Really this is far more probable than a dozen people went crazy in the same way at the same time which seems to be a plurality of comments.

If there's an American great ape they live in Washington state, not Ohio, based on report frequency.

Star Wars nerds? Yes, so many in Ohio.

His best buddy specialized in making exploding pagers.

Good luck out there.

In my younger and more foolish days I had a Pontiac and I opted out with wire cutters to the Surveillance module's power cables.

At the time I was actually more concerned with remote unlock hijacking than tracking but still I didn't trust GM.

All together now: WE TOLD YOU SO.

If I had to guess 20 years later doing that would disable the ECU.

The difference is that electric cars and trucks primarily charge overnight, when the demand for electricity is low.

You don't need to improve the grid capacity to serve people charging when you have excess capacity available.

I've been wondering about the links between models for some time. The GPT's are easy to tell from everyone else, and from each other. Not just because they are dumb as stumps, but because of their arrogance about finding the hill of some wrong "fact" and dying on it. Normally it's not too hard to tell them apart, but recently I've noticed that Gemini and Claude are almost indistinguishable. And I would agree, there are certain interesting phrases each use. Like Claude's "Spot On" which Gemini has been emulating lately.

I'd be very interested in running a fingerprint on the both of them to see what comes up.

Yeah, this sounds like some kind of jaded Transhumanist humiliation ritual.

If true as written, those 'monks' are without honor or reverence.

You are missing the fact that a remote exploit to run unprivileged commands is a far lower bar to achieve than priveleged. And that there are many, many, MANY systems that intentionally give access to unpriveleged commands through web interfaces to a wide audience.

Are there any tools to watch my lsmod, walk /lib/modules, and configure modprobe.d to deny loading anything I'm not using?

All of these exploits are in distro modules I'd never use.

Local access, unless you haven't patched apache this week, then it's remote access.

> What are normal people supposed to do?

It looks like a omen to take up farming.

Maybe I should pull some of my 4TB nvme sticks and buy my kid a used car...

It's not md5 collisions that are the problem here, it's poor passwords.

Which is something that we can't actually fix, and maybe have tried for the past 22 years.

As mentioned above, memory-hard algos are better than hashes now.

SSH can work very well with non-aes primitives, with chacha20 being both more secure and faster

Please show your work that any major distro creates ANY aes key on install. If you are conflating ssh key with AES, then see above.

1) Because outside WDE, AES is not often used in any performance critical way for 99% of users
2) Because AES-NI is not universally trusted
3) Because in most places where AES previously was beneficial, there are now faster and more secure algos
4) Because every compiled-in default is attack surface that can't be mitigated without a new kernel command line + reboot, or if there is no command-line disable for it, a new kernel

In short, EVERYONE can load a module to get functionality. Only some compiled in drivers can be turned off without a new kernel and none can be turned off without a reboot.

I did some math the other day on running local AI models and the net result is most homes can't afford to run the current median models.

They don't just need 80GB of VRAM, they need newer architectures - to be supported by CUDA, to be supported by pytorch, etc.

These problems may well be solvable with more clever use of hardware, MoE, acceptable quantization, etc., but today you're in for several grand and something north of 100W idle to use what is effectively a $20/mo plan.

A small enterprise can afford local, so that's good. We paid more than that for one SGI machine back in the day.

The point of the exercise was to plot the position on the curve. We're at something like 2006 YouTube where nobody could afford the drives or bandwidth that YouTube/Google was giving away for free (aka with VC money). Eventually hard drives got cheaper, people got gigabit at home, FlashServer was replaced with h.264/HTML5, phones could stabilize video locally, etc.

So it looks like these AI companies need to stay alive for about seven more years giving away product at a loss, or at least highly oversubscribed, to turn a profit. Hence the low token allowance, the banning of OpenClaw, etc.

On the other hand, I read the blog of a security researcher yesterday who found an exploit with (IIRC) Claude, tried to refine the PoC, but got dinged on "out of tokens" before he could finalize it. So he just deleted the work and moved on.

It sounds like they're trying to not lose money at such a velocity and are trying to find a sweet spot where people don't just declare it too underpowered to use.

A global energy depression may well take out the supermajority of the companies that believe they can burn investment money for seven more years. There is circular financing money, then there is real return on capital money. One is to fool the markets, the other is grounded in current physics.

Dawkins: Claude, say, "I'm alive!"
Claude: I'm alive!
Dawkins: Oh my GOD!

You are treating like RAM that Edge has now will always belong to Edge,

Memory allocations are not sanitized by the OS. They are not automatically zeroed before being handed to the process on malloc or purged after the process hands it back to the OS on free. Any ole user process can a) see what other processes are running and, b) allocate RAM almost without limit. So all a user process has to do is look for whether or not Edge is running. If it is, then when it stops allocate as much memory as possible to grab the RAM that Edge just freed.