Odd, the ones I have been in to do work on "my" racks, it wasn't uncommon for me to see nobody at all (not even a guard) the whole time.

Just row after row of servers doing their thing. Sometimes I would see the manager or a tech updating something.

Assuming that no plant ever goes offline for any reason and that there will be no other growth in Kenya ever.

That costs money. They were hoping the locals would foot that bill for them.

How many data centers in your immediate area? Are they the modern high density data centers with thousands of GPU units per rack or the old school 4U's in a rack supporting a few websites kind of data center?

As for employment, when is the last time you saw a data center that was bustling with human activity once construction and move-in was finished?

That was a joke! backhoes breaking fiber is part of the natural order.

That's why you should always carry a length of fiber with you. If you ever get stranded with no cell service, you can just bury the length of fiber in the dirt. When the backhoe guy comes along to break it, ask him for a lift.

Typically when using those tools, not every "issue" found is actually an issue.

It does nicely illustrate that AI may do a deeper scan, but not necessarily a better one.

There are existing rules based scanners for websites. Running one on any typical site will easily spit out more than 100 flagged issues. Some "consultants" will dutifully hand that report over and call it a day, but if you actually go through them, most if not all aren't even actual security flaws. Yes, if I POST data that includes the correct username and password, it will grant me access just as if I had filled in the login form. So what? Yes, if I give an invalid account number, it returns a page with (non-)error code 200. The page says "Access denied".

That isn't to say the AI tool is bad, just that it represents an EVOlution, not a REVOlution.

How will the automated ditch digger be sure to find and break the fiber cable?

As I understand it Mythos’ “big leap” is not in finding specific flaws it is in chaining them together into a “bigger” flaw. So finding a minor issue in curl that lets you put a file where you shouldn’t, plus a flaw in something that assumes some file location is “safe” and it doesn’t have to parse things with an advassery in mind, plus a flaw in something that relies on that thing, and so on.

When doing that kind of security work you don’t need to find a bunch of significant flaws in each tool, just a minor flaw in places that turn out to be useful when combined with say up to 9 other minor flaws. So from the viewpoint of cUrl which doesn’t rely on a lot of other tools to provide its services nothing has changed. The pain is experienced on a wider scale like over a whole OS where there are a lot of tools any of which might contribute a minor flaw so Mythos can find way to gain “the prize” (maybe remote execution, or a privilege escalation, or both).

Maybe a better way to think about Mythos is it doesn’t have to hyper focus on one tool like “can I break into the system using cUrl?” (and is not actually any better at that question then prior AI), but it does a far far better job at answering the question “can I break into the system using up to a dozen or so flaws together out of this pool of 1000+ tools?”. I assume it may be a bit better at finding flaws in single tool if the flaws require putting more bugs together or more steps to reach the state where an existing flaw shows up, but again that isn’t the big deal. The big deal is at a system level it puts multiple sub-critical flaws together to combine into a critical flaw. (queue transformers joke here)

Is Cuda a lock in because there is a critical mass of solutions written in Cuda and people that think about problems in terms of Cuda already so nothing is really going to unseat it that isn’t a close clone of Cuda and making one of this is for some reason impossible, or is the problem that you can make something else that lets you be expressive in the imprint ways Cuda is while giving the backend the same kind of flexibility to schedule operations, but nobody else has made one that isn’t “too buggy” to use on real world problems?

In the distant past very few C/C++ complies existed, they were “too complex” for small companies to make, and now we have very few commercial compilers and a billion open source projects that are all forks of gcc or llvm (or a fork of a fork of the llvm derived clang). We don’t have a billion non-C derived programming environments though (we have a few, JavaScript is popular, and I’ll argue Java is C-derived, although removing pointers form C doesn’t leave a lot, so I’ll also accept it as a distinct environment, but if so, so is Swift, and Rust also counts as distinct...still that is only handful). It doesn’t prove a lot, but I would say even the moat of a programming language and environment only lasts so long.

Do you actually believe that? I mean, yeah sure “we asked them what was up and they gave a flimsy excuse” doesn’t mean you have to believe it!

The only thing that points towards them maybe telling the truth is it might be obvious if the data center were operating and you don’t want to get caught in a provable lie. However it is also possible the data center is partly operating while construction continues and they figure “hey there aren’t people coming and going, who will know if the data center is operating as opposed to testing equipment if we get caught!”.

I've heard the music that AI can produce. The run of the mill one hit pop stars are seriously endangered, but probably not actual musicians for fans with any level of sophistication (admittedly a smaller market).

Hand made guillotines are the future!

McDonald's already tried automation once and abandoned it.

If you try to print an entire gun, you'll most likely end up in the ER when you fire it. The plumbing aisle of the hardware store is much more relevant to preventing improvised guns.