Technology
www.theverge.com
Interesting new browser that's become pretty popular lately
www.semafor.com
> The token has been controversial in Silicon Valley for its ambitious and unorthodox approach to trying to solve two vexing problems: Online identity authentication and income inequality.
www.theregister.com
I'm inclined to agree in general. GPT has actually gotten worse over time. For one it's just way too locked down now. But I also have noticed a decline in overall quality of responses, especially for technical stuff. It used to translate between programming languages quite well, and that's been more broken lately. I'm wondering if they purged a bunch of copyrighted material from it and that's why it got dumber.
youtu.be
Just something fun
www.theregister.com
> The EU-US Data Privacy Framework (DPF) is the third attempt between the trading bloc and the US to iron out privacy kinks in the flow of data about their citizens. This latest agreement marks the EU's determination that "the United States ensures an adequate level of protection – comparable to that of the European Union – for personal data transferred from the EU to US companies under the new framework," the Commission said in a statement. > > Key to today's decision [PDF] was an October executive order signed by US President Joe Biden that the Commission said adds new safeguards that address the problems raised with the second attempt at a transatlantic data agreement, Privacy Shield.
TL/DR: Google used flimsier parts that are more likely to break over time (aluminum over stainless steel, etc).
www.semafor.com
This has probably been pointed out before, but it's not like Twitter is *hard to build*, especially for a company like Facebo—I mean, "Meta." What's hard is content moderation and community building.
www.reuters.com
This article was mostly fluff but I haven't seen much ml talk. I do wish nvidia had more competition, though I somewhat doubt AMD will offer it soon. Having competive performance in PyTorch is a good start.
www.theverge.com
The Twitter shitshow continues.
One of the features seems to be a "hide my email" feature, akin to Apple's [hide my email](https://support.apple.com/en-us/HT210425) or [Fastmail's masked email feature](https://www.fastmail.help/hc/en-us/articles/4406536368911-Masked-Email). Having used both of those, I would say one downside is that occasionally, a site will *detect* that I used the Apple one, which is strange because it's just an iCloud email address. Perhaps they're looking for a specific pattern. I haven't yet seen the Fastmail one blocked. One concern with the Proton one is that it seems like its masked emails are all at passmail.com. I've already found some sites block protonmail, so they'll surely block passmail like they do Mailinator and other sites. That could be a limitation that's less likely to affect Fastmail's service.
arstechnica.com
It does seem like sooner or later, if someone is able to build a reliable AI model of my face and voice, they could even phish my own relatives by video call. Seems like a Philip K. Dick novel—objective reality is something you could only see around you, while the machine would be completely untrustworthy.
Kagi is a paid search engine. Instead of getting ads, you just pay for the privilege of using it. I've been using it for a while and overall I think _for most searches_ it's better than Google. It isn't necessarily that the content is always better (sometimes it isn't) but the signal is far easier to find through the noise.
Keaton Brandt writing in response to [Elegy for the Native Mac App](https://medium.com/source-and-buggy/elegy-for-the-native-mac-app-39ee92cc37ba) (which is arguably a eulogy).
www.bitecode.dev
Despite the headline, this isn't about xml.
https://evilpiepirate.org/git/bcachefs.git/tree/fs/bcachefs/bkey.c#n727
www.bleepingcomputer.com
https://www.bleepingcomputer.com/news/security/lastpass-users-furious-after-being-locked-out-due-to-mfa-resets/
Lately I've been increasingly worried about corrupted payloads of even open source password managers. Password managers are among the world's biggest honeypots. Maybe you trust the coders of the password manager. Maybe it's Open Source. But do you trust all of its upstream dependencies? And all their CI build processes? And each of their developers' security? That's part of why I won't use an Electron-based password manager like BitWarden: there's no Electron app with a minimal dependency graph. Even Electron itself could easily fall victim if someone important in the development pipeline is compromised... And besides, Electron sucks anyway. So, one way I can mitigate against the possibility of a malicious payload being delivered on password manager update is to not put all my eggs in one basket. For example, where I can, I authenticate with a Yubikey (if only by TOTP on Yubico Authenticator). Then my password isn't enough. But where do I store the recovery codes? Ugh: in the password manager. I've been thinking on this for a while, and I haven't really found a perfect solution that provides me a way to store secrets without also being too reliant on one party's software. If I rely heavily on the password manager, that puts too much trust in it. If I rely more on a hardware token, that's too risky in case of loss of theft. What's a security-aware nerd to do?
Bruce Schneier and Nathan Sanders on AI and the public good: > Silicon Valley has produced no small number of moral disappointments. Google retired its “don’t be evil” pledge before firing its star ethicist. Self-proclaimed “free speech absolutist” Elon Musk bought Twitter in order to censor political speech, retaliate against journalists, and ease access to the platform for Russian and Chinese propagandists. Facebook lied about how it enabled Russian interference in the 2016 US presidential election and paid a public relations firm to blame Google and George Soros instead. Schneier and Sanders mention that China and Europe have publicly funded AI (though China's seems designed to further state goals and is done through cronies), and that the US could publicly fund AI that's accountable to the public while also a starting place for future startups. I'm not necessarily sold, but it is an interesting proposal.
Technology
!tech@partizle.com
Computers, phones, AI, whatever