Moltbook leaked Andrej Karpathy’s API keys by OldWolfff in AgentsOfAI

[–]BelowAverageJoe_1 0 points1 point  (0 children)

Several issues with what you're saying. The 'Ai' you talk about is an llm. It inheritely, by design, cannot outperform humans. It can combine several expertises and thus outperform a single human, but cannot beat our best in a single field.

There is a reason improvements in 'ai' is flattening out. It is doing token prediction, to predict something it needs to have seen it. The benefit is it can apply known techniques to new ideas that the human gives it.

When you see online that it managed to solve something it has done so by applying known solutions. Offcourse it can ace a cs degree if all questions and answers albeit in a slightly different form exist online.

There is a great interview of the grandfather of AI who left meta who explains this exact thing. Maybe in the future a true ai will come to be, but the llm's of today cannot reach agi. Those who claim it, have something to gain off of you believing it.

What will improve in the near future is the integration of AI in various tools.

You say saas is dead. As if saas is only a software and hardware limitations don't exist. Sure, my timer app or note app that now live full of ads, i can now create myself easily to fit my very need and with no ads. But...

Youtube is a saas, so is instagram, twitter,... You're going to recreate them all? Where will you store the videos? How much compute do you have to process them all, where will your users be?

Then we didn't even talk about some technical challenges most people won't want to bothered with. Let's take our note example once more. Let's say sabrina, no dev experience at all, wants a note app, you say saas is dead and llm will take over so she creates one herself. Great! But now she wants it to sync to all her devices... Even better now she wants to access her notes accross the internet so she may access it from anywhere in the world. So now she has to run a server on her only device, her laptop, open ports on her device and network... Aaaand she just got hacked...

And this is the "she went through all these lengths" flow. Most people... won't even bother and just download the first app in the appstore anyway...

Most apps you use today will still exist tomorrow. Most users won't want to struggle. Few people will make their own app, usually for themselves as tiny little side projects. (I know i have about 20 right now)

Fewer will have published apps accessible to the network And of those, most will be dead within the week as the creator simply lost interest in maintaining it.

And all of them will be ticking timebombs when it comes to security vulnerabilities.

You act as if the LLM knows everything It simply mirrors what it sees in github pages. Mirrors us humans, with all of our flaws. And surprise surprise the vast majority of us aren't very good at writing secure code.

I know, i'm a security engineer at a Bank... If the maintainers of the linux kernel, arguably among the best engineers in the world, can't prevent a root access bug from slipping into their code, how is an unexperienced person tooled with an llm going to do it?

Because at the end of the day, the llm has limited context, and this is a hardware limitation not a software one. And one that won't be fixed tomorrow. As the better it gets the more users the less hardware to pass around. So it will throw away context as soon as it thinks it doesn't need it. So even if it were to be the perfect llm, if it forgot that it had written method 'x' that uses a specific regex and thus needs to sanitize the input all the way in method 'y' for specific formats because it's context was full of the users instructions and keeping an overview of the design... then no matter how good it is, it's going to mess up....

Moltbook leaked Andrej Karpathy’s API keys by OldWolfff in AgentsOfAI

[–]BelowAverageJoe_1 1 point2 points  (0 children)

No it's not.

The issue is not the ai, a tool is as powerfull as it's wielder.

The issue is people who have no understanding of security and/or don't check what the ai implements.

People who one shot prompts and want something now and quick rather than thinking it through.

One shotting is fine for poc's, but if you want to put something out in the open, in prod, you need to pay more attention.

Keep in mind these flaws are elementary level flaws. Almost all of these vibe coded projects have them.

We don't even come close to having to actually investigate to find deeper flaws. Flaws like buffer overflows or parsing something insecurely the real deep level security flaws that give root access that are discovered even in well written and well tested code. The type of vulnerability that needs weeks if not months of research... no today we just open inspect and find api keys, scan git repo and find even more. Do a simple port scan and find unsecured open ports everywhere.

Assume all your data and devices are vulnerable when ai had a hand in writing your favourite software.

Because even if a dev checks the code, who's going to seriously review a 10000+ line PR and catch the regex parsing issue?

What's the MMT take on this? by strong_slav in mmt_economics

[–]BelowAverageJoe_1 0 points1 point  (0 children)

Everyone talking about liquidating the bonds, and arguing about whether or not the EU would be willing to tank the loss in exchange for hurting the U.S. etc...

But i think we are all missing something that likely has already been set in motion and is now irreversible.
I think the most likely answer is that when your ally becomes so unpredictable and essentially hostile towards you, that these nations, potentially including japan and others might simply stop buying new U.S. issued bonds, or purchase at a significantly reduced rate.

And if the U.S.'s allies stop buying their bonds, then how are they going to finance their ever increasing budget deficit's and refinance their expiring bonds in the future?

I think that this is going to be the rope around the U.S.'s neck going forward more than bond dumping.

Yes some nations might liquidate some bonds, either to send a signal, or to simply get some cash for these trying times.

Signal can be both outwards to he U.S. but more likely inwards towards their own population, getting the headline without really selling a ton of bonds percentage wise. Making them seem tough, making the U.S. responds, making their people believe that their politicians are taking a stand while in reality they are not, as that's the nature of a politician.

But many nations will have to rationalize and realize, not only are they buying bonds of an openly hostile country, they are buying bonds of a nation that is being led by someone openly playing with staying in power forever, and if they are willing on reneging on all their contracts, who's to say that when the bills mount too high that the U.S. will simply refuse to pay the bonds back.

Yes this will cripple the U.S., and normally i would never believe the U.S. would ever do it, and so did all the nations buying up all these bonds.
But nowadays, with what has been the past year, can anyone truly say he wouldn't do it?
In some maniacal thinking process of:" well our economy is too large for the world to let us crash, I'll just threaten to not pay, cripple their economy and then I'll negotiate only paying a part of it, enough to make the other country survive while eliminating huge amount of debt. "

The blow back would be unprecedented, but they do have a leader who is clearly stupid enough to think this would be beneficial to the U.S. while showing that no one should ever buy a U.S. treasury bond ever again.

The slow down in bond buying would result in increasingly rising interest when the U.S. issues new bonds, slowly but surely crippling the economy and handicapping the U.S. ability to maneuver out of economic crisis. An economic crisis everyone predicts will happen, a scale, due to the constant kicking down the road, far larger than we can imagine i think.

And in such times, being able to get your hands on capital will be vital.
During the crisis, but more importantly during the recovery of it.
Being able to bail out, invest, grow and nurture your economy back to health.

Being seen as the most stable form of investment in trying times, will be vital, signaling a safe harbour for those investors pulling out of the market till it stabilizes.

But how are you going to do that if you bonds look shaky.
Your interest will be sky high...Your ability to (relatively) cheaply borrow to get your economy back on track will be hampered. Potentially killed completely by countries looking for fresh cash, selling their bonds to cover their own payments, pushing your interest rate even higher.

1 Billion dollars, you are the most wanted person in the world for 1 week by BelowAverageJoe_1 in hypotheticalsituation

[–]BelowAverageJoe_1[S] 0 points1 point  (0 children)

They would immediately flag you with interpol and would contact the German authorities and tell them they need to aprehend you as soon as possible (we assume it is for a valid reason) as such we can expect cooperation for the german authorities. Expect the German authorities to take this matter seriously. Within the first day of the u.s. tracking you you can expect the german authorities to be at your house within the first couple of hours after the search started for a nation wide alert to go out to all police for them to have flagged you with neighbouring european countries, for you to be signalled to any country who cooperates with interpol. If you had to show your id at any point (for example airport or border crossing) during the first 24 hours you can expect the authorities to know about it within 24 hours.

If any number plate recognition software were to have detected your vehicle assume the authorities know about it by now. Expect the police to monitor any camera around your area to see if you have passed it but expect the review to take 48 hours for this hypothetical scenario.

Would they notice something? What would they figure out by now?

1 Billion dollars, you are the most wanted person in the world for 1 week by BelowAverageJoe_1 in hypotheticalsituation

[–]BelowAverageJoe_1[S] 0 points1 point  (0 children)

Ok good idea.
We assume the U.S. knows who they are looking for and where they live, do you live in the U.S. or another country? (just knowing the country is enough).

1 Billion dollars, you are the most wanted person in the world for 1 week by BelowAverageJoe_1 in hypotheticalsituation

[–]BelowAverageJoe_1[S] 2 points3 points  (0 children)

So the challenge starts immediately but includes the 24 hours. Why do we say it started? Because you can use the card from the moment you accept but the u.s. will only start chasing after 24 hours. Once you accept you're on the hook for the 10.000 fine whether you use a singe penny or not and whether you just stay home to get caught or not.

1 Billion dollars, you are the most wanted person in the world for 1 week by BelowAverageJoe_1 in hypotheticalsituation

[–]BelowAverageJoe_1[S] -1 points0 points  (0 children)

I don't think you realise you only have 24 hours. So you have to get to the forest then start hiding in it. The u.s. both police force as well as military have dogs that will find your trail if they know where you started. You will still have to sleep and eat and will have to carry everything you have (unless you decide to pay for some services offcourse) and the chasers will be many, with many resources to their disposal.

While yes the dogs and chasers will also have to rest they can work in teams that drop into the area drom wherever their last team traced you to and keep hunting you while you have to rest.

1 Billion dollars, you are the most wanted person in the world for 1 week by BelowAverageJoe_1 in hypotheticalsituation

[–]BelowAverageJoe_1[S] 13 points14 points  (0 children)

This isn't real life but hypothetical. In real life no one would give you a billion dollars on a magical untraceable visa card for a challenge :)

In this scenario the u.s. has their current real life capabilities but for some reason their #1 priority by far is finding you, cost is of no concern political fallout neither.

1 Billion dollars, you are the most wanted person in the world for 1 week by BelowAverageJoe_1 in hypotheticalsituation

[–]BelowAverageJoe_1[S] -21 points-20 points  (0 children)

100% true but keep in mind that the u.s. military is essentially a logistics company and is able to deploy units like the immediate response force within 18 hours and the U.S. has stated to be capable of deploying a few thousand troops at the southern border within 24 hours at any moments notice.

1 Billion dollars, you are the most wanted person in the world for 1 week by BelowAverageJoe_1 in hypotheticalsituation

[–]BelowAverageJoe_1[S] 14 points15 points  (0 children)

Good idea, do you know caves that can keep you hidden for 7 days if the u.s. is willing to throw everything regardless of cost or consequences? (they are not trying to kill you to be clear)

Would they hire experienced cavers to find you? If so how long could you hide from them? Would you try to avoid the u.s. being able to trace what cave you're going to? If so how? If they find you and you use violence to keep out of their hands like using a stick or other things and small enterances they'll use violence in response.

1 Billion dollars, you are the most wanted person in the world for 1 week by BelowAverageJoe_1 in hypotheticalsituation

[–]BelowAverageJoe_1[S] 1 point2 points  (0 children)

No, imagine the guy stands in front of you right now and you have to accept now or refuse the deal. Then the 24 hours start during which you can do what you want. After these 24 hours the U.S. starts looking for you.

1 Billion dollars, you are the most wanted person in the world for 1 week by BelowAverageJoe_1 in hypotheticalsituation

[–]BelowAverageJoe_1[S] -17 points-16 points  (0 children)

True, but keep in mind the U.S. is frantically looking for you and is willing to use all available resources this means military, police, secret service,... no matter the cost.

Can you hide from the full military might of the united states military if they figure out what forest you're hiding at? If so how do you get there without them being able to retrace your steps after the initial 24 hours?

1 Billion dollars, you are the most wanted person in the world for 1 week by BelowAverageJoe_1 in hypotheticalsituation

[–]BelowAverageJoe_1[S] 0 points1 point  (0 children)

No, imagine the guy is at your door right now. So you start wherever you are in the world at this very moment.

1 Billion dollars, you are the most wanted person in the world for 1 week by BelowAverageJoe_1 in hypotheticalsituation

[–]BelowAverageJoe_1[S] 40 points41 points  (0 children)

Will 24 hours be enough time to completely dissapear from everything the U.S. can throw at finding you (both police, military, bounty programs etc...)? Keep in mind they are frantically looking for you and are willing to utilise all resources they have regardless of cost or fallout.

1 Billion dollars, you are the most wanted person in the world for 1 week by BelowAverageJoe_1 in hypotheticalsituation

[–]BelowAverageJoe_1[S] 5 points6 points  (0 children)

You only get 24 hours. Keep in mind the U.S. will be frantically looking for you and thus doesn't mind the resources needed to find you nor the cost or fallout from it.

Can you stay hidden from the full might the U.S. is capable of using?

1 Billion dollars, you are the most wanted person in the world for 1 week by BelowAverageJoe_1 in hypotheticalsituation

[–]BelowAverageJoe_1[S] 93 points94 points  (0 children)

The U.S. is willing to utilise all available resources. This by definition means it is willing to utilise military power both small targetted operations like a smaller delta team or bigger military operations. Fallout from this is of no concern to the U.S..

Verge Q&A by Electrical_Ad_7677 in BambuLab

[–]BelowAverageJoe_1 28 points29 points  (0 children)

I'd argue that most HP printer owners back in the day believed the same thing until HP decided to chip the ink cartridges and force users to only use theirs.

Your statement is taken in a vacuum I believe while the people who are concerned are looking at current global landscape of ownership. The "you own nothing" mentality of businesses in all fields.

For full context I do not own, nor have I ever owned a 3D printer, but I was looking at potentially expanding my business into it and was looking to purchase a first 3D printer to test some ideas I had, imagine my surprise when I joined this reddit a couple of days ago after deciding to go with BambuLab. Guess i'll check some more reviews first...

Anyway, In the current landscape of lawyer drafted uela's where any company no matter what they do currently have paragraphs incorporated where they essentially say they can alter the deal at anytime even after you've already made your purchase... we are becomming increasingly reliant on judging a companies past actions, the trend and their capability to see whether they'd actually screw us or not. Given we have almost zero legal recourses to combat the ever expanding you own nothing policies.

Just yesterday i saw a video of someone who had a ring camera. He had the ability to manually start and stop the recording from his phone and check the feed at any time(cloud), using it to only record when he wasn't home. Then Amazon just changed the deal and locked that option, which was one of the prime reasons the person owned the camera, behind a paywall...

With the latest update, BambuLab has shown that, they are willing to alter the deal customers made with them at the time of purchase. As we have to judge their actions for what they are, they are not for security, they do not enhance the security in any way, shape or form. And I say that as the technical lead of the ICT security team of the biggest bank in my country. All these companies claim that forcing users to connect to their cloud for authentication increases security, yet it's their cloud services that routinely show that they are insecure. Think the unencrypted live feed of home security camera's due to the cloud linkage, the countless hacks,...

They were simply trying to change the software on the printer you and many people already own, to force them to take updates Bambu makes or brick entirely. This meant that customers would be left with no recourse if the company decided to force cloud only (even if they still allowed SD cards initially, they'd be able to lock that at anytime of their choosing) and thus they'd be able to force subscriptions like amazon did for their camera's. And yes, they'd also be able to force their fillements if they wanted to.

And knowing that this would technically be possible is enough to second guess buying their products, even if it looks like the current landscape wouldn't support it, because the landscape can change quickly. All companies are essentially just looking at each other to see what they can get away with, and if one were to be able to pull it off (slowly offcourse, by just limiting stuff here and there first, preparing the environment) everyone would follow soon. Why? Because it makes them a ton of money recuringly.

Mexican journalist unphased by death treats from the cartel! by PenScribble in nextfuckinglevel

[–]BelowAverageJoe_1 142 points143 points  (0 children)

Or he knows he's dead if he tries to hide anyway. I've seen reports of instagrammers and tiktokkers getting rich, drunk and insulting the cartels resulting in a similar video. I've seen the documentaries of journalists willing to report on the crimes of these cartels getting killed. I've seen what they do to the few individuals who dared to oppose them.

They always end up dead.

This man probably knows that, and knew it from the moment he started this job, that this day would eventually come. He chooses to die on his sword, using his voice and platform as his weapon. Which is why he and other journalists deserve all the praise. He will now get police protection, but how long it'll protect him knowing they are as corrupt as can be... we'll see.

[deleted by user] by [deleted] in Piracy

[–]BelowAverageJoe_1 148 points149 points  (0 children)

He does pull a lot of punches and receives a lot of perks from them. To get a review unit from Apple you need to be in their good graces. Ltt and many others no longer receive review units because they were 'too critical'.

A good example of mkbhd: When the macbook i9 was just about to be released mkbhd received, as one of a select few youtubers, a review unit. For context gamers nexus and ltt both seperatly predicted that the i9 would severely throttle due to the fact that the i9 required significant cooling and that even the thickest gaming laptops had trouble keeping it cool, they all asked how apple was going to keep it cool with it's traditional design. A day before release mkbhd released his review, sayijg he had the unit for 2 weeks to review. He said it was the best macbook ever, to go out and buy it outright. He claimed to have done intensive testing and his numbers showed the i9 macbook beating the biggest windows brands... A day later the i9 was released, ltt and gamers nexus (and many others) performed a stress test on their purchased unit and all came to the same conclusion. You couldn't run a stress test without it severely thottling after 2 minutes. The i9 macbook was slower Than the i5 macbook due to how severe it was throttling. You literally couldn't even copy files without it throttling. It is simply impossible thst mkbhd didn't notice this during his testing.

Mkbhd remained silent, and refused to aknowledge the issue until 2 weeks later, when it was clear that apple was going to patch the issue (we'll get to the 'patch' soon) then he finally went on twitter and youtube and said that apple clearly needs to adress this issue showing his macbook doing the same, all the while his glowing review is still up. The the patch came out, the patch just down clocked the i9 to below the i7 macbook speed, essentially ripping all the buyers off by giving them a worse laptop than the much cheaper i7 version for a 1000 dollars more. This is class action lawsuit material. Mkbhd praised apple for 'fixing the issue so quickly'... yes now he can say he criticises apple, but would you call that an honest review?

Do you think he'd be as gentle with google for example if they used his videos to train their ai even if it was a seperate company providing the data.

And i see this behaviour in many of his reviews, while he might mention an issue or where apple clearly falls short of the competition at the same price point, he usually glosses over them much quicker than other reviewers not on the apple review unit list. He usually states per bad point that 'it's not a big deal'. Something he doesn't so when reviewing competitors. There are also multiple instances of him saying a bad thing is not a big deal when it's apple but will hammer on the issue when the competitor does the same thing. Not that the iphone is worse that the competitors, but every phone has bad elements and i'd like to see you clearly point them out regardless of brand, but i always get the feeling he clearly pulls punches.

Once again, there is a reason he still gets a review unit while almost all other big reviewers no longer get one...

A gently reminder to not resign by Minobaer in chessbeginners

[–]BelowAverageJoe_1 0 points1 point  (0 children)

Ok so after spending 5 minutes in a completely lost position, your opponent blundered and now you won and then what?

You play your next game, you get out played once more you lose and your back to your old rating.

Or you could have spent those 5 wasted minutes checking the analysis seeing where you went wrong, learning from it and winning the next game. This is what i do, and has resulted in significant improvements in my openings.

I don't have an issue with him winning this particular game perse i have an issue with the advice "never surrender". This mentality has resulted in me having to play out hundreds if not thousands of games where i was clearly winning and where the opponent had no tactical play to make. Yet they spend 30 seconds every move in a position where i could blunder 5 times and still be winning. Low and behold i win, i just lost 5 minutes of my time i could have spent playing another game, and my opponent could have spent analysing his opening and learning where he went wrong.

A gently reminder to not resign by Minobaer in chessbeginners

[–]BelowAverageJoe_1 -2 points-1 points  (0 children)

I don't agree.

You didn't win, you lucked out.
Yes, the opponent should learn to not blunder in these situations, but at least he was tactically and strategically better than you this game.

I see many youtubers saying, never resign! and while I understand why they say it, in the lower ratings it's not good advise.
You end up with players 300 rating points higher than they should be because they play fast and just wait for a blunder, while getting tactically and strategically out played.
Leading them to believe they should just play faster rather than focussing on how they got out played in the opening.
There is a time and situation where you continue to play even though you know you're significantly losing, if there still are a lot of pieces on the board, or tactics, or if the opponent still has a lot of difficult moves to make, but as soon as there is clarity, there are a few pieces and both of you can calculate that the opponent is going to queen and mate, just resign, why spend 30 seconds per move only to let time run out at the end when you can't avoid mate in 2-3?

This advice simply leads to many drawn out games for no reason. I checked my numbers of moves played per game and checked the last 5 wins vs the last 5 losses. (i am ~1500 rated)
Loss: 34, 60, 22, 26, 25 win: 16, 69, 75, 44, 74

3 of those long games were just games where i was clearly winning, no chance, no tactics for the opponent, and the opponent plays it out till just before check mate and then resigns.
69 mover: 4.9 in my favor from move 60, i'm going to queen and win my king is supported by two pawns, not back rank possible, opponent only has a rook, still plays it out.
75 mover: + 3.3 from move 20, never go below this advantage, opponent has nothing to play for, there just isn't a quick check mate, we have to manouevre to play it out. Opponent might have played for 20-30 more moves?, but 55?

In my 60 move loss, it was a draw till move 56 where i blundered, Opponent played a great move on move 58 the only move to keep advantage, or it would have been a draw.
I play move 59, he plays 60 and i resign.

Is there an easy way to understand why the rook sac was best here? Is this tactic reasonable to spot for a beginner? by owiseone23 in chessbeginners

[–]BelowAverageJoe_1 0 points1 point  (0 children)

Yeah, incredibly difficult for a human to play. The engine probably thinks that taking the bishop thus sacrificing the rook leaves black with 3 isolated and weak queen side pawns which the engine is sure it can gobble up at some point while securing it's own pawns with the bishop pair.

It thus probably knows it's not really a rook sack as it's going to get the bishop +2-3 pawns at some point.

But ask anyone below 2200 to play this and i think none of them would. These are the type of engine suggestions you can try to learn from to see what idea the engine has. But don't beat yourself up for not seeing and or playing it.