Interesting - is it just the URL or is it actually crawling the phishing site to assess whether its phishing? And how does it distinguish the site bank.com from bąnk.com (with a little curly ą) if both are an identical clone of bank.com?
That's a great question - right now it is only looking at the results from a battery of several dozen indicators that we compute upstream of the model itself (which saves massively on tokens)
As small models continue to improve, and edge hardware becomes more capable, we would really like to run larger models that could incorporate full page content and screengrab data, which would be more likely to catch these kinds of attacks.
But we also find that sites that do one shady thing usually do others, which is a big reason why a tiny model like this can work - and why we are betting on low latency being a differentiating factor in real-world impacts.
The model file is small enough to have in Git (safetensors is only 600MB) but the Gemma TOS make me unsure if I’m required to have the same “Read and accept the Gemma TOS” limitation that they have on their public huggingface model.
As for ptrace, I use it to inject code into the users shell to present the command in a way that doesn’t require further interaction to run. I wanted it to be more like the “AI terminal” experience without requiring the user to copy-paste the recommended command back into their shell prompt.
The idea is that the damage done by addictive social media apps is far greater than $20/month. And people already buy dumbed down smartphones based on Android that don’t allow most apps.
"Far greater" - then price it that way. Good luck getting anyone to pay $50/month though, or whatever you think it's worth for a few lines of Swift that Claude could make.
You're frankly asking a lot making it $2.99, but I'll let your customers speak to that more than myself.
We just raised series seed and looking for a founding engineer. We're reshaping healthcare for the $60 billion Medicare market.
Engineering culture is one that values learning, freedom to write code instead of overhead, fast pace, and using AI tooling both in engineering and inside our product. If you've wanted to build with an AI API or toolset this is the place to do it.
I don't know why people get so "twitchy" about this topic, what don't you understand about this situation being unique in history? I didn't say I support this level of censorship. I'm just smart enough and sympathetic enough to see how the platform causes issues for democracy and how this is a hard thing to grapple with for western democratic society. Smart people are using our morality against us and plenty of people fall for it.
Everyone I know that seriously uses Twitter, I've basically distanced myself from. It's an insane platform.
> what don't you understand about this situation being unique in history?
Because this exact argument is brought every single time someone supports censorship. Free speech is easy to support when you agree with what is being said, what matters is what happens when you disagree.
> I'm just smart enough and sympathetic enough to see how the platform causes issues for democracy and how this is a hard thing to grapple with for western democratic society. Smart people are using our morality against us and plenty of people fall for it.
And other smart people tell us that "actually, we do kinda need to subvert our values in this case, trust me". Now, I do see that there are shades of gray, but Twitter is far from a radical platform (we're not talking about KiwiFarms here) and, usually, when you're right, you don't need to win by silencing the other sides arguments.
Online anonymous platforms are very different to the free speech required to run and live in a democratic society. Twitter is a platform and social media is a technology. It's a cheap form of influence and is being used as a backdoor into our value systems and the narratives we use to understand our world.
You're anti-censorship. Do you think it would be ok then if a website offer rape porn? or child abuse images? Wouldn't not allowing that being on TV be a form of censorship too?
This isn't hiding books from you about astronomy or stopping you from getting an abortion it's grappling with scams, illegal contraband sales, child porn rackets, foreign electoral interference, information wars and more.
If we as a society find that a specific technology is causing actual harm to our society then we need to have discussions about how those technologies should be used and accessed and regulated. We can't just let our shit get broken because "censorship". Yes, this is a difficult thing to deal with because it's not easy for the reason you state.
Twitter is not a town square and even in a real life town square,sometimes the police have to get involved when shit gets out of hand...are you frustrated about that also? In the actual town square, you need to actual make effort and put your true self on display to exercise your right to free speech. Twitter is a joke compared to that.
> Twitter is a platform and social media is a technology. It's a cheap form of influence and is being used as a backdoor into our value systems and the narratives we use to understand our world.
No disagreement there.
> You're anti-censorship
Very much so, yes.
> Do you think it would be ok then if a website offer rape porn? or child abuse images? Wouldn't not allowing that being on TV be a form of censorship too?
It's absolutely a form of censorship, but (obviously) not one I disagree with.
> If we as a society find that a specific technology is causing actual harm to our society then we need to have discussions about how those technologies should be used and accessed and regulated. We can't just let our shit get broken because "censorship".
Yes, I'm with you as far as "we need to discuss this" and "this might be a problem".
> Twitter is not a town square and even in a real life town square,sometimes the police have to get involved when shit gets out of hand...are you frustrated about that also? In the actual town square, you need to actual make effort and put your true self on display to exercise your right to free speech. Twitter is a joke compared to that.
Well, except, to go with your metaphor, Brazil is saying "there are some drug dealers on the town square, let's just completely block it off and forbid meeting there altogether". Squashing innocent political meetings of your opponents might be an unfortunate side effect, but what can you do.
Just to be clear, I'm not at all a fan of Twitter. But it is a moderated platform and it's far from distributing the horrible stuff that we both agree should be censored [0]. It's not a shining diamond of intelligent discourse, but it's not in any way an extremist platform and it unquestionably did help democracy by helping normal broadcast the crimes happening in their region. Blocking it is a horrible precedent and really throwing out the baby with the bathwater.
[0] Yes, you will find examples of borderline tweets and horrible stuff that slipped through the filters, but that's to be expected for a platform of this size - in general, Twitter is comparatively tame and moderated.
Twitter is not a town square though, at all, not even one with drug dealers in it and here is why. The cost of being a political activist in the real town square is high, if you're being an extreme right wing Nazi, someone might come and challenge you, therefore people who really and truly believe in something worthwhile will go there, in person, against all odds and protest or raise their voices.
On Twitter, the cost to you personally for being a useful idiot is low, but the impact can still be rather high if you spread hateful bullshit and here in lies the problem, the cost of people acting in bad faith, and bad actors spreading shit on Twitter is next to zero, yet the harm is still high.
This is why it's not a town square, or a vehicle for free speech, but it's a very good mass manipulation platform.
If you want free speech, just go make a website, write up whatever you want on there and if you have anything interesting to say, people will read it. Take someone like Sam Harris, people pay for his content, he isn't even on Twitter, yet people find what he has to stay worth paying for.
People like Sam Harris or Jocko Willink have actually made their own spaces so they can say what they like without the fear of censorship, this is a better option in my opinion, the cost to them personally is still high, and therefore they stand by what they say because their actions are attached to their reputation.
Twitter isn't about free speech, or good ideas, it's about network effects, algorithms and influence. It's mostly a shit thing.
I have to go back to my original point, I can fully understand why this is a difficult situation for society and governments to deal with. If we let authoritarians influence our populace into a state of disrepair and ruin (which is what they want) then we'll all turn around and blame the government for failing to act, won't we?
Personally, I can imagine a time when social media platforms are outlawed. From the negative impacts on children, to marauding herds of racist fueled violence and election influence it's not hard to see that time coming, and if it comes, we will still have free speech, just not toxic platforms.
People often claim that open source is more secure, which is implied in this release. But the CodeCov breach that leaked any secrets provided to CI/CD pipelines [1] was done via a bash script available to anyone to read the code. The breach wasn't complex at all. It was just that nobody noticed for a long time that the bash uploader script sent all secrets to a random IP address.
It makes me wonder what the benefit really is to being open source. Is it just marketing?
It’s not about security for us, but about accessibility of technology. Open source lifts the barriers on who can use software (eg outside of politics, compliance, etc), and enables knowledge share. It’s - from Sentrys angle - how we enable any developer to take advantage of our technology, hopefully enabling them to solve other problems and grow the industry.
So cool to see the CTO of Sentry here! This makes some sense to me - I'm actually following an issue with Sentry I had recently and although it's not being fixed anytime soon at least I know the status.
I'd love to believe that one day someone will crack the nut of "Sentry puts a bounty on this issue and YPCrumble decides to make a PR because it's something he's experiencing AND he'd get some experience working on the Sentry codebase which would be a learning opportunity, and he feels like he's getting paid for his time."
Open source does not magically make your software more secure.
Community needs to audit the code if they are going to use it instead of trusting blindly.
That would be difficult to do, if say all banks decide to only support Windows/MacOs. My bank that I use is a bit wonky on Firefox but works fine on Chrome.
Some banks even refuse to run on Firefox.
Also, switching banks might be more difficult than switching an OS.
And you would lose the reward points if any if you switch a bank, not to mention, if you use autopay that is configured to withdraw from a certain card, you would need to go and reconfigure that everywhere.
It is not technically impossible, it's just going to arduous.
There are already countries where all banks in the country (and often it is a mere handful; not everywhere is like the USA with a big choice of banks) already require e.g. using their app on an Android version that passes SafetyNet, in order to log in to online banking.
Does that seem easier for people to do than buying a Windows or MacOS device? If your oldest credit cards are through your bank it could wreck your FICO for quite a while.
