Constraint solvers are a cool bit of magic. The article underplays how hard it is to model problems for them, but when you do have a problem that you can shape into a sat problem... it feels like cheating.
I took a course on SMT solvers in uni. It's so cool! They're densely packed with all these diverse and clever algorithms. And there is still this classic engineering aspect: how to wire everything up, make it modular...
If you're good at doing this, you should check out the D-Wave constrained quadratic model solvers - very exciting stuff in terms of the quality of solution it can get in a very short runtime on big problems.
Yes, explaining the "why / how did the SAT solver produce this answer?" can be more challenging than explaining some machine learning model outputs.
You can literally watch as the excitement and faith of the execs happens when the issue of explainability arises, as blaming the solver is not sufficient to save their own hides. I've seen it hit a dead end at multiple $bigcos this way.
When I'm talking to my doctor, or lawyer, or bank. When there's a signed NDA. And so on. There are circumstances where the other person can be (and is) obliged to maintain privacy.
One of those is interacting with an AI system where the terms of service guarantee privacy.
Yes, but there are also times when other factors are more important than privacy. If you tell your doctor you're going to go home and kill your wife, they are ethically bound to report you to the police, despite your right of doctor patient confidentiality. Which is similar to what openai says here about "imminent harm"
I went into a lot more of the Navajo history in my previous article [1] so I didn't repeat it in the new article. The quick summary is that the Navajo suffered a century of oppression, were forced off their land in the Long Walk, and had their sheep slaughtered in the 1930s in the Navajo Livestock Reduction. In the 1960s, the Navajo had 65% unemployment, $300 per capita income, and lacked basic infrastructure. Various groups looked to industrialization as a solution, so Fairchild opened an IC manufacturing facility on Navajo land in 1965, employing 1200 Navajo workers and becoming the nation's largest non-government employer of American Indians. The plant was generally considered a success, but in 1975, Fairchild had business problems and laid off 140 Navajo employees. Things went downhill and a radical group, AIM (American Indian Movement), took over the plant with rifles. The armed occupation ended peacefully after a week, but Fairchild closed the plant and moved production to Asia.
Just to be clear since "oppression" is a very broad term: the Navajo (and most other Native American tribes) are victims of genocide. It was a far, far, far more systematic destruction effort than mere marginalization.
Children were stolen, forbidden from learning their native language, killed en masse, food supplies were destroyed, land was continuously taken from them the second anything valuable was discovered on it, etc. etc.
It's really horrific stuff and the effects are still extremely clear on the reservations today.
Im not arguing people diagnosed with autism spectrum disorder shouldnt get benefits.
Its that the spectrum isnt as related enough that insividual disorders would make more sense. But that would require getting the health insurance industry to do more adjustments.
Some yes. But there's a flaw in your reasoning: It ignores the concept called "rate of change". Because of this concept there will be more energy put into the pile than escapes, leaving some to be extracted and not just "escaping".
> Why would one task run in a drastically different architectural situation
Someone made a mistake. These things happen.
> and it happen to be the one exploited?
Why would the vulnerable service be the service that is exploited? It seems to me that's a far more likely scenario than the non-vulnerable service being exploited... no?
> > Why would one task run in a drastically different architectural situation
> Someone made a mistake. These things happen.
Some company didn't have appropriate processes in place.
For ISO27001 certification you at least need to pay lip service to having documents and policies about how you deploy secure platforms. (As annoying as ISO certification is, it does at least try to ensure you have thought about andedocumented stuff like this.)
Ah yes processes.... things done by humans. When stuff is done by humans, mistakes happen - no matter what the process is. Go do a search for the phrase "wondering how this could happen" and find millions of news articles about mistakes happening despite processes being in place!
Both articles were published today. It seems to me that the researchers and coderabbit agreed to publish on the same day. This is a common practice when the company decides to disclose at all (disclosure is not required unless customer data was leaked and there's evidence of that, they are choosing to disclose unnecessarily here).
When the security researchers praise the response, it's a good sign tbh.
The early version of the researcher's article didn't have the whole first section where they "appreciate CodeRabbit’s swift action after we reported this security vulnerability" and the subsequent CodeRabbit talking points.
Pro - there is still not another language (generalizing to "shell" here) that allows you to easily write a series of commands and/or pipelines as concisely and understandably as shell.
This is the biggest reason to use shell - if your task is shaped like a command line session with a bit of looping or a few conditionals, shell is perfect.
If you start nesting loops or conditionals in shell, then start considering another language.
> (excluding things you've downloaded from the internet)
Why on earth would I do that? My storage includes things I downloaded from the internet that are not there anymore/hard to find/now paywalled. If you were thinking the only thing to download from the internet is pirated media - I haven't included that in my >2TB assessment.
reply