People who don't do intense security work for a living underestimate the complexity of it. This might find some vulnerabilities, but it's not really capable of producing new methods and attacks. What it replaces isn't a high quality human researcher; it replaces current static code review systems.
If AI models never had stack smashing writeups in their corpus, they'd never be able to invent stack smashing.
So, by any reasonable measure, I've spent a career doing "intense security work", with a particular focus in vulnerability research, and I do not agree with this at all.
This is somewhat related, but I know of a fairly popular iOS application for iPads that stores passwords either in plaintext or encrypted (not as digests) because they will email it to you if you click Forgot Password. You also cannot change it. I have no experience with Apple development standards, so I thought I'd ask here if anyone knows whether this is something that should be reported to Apple, if Apple will do anything, or if it's even in violation of any standards?
FWIW, some types of applications may be better served with encryption over hashing for password access. Email being one of them, given the varying ways to authenticate, it gets pretty funky to support. This is why in things like O365 you have a separate password issued for use with legacy email apps.
>whether this is something that should be reported to Apple, if Apple will do anything
Lmao Apple will not do anything for actual malware when reported with receipts, besides sending you a form letter assuring you "experts will look into it, now fuck off" then never contact you again. Ask me how I know. To their credit, I suspected they ran it through useless rudimentary automated checks which passed and they were back in business like a day later.
If your expectation is they will do something about shitty coding practices half the App Store would be banned.
> Apple will not do anything for actual malware when reported with receipts, besides sending you a form letter assuring you "experts will look into it, now fuck off"
Ask while you are in an EU country, request appeal and initiate Out-of-court dispute resolution.
Or better yet: let the platform suck, and let this be the year of the linux desktop on iPhone :)
Hmm, was the rise of the Third Reich because a far-right and social democratic regime had liquidated the entirety of the militant left wing in Germany? Was it because of the vulnerabilities of parliamentary democracies that Carl Schmitt identified and helped the nascent Nazi movement exploit? Was it because the much lauded dialectical progression towards societies of greater freedom, touted by the German idealists, instead led to a country ravaged by war, leaving disillusionment and a moral void that a strongman with some convenient scapegoats could exploit?
No! Of course it was because Plato's authoritarian Republic ideas because they, with the most surface level interpretation, share the concept of class collaboration with fascism.
Popper has many good ideas but I think this was not one of them. The rise of fascism was incredibly historically contingent. It was a black swan event, and one of the defining characteristics of such events is that people always write flimsy narratives to explain them with the benefit of hindsight.
This is a very bold claim, and many (including myself) argue that authoritarianism and many things identified fascist are the inevitable result of liberal democracy. Capitalism cannibalizing itself, etc etc, which again many would argue is also inevitable. Marx outlines the inevitable decline of profit that drives this phenomenon in Volume III of Capital, but it is also a viewpoint shared by Adam Smith himself, John Stuart Mills, etc etc. Schumpeter also relies on it heavily in his analysis of the role of private property in driving market processes.
As profits inevitably decline, either capital will inevitably seize control of the state (dictatorship of capital) or the people do (dictatorship of the proletariat). Their interests are inherently at odds, and market forces ensures that this contradiction must be resolved. Inevitably.
Anthropic has been the most histrionic about this, with their big blog post about how they need to make sure their models don't feel like they are being emotionally abused by the users being the most fatuous example.
LLMs talk like people; there is nothing wrong with this. It's perfectly fine to be nice to something even if it isn't human. It's why we don't go around kicking dogs for fun.
I understand why people don't act polite to LLMs, but honestly I think not thanking them will make people act more dickish to other humans.
I like to think we can perceive a difference between a machine and a living being. I don't thank my bicycle for transporting me or thank my spell-checker for finding typos. I get that we are prone to anthropomorphize but was just something I found a bit surprising.
>I don't thank my bicycle for transporting me or thank my spell-checker for finding typos.
Neither your bicycle nor your spell-checker hold conversations and answer questions, neither of them is being used as therapist or virtual girl/boy friend, and neither's whole shtick is being trained on a ginormous human corpus to convincingly respond like a person.
I like to think we can perceive a difference between a bicycle and an something specifically developed and trained to pass for intelligence...
I occasionally say please and thank you to ChatGPT for my own sake, not for the LLM's. They're sufficiently similar to humans that allowing myself to be a jerk subtly degrades myself and makes it more likely that I'm a jerk to real people.
I also took it as a joke; I'm glad at least one person validated my sense of humour, I was getting a bit worried reading all the replies.
At this point, I assume 90% of complaints about the apple keyboard are either tongue in cheek, explicitly humorous, a detailed, qualitative study with new information, or written by someone who is very new to apple, the internet, and technology in general.
I don't see how else anybody could seriously think 'The apple keyboard is bad, and the world needs to know about it! I'll make my opinion known, and surely that will solve the issue', let alone following it with 'no more Mr Nice Guy: I'm going to threaten Apple, the company, with consequences that will force them to act. It's high time somebody held these mega-corps to account and I'm willing to put myself on the line!'
Like, even if the article was written by the United Nations or the EU, there are very few actual threats they could include that might realistically spur apple to finally sort out the keyboard.
'If Apple don't sort it out, I'm going to fine them 75% of their revenue,' might be logical but seems a little deluded: terrorism or personal violence would be... unadvisable... and 'I'll switch to android' is also comically unthreatening, while also being hugely overplayed and almost always played straight, empty, and uninspired.
Everyone knows the keyboard sucks. Everyone knows that's not going to stop people buying iOS devices. It's the equivalent of 'fast food isn't nutritious but companies pretend it is' - in the year of our lord 2026, a multi paragraph article to that effect can probably be assumed to be numerous, new, surprising, ironic, or insanely naive.
The fact that a realistic, honest assessment of one's probable future purchasing decisions reads as a joke is maybe a little dark, but hey. It's a dark world, and it won't be lightened by yet another 'I'm totally gonna boycott if they don't stop!'
Youtube flagged one of my accounts as a teenager because I watched a few pop videos (lol) and I was not able to trick it with fake IDs, though I didn't try all that hard.
I've been grabbing music from youtube for years. I don't mean commercial music. I mean talented enthusiast who does not sell their music anywhere. Rest assured, it will absolutely be gone one day, and they way things are going, it feels like it will be sooner rather than later.
>I love art and music, but unfortunately have no artistic talent whatsoever.
Then go pay someone to teach you to play <instrument>, and you'll get a life skill that will be satisfying to watch grow, instead of whatever this soulless crap is.
edit: Oh god after listening to those samples, send Claude to the same music teacher you choose...
>It's weird to see the expectation that the result should be perfect.
Given that they spent $20k on it and it's basically just advertising targeted at convincing greedy execs to fire as many of us as they can, yeah it should be fucking perfect.
I think you're massively underestimating the complexity and depth of a good security audit service.
reply