america culture photography midjourney smiling smiles context history)
-
“Social media and newspapers are flooded with myths about heat pumps. Let’s take them one by one in this post.”
(tags: myths mythbusting heat-pumps heating house home)
Belgian man dies by suicide following exchanges with chatbot
Grim. This is the downside of LLM-based chatbots with ineffective guardrails against toxic output.
“Without these conversations with the chatbot, my husband would still be here,” the man’s widow has said, according to La Libre. She and her late husband were both in their thirties, lived a comfortable life and had two young children. However, about two years ago, the first signs of trouble started to appear. The man became very eco-anxious and found refuge with ELIZA, the name given to a chatbot that uses GPT-J, an open-source artificial intelligence language model developed by EleutherAI. After six weeks of intensive exchanges, he took his own life.
There’s a transcript of the last conversation with the bot here: https://news.ycombinator.com/item?id=35344418 .(tags: bots chatbots ai gpt gpt-j grim future grim-meathook-future)
draft-ietf-httpapi-idempotency-key-header-02
Adding an “Idempotency-Key:” header to HTTP to control idempotent operation on REST APIs. (via Tomasz Nurkiewicz)
(tags: via:nurkiewicz idempotency http standards ietf rest apis)
SARS-CoV-2 is a “textbook virus”
Excellent thread from Dr. Michael Mina:
Ive written SARS-CoV-2 is a “textbook virus” • Textbook does NOT mean mild; • Textbook viruses kill people; • Textbook viruses harm long-term immunity; • Textbook viruses cause dizzying amounts of poorly understood debilitating problems I explain w examples here!
(tags: virology covid-19 sars-cov-2 viruses medicine)
What Will Transformers Transform? – Rodney Brooks
This is a great essay on GPT and LLMs:
Roy Amara, who died on the last day of 2007, was the president of a Palo Alto based think tank, the Institute for the future, and is credited with saying what is now known as Amara’s Law: “We tend to overestimate the effect of a technology in the short run and underestimate the effect in the long run.” This has been a common problem with Artificial Intelligence, and indeed of all of computing. In particular, since I first became conscious of the possibility of Artificial Intelligence around 1963 (and as an eight year old proceeded to try to build my own physical and intelligent computers, and have been at it ever since), I have seen these overestimates many many times.
and:I think that GPTs will give rise to a new aphorism (where the last word might vary over an array of synonymous variations): “If you are interacting with the output of a GPT system and didn’t explicitly decide to use a GPT then you’re the product being hoodwinked.” I am not saying everything about GPTs is bad. I am saying that, especially given the explicit warnings from OpenAI, that you need to be aware that you are using an unreliable system. Using an unreliable system sounds awfully unreliable, but in August 2021 I had a revelation at TED in Monterey, California, when Chris Anderson (the TED Chris), was interviewing Greg Brockman, the Chairman of Open AI about an early version of GPT. He said that he regularly asked it questions about code he wanted to write and it very quickly gave him ideas for libraries to use, and that was enough to get him started on his project. GPT did not need to be fully accurate, just to get him into the right ballpark, much faster than without its help, and then he could take it from there. Chris Anderson (the 3D robotics one, not the TED one) has likewise opined (as have responders to some of my tweets about GPT) that using ChatGPT will get him the basic outline of a software stack, in a well tread area of capabilities, and he is many many times more productive than with out it. So there, where a smart person is in the loop, unreliable advice is better than no advice, and the advice comes much more explicitly than from carrying out a conventional search with a search engine. The opposite of useful can also occur, but again it pays to have a smart human in the loop. Here is a report from the editor of a science fiction magazine which pays contributors. He says that from late 2022 through February of 2023 the number of submissions to the magazine increased by almost two orders of magnitude, and he was able to determine that the vast majority of them were generated by chatbots. He was the person in the loop filtering out the signal he wanted, human written science fiction, from vast volumes of noise of GPT written science fiction. Why should he care? Because GPT is an auto-completer and so it is generating variations on well worked themes. But, but, but, I hear people screaming at me. With more work GPTs will be able to generate original stuff. Yes, but it will be some other sort of engine attached to them which produces that originality. No matter how big, and how many parameters, GPTs are not going to to do that themselves. When no person is in the loop to filter, tweak, or manage the flow of information GPTs will be completely bad. That will be good for people who want to manipulate others without having revealed that the vast amount of persuasive evidence they are seeing has all been made up by a GPT. It will be bad for the people being manipulated. And it will be bad if you try to connect a robot to GPT. GPTs have no understanding of the words they use, no way to connect those words, those symbols, to the real world. A robot needs to be connected to the real world and its commands need to be coherent with the real world. Classically it is known as the “symbol grounding problem”. GPT+robot is only ungrounded symbols. It would be like you hearing Klingon spoken, without any knowledge other than the Klingon sound stream (even in Star Trek you knew they had human form and it was easy to ground aspects of their world). A GPT telling a robot stuff will be just like the robot hearing Klingonese. My argument here is that GPTs might be useful, and well enough boxed, when there is an active person in the loop, but dangerous when the person in the loop doesn’t know they are supposed to be in the loop. [This will be the case for all young children.] Their intelligence, applied with strong intellect, is a key component of making any GPT be successful.
(tags: gpts rodney-brooks ai ml amaras-law hype technology llms future)
Employees Are Feeding Sensitive Business Data to ChatGPT
How unsurprising is this? And needless to say, a bunch of that is being reused for training:
In a recent report, data security service Cyberhaven detected and blocked requests to input data into ChatGPT from 4.2% of the 1.6 million workers at its client companies because of the risk of leaking confidential information, client data, source code, or regulated information to the LLM. In one case, an executive cut and pasted the firm’s 2023 strategy document into ChatGPT and asked it to create a PowerPoint deck. In another case, a doctor input his patient’s name and their medical condition and asked ChatGPT to craft a letter to the patient’s insurance company.
GitHub Copilot is open to remote prompt-injection attacks
GitHub Copilot is also based on a large language model. What does indirect prompt injection do to it? Again, we demonstrate that, as long as an attacker controls part of the context window, the answer is: pretty much anything. Attackers only have to manipulate the documentation of a target package or function. As you reference and use them, this documentation is loaded into the context window based on complex and ever-changing heuristics. We show […] how importing a synthetic library can lead Copilot to introduce subtle or not-so-subtle vulnerabilities into the code generated for you.
(tags: injection copilot security exploits github llms chatgpt)
systemd on Proxmox freaks out at Irish DST
many reports from Proxmox users across Ireland — seems there’s a bug in systemd timezone code when handling daylight savings in the Europe/Dublin timezone (which is unique because it causes “mktime moving backward for change to “summer time” […] as for them the summer time is the standard time”. (via Kiall)
(tags: via:kiall proxmox dst daylight-savings timezones ireland systemd)
Google and Microsoft’s chatbots are already citing one another in a misinformation shitshow
What we have here is an early sign we’re stumbling into a massive game of AI misinformation telephone, in which chatbots are unable to gauge reliable news sources, misread stories about themselves, and misreport on their own capabilities. In this case, the whole thing started because of a single joke comment on Hacker News. Imagine what you could do if you wanted these systems to fail. It’s a laughable situation but one with potentially serious consequences. Given the inability of AI language models to reliably sort fact from fiction, their launch online threatens to unleash a rotten trail of misinformation and mistrust across the web, a miasma that is impossible to map completely or debunk authoritatively. All because Microsoft, Google, and OpenAI have decided that market share is more important than safety.
(tags: google ai ml microsoft openai chatgpt trust spam misinformation disinformation)
Vatican flag SVG on Wikimedia Commons was incorrect for 5 years, and widely copied
In 2017 a Wikimedia Commons user changed the inside of the tiara to red because that’s how it appears on the Vatican Coat of Arms. But this assumption turned out to be faulty, because the official flag spec sheet uses different colors than the Coat of Arms. The mistake was quickly noticed by an anonymous IP who wrote an extensive and well-researched explanation of the error on the file’s talk page. Unfortunately, nobody read it, and the mistake lived on for 5 years before another user noticed it and reverted the file.
-
“A very compact representation of an image placeholder. Store it inline with your data and show it while the real image is loading for a smoother loading experience.”
(tags: graphics images webdev compression lossy thumbnails)
new LFP batteries will unlock cheaper electric vehicles
Lithium ferrous phosphate (LFP) batteries, the type to be produced at the new [Ford] plant are a lower-cost alternative to the nickel- and cobalt-containing batteries used in most electric vehicles in the US and Europe today. While the technology has grown in popularity in China, Ford’s factory, developed in partnership with the Chinese battery giant CATL, marks a milestone in the West. By cutting costs while also boosting charging speed and extending lifetime, LFP batteries could help expand EV options for drivers.
(tags: lfp technology ev cars batteries renewable-energy)
You Broke Reddit: The Pi-Day Outage : RedditEng
Quality post-mortem writeup of last week’s Reddit outage. tl;dr: an in-place Kubernetes upgrade broke it. We use blue/green deployments — with two separate parallel k8s clusters — in order to avoid this risk, as k8s upgrades are very very risky in our experience; tiny “minor” changes often seem to cause breakage.
(tags: k8s kubernetes outages reddit ops post-mortems)
Superb thread on effective AI regulation
from Baldur Bjarnason:
First, you clarify that for the purposes of Section 230 protection (or similar), whoever provides the AI as a service is responsible for its output as a publisher. If Bing Chat says something offensive then Microsoft would be as liable as if it were an employee; You’d set a law requiring tools that integrate generative AI to attach disclosures to the content. Gmail/Outlook should pop up a notice when you get an email that their AI generated. Word/Docs should have metadata fields and notices when you open files that have used built-in AI capabilities. AI chatbots have to disclose that they are bots. Copilot should add a machine-parsable code comment. You could always remove the metadata, but doing so would establish an intent to deceive; Finally, you’d mandate that all training data sets be made opt-in (or that all of its contents are released under a permissive license) and public. Heavy fines for non-disclosure. Heavy fines for violating opt-in. Even heavier fines for lying about your training data set. Make every AI model a “vegan” model. Remove every ethical and social concern about the provenance and rights regarding the training data.
I think #3 in particular is the most important of all.(tags: ai regulation data-privacy training llm ethics)
Bing Chat is still vulnerable to hidden prompt injection attacks
happily parses hidden text in webpages, acting on information there that isn’t visible to human viewers. Related: https://twitter.com/matteosonoioo/status/1630941926454185992/photo/1 , where Matteo Contrini demonstrated an attack to turn it into a scammer with prompt injection.
(tags: bing-chat bing chatgpt openai prompt-injection exploits attacks hidden-text)
Pop Culture Pulsar: Origin Story of Joy Division’s Unknown Pleasures Album Cover
Great dig into the CP1919 pulsar signal plot that was used for “Unknown Pleasures”:
This plotting of sequences like this, it started just a little bit earlier when we were looking at potentially drifting subpulses within the major pulse itself. So, the thought was, well, is there something like this peak here, which on the next pulse moves over here, and then moves over here, and over there. Actually, would be moving this way in that case – either way. I think Frank Drake and I published a paper in Science Magazine on exactly that issue – suggesting there might be drifting subpulses within the major pulse, which would then get back to the physics of what was causing the emission in the first place. So, then the thought was, well let’s plot out a whole array of pulses, and see if we can see particular patterns in there. So that’s why, this one was the first I did – CP1919 – and you can pick out patterns in there if you really work at it. But I think the answer is, there weren’t any that were real obvious anyway. I don’t really recall, but my bet is that the first one of these that I did, I didn’t bother to block out the stuff, and I found that it was just too confusing. So then, I wrote the program so that I would block out when a hill here was high enough, then the stuff behind it would stay hidden. And it was pretty easy to do from a computer perspective.
(tags: design joy-division music science physics pulsars astronomy cp1919 dataviz)
moyix/gpt-wpre: Whole-Program Reverse Engineering with GPT-3
This is a little toy prototype of a tool that attempts to summarize a whole binary using GPT-3 (specifically the text-davinci-003 model), based on decompiled code provided by Ghidra. However, today’s language models can only fit a small amount of text into their context window at once (4096 tokens for text-davinci-003, a couple hundred lines of code at most) — most programs (and even some functions) are too big to fit all at once. GPT-WPRE attempts to work around this by recursively creating natural language summaries of a function’s dependencies and then providing those as context for the function itself. It’s pretty neat when it works! I have tested it on exactly one program, so YMMV.
(tags: gpt-3 reverse-engineering ghidra decompilation reversing llm)
-
Jesus — the legality of the poorly-policed Common Crawl training data is WAY worse than I thought, check this out:
When Lapine used it to scan the LAION database, she found an image of her own face. She was able to trace this image back to photographs taken by a doctor when she was undergoing treatment for a rare genetic condition. The photographs were taken as part of her clinical documentation, and she signed documents that restricted their use to her medical file alone. The doctor involved died in 2018. Somehow, these private medical images ended up online, then in Common Crawl’s archive and LAION’s dataset.
Surely this is a straight-up violation of patient confidentiality laws?! This is appalling. LAION’s FAQs are useless regarding this; as Lapine isn’t in the EU, they can’t even use GDPR to request its removal, and even if they were, these medical images don’t contain enough data to qualify under LAION’s rules.(tags: ai ml fair-use copyright common-crawl training laion photos medical-data hipaa)
Vintage Sunglasses and Vintage Eyewear from Klasik.Org
it’s coming up to new specs time… some amazing Michael Caine style here
The Yvan Collection – Curry & Paxton
More retro specs action
(tags: retro vintage specs tvan curry-and-paxton michael-caine glasses shopping)
Cat6a FTP Tool-Less Keystone Module
For future use — CAT6A cable endpoints which don’t require tricky crimping: “no crimp tool required at all, very much worth the extra cost, and they clip into the wall sockets or a patch panel … you can do them with your fingers and a flush snips to get rid of the ends after you push the wires in” says Adam C on ITC Slack, at https://irishtechcommunity.slack.com/archives/C11BG27L2/p1678841261913069
Infra-Red, In Situ (IRIS) Inspection of Silicon
Cool:
This post introduces a technique I call “Infra-Red, In Situ” (IRIS) inspection. It is founded on two insights: first, that silicon is transparent to infra-red light; second, that a digital camera can be modified to “see” in infra-red, thus effectively “seeing through” silicon chips. We can use these insights to inspect an increasingly popular family of chip packages known as Wafer Level Chip Scale Packages (WLCSPs) by shining infrared light through the back side of the package and detecting reflections from the lowest layers of metal using a digital camera. This technique works even after the chip has been assembled into a finished product. However, the resolution of the imaging method is limited to micron-scale features.
(tags: electronics hardware reversing bunnie-huang infrared x-ray-vision silicon)
1 in 35 Long COVID sufferers died within a year
This is a really shocking figure — via Daniel Griffin MD: 1 in 35 people with PASC dead before a year passed, if they survived that first 30 days. Given that current estimates are that 65 million people worldwide now have long COVID, that’s going to be quite an impact
(tags: covid-19 mortality grim long-covid via:daniel-griffin)
The privacy loophole in your doorbell
Here’s why you never install internet-connected cameras inside your house: ‘Police were investigating his neighbor. A judge gave officers access to all his security-camera footage, including inside his home.’
(tags: amazon police privacy surveillance dystopia us-politics)
Seabirds are not at risk from offshore wind turbines
At least according to this survey by Swedish power giant Vattenfall:
The movements of herring gulls, gannets, kittiwakes, and great black-backed gulls were studied in detail from April to October, when bird activity is at its height. (This study only looked at four bird species, but Vattenfall says the model can and should be applied to more types of seabirds and to onshore wind farms as well.) The study’s findings: Not a single collision between a bird and a rotor blade was recorded.
(tags: seabirds birds safety wind-turbines offshore-wind renewables wildlife)
Metformin, a new drug to prevent long covid
‘Over a thousand people with mild-to-moderate Covid were randomly assigned to 2 weeks of metformin (500 mg pills, 1 on day 1, twice a day for 4 days, then 500 mg in AM and 1000 mg in PM for 9 days) or placebo. There was a 42% reduction of subsequent Long Covid as you can see by the event curve below, which corresponds to an absolute decrease of 4.3%, from 10.6% reduced to 6.3%.’ Still no use for _treating_ long COVID though.
(tags: covid-19 long-covid metformin drugs papers)
WhatsApp screenshots of Boris Johnson’s innumeracy
we are so lucky in Ireland that we didn’t have to suffer this kind of idiocy driving our COVID response. Jaw-dropping levels of blustering ignorance and innumeracy
(tags: boris-johnson fail covid-19 uk uk-politics whatsapp)
-
“A programmable badge with fast updating E-Ink® display and wireless connectivity, powered by Raspberry Pi Pico W.” Lots of possibilities for these, and only EUR25!
(tags: raspberry-pi gadgets toget pico e-ink hardware hacking)
-
This is actually really effective; the past 3 years of product recommendations from r/BuyItForLife, queryable using ChatGPT (via valen)
(tags: via:valen ai recommendations search products reviews)
Hundreds of residents vent anger over ‘entirely pointless’ hydrogen heating trial
Greenwashing grey hydrogen as a “renewable” means of keeping home gas heating alive is not going well in Whitby:
Influential energy analyst Michael Liebreich and University of Cambridge mechanical engineering professor David Cebon drew attention to the now-37 independent studies showing that hydrogen boilers would require about five times more renewable energy than heat pumps — likely making them significantly more expensive to run. “This trial is entirely pointless in terms of proving whether hydrogen is the most cost-effective way of decarbonising homes,” Liebreich told the audience. “Every single systems analysis from every single expert who is not paid for by the gas industry or the heating industry has concluded that hydrogen plays little or no role. “The thing that it’s intended to do, though, is maintain the debate and discussion and the delay [of decarbonisation]. If you’re running a gas network organisation, as our next speaker [Cadent head of strategy, Angela Needle] does, what you really want is to continue to harvest profits off that. If you invest today in a gas distribution network, you get to charge 6% per year for 45 years on that investment and that’s until 2068.”
(tags: hydrogen h2 grey-hydrogen greenwashing gas natural-gas heating homes decarbonisation)
-
This is a decent product — “Nokia has announced one of the first budget Android smartphones designed to be repaired at home allowing users to swap out the battery in under five minutes, in partnership with iFixit.” I’ve been planning to buy a more repairable phone for my next iteration, so it’s either this or a Fairphone.
(tags: android hardware nokia phones right-to-repair repair ifixit)
copyright-respecting AI model training
Alex J Champandard is thinking about how AI model training can be done in a copyright-respecting and legal fashion:
With the criticism of web-scale datasets, it’s legitimate to ask the question: “What models are trained with best-in-class Copyright practices?” Answer: StyleGAN and FFHQ github.com/NVlabs/ffhq-dataset 100% transparent dataset, clear copyright, opt-in licensing, model respects terms.
(tags: copyright legal rights ip ai ml models training stylegan ffhq flickr)
The tech tycoon martyrdom charade
Anil Dash:
It’s impossible to overstate the degree to which many big tech CEOs and venture capitalists are being radicalized by living within their own cultural and social bubble. Their level of paranoia and contrived self-victimization is off the charts, and is getting worse now that they increasingly only consume media that they have funded, created by their own acolytes. In a way, it’s sort of like a “VC Qanon”, and it colors almost everything that some of the most powerful people in the tech industry see and do — and not just in their companies or work, but in culture, politics and society overall. We’re already seeing more and more irrational, extremist decision-making that can only be understood through this lens, because on its own their choices seem increasingly unfathomable.
(tags: vc tech anil-dash radicalization politics us-politics)
-
Interesting smart home component for Home Assistant —
This custom component will add crucial features to your climate-controlling TRV (Thermostatic Radiator Valves) to save you the work of creating automations to make it smart. It combines a room-temperature sensor, window/door sensors, weather forecasts, or an ambient temperature probe to decide when it should call for heat and automatically calibrate your TRVs to fix the imprecise measurements taken in the radiator’s vicinity.
So basically if you have smart TRVs and a room temperature sensor, you can drive that as a pair.(tags: thermostat smart-home home-assistant heating trvs)
-
“ENA Express is a networking feature that uses the AWS Scalable Reliable Datagram (SRD) protocol to improve network performance in two key ways: higher single flow bandwidth and lower tail latency for network traffic between EC2 instances. SRD is a proprietary protocol that delivers these improvements through advanced congestion control, multi-pathing, and packet reordering directly from the Nitro card.” Right now this supports only intra-EC2 networking between instances running on the latest generation of instance types.
(tags: srd networking protocols ip ena-express aws amazon multi-pathing congestion-control nitro)
Eric Schmidt Is Building the Perfect AI War-Fighting Machine
Do you want Skynet? because that’s how you get Skynet
(tags: ai war us-politics eric-schmidt silicon-valley military weapons)
a COVID-aware activity tracker
Interesting thought experiment regarding chronic disease, long COVID, ME/CFS etc: ‘what might be in a convalescence mode, or a rest mode? And while I’m thinking of that, there’s a separate need, I think (hey! validate through research!) for, I don’t know, a chronic illness mode, because convalescence and rest are different things with different qualities distinct from the requirements and needs of people with long-term chronic illnesses. Some people who responded to my thinking-out-loud thread shared that you can use sleep tracking as a way to inform the spoons-for-the-day.’
(tags: apple fitness accessibility convalescence chronic-disease activity-tracking long-covid me)
A New Drug Switched Off My Appetite. What’s Left? | WIRED
How long is it before there’s an injection for your appetites, your vices? Maybe they’re not as visible as mine. Would you self-administer a weekly anti-avarice shot? Can Big Pharma cure your sloth, lust, wrath, envy, pride? Is this how humanity fixes climate change—by injecting harmony, instead of hoping for it at Davos?
Silicon Valley tech companies are the real paperclip maximizers
Another good Ted Chiang article —
Elon Musk spoke to the National Governors Association and told them that “AI is a fundamental risk to the existence of human civilization.” […] This scenario sounds absurd to most people, yet there are a surprising number of technologists who think it illustrates a real danger. Why? Perhaps it’s because they’re already accustomed to entities that operate this way: Silicon Valley tech companies. Consider: Who pursues their goals with monomaniacal focus, oblivious to the possibility of negative consequences? Who adopts a scorched-earth approach to increasing market share? This hypothetical strawberry-picking AI does what every tech startup wishes it could do — grows at an exponential rate and destroys its competitors until it’s achieved an absolute monopoly. The idea of superintelligence is such a poorly defined notion that one could envision it taking almost any form with equal justification: a benevolent genie that solves all the world’s problems, or a mathematician that spends all its time proving theorems so abstract that humans can’t even understand them. But when Silicon Valley tries to imagine superintelligence, what it comes up with is no-holds-barred capitalism.
(tags: superintelligence ted-chiang silicon-valley capitalism ai future civilization paperclip-maximisers)
-
The origins of computing, via Jacquard, Byron, Lovelace and Babbage — great thread from James Kelleher. lovely prints, too
(tags: prints lace lacemaking computing history jacquard byron babbage ada-lovelace punch-cards)
Where To Bring Visitors For Irish Food In Dublin
Decent list of Dublin eateries —
As a nation we’re still more well known for our imbibements than culinary prowess, but there’s no question that’s changing, and we feel it’s our patriotic duty to show visitors just how incredible the food in Dublin is. Consider this list as your go-to guide next time you want to show that Dublin is a whole lot more than fish & chips, full Irish breakfasts and spice bags (no disrespect to any of these fine dishes).
(tags: food dublin tourism restaurants irish)
_Building Machine Learning Models Like Open-Source Software_
ACM Viewpoint from Colin Raffel:
‘This Viewpoint advocates for tools and research advances that will allow pre-trained [machine learning] models to be built in the same way that we build open source software. Specifically, models should be developed by a large community of stakeholders that continually updates and improves them. Realizing this goal will require porting many ideas from open source software development to the building and training of pre-trained models, which motivates many new research problems and connections to existing fields.’
(tags: training machine-learning ml ai acm open-source)
-
‘Python wrapper for the Mastodon ( https://github.com/mastodon/mastodon/ ) API’ — looks nice and simple
-
Interesting thread on the current state of low-cost/low-power server hardware; I didn’t realise thin client boxes were so viable for this use case, these days. (I’ve just replaced my current home server with an ODROID HC4, and I’m absolutely delighted with it, though…)
-
GoMo, the Irish mobile phone operator, is offering roaming eSIMs with 10GB of data roaming in the US for EUR19.99 per month
Study of 500,000 Medical Records Links Viruses to Alzheimer’s Again And Again
While not demonstrating a causal link, the correlations are pretty striking — good argument for greatly increasing vaccination rates for many viral diseases.
Around 80 percent of the viruses implicated in brain diseases were considered ‘neurotrophic’, which means they could cross the blood-brain barrier. “Strikingly, vaccines are currently available for some of these viruses, including influenza, shingles (varicella-zoster), and pneumonia,” the researchers write. “Although vaccines do not prevent all cases of illness, they are known to dramatically reduce hospitalization rates. This evidence suggests that vaccination may mitigate some risk of developing neurodegenerative disease.” The impact of viral infections on the brain persisted for up to 15 years in some cases. And there were no instances where exposure to viruses was protective.
(tags: viruses health medicine vaccines vaccination alzheimers parkinsons diseases)