No, the one that answered:
"You know what he means, ahole. If this were truly a problem the jet fuel would be rationed and private aircraft would be at the bottom of the priority list"
The entire point of rationing would be to REMOVE the pure market forces that would deal out the limited commodity to those with the largest wallets and replace it with a scheme that benefits the most people, instead of the most money.
If you actually knew better, you'd have posted it, not just made a vague assertion.
Well, high enriched uranium is used in naval reactors.
Yes, and the only ships running on nuclear reactors are military ships. As I said: No civilian use-case.
The changes we have set off in the world today are not unlike those that precipitated the Great Dying 252 million years ago. We're at 420 ppm CO2 now but the permafrost is done for and after that the clathrates in the shallow seas are liable to let go, too. The current ice age is only 2.5 million years old and we've ended it. We may have triggered something akin to the Permian/Eocene Thermal Maximum.
There was some chance we could have headed this off, had we turned immediately and aggressively on the problem around the turn of the century. We have proven politically incapable of addressing this existential threat, and now that we might be mustering the will, the window may have closed.
We've had a good run, we anatomically modern humans, but this ending due to a lack of foresight is
Lots of shortsighted hot takes on this.
Anthropic is involved in litigation against our inebriated SecDef because Dario won't cosign for algorithmic warcrimes. The Strait of Hormuz is closed, Asia is going to hit a wall on liquid fuel and natgas. The U.S. AI datacenter build frenzy has hit a wall in the form of public disapproval, and under that an electrical components availability problem that the trouble in Asia will NOT improve.
If your hot take doesn't factor the geopolitical things into the mix, your are wasting poor defenseless electrons that accomplished nothing with their potential.
I would love to be a fly on the wall in the Anthropic C suite conference room why they work through this. They are mobbed with customers, running a subsidized customer acquisition strategy they can't just quit, and several legs of the table supporting this are wobbling.
I'm glad the heat has passed me by, I saw a little friction during the conversion, but Opus 4.7, unimpressive as it may be, is steadily trundling along doing work for me the last twelve hours.
This is one AC that deserves to be modded up. I already commented, so I can't.
Palestine
You are aware of what happened Oct 7, 2023, right?
fascist
Actually, islamic fundamentalists qualify for that statement in absolutely every way. So at the absolute minimum you'll have to concede that there are two fascist sides.
There was a treaty in place that was working
For sufficiently gracious definitions of "working". Iran was quite busy building up conventional weapons including delivery systems that could be re-purposed for nukes as well as moving towards nuclear weapons. There is no civilian use for 60% enriched uranium. Moreover, the number "60%" is misleading. The work to enrich isn't linear. When you have 60%, you're not 60% of the way from raw to weapons-grade, you're 95% of the way.
To put into context just how insane any claim that they had 60% for any peaceful purposes is: Most nuclear reactors use uranium enriched to 3% to 5%. 60% isn't "a bit more than usual". It's a fuckton more than any non-weapons use can reasonably explain.
And now we're in a situation where Iran has every good reason to get nukes, to defend themselves.
Iran didn't need a reason. We all know the reason they already had: Wiping out Israel.
The world has relied on "Just in Time" delivery or maintaining minimal backups to cover brief weather interruptions for many years as globalisation became the norm.
And no strike or other interruption has ever made them learn that JIT isn't all flowers and happiness and moving your warehouse to the road has more consequences than cost savings.
Second, when the EU says you can verify your age without revealing your identity, they seriously mean it. I worked on the ISO 18013-5 mobile driving license standard, and its protocol is the basis for the age verification scheme (18013-5 also supports privacy-preserving age verification).
The spec contradicts itself in various places, with sections saying that the app interacts with the attestation provider only once and that the attestation cannot be reissued, and other sections implying that the attestation gets reissued every three months and that the tokens are single-use.
It also isn't clear about whether they are actually using 18013-5 or are just requiring companies to implement a few tiny fragments of the spec.
I was left more confused after reading the spec than I was before.
Looks like I spoke too soon. The specification massively contradicts itself. 3.4.2 requires reissuance every three months, and requires that it issue 30 attestations at a time, and that they be single-use.
That part is architecturally correct, though allowing access to only 30 adult sites per three months is dubious. And if getting a new proof requires a new request at some point, then it becomes possible for the trusted list provider, conspiring with the proof of attestation provider, to cross-correlate the timing of requests and unmask a user with high probability.
And then, there's this:
3.4.1 Issuing of Proof of Age batches Since Proof of Age Attestations are designed for single use, the system must support the issuance of attestations in batches. It is recommended that each batch consist of thirty (30) attestations. Since the timestamps in the ValidityInfo structure of the mdoc encoding of a Proof of Age Attestation can provide linkability clues, the Attestation Provider should set these timestamps with a precision that limits the linkability information. For this reason the ISO/IEC 18013-5 recommendation should be followed, i.e., setting the hh, mm and ss information to the same value on each Proof of Age Attestation.
So you still have a value that is potentially usable for tracking across multiple websites. It's just a timestamp. I'm not sure if I'm reading what they're saying correctly. If they mean all 30 in a batch have the same value, this is a disaster. If they mean always set the value to 00:00:00 so you get only one day of precision, that's better than nothing, but when the request comes from an area with low population density, it is still potentially inadequate for anonymization.
I can't make heads or tails of this specification. It contradicts itself in too many places, and it buries you in minutia while lacking a clear overview. It's the kind of spec only a bureaucrat could love, because it is perfect for verifying compliance, but makes it nearly impossible to quickly verify that the spec makes sense. It lacks a section on threat models and how it addresses those threats, which is the first thing I'd expect to see.
At this point, I have no idea whether this protects privacy or not. And that's perhaps more disturbing.
I sure don't believe the "completely anonymous" part.
It is possible, in theory. But calling this "completely anonymous" is hopelessly naïve, IMO, unless I'm missing something *huge*.
Announcing that this is "technically complete" is laughable. I have not seen a single public white paper on the subject. We should have seen years of back and forth between academics, crypto experts, operational security experts, privacy experts, and other groups, as they all tear apart the design over and over again until it is refined into something that actually provides the claimed anonymity.
The lack of this public discourse leads me to the inevitable conclusion that it almost certainly provides the illusion of protecting privacy, while in fact massively violating it to a greater degree than ever before.
And sure enough, I started skimming the technical specification, skipped the whole first section, which was mostly justification, and almost immediately found a fatal flaw.
Unless I'm missing something, this is a show-stopper, and points to the entire architecture being fundamentally unusable:
2.2.3 Revocation and Re-Issuance
In its current form, the solution does not support revocation or re-issuance. Adding support for these features would introduce additional complexity, which could hinder the rapid adoption of the solution.
What this means is that a user gets a magic token that proves that the person is of a particular age, then submits that token to sites for verification. Here's a list of problems with that approach:
Using the words "privacy rape" to describe this technology is not nearly a strong enough statement, but it is the strongest phrasing I could come up with.
Protects anonymity, my ass.
About the only good thing that can be said about this is that because they didn't specify minimum requirements for storage protection, chances are it will get hacked in the first week, and a few adult users' attestations will show up on the dark web and will get used by a few million underage users' devices, making it useless as proof of age, and hopefully resulting in the folks who thought this approach was adequate quickly shutting it down.
Like I said, give us a public comment process, articles published in multiple reputable journals, etc. and in five to ten years, this will be ready. It's not ready. It's not close. It's not even in the right ballpark.
For this to be completely anonymous, it must not be possible for a government actor with control over infrastructure to perform timing attacks on anonymity, e.g. user requests auth token from government, government knows who that user is, government sees unencrypted DNS request to porn side ten seconds earlier, correlates the requests.
Doing this correctly is genuinely really, really hard. You need:
This starts by the verification authorities outsourcing the verification to the "RP" (relying party). Public keys used to verify the signature. That way, the government entity doing verification does not have any record of verifications to correlate with requests.
This continues with the client queueing up a thousand or so pre-signed certs from the signing authority, and requesting replacement certs on a time-based schedule (once per day, with randomization of the replacement rate, with the client silently discarding excess certs so that you maintain a consistent pool size).
This is a starting point. I'm not saying that these things are sufficient, just that they are necessary.
Yeah sweet, fits great on all those 40 bit architectures or chunks nicely into four 10 bit chunks for all those 10 bit ones.......
AEG is the holding company where brands go to die.
IMO, that's redundant. Holding companies are where brands go to die. Nothing specific to AEG.
Is Allbirds even real?
Everybody knows all birds aren't real.
Loose bits sink chips.
