I don't know. Trying not to be the problem.
I swear to resist information pollution.
Furry, IT, veteran (of course) π¦
Python, data science, GIS
I stand on the shoulders of giants.
Come on #Fediverse, if you can, put some money where your heart is. The people from Framasoft are working hard on #PeerTube and are only looking for β¬75.000. With 18 hours to go, you can be part of the difference we want to see in the world :)
Soon we will be able to livestream from our smartphone to the fediverse!
Framasoft is a French non-profit, based in Lyon.
Apple be like,
Noooo don't leave us behind!.....
LLM's don't even work!
Copium.
To be clear the future still terrifies me and I hate how many bad actors language models can enable. I tried to say more, but it's too complicated a subject.
I tend to find this guy (Atrioc) pretty enlightening. It's always dangerous to say you trust someone, but he posts good stuff generally.
Here is hoping I don't wake up one day going what nonsense is he saying!?
Anyways check him out.
Interesting video on the difficulty of attempting to manufacture anything in the US. The current market reality.
I've locked myself out of my digital life
https://shkspr.mobi/blog/2022/06/ive-locked-myself-out-of-my-digital-life/
Imagineβ¦
Last night, lightning struck our house and burned it down. I escaped wearing only my nightclothes.
In an instant, everything was vaporised. Laptop? Cinders. Phone? Ashes. Home server? A smouldering wreck. Yubikey? A charred chunk of gristle.
This presents something of a problem.
In order to recover my digital life, I need to be able to log in to things. This means I need to know my usernames (easy) and my passwords (hard). All my passwords are stored in a Password Manager. I can remember the password to that. But logging in to the manager also requires a 2FA code. Which is generated by my phone.
The phone which now looks like this:
Oh.
Backups
I'm relatively smart and sensible. I regularly exported my TOTP secrets and saved them in an encrypted file on my cloud storage - ready to be loaded onto a new phone.
But to get into my cloud, I need my password and 2FA. And even if I could convince the cloud provider to bypass that and let me in, the backup is secured with a password which is stored in - you guessed it - my Password Manager.
I am in cyclic dependency hell. To get my passwords, I need my 2FA. To get my 2FA, I need my passwords.
Perhaps I can use my MFA FIDO2 Key?
Oh.
Emergency Contacts
Various services allow a user to designate an "emergency contact". Someone who can access your account in extremis. Who do you trust enough with the keys to your digital life?
I chose my wife.
The wife who lives with me in the same house. And, obviously, has just lost all her worldly possessions in a freak lightning strike.
Oh.
Recovery Codes
Most online services which have Multi-Factor Authentication, also provide "recovery codes". They are, in effect, one-time override passwords. A group of random characters which will bypass any security. Each can only be used once, and then is immediately revoked.
I was clever. I hand-wrote the codes on a piece of paper (so they can't be recovered from my printer's memory!) and stored them in a fire-proof safe, secured with a key hidden under the cat's litter-box.
Sadly, the fire-proof safe wasn't lightning-strike safe and is now obliterated. Along with the cat's litter-box. The cat is fine.
I know⦠I know⦠I should have kept them in a lock-box in my local bank. The only problem is, virtually no banks offer safe deposit boxes in the UK. The one that does charges £240 per year. A small price to pay, for some, to avoid irreversible loss. But it adds up to a significant ongoing cost.
But, suppose I had stored everything off-site. All I'd need to do is walk up to the bank and show some ID which proved that I was the authorised user of that box.
The ID which has just been sacrificed in tribute to mighty Thor and now looks like a melted waxwork.
Oh.
Friendly Neighbourhood Storage
Perhaps what I should have done is stored all my backup codes and recovery keys on a USB stick and then given them to a friend?
There are a few problems with that.
Perhaps I could split the USB sticks between multiple friends using Shamir's Secret Sharing? That solves some problems - mostly the accidental losses and remembering a strong password - but creates even more issues. Now I have to do a lot more admin and worry about all my friends conspiring against me!
Phone Home
One of the weakest forms of identity is the humble phone number. Several of my accounts use my mobile number to text me authorisation codes. SMS isn't the most secure way to deliver passwords - it can be intercepted or the SIM can be swapped to one controlled by an attacker. But, if I can get my phone number back, I stand a chance of getting in to my email and perhaps some other services.
That's a weakness in my security posture. But one I may need to take advantage of.
The only question is - how do I prove to the staff at my local phone shop that I am the rightful owner of a SIM card which is now little more than soot? Perhaps I can just rock up and say "Don't you know who I am?!?!"
I know, I'll show them my passport!
Oh.
Bootstrapping of trust
I am lucky. I have a nice middle-class life and know lots of professionals - doctors, lawyers, teachers - who I hope would be happy to vouch for me. I could use one of my friends to confirm my identity for a replacement passport. Once I have a passport, I should be able to get a SIM card with my phone number. And, I hope, some online services.
I would, however, need to use a credit or debit card to apply for a replacement passport. But all of my cards are melted to slag - and I can't prove to the bank that I am who I say I am because I don't know my account number, password, or mother's maiden name.
You see, I was "clever" and took some idiot's advice about setting your mother's maiden name to being a random string of characters. Those details are, of course, stored in my inaccessible password manager!
Hopefully one of my friends will be prepared to lend me the Β£75.50 to get a new passport.
I'll just call up one of my friends. Hmmm⦠now, where did I store their phone number?
Oh.
Starting over
Again, I'm lucky. I live relatively close to some friends and family. And I'm confident that they'd be gracious enough to pay an emergency cab fare if I started hammering on their door at silly o'clock in the morning.
With their help, I think I could probably call up enough insurance companies to figure out which one covered the property. I would hope the insurance company would have some way of validating with the emergency services that the house is, indeed, a smoking crater. I don't know if that would get me emergency cash, or if I'd have to rely on friends until I get access to my bank account.
I assume my credit card companies can probably be convinced to send out replacement cards. But will they also be willing to change my address - or will the card go to the pile of ashes which was formerly my home?
I don't know whether my insurance policy covers me for access to digital files. Even if it did, I'm not sure how they can force a company like - say - Google to give me access to my account. It isn't like Google went through a KYC (Know Your Customer) process when I signed up.
Code Is Law
This is where we reach the limits of the "Code Is Law" movement.
In the boring analogue world - I am pretty sure that I'd be able to convince a human that I am who I say I am. And, thus, get access to my accounts. I may have to go to court to force a company to give me access back, but it is possible.
But when things are secured by an unassailable algorithm - I am out of luck. No amount of pleading will let me without the correct credentials. The company which provides my password manager simply doesn't have access to my passwords. There is no-one to convince. Code is law.
Of course, if I can wangle my way past security, an evil-doer could also do so.
So which is the bigger risk:
I don't know the answer to that. If you have a strong opinion, please let me know in the comment section.
In the meantime, please rest assured that my home is still standing. But, if you can, please donate generously to the DEC's Ukraine Humanitarian Appeal
Imagineβ¦ Last night, lightning struck our house and burned it down. I escaped wearing only my nightclothes. In an instant, everything was vaporised. Laptop? Cinders. Phone? Ashes. Home server? A smouldering wreck. Yubikey? A charred chunk of gristle. This presents something of a problem. In order to recover my digital life, I need to be able to log in to things. This means I need to know my uβ¦
Just saw a video that said LLM's are addictive and thus they end up being like a drug or gambling.
100% true, I have even made this observation myself with image generators, but then it goes on to say this invalidates them as a useful tool. Not true.
It does mean that one needs to be aware of this truth and work against it. Variable rewards are in many things. Very few systems always work. Many have a chance of working, and that chance increases with the skill of the user. Addiction can be used as a sugar to drive your work, you can also be lost to it. It's never so clear cut.
just saw a youtube short where Neil de Grasse Tyson says Tesla's wireless energy transmission technique could never have worked because radio is too low density
yeah, thats true about radio
but my man, you gotta read what Tesla wrote, not what some whackadoodle wrote on the web
The anti AI stuff reeks the same as our teachers telling us not to use a calculator on the test.
You should teach them how to build one, how to use one, and secure the government levers to protect their free and undoctored access to the tool. Not teach them to avoid them. While I don't like everything surrounding AI, it's clear to me with time language models will eclipse classical search, if it has not already.
Get everyone you know off Facebook and Twitter. Poison your friends YouTube feeds with quality content, watching what you can on their accounts, and unsubscribing them from trash like Mr Beast, CocoMelon, etc.
I bet half our problems would be solved if we could manage that.
Will AI take your job?
No. The answer is no.
It won't stop companies from trying though. AI is a force multiplier when used right. It will make you more sought after, not less. This will however increase the rewards for depressing your wages, at least in the short term. Companies, like humans, are short sighted and chronically destroy the ecosystems on which they depend.
In truth though. No one can tell the future. But I don't see a trend towards good anywhere. I'm going to be real. But this LLM's are useless stuff is nonsense. There's no way one can genuinely daily drive a quality language model (chatGPT / Gemini pro 2.5) and not see the use of it unless they have no imagination, or they are lying hoping to prevent some perceived ill that will come from using or relying on them.
Note:
The reason I say this is to say resist that part of it. Just like Mastodon gives leverage in the social media space. Certain styles of projects are hard to capture.
Jan Wildeboer π·
Terence Edenβs Blog
beka valentine