• 2 Posts
  • 609 Comments
Joined 1 year ago
cake
Cake day: August 5th, 2023

help-circle
  • I will get stuff because that’s what my parents own. They don’t have large amounts of liquid cash but my dad owns his house and my mom owns lots of antique furniture (passed down from her family) and jewelry (she has a problem with buying shiny gold and silver pieces). But there’s also 8 of us kids so the likelihood is that we each won’t get much in the way of any real inheritance even from what they do have.

    It’s easier for most everyone involved to just let them live out their lives using what they have earned along the way. So I told my parents pretty much the same thing. Take care of yourselves. We’ll be alright.


  • atrielienz@lemmy.worldtoTechnology@lemmy.worldAlignment faking in large language models
    link
    fedilink
    English
    arrow-up
    13
    arrow-down
    2
    ·
    edit-2
    16 hours ago

    This may not be factually wrong but it’s not well written, and probably not written by a person with a good understanding of how Gen AI LLM’S actually work. This is an algorithm that generates the next most likely word or words based on its training data set using math. It doesn’t think. It doesn’t understand. It doesn’t have dopamine receptors in order to “feel”. It can’t view “feedback” in a positive or negative way.

    Now that I’ve gotten that out of the way, it is possible that what is happening here is that they trained the LLM on a data set that has a less than center bias. If it responds to a query with something generated statistically from that data set, and the people who own the LLM don’t want it to respond with that particular response they will add a guardrail to prevent it from using that response again. But if they don’t remove that information from the data set and retrain the model, then that bias may still show up in responses in other ways. And I think that’s what we’re seeing here.

    You can’t train a Harry Potter LLM on both the Harry Potter Books and Movies and the Harry Potter online fanfiction available and then tell it not to respond to questions about canon with fanfiction info if you don’t either separate and quarantine that fanfiction info, or remove it and retrain the LLM on a more curated data set.


  • https://apnews.com/article/unitedhealthcare-ceo-killing-luigi-mangione-terrorism-law-7fcb28dcc0106c980b6ecf4aa9cf682f

    That doesn’t mean they can’t be tried as terrorists. The main problem here is actually whether or not the facts of the crime actually allow for a terrorism charge. Fact is, he had a manifesto (see ideological goals), and the shooting was a violent criminal act.

    According to the FBI that’s all it takes. It may also be what is lacking in the case of some school shooters.

    While I am generally on the side of “CEO FAFO”, I recognize that the problem here is that the FBI and the laws they follow are flawed (probably deliberately) in such a way that they only target those who target the wealthy.

    Shooting up a school is an act of terrorism if you do it because you’re targeting a soft target in an attempt to hurt the local, state or federal government or you’re religiously motivated etc. But not if you were bullied.

    There’s been plenty of over 18 mass shooters who also haven’t been charged with terrorism. And with each one there’s people who will say they don’t want the US to become more of a police state because they believe that counterterrorism techniques (which we use internationally) shouldn’t be used against the general population.

    The federal government has a habit of overstepping the rights and freedoms of the general public any time they feel like they are under attack. We saw this with 9/11 and the Patriot act. So I can see their reasoning even if I don’t agree that mass shooters should be considered terrorists under the law.


  • My dude, the vehicle could be working fine but you could live somewhere with no broadband and poor 4G connection and not be able to receive the update. Don’t assume that you just know how everyone who owns one of these cars lives their life because that’s not helpful to the conversation, and it’s not how the government functions. The government has to assume that if a recall for safety or security is being issued that people may not be able to receive that OTA over the air and may be required to go to a service center for it instead.

    Almost all new cars have OTA software updates. If one of them breaks something and then the car can’t get further updates, what then? You’ve never had a software update mess with your computer? Are you for real right now?



  • Data is tainted by people who now know that what they generate is being funneled into these models. Additionally models are having guardrails added to prevent problematic responses. Add to that the lack of clean data sets for training data and the amount of Gen AI generated data that is all over the web and you get a fairly clear picture of why the answers are getting worse.





  • Recalls aren’t just something that magically happen. Usually there’s an investigation (by the NHTSA, or the company themselves). That investigation concludes that a recall is warranted or necessary and, in the case of voluntary recalls they do a cost to benefit analysis (like how Ford did when the Pinto was a bomb just waiting to be rear ended, and they realized they would save money by not recalling them).

    But the NHTSA does force quite a few car manufacturers to do mandatory recalls regardless of whether they want to or not, usually to do with health and safety. You know. To prevent the Ford Pinto scenario.

    So it’s not so much what they aren’t recalling (although I’m sure there’s quite a lot). The real question should be, why do they have so many recalls? Why aren’t they fixing the problems before they public gets a hold of these vehicles. And it’s not just Tesla we should be asking that question of.


  • Anti-viruses flag a lot of things. It is called a False Positive (or sometimes a “Someone didn’t pay us for an exception” Positive but…). It has nothing to do with something hooking into a kernel or just being a program you run in userspace.<<

    A layman who doesn’t know why the program was flagged and doesnt necessarily know the name of the Anti-cheat program or just hits delete all (which is probably thousands and thousands of people), you’re telling me you wouldn’t be extremely upset if a game you spent $60+ on suddenly wouldn’t start or your account go auto banned because the anti-cheat software has been deleted by an antivirus program by mistake?

    Genshin Impact’s anti-cheat was literally used to stop anti-virus programs running on people’s computers and mass deploy ransomware,<<

    I assume you are referring to https://www.trendmicro.com/en_us/research/22/h/ransomware-actor-abuses-genshin-impact-anti-cheat-driver-to-kill-antivirus.html<<

    You don’t have to assume. I linked the article.

    Which… I’ll just raise you https://www.polygon.com/22898895/dark-souls-pvp-exploit-multiplayer-servers-remote-code-execution which allows for ridiculously dangerous RCEs without needing any kernel level hooks at all. So…<<

    You have failed once again to establish what this has to do with the original complaint, which is that kernel level anti-cheat allowed this security breach vector. And it has everything to do with the quoted text just below this from one of my previous comments:

    and the gaming industry as a whole is extremely lax about the security of their users.<<

    I choose not to spend my money at companies that enable this kind of crap in their games.<<

    I mean this in the most inflammatory and blunt way imaginable:

    Nobody gives a shit about you. Nobody gives a shit about me either.<<

    We are two people. We don’t fucking matter. What matters is the people who play every single Riot game ever made for thousands of hours each. THEY spend money.<<

    This doesn’t explain regulating industries. It doesn’t explain why so many companies (including game development companies) spend so much money lobbying for the right to be free of regulations that should be covered by privacy law but aren’t because these companies don’t want that. And if you can’t see the correlation here then you’re a bit far gone because if they can lobby so can we. It has to start somewhere.

    Like I said before: it is about accepting risk. Knowingly or unknowingly, it doesn’t matter any more than telling your parents that you must have gotten a virus from that pokemon cheat code rather than the hardcore pornography that came in exe form for some reason.<<

    You don’t want to compromise your security more than you already do. Cool. Most people playing these games are fine with that if it reduces the odds that they have their free time ruined for them by aimbots and wallhacks. And… clearly there is merit to this approach if studios are willing to pay for it.<<

    I would argue that the vast majority don’t know. People like to act like gamers are in some way really tech savvy and they just know all the ins and outs of all that goes into the game and what is installed on their system. But the opposite is true for most people. They buy a game or program from a source they don’t have a reason to distrust and they install it and give it whatever permissions it asks for. This is the main reason I’m arguing that people absolutely should be educated and they won’t get that education from game developers because for the most part those devs prefer it this way.

    Because, at the end of the day? We’ve been through this. Back then it was DRM. DRM was bad and DRM was horrible and EVERYONE had a super obscure russian (?) cd rom drive that Starforce would brick. And the same arguments of “ideologically this is bad and it could ruin things for a very small percentage of people” came up. And the answer was always “I refuse to buy anything”<<

    And… everyone else DID buy things. The genuinely bad shit like starforce went away in favor of activation model DRMs (which continues to this day) but also… alternatives were actually presented. Steam is basically a variation of GOO (which is also basically what GoG does) but Steam has the added benefit of people being scared shitless of getting caught by Uncle Gabe and having their account taken away.<<

    People bought things with DRM because they didn’t know, or there was not another option. And DRM was a significant thing even before the internet was a widespread thing which is why once it got it’s foothold it kept it. The average consumer didn’t know and wasn’t intending to pirate anything so they didn’t care.

    And that is what we need here. Not asinine requests for politicians who understand nothing to solve this for us. We need actual alternatives that work better AND are less invasive.<<

    Why is it asinine to tell the government I want a public industry regulated to protect my right to privacy? Because that’s what it comes down to. It’s my right to not just privacy but security of information. This would never be a question if a company were requesting it but when people do it it’s somehow problematic?

    As an aside: I increasingly notice that you say very inflammatory things based on a misunderstanding or misconception of the thing you are criticizing. That is a bad habit in general but it is a REALLY bad thing when it comes to cybersecurity (which this basically is). Because it gives you a false sense of security when you think you are following best practices but are actually spewing nonsense and ignoring all your other risk vectors.<<

    Education wasn’t your goal as far as I can tell because you’re extremely combative. You make a lot of statements that you don’t back up with anything. You assume a level of knowledge that you probably shouldn’t. And you get upset when the other person doesn’t understand, completely ignore their questions and points in favor of whatever crusade you happen to be on, and then double-down while ignoring the clarifying questions they ask.

    There’s not going to be a discussion between devs and consumers if we don’t educate people on what’s going on. That’s literally what we’re talking about. And you seem to assume that I’m just adverse to that without taking into account that I think we should have both things. We as consumers should have open dialog with the industries that rely on us to buy products. But we should also very much expect that our government that we pay taxes to regulates industries accordingly.

    Because we’ve had so many data breaches in every industry but the ones in gaming have been pretty abundant and that’s not okay. You seem to want to act like nothing is connected to anything else and that’s a good way to go through life without getting anything done and with a giant target painted on your back.

    I can’t assume that every consumer is like me. You shouldn’t either. And just because they got rid of other DRM that you view as worse doesn’t mean that we’re in the clear.


  • The thing is though, if a drone is spying on you the police have to do something about it. And if they can’t or won’t then you document everything and when they show up saying you did something, you tell them “so you found the guy who’s been stalking me via drone?” /S for obvious reasons, but these laws are going to have to change sooner rather than later because there’s a lot going on that technically isn’t legal with drones but can’t be prosecuted by the legal system because of this law.

    Add that to the military airspace drones keep violating (not under FAA jurisdiction) and eventually this is going to be a problem that the government can’t ignore.


  • What is your argument here? Is it that Anti-cheat is good? Is it that Anti-cheat is necessary? Is it that it’s bad but you feel my information is incorrect? Because you’re all over the place. “I’ll raise you” is you literally saying, malware can be spread without anti-cheat at kernel level so anti-cheat at kernel level is okay? And it’s not relevant to the conversation because it’s not about whether or not some threat actor can use other means to compromise a system or several thousand of them.

    Like. Even if you feel you needed to add context you actually seem to be intentionally using inflammatory language in order to in some way try to discredit not my reasoning but my stance that Anti-cheat is invasive and should in fact see opposition.

    My argument is that refusing to buy isn’t going to fix the problem and I thought that was obvious from what I said, but apparently not. So, the question originally was "is it time to take a stand (not as individuals, but as a group) against kernel level anti-cheat. And my answer is that it’s been time and bad things keep happening and have the potential to keep happening because of it, and no it doesn’t matter if it’s only a handful of users, especially if those users are rocking $3K worth of parts in a gaming rig.

    You’re suggesting that a security issue that is wholly ignored by both the public and the government as well as the industry that should be regulated is going to be fixed not by regulating it with laws and that’s extremely confusing give. The fact that we know it’s not how this works and “Uncle Gabe” has already implemented a solution and that solution is to make it apparent that games have kernel level anti-cheat so some of us are more informed. Because some random corp is going to do a better job than the government at regulating the industry.

    I’m not sure why you think that’s what’s going to happen or even how you might believe it’s any less of a pipe dream than these companies (Microsoft included) doing the right thing and safeguarding the data they are allowing access to. Anti-cheat at kernel level is running all the time regardless of whether you’re playing the game that has it or not. It’s not just one singular program. It’s all different ones because there’s not any regulation in this space to speak of. And companies don’t want there to be. Valve is not strong enough in this space to make this go away by themselves.

    People say crazy things about how powerful Valve has become in the PC gaming space. But while they have consumers generally on their side, Microsoft is older and has been in the space longer, and is definitely more powerful (money, connections, longevity of the business etc), and they have no real intentions of doing away with kernel level access for anti-cheat despite what few articles there were suggesting otherwise just after the crowdstrike fiasco.

    You’re right that corps don’t care about individuals. But they care about the masses because we’re the ones they exploit for money. That’s literally why any type of organized opposition from millions of people is successful at making any changes at all. So again, what point are you making here?

    Is your intent to educate? Is it to say that I’m wrong for saying we should organize against Anti-cheat at kernel level? Is it that you think you have a better idea of how this works, and what changes should be implemented? Are you for keeping Anti-cheat because you feel it serves a purpose?






  • We literally have a cloudstrike report giving direct examples of how bad it is potentially as a vector for malware. Additionally it doesn’t solve the problem it aims to solve, as reported by several outlets because it doesn’t stop hardware level cheating, just potentially stops scripts. So you could absolutely enable cheats through a device like a keyboard and mouse or controller and the Anti-cheat does nothing.

    Additionally though, I am not buying products with kernel level Anti-cheat and that is intentional, so I am not agreeing to the TOS or EULA of those games. If you add to this the fact that some games retroactively added kernel level anti-cheat, it’s bogus to assume that people are in the know or that they agreed to such things in the original TOS or EULA. Steam only recently made developers list kernel level anti-cheat on store pages for their game.

    Also, kernel level anti-cheat in single player games is just ridiculous and invasive.


  • You did not read what I wrote in my response and it shows. I have taken responsibility for my machine. I don’t buy games with kernal level anti-cheat. I specifically view them as an attack vector for malware. They started the cake vs fork argument and my response was directly related to them using such a poor expression for the context of the conversation we were having and therefore it took that to its logical conclusion based on the argument they made.

    Since you didn’t read and decided to downvote I am choosing to not discuss this with you further, having vetted the ingredients of your cake. Have a good day.


  • That doesn’t really track here. My reasoning is simple. They are requiring access to something they didn’t initially make public or allow an informed decision on, and they did that on purpose. While I don’t currently own or buy games that have kernel level anti-cheat, that doesn’t make the obfuscation any better.

    I actually have not pressed the install button, nor have I pressed the purchase button. However, I also want you to look up the phrase “eat cake and have it to” and figure out what you mean. I’m buying the cake. I’m buying the fork to eat the cake. Neither the cake company nor the fork company should be able to tell me what to do with the product from the other company. You don’t have to agree with my stance, but understand that this is the argument that I am making.