• 1 Post
  • 21 Comments
Joined 1 year ago
cake
Cake day: June 23rd, 2023

help-circle

  • There should be, that’s just how fiber works. If they lay a 10 Gb line in the street, they’ll probably sell a 1 Gb connection to a 100 households. (Margins depend per provider and location)

    If they give you an uncapped connection to the entire wire, you’ll DoS the rest of the neighborhood

    That’s why people are complaining “I bought 1Gb internet, but I’m only getting 100Mb!” - They oversold bandwidth in a busy area. 1Gb would probably be the max speed if everyone else was idle. If they gave everyone uncapped connections the problem would get even worse


  • I believe there are a large number of feature requests on Lemmy’s GitHub page, making it difficult for developers to prioritize what’s truly important to users.

    Github issues are annoying that way. You could solve it by closing down “issues” and using discussions instead. People can up and downvote discussions, and you can see that from the listview, unlike with issues.

    And you can have threaded conversations in discussions.





  • What benefits to “AI supremacy” are there?

    I wasn’t saying there was any, I was saying there are benefits to the race towards it.

    In the sense of - If you could pick any subject that world governments would be in a war about - “the first to the moon”, “the first nuclear” or “first hydrogen bomb”, or “the best tank” - or “the fastest stealth air-bomber”

    I think if you picked a “tech war” (AI in this case) - Practically a race of who could build the lowest nm fabs, fastest hardware, and best algorithms - at least you end up with innovations that are useful


  • For all our sakes, pray he doesn’t get it

    It doesn’t really go into why not.

    If governments are going to be pouring money into something, I’d prefer it to be in the tech industry.

    Imagine a cold-war / Oppenheimer situation where all the governments are scared that America / Russia / UAE will reach AI supremacy before {{we}} do? Instead of dumping all the moneyz into Lockheed Martin or Raytheon for better pew pew machines - we dump it into better semiconductor machinery, hardware advancements, and other stuff we need for this AI craze.

    In the end we might not have a useful AI, but at least we’ve made progression in other things that are useful


  • What we have is machine learning, just an algorithm that takes input and gives you output. It can’t act on its own.

    Isn’t that basically what “real learning” is as well? Basically you’re born as a baby, and you take input, and eventually you can replicate it, and eventually you can “talk” for example?

    But in the training data something was off, suddenly your AI is racist and gives every black person a lesser amount.

    Same here, how is that different from “real learning”? You’re born into a racist family, in a racist village where everyone is racist. What is the end-result; you’re probably somewhat racist due to racist input - until you might unlearn that, if you’re exposed to other data that proves your racist ideas were wrong

    If a human brain is basically a big learning computer, why wouldn’t AI eventually reach singularity and emulate a brain and beyond? All the examples you mentioned of what it can’t do, is just stuff it can’t do yet


  • In your original comment, it seemed like you were suggesting hashing only before transmission

    Ok, that wasn’t what I was suggesting, no. That would effectively make your password hash the password itself - and it would kinda be stored in PlainText on the server, if you skip the client auth and send that value to the server directly through the api or something

    how does such a service (like Proton Mail) perform this in a web browser without having access to the data necessary to decrypt all of the data it’s sending? […] do you send down an encrypted private key that can only be decrypted with the user’s password?

    Yes, pretty much. I can’t really find a good, detailed explanation from Proton how it exactly works, but LastPass uses the same zero-knowledge encryption approach - which they explained with some diagram here - with a good overview of the client/server separation of it’s hashing.


  • I’m not really sure how it opens up replay attacks, since it doesn’t really change anything to the default auth. There are already sites that do this.

    The only difference is that instead of sending an http request of { username = "MyUsername", Password = "MyPassword" } changes to { username = "MyUsername", Password = HashOf("MyPassword") } - and the HashOf(“MyPassword”) effectively becomes your password. - So I don’t know how that opens up a possibility for replay attack. There’s not really any difference between replaying a ClearText auth request vs an pre-hashed auth request. - Because everything else server side stays the same

    (Not entirely auth related), but another approach of client side decryption is to handle decryption completely client site - meaning all your data is stored encrypted on the server, and the server sends you an encrypted container with your data that you decrypt client side. That’s how Proton(Mail) works in a nutshell




  • [From the github comment]

    The issue I see with the RFC is not wanting to allow users to add tags to ease the burden on moderators. This comes from a lack of users with privileges, so moderators are overworked and need to rely on bots.

    If the tags are just kinda “plain old hashtags” - and not something cool like I mentioned in the previous post 😉 -

    Possibly you could have a look at how Gazelle handles tags, where it’s just a voting system. For example, this is “Kanye West” https://i.imgur.com/adTe4t8.png - then tags are no longer a boolean yes/no system, but a user-voted system. And then it’s no longer a moderation concern to have to correct tags, and you don’t need “User privileges” to manage the tags either.

    It’s just a pretty chaotic system though - you might still want moderators to remove bad tags and/or ban users from creating tags if they’re always adding nonsense.

    Could be some point based system like Stackoverflow - users with n points can vote on existing tags, users with n+ points can add their own new tags






  • Personally I don’t have any problems with it (if that was directed at me) - I’ve added 418 as “unhandled exception code” response to a bunch of applications, so I can easily differentiate whether my application is throwing an error, or whether it’s some middleware gateway AWS io-thing

    I was just curious what OP thought about it, since in the early days it wasn’t uncommon to add goofs or easter-eggs into software, but nowadays not done so much… and apparently the “HTTP Working Group” doesn’t like it either… So I was curious whether OP though in hindsight whether it should’ve been added or not