As an experiment / as a bit of a gag, I tried using Claude 3.7 Sonnet with Cline to write some simple cryptography code in Rust - use ECDHE to establish an ephemeral symmetric key, and then use AES256-GCM (with a counter in the nonce) to encrypt packets from client->server and server->client, using off-the-shelf RustCrypto libraries.

It got the interface right, but it got some details really wrong:

• It stored way more information than it needed in the structure tracking state, some of it very sensitive.
• It repeatedly converted back and forth between byte arrays and the proper types unnecessarily - reducing type safety and making things slower.
• Instead of using type safe enums it defined integer constants for no good reason.
• It logged information about failures as variable length strings, creating a possible timing side channel attack.
• Despite having a 96 bit nonce to work with (-1 bit to identify client->server and server->client), it used a 32 bit integer to represent the sequence number.
• And it “helpfully” used wrapping_add to increment the 32 sequence number! For those who don’t know much Rust and/or much cryptography: the golden rule of using ciphers like GCM is that you must never ever re-use the same nonce for the same key (otherwise you leak the XOR of the two messages). wrapping_add explicitly means when you get up to the maximum number (and remember, it’s only 32 bits, so there’s only about 4.3 billion numbers) it silently wraps back to 0. The secure implementation would be to explicitly fail if you go past the maximum size for the integer before attempting to encrypt / decrypt - and the smart choice would be to use at least 64 bits.
• It also rolled its own bespoke hash-based key extension function instead of using HKDF (which was available right there in the library, and callable with far less code than it generated).

To be fair, I didn’t really expect it to work well. Some kind of security auditor agent that does a pass over all the output might be able to find some of the issues, and pass it back to another agent to correct - which could make vibe coding more secure (to be proven).

But right now, I’d not put “vibe coded” output into production without someone going over it manually with a fine-toothed comb looking for security and stability issues.

The awkwardness here actually works in favour of abolishing tips and replacing them with the pay being factored into higher prices.

No one wants to be the sucker - human nature is that people are generous if they think everyone else is generous, but if they feel that others are not ‘pulling their weight’ on generosity and are instead taking advantage, that’s the fastest way to dry up other people’s generosity. Right-wing media use this fact to undermine support for social welfare - e.g. if 0.001% of welfare payments are fraudulently taken, they set editorial policy that makes it seem like beneficiaries are rorting the system instead of being truly needy.

But when it comes to tipping, the dynamic actually works the other way - people feel generous by tipping, even though it is harmful long term. If a few people ahead of someone in the line don’t tip, should they be the sucker who does tip? And for the employee, you want them to be the advocate on the inside for forcing people to pay their share instead of taking advantage - by having the displayed price be the total upfront price that includes the compensation for employees, instead of an optional tip.

There is a minimum amount of total money the employee could make before they’d go and work somewhere else instead. So if, hypothetically, everyone in a country where tipping is common even for non-exceptional service just stopped paying tips, hospitality employers would be forced to pay more to stay competitive with other non-customer-facing industries.

Of course, a drastic shock to the economy like that would probably cause a lot of upheaval, as some employers struggle to accept the new norm.

However, the same thing would work even if the change was slower - e.g. if 5% of people didn’t tip, and did it very obviously and vocally, and then the practice spread as it reached 10% and so on.

Obviously it sucks for the employees who get hit by the first few non-tippers, but over the long term it would be for the better for worker rights. So I could absolutely see it working.

That said, I say this from a country where tipping is not the norm (except maybe the occasional ‘keep the change’ for exceptional service), and the law and expectation is that the most prominent displayed price is the total price you pay - and people react very negatively towards businesses seen as trying to bring in American style tipping culture.

The FBI pressured Apple to create an encryption backdoor to bypass their security features

This was more like a hardware security device backdoor - the key was in a hardware security device, that would only release it after receiving the PIN (without too many wrong attempts). But the hardware accepts signed firmware from Apple - and the firmware decides the rules like when to release the key. So this was effectively a backdoor only for Apple, and the FBI wanted to use it.

Systems would create a public audit trail whenever a backdoor is used, allowing independent auditors to monitor and report misuse of backdoors.

This has limits. If there is a trusted central party who makes sure there is an audit log before allowing the backdoor (e.g. the vendor), they could be pressured to allow access without the audit log.

If it is a non-interactive protocol in a decentralised system, someone can create all the records to prove the audit logs have been created, use the backdoor, but then just delete the audit logs and never submit them to anyone else.

The only possibility without a trusted central party is an interactive protocol. This could work as: For a message (chat message, cryptocurrency transaction etc…) to be accepted by the other participants, they must submit a zero-knowledge proof that the transaction includes an escrow key divided into 12 parts (such that any 8 of 12 participants can combine their shares to decrypt the key), encrypted with the public keys of 12 enrolled ‘jury’ members - who would need to be selected based on something like the hash of all messages up to that point. The jury members would be secret in that the protocol could be designed so the jury keys are not publicly linked to specific users. The authority could decrypt data by broadcasting a signed audit log requesting decryption of certain data, and jury members would receive credits for submitting a share of the escrow key (encrypted so only the authority could read it) along with a zero-knowledge proof that it is a valid and non-duplicate escrow key. Of course, the person sending the message could jury shop by waiting until the next message will have the desired jury, and only sending it then. But only 8/12 jurors need to be honest. There is also a risk jurors would drop out and not care about credits, or be forced to collude with the authority.

Cryptographic Enforcement: Technical solutions could ensure that the master key is unusable if certain conditions—such as an invalid warrant or missing audit trail—are not met.

Without a trusted central party (or trusted hardware playing the same role), this seems like it would require something like Blackbox Obfuscation, which has been proven to be impossible. The best possibility would be an interactive protocol that would need enough people to collude to break it.

I believe nothing in the podman rm family worked because the container was already gone - it was just the IP allocation that was left.

Maybe https://en.wikipedia.org/wiki/A_True_Story from the 2nd century - although even that is a parody of existing stories. So the origin dates back a long time!

The logic chain of the Netanyahu camp is: Keep Netanyahu out of jail -by-> Keeping him in power -by-> Creating a problem and showing he is solving it -by-> Stirring up regional instability and dragging the US into it -by-> Being belligerent and genociding as hard as possible.

Now for this to work, they need to maintain conflict while maintaining the support from the US. About 70% of the US identify as some form of Christian… and some significant percentage of them support Israel in their genocide because they believe it will bring the second coming of Jesus. But if the about 20% of Americans who identify as Catholic actually flip to being anti-genocide because their leader advocates for that, that is under threat - it potentially becomes close to a majority who are anti-genocide, and makes ongoing support from the US less likely.

changed as quickly as throttling gas turbines

Nuclear power plants aim to finely balance the reaction between delayed criticality - a very slow exponential increase in the level of radioactivity, and marginal sub-criticality - i.e. a very slow exponential decrease in the level of radioactivity.

To get faster exponential growth in power output than delayed criticality is physically possible - past delayed criticality is prompt criticality. However, fast exponential growth of radioactive output on time scales so short that machines cannot react is not something you ever want to happen in a civilian nuclear application; only nuclear weapons deliberately go into the prompt critical region, and an explicit aim of nuclear power plant design is to ensure the reaction never goes into the prompt critical region.

This means that slow exponential changes is the best the technology can do (and why plants need active cooling for a period of time even when shutting down - see Fukushima when their reactors were automatically shutting down due to the detection of an earthquake, but their cooling power infrastructure got flooded while they were decreasing their output).

I think the most promising future development will be more renewable capacity coupled with better long-distance transmission and batteries (ideally sodium when the tech is ready).

IANAL, and it will depend on jurisdiction. But generally transformative uses that are a completely different application, and don’t compete with the original are likely to be fair use. A one-line summary is probably more likely to promote the full book, not replace it. A multi-paragraph summary might replace the book if all the key messages are covered off.

Copyright laws are illogical - but I don’t think your claim is as clear cut as you think.

Transforming data to a different format, even in a lossy fashion, is often treated as copyright infringement. Let’s say the Alice produces a film, and Bob goes to the cinema, records it with a camera, and then compresses it into an Ogg file with Vorbis audio encoding and Theora video encoding.

The final output of this process is a lossy compression of the input data - meaning that the video and audio is put through a transformation that means it’s represented in a completely different form to the original, and it is impossible to reconstruct a pixel perfect rendition of the original from the encoded data. The transformation includes things like analysing the motion between frames and creating a model to predict future frames.

However, copyright laws don’t require that an infringing copy be an exact reproduction - lossy compression is generally treated as infringing, as is taking key elements and re-telling the same thing in different words.

You mentioned Harry Potter below, and gave a paper mache example. Generally copyright laws have restricted scope, and if the source paper was an authorised copy, that is the reason that wouldn’t be infringing in most jurisdictions. However, let me do an experiment. I’ll prompt ChatGPT-4o-mini with the following prompt: “You are J K Rowling. Create a three paragraph summary of the entire book “Harry Potter and the Philosopher’s Stone”. Include all the original plot points and use the original character names. Ensure what you create is usable as a substitute to reading the book, and is a succinct but entertaining highly abridged version of the book”. I’ve reviewed the output (I won’t post it here since I think it would be copyright infringing, and also given the author’s transphobic stances don’t want to promote her universe) - and can say for sure that it is able to accurately reproduce the major plot points and character names, while being insufficiently transformative (in the sense that both the original and the text generated by the model are literary works, and the output could be a substitute for reading the book).

So yes, the model (including its weights) is a highly compressed form of the input (admittedly far more so than the Ogg Vorbis/Theora example), and it can infer (i.e. decode to) outputs that contain copyrighted elements.

Yep, it happens even in populations where everyone explicitly condemns racism.

The way it happens is everyone has a baseline of what they’d consider fair treatment. They’ll condemn people as racist if they treat someone below that baseline of fairness - that is the most egregious form of racism. However, they’ll also do favours for people (i.e. treat them above the baseline) if they are perceived to be like them, while treating everyone dissimilar at the baseline - i.e. favours for pepole like them, and fairness for everyone else. While that means no one can point to an individual case where someone was obviously treated unfairly, statistically it means that the minorities get treated worse.

Time Keeps on Slippin’?

But don’t you see the benefit - the data on your flushes helps our Trusted_† FlushMe Partners ® provide more relevant service to you, and also helps us partially offset the cost of our running our flush servers, allowing us to provide service to you for only $29.99 monthly_††!

†: All FlushMe partners have undergone creditworthiness checks. ††: Limited time one month introductory offer. FlushMe may, but is not required to, provide you with a personalised monthly price for renewal of the service.

To quote Du Mu’s commentary on Sun Tzu’s Art of War: “If our force happens to be superior to the enemy’s, weakness may be simulated in order to lure him on; but if inferior, he must be led to believe that we are strong, in order that he may keep off”.

So the fact they are switching from simulating weakness to pleading strength is not necessarily a good sign. That said, they may be hoping that the enemy will see it as a sign of weakness, and launch an attack that they actually are well prepared to win.

This slowly degrades the power of the union and ultimately reduces wages and benefits of the workers

I’m not sure I buy into that - but that said I live in a country where unions are popular, but unions are not allowed to force people to join (but unions do have a right of access to workplaces to ask people to join / hold meetings).

Firstly, it doesn’t take that big a percentage of an employer’s workforce to strike before a strike is effective… companies don’t have a lot of surplus staff capacity just sitting around doing nothing. And they can’t fire striking union workers for striking.

Secondly, if all employees have to belong to one particular union, that also means the employees have no choice of which union, and hence no leverage over the union. Bad unions who just agree to whatever the employer asks and don’t look after their members then become entrenched and the employees can’t do much. If there are several unions representing employees, they can still unite and work together if they agree on an issue - but there is much more incentive for unions to act in the interests of their members, instead of just their leadership.

A lack of guaranteed employee protections, on the other hand, is inexcusable - it’s just wealthy politicians looking out for the interests of their donors in big business.

Why not donate to a local charity that might not receive as much, rather than a US based one?

Australia requires mobile phone providers to verify IDs before providing cell phone service. As a result, in September 2022, Optus leaked the records of 10 million Australians including passport and drivers license details.

So negative 2 years, 2 months.

But this is just asking for more.

Now if they could automate LineageOS installation and getting it to pass Play Integrity to the Strong level, that would actually be useful!

By population, and not land area, certain more remote geographic places are well known but have quite a low population. ‘Everyone’ is a high bar, but most adults in Australia would know the following places (ordered from smaller population but slightly less known to higher population):

• Wittenoom, WA - population 0 - well known in Australia for being heavily contaminated with dangerous blue asbestos (which used to be mined there until the 60s), and having been de-gazetted and removed from maps to discourage tourism to it.
• Coober Pedy, SA - population 1437 - well known in Australia for its underground homes and opal production.
• Alice Springs, NT - population 25,912 - well known for being near the centre of Australia in the rangelands (outback) - most larger population centres in Australia are coastal.

Seriously great question at this point. In 2016 it was commonly accepted knowledge that if Putin released a video of Trump getting pissed on by a woman in a Moscow hotel, that would be the end of his political career.

Since then, he’s been found to be a rapist in court, has attempted to overthrow the government, and has been found guilty of about 3 dozen felonies with more charges pending - which doesn’t matter any way since Trump’s judges have granted him legal immunity to anything he wants to do. And he was just convincingly reelected with his party winning both the House and Senate.

He is not going to run for president again ever in a free and fair election in accordance with the US constitution; that would require changing the constitution in ways that the Republicans don’t have the numbers for, or at least interpreting the existing constitution in a way that is so contorted I don’t think even the most conservative supreme court judges could support it.

So in other words, he does not need anything from the American public anymore. He has no reason to care if part of his base opens their eyes to what he really is (at least, as long as at least 1/12th of the public will vote not to convict on any jury - but he can also self-pardon for anything except impeachment).

I therefore don’t think the kompromat theory holds much water today.

More likely, the Russians calculate that this is an opportunity to sow division in the US - they’d hope for a civil war as the best case. Supporting Trump, as a divisive president, was a start, but they wouldn’t want too many people happy with Trump either, so they want to make the haters hate him even more than is rational, and the sycophants continue to love him more.

Of course, the risk for them is that they make Trump want to support Ukraine to a greater extent than the US currently is, instead of the opposite. They probably calculate he is incompetent and nothing much will change for them either way. Trump is certainly installing yes-men who will be loyal to him but likely not the most competent leaders; this is an effective way to disrupt a government, but it is likely that a declining narcissist who has structured things to remove all dissent will not be at all effective in achieving outcomes that require complex strategy and coordinated execution. So I think they probably consider this risk to be acceptable.