Yea ChatGPT wasn't better at non hallucinating, but RLHF made the model much more useful for the average consumer, so consumers used it, instead of just other ML people. And, like you said, consumers are a bit less critical than experts from the field.
Oh interesting, from what I understand then, this is great for small context size models, compared to RAG? Is there research into how to make this more effective for large context size models (since context size of major models seems to be 4xing every 6 months at this point)?
It appears that RAG actually dominates for 2k context lengths compared to this method, but that this method outperforms it more and more the longer the context gets (see the graph titled "Retrieval Benchmark Results, by Document Length")
"Document length" is the length of the text that contains the answer. "Context length" is how much text the model can process to produce the answer, and this number is fixed across their experiments.
When the document length is 2k, it's likely smaller than the context and RAG can just retrieve the entire document to have the model read it. When the document is longer, RAG needs to actually do some work to pick the parts that contain the answer.
The "extended mind" can always query tokens across the entire document, though evidently worse than if they were included in the context.
Yea I agree, it seems like the first user asked for the analysis using publicly available data, then the second user asked for the same publicly available data, and ChatGPT provided it in a different format.
I always assumed copilot and ai code assistants were replacing docs, for most use cases. I guess I'd rather just ask the question I have, when I have it, instead of having copilot preemptively create docs for questions it thinks I'll have later on.
The block 'Cell Values to Include' let's you forward values selectively. The v0 had auto feedback but it wasn't robust, quite risky on credits, and not that useful in most cases, so now it's a multi select per prompt opt in.
Couldn't tell in the pdf, are there entity size restrictions for the applicability of the law? Like, could this make launching a new software business in the EU even harder? Can you be marked as "important" but also be a 5 person company?
Love the naming scheme, and I'm pumped that developer tooling is still able to raise this much. Without digging too deep here it's not super clear: Are these tools more for end user developers or are people using these for projects, and if so, what projects currently use these libraries?
Trying to figure out where's a good place to start trying them out...
They have a number of applications they themselves built on top of their libraries (and cloud offering), listed at https://charm.sh/apps/. They claim it's used by enterprises on their landing page (https://charm.sh/#enterprise), but doesn't go into details.
I believe that the stated/claimed intent is to create cross-country, bloc-wide digital signature interoperability and acceptance standards. The theory being that you can "digitally sign" things with a national ID (e.g. a smart card), and have that recognised anywhere in the EU. That would, in theory, help to reduce and simplify bureaucracy, especially for people moving between countries in the EU (a process which can be quite complex even with freedom of movement, due to totally different cultural norms around government systems, forms, languages, etc.)
Something better than typing your name and trusting a third party to do email verification for a digital signature certainly sounds like it could have advantages for doing business though.
I believe the issues identified here seem to stem from a (very) over-enthusiastic desire to have certificate acceptance everywhere (i.e. prevent discriminating against one country's citizens by excluding their ID card CA), without understanding the different types of trust chains and certificate chains. Presumably scattered with a bit of technical naivety as well. The concept itself is (probably?) fine, as long as it doesn't try to force browsers or SSL verifiers to accept or trust certificates they don't want to.
Indeed: the goals are justifiable and very much welcome, in my opinion. Yet, I do not understand what CAs and the global TLS/PKI ecosystem have to do with the goals.
> Yet, I do not understand what CAs and the global TLS/PKI ecosystem have to do with the goals.
Technically that is also digital signing. The regulators probably thought that all kinds of digital signing should be included in this bill and just slapped something down for browsers while they were at it.
My guess is that someone saw the value (rightly) in being able to do "good" digital signatures on the web (better than docusign in terms of integrity/proof), and that meant (in their head) those certificates have to work in the web browser.
Which, if you don't understand web trust and PKI, means a bit of searching online will tell you that you need your browser to trust the CAs you use for digital signatures.
Which is of course not true - you can (and should) present an "untrusted" (i.e. not a server authentication) certificate as your client certificate or for signatures, as there's different trust bits and use-cases for different kinds of certificates.
I suppose this is the first step towards a stricter kind of the German "Impressumspflicht". Currently, if you are operating a website in any kind of (even most remotely) commercial function, you need an imprint. Lacking one, you get nasty expensive letters from lawyers and courts. At the moment, this imprint is just a text on your website.
With certificates from a government CA containing your name, address and maybe other data like tax ID, the certificate becomes that imprint, digitally signed and hard to fake. So I guess the next step after this directive is in place will be to require such government certificates for all European websites instead of the usual domain-validated WebCA ones. For a modest fee going into the pockets of some government cronies, of course.
A key idea behind all of this is to sell "qualified certificates". Which is another way of saying "expensive certificates".
In the past, CAs sold EV certificates which gave you a nice green look in the browser bar and no security advantage (arguably security downsides, because you cannot automate it). That was good business, until browsers decided that this makes no sense and scraped any special treatment for EV certificates.
The "qualified certificates" by the EU are essentially EV with a new name.
>Which is another way of saying "expensive certificates".
True, basically eIDAS is a cartel. With the help of EU legislation, some Certification Authorities banded together and are now saying that certificates emited by anyone but them are not good. And obviously they fully controll the pricing for the "good" certificates.
> True, basically eIDAS is a cartel. With the help of EU legislation, some Certification Authorities banded together and are now saying that certificates emited by anyone but them are not good
For very specific needs like electronic signatures, "seals" and an interesting one I hadn't heard before, timestamping (proving that an electronic document has existed at that timestamp), not for general computing.
Also, considering Bulgaria has 5 CAs on the official list, with 2 others as potential, the claims of a shady cartel of "big Cert" being behind this is laughable.
EU bureaucrats are annoyed that ~100% of the trust decisions are made outside the EU (given that majority of browsers and the trust stores like Microsoft, Android, Java etc., are operated from US). They see it as the issue about the third part of security triade of confidentiality, integrity and availability. In short, they fear that EU company can theoretically be put out of business on a whim of US entity which is unaccountable to EU poeple (by revoking the cert in case of e-commerce, or trust bits in case of CA, or "TSP" as it's called in eIDAS). Hence the prohibition from distrusting certs unless ETSI (which is accountable to EU people) agrees.
Most of the commenters here miss the point, because they concentrate on confidentiality and integrity (cf. any post about MITM). They are of course correct that this creates capability to intercept TLS connections. They still miss the point that EU bureaucrats see it as reasonable tradeoff (which I don't think it is, but that's their POV).
Love this. How long has this been going for? Also excuse my ignorance of mesh networks: how does the mesh connect back to the internet? Is that going through an ISP, or are you trying to circumvent ISPs altogether?
I've not tried Datasette yet, but, with office hours, seems like now is a good time!
Does it make dataset discovery easier as well? I spend a lot of time looking for sources that are close to what I need— perhaps even more than I spend on formatting or displaying. Does datasette (or some other tool) make that easier than Googling around?
