Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror

Comment Re:This Is A Nonstarter (Score 1) 58

Not all the world is the US. In the US, you're relatively safe... well at least as long as you were born a US national, it seems we're deporting those who aren't. And we'll see where that trendline goes.

Other nations outside the US and EU? Safety varies a lot. There are plenty of governments happy to punish or disappear protest starters.

Comment FluffGPT (Score 1, Troll) 48

Example of a suspicious passage:

"This is the best scientific paper ever, believe me! It proves beyond a galactic doubt that climate change is a tremendous hoax perpetrated by deep communist woke liberals so that they had an excuse to regulate my grand and beautiful hotels and resorts, which score the highest ratings in the history of ratings, by the way, going all the way back to Ebbuh K. Neezer, loved the guy, taught me all about gold toilets, Making Shitting Great Again!"

Comment Re:well... (Score 1) 36

Tech companies in general...need to get over this precious-snowflake conceit that their aesthetic choices are sacred and not to be tampered with.

I still curse the small, low-contrast font craze from a few years back. Leftovers are still around. Was it a plot to keep us geezers off the WebTubes?

Comment A difference that stark... (Score 1) 45

The sheer magnitude of the difference in patent numbers makes me wonder about what the difference in culture or regulatory environment about patent filing are.

Especially if you are talking companies in similar contexts, or same company today vs. 5 years ago vs. 10 years ago, or talking broad orders of magnitude, number of patents is presumably a better than useless metric; but "The two biggest companies have 7 patents" looks a lot more like someone doesn't even care to have a patent attorney throwing shit at the wall to see what sticks. Especially if you don't actually move to try to enforce them standards for examination are not just desperately high; and there's absolutely no requirement that whatever you are applying for a patent on is an improvement over existing methods; just that it's novel. The intern's vaguely cute idea that is 20 years behind the state of the industry won't be relevant; but it might still be patentable.

None of this is to say that I have reason to believe that they aren't considerably behind on tech; but '7' is just so low it suggests you aren't even bothering. That's the sort of thing where individual products that have no innovations worth mentioning probably have more 'apparatus and method for doing some obvious nonsense; but on a battery charge controller' patents than two entire battery companies have.

Comment Better question: (Score 1) 133

Why ask whether china is eroding the lead; rather than whether the incumbents are maintaining it?

Maybe my faith is weak and if I were huffing the dumb money I'd understand; but it looks awfully like our boisterous little hypebeasts promised that, this time, unlike all the other times in 'AI' we could totally brute force our way to the AGI Omnissiah; briefly tried copium in the form of hoping that competitors would be intimidated by their capex(because there's basically a generation of VCs who think that failure to reach monopoly is indistinguishable from losing); and finally proceeded to speedrun commodification because it turns out that nobody actually had any plan for what would happen if this alley started looking visually impaired even after we plundered the entire internet to feed it.

I realize that it's more fun to focus on what the sinister chinese are doing than what our glorious golden boys are not doing; but let's do the latter anyway; especially since this is one area where you can't just please chinese factory slaves as an inherent price advantage. The guys mechanical-turking out 'training'/'classification' tasks will all go wherever to scrape up the cheapest labor available, then stiff them on promised payments; and (while the process is pretty porous) being not-china is definitely still the best way to get access to premium TSMC processes; and at least not-worse for most of the rest of the most interesting ones.

Either LLMs are fundamentally a technology where being the first mover is a dumb idea; or the 'leaders' are actively fucking it; because, unlike some of the cases involving rare earths mining or finding fast fashion sweatshop sites, this was theirs to lose.

Comment Re:When will sudo read email? (Score 1) 20

I assume that there's a research OS somewhere that has discovered that this is much harder than it looks for anything nontrivial; quite possibly even worse than the problem that it is intended to cure; but looking at the increasingly elaborate constructs used when sudo is intended to be a granular delegation makes me wonder if the correct approach lies down the path of better permissions rather than ad-hoc lockdown logic.

There are some cases(eg. password-change or login tools often both reflect granularity limits in credential storage; and make reads or edits on your behalf to parts of files that you wouldn't be allowed to touch directly; but also do things like enforce complexity or age requirements that would require a really expansive view of 'permissions' to encompass) where the delegate program is handling nontrivial delegation logic on its own; but in a lot of instances it's hard to escape the impression that you are basically bodging on 'roles' that can't be or aren't normally expressed in object and device permissions by building carefully selectively broken tools.

I obviously don't blame sudo for that; its scope is letting you run a particular thing as someone else if the sudoers file allows it; but a lot of sudoers files might as well just say "there are no roles on this system between 'useless' and 'apocalyptic'"; and that feels like a permissions design problem.

Of note; probably not one to try to NT yourself out of; I'm not sure that you can build a sufficiently expressive set of permissions on classic UNIX style ones; but I've yet to see an NT-derived system that didn't boil down to 'admin-which-can-be-SYSTEM-at-a-whim'/'little people' regardless of the wacky NT ACL tricks you can get up to.

I'm curious if it's a case of the alternatives being tried and largely found to be worse; or if (along with a number of other OS design/architecture fights) the whole thing has mostly been pushed out of mainstream relevance by the degree to which you can just pretend everything inside a worker VM is basically at a homogeneous privilege level if you don't want to deal with it.

Comment Re:When will sudo read email? (Score 2) 20

I can't comment on where sudo itself lives on the spectrum from aggressively solid implementation to really-dodgy-smell-around-the-edges; but it seems like its purpose is a fundamentally tricky problem even if its execution were impeccable.

The basic "user is authorized for root; but we'd prefer he be thinking and logged when he uses that authorization" is reasonably cogent use case; but it's more of a reminder than a security barrier. Then you get into the actually-interesting attempts at limited delegation and determine that you'd basically need a different userland for a lot of purposes: aside from the modest number of things(often with setuid already in place) built specifically to carefully do a very particular delegated function on your behalf and provide you with nothing else if they can help it; very little aside from garbage kiosk UIs or web or database-backed applications with user and permission structures mostly orthogonal to those of the underlying OS actually tries to constrain the user's use of the application(within whatever context that user is operating; generally having a privilege escalation is considered bad).

Half of what you run considers having an embedded shell to be a design feature; so including any of that on the sudoers list essentially means being able to chain arbitrary commands from that sudoers entry; and the other half doesn't outright intend to include a shell but would require some really brutal pruning, likely of important features, to prevent being able to chain a couple of interactions into having the ability to run whatever. And that is assuming that sudo itself is working entirely correctly.

Slashdot Top Deals

The solution to a problem changes the nature of the problem. -- Peer

Working...