It’s a bit of a stretch calling it a plastic, as it’s not petroleum based from what I’ve read.

It might, possibly, be a viable use case if the LLM produced the summary for an editor, who then confirmed it’s veracity and appropriateness to the article and posted it themselves.

Could you let me know what sort of models you’re using? Everything I’ve tried has basically been so bad it was quicker and more reliable to to the job myself. Most of the models can barely write boilerplate code accurately and securely, let alone anything even moderately complex.

I’ve tried to get them to analyse code too, and that’s hit and miss at best, even with small programs. I’d have no faith at all that they could handle anything larger; the answers they give would be confident and wrong, which is easy to spot with something small, but much harder to catch with a large, multi process system spread over a network. It’s hard enough for humans, who have actual context, understanding and domain knowledge, to do it well, and I’ve, personally, not seen any evidence that an LLM (which is what I’m assuming you’re referring to) could do anywhere near as well. I don’t doubt that they flag some issues, but without a comprehensive, human, review of the system architecture, implementation and code, you can’t be sure what they’ve missed, and if you’re going to do that anyway, you’ve done the job yourself!

Having said that, I’ve no doubt that things will improve, programming languages have well defined syntaxes and so they should be some of the easiest types of text for an LLM to parse and build a context from. If that can be combined with enough domain knowledge, a description of the deployment environment and a model that’s actually trained for and tuned for code analysis and security auditing, it might be possible to get similar results to humans.

I’m unlikely to do a full code audit, unless something about it doesn’t pass the ‘sniff test’. I will often go over the main code flows, the issue tracker, mailing lists and comments, positive or negative, from users on other forums.

I mean, if you’re not doing that, what are you doing, just installing it and using it??!? Where’s the fun in that? (I mean this at least semi seriously, you learn a lot about the software you’re running if you put in some effort to learn about it)

‘AI’ as we currently know it, is terrible at this sort of task. It’s not capable of understanding the flow of the code in any meaningful way, and tends to raise entirely spurious issues (see the problems the curl author has with being overwhealmed for example). It also wont spot actually malicious code that’s been included with any sort of care, nor would it find intentional behaviour that would be harmful or counterproductive in the particular scenario you want to use the program.

A valid point, trackers often give you a certain amount of upload credit for free, and there are often other ways to earn those credits too, so all users’ ratios would be above 1.0, but that should have read “A closed group of users can all have a seed ratio of 1.0” if we’re looking at just the data transfer itself.

A closed group of users can all have a seed ratio above 1.0, but it’s a bit of a contrived set up. For simplicity, in the following examples we assume that each file is the same size, but this also works for other combinations.

Consider the smallest group, two users. If user A seeds a file and user B downloads it, whilst B seeds a different file, which A downloads, both users will have a ratio of 1.0 as they’ve up and down loaded the same amount.

For three users, A seeds a file, B and C then download a different half each, which they then share with each other. A has a total (upload, download) of (1,0), whilst B and C have (0.5,1). If you repeat this with B seeding and A and C downloading, then C seeding to A and B, you get each peer uploading 2 files worth of data, and downloading 2 files worth, for a ratio of 1.0 each.

You can keep adding peers and keep the ratios balanced, so it is possible for all the users on a private tracker to have a 1.0 ratio, but it’s very unlikely to work out like that in real life, which is why you have other ways to boost your ratio.

The rules also ban the use of facial recognition equipment in public places such as hotel rooms, public bathrooms, public dressing rooms, and public toilets.

Why was there facial recognition, or any other sort of camera, in those places in the first place? Has something been mangled in the translation, is it a fuss about nothing, or were organisations genuinely going “hmm, we need to check your face before you can use the restrooms”?

Why allow depreciation? You wouldn’t have bought it with the reduced functionality, and it’s going to cost you time and effort to remove it and replace it with something else. Inflation will reduce the value more than enough.

It’s an old phrase, “lions lead by donkeys”, originally used to describe British soldiers being lead by incompetent generals, possibly during the Crimean war. The concept goes way further back though; apparently an Athenian general in the 4th century said (translated) “an army of deer commanded by a lion is more to be feared than an army of lions commanded by a deer”.

It’s a non-starter for me because I sync my notes, and sometimes a subset of my notes, to multiple devices and multiple programs. For instance, I might use Obsidian, Vim and tasks.md to access the same repository, with all the documents synced between my desktop and server, and a subset synced to my phone. I also have various scripts to capture data from other sources and write it out as markdown files. Trying to sync all of this to a database that is then further synced around seems overly complicated to say the least, and would basically just be using Trillium as a file store, which I’ve already got.

I’ve also be burnt by various export/import systems either losing information or storing it in a incompatible way.

I like it, this is clearly very enterprisey and solution focused, but I would like to suggest a couple of amendments if I may?

• Namespaces We should make full use of namespaces. Make the structural tags be in a language specific namespace (to be referenced in every function spec, obviously) but change the in an out params to use the parameter name as the tag, namespaced to the function they’re for, with a type attribute.

• In memory message queues Have all function invocations be marshaled as xml documents posted to an in memory message queue. Said documents should use a schema that validates the structure and a function specific schema to validate the types of arguments being passed. Namespace everything.

I reckon we could power a medium sided country if we could generate energy from the programmers despair.

If you’re talking about being able to regain access with no local backups (even just a USB key sewn into your clothing) your going to need to think carefully about the implications if someone else gets hold of your phone, or hijacks your number. Anything you can do to recover from the scenario is a way an attacker can gain access. Attempting to secure this via SMS is going to ne woefully insecure.

That being said, there are a couple of approaches you could consider. One option is to put an encrypted backup on an sftp server or similar and remember the login and passwords, another would be to have a trusted party, say a family member or very close friend, hold the emergency codes for access to your authentication account or backup site.

Storing a backup somewhere is a reasonable approach if you are careful about how you secure it and consider if it meets your threat model. The backup doesn’t need to contain all your credentials, just enough to regain access to your actual password vault, so it doesn’t need to be updated often, unless that access changes. I would suggest either an export from your authentication app, a copy of the emergency codes, or a text file with the relevant details. Encrypt this with gpg symmetric encryption so you don’t have to worry about a key file, and use a long, complex, but reconstructable passphrase. By this I mean a passphrase you remember how to derive, rather than trying to remember a high entropy string directly, so something like the second letter of each word of a phrase that means something to you, a series of digits that are relevant to you, maybe the digits from your first friend’s address or something similarly pseudo random, then another phrase. The result is long enough to have enough entropy to be secure, and you’ll remember how to generate it more readily than remembering the phrase itself. It needs to be strong as once an adversary has a copy of the file they jave as long as they want to decrypt it. Once encrypted, upload it to a reliable storage location that you can access with just a username and password. Now you need to memorize the storage location, username, password and decryption passphrase generator, but you can recover even to a new phone.

The second option is to generate the emergency, or backup, codes to your authentication account, or the storage you sync it to, and have someone you trust keep them, only to be revealed if you contact them and they’re sure it’s you. To be more secure, split each code into two halves and have each held by a different person.

I was more suggesting that it might be a bit eldritch, but sometimes humor doesn’t come across quite right/

The linked paper is focused on studying the ‘perforation-type anchor’ they use to hold the tissue to the mold as it grows, rather than keeping it alive afterwards. During growth the tissue and mold were submerged, or partially submerged, in a suitable medium to keep the cells healthy, and it was only when the resulting models were tested that they were removed (although one test did seem to involve letting it dry out to see if the anchors held). Growing the various layers of cells seems to be a solved problem, and I suspect that includes keeping them supplied with nutrients and such, so the authors aren’t examining that. What’s not solved is how to keep the tissue attached to a robot, which is what the authors were studying.

Do you really want to know? There are some things that the human mind is not meant to contemplate.

Putting a simple preseed file on a debian install image is probably going to be your best bet. Assuming you can run a VM on your current machine it shouldn’t be too difficult to test it until you’re happy with it.

It’s going to be a balance between your time getting an automated approach to work and the cost/effort of getting a monitor. Getting preseed working can be a bit fiddly, but it does mean you’ve learnt a new skill, getting a monitor sounds like it’ll be a pain, and you might only need it once.

Yes, that’ll work too, it does involve adding the disk to your machine temporarily though, so just be carefully which disk you format to do it. Please don’t ask why I say that, it brings back painful memories…

While I agree with most people here that finding a keyboard and screen would be the easiest option, you do have a couple of other options:

• Use a preseed file A preseed lets the installer run completely automatically, without user intervention. Get it to install a basic system with SSH and take it from there. You’ll want to test the install in a VM, where you can see what’s going on before letting it run on the real server. More information here: https://wiki.debian.org/DebianInstaller/Preseed

• Boot from a live image with SSH Take a look at https://wiki.debian.org/LiveCD in particular ‘Debian Live’. It looks like ssh is included, but you’d want to check the service comes up on boot. You can then SSH to the machine and install to the harddrive that way. Again, test on a VM until you know you have the image working, and know how to run the install, then write it to a USB key and boot the tsrget server from that.

This all assumes the target server has USB or CD at the top of its boot order. If it doesn’t you’ll have to change that first, either with a keyboard and screen, or via a remote management interface sych as IPMI.

The article says:

The photons travel through a resonant metasurface, where they mingle with a pump beam.

From that, I think it’s suggesting it needs a separate beam of photons to amplify the signal, much like a transistor needs a supply current to amplify the signal it gets.

They also say:

This new tech also captures the visible and non-visible (or infrared) light in one image as you look through the ‘lens.’

Which sounds like it produces an image showing both the IR and visible spectrum in the visible range.

Mind you, re-readind it, most of the article just talks about IR, so I’m not certain what it’s actually doing. It could just be transparent to the visible spectrum. It wouldn’t be much good for driving if it did that though, the windscreen blocks a lot of IR and you’d need IR headlights!