Forgot your password?
typodupeerror

Comment Re:CGNAT (Score 1) 25

Using "ip address, user agent and screen resolution" is extremely unreliable - think any kind of organised environment like a corporate network, cybercafe, educational campus etc. They will usually have standardized hardware and software so all of the above will match.

There's a difference between a spam lawsuit and a criminal investigation, for a serious enough crime that absolutely will happen. There will also be prosecutions brought against the ISP for failing to identify the subscriber as various laws require them to do. If an ISP isn't complying with this requirement today they are gambling and could face severe penalties.

Comment Re:CGNAT (Score 1) 25

The primary reason botnets target random home devices is because of shared ip addresses.
Earlier botnets targeted servers (more bandwidth etc), but these are trivially blocked. Once you have shared addressing you can't blanket block it without upsetting users, so you end up with login requirements or operators being forced to accept some level of malicious traffic.

If you have static addressing, and your address space earns a reputation for non malicious activity then you have a much easier life. This still doesn't help them track individual users beyond "non malicious users and not bots come from this range" as they still have no idea how many devices, how many individuals, how many roaming users etc exist. A static address block could represent an individual household, it could represent a company or an educational establishment, or a public venue like a bar or cafe etc.

Comment Re:CGNAT (Score 1) 25

The idea that companies track you based on IP is a fallacy, they use cookies and similar technologies. Even if everyone had static addressing at home and companies like google could guarantee this was the case globally, people still travel so the same device can pop up from multiple different locations with wildly different source addresses. I have multiple devices at home, but on the same VLAN they originate from the same IPv6 /64. Sites like google consider them different users, and even guess completely different physical locations for them which are hundreds of km apart.

Having a shared IP is a hassle, and a frequently rotating one isn't far behind.

Just because you have a unique IP, doesn't mean external companies know who it belongs to unless the ISP informs them.

Allowing them to track you will actually alleviate the anti-bot problems, as they can identify you as a known user. The anti-bot measures kick in when you are a *new* user as far as the system is concerned.
If you are a new user from a new ip then you get some leeway, if you are a new user from a previously seem ip then you look more malicious as bots will never retain cookies as if the bots could be tracked they would be trivially banned, and will always show as multiple users from the same address.

ISPs probably also like it because it means that without extensive logging, for which there is no business justification, they can't identify who downloaded some movie that the MAFIAA et. al. want to sue over.

Depending on your location you will probably find that this extensive logging is mandated by law. And since the logging is being done anyway, the ISP will look for ways to recoup the costs which often involve selling the data.
You think organisations like the MPAA will accept a response of "well it could be any one of 50 different users" and just give up? Absolutely not, they will either go after all 50 users with threats, or go after the ISP etc.

Europol gave a presentation on this:
https://ripe74.ripe.net/presen...

The Europol investigation also highlights a "could be any of 50 users" problem which resulted in 49 innocent people being intrusively investigated for a serious crime committed by someone else. If you're concerned about privacy you absolutely don't want a shared IP because then you're either facing detailed logging or possible intrusive investigation through no fault of your own.

Comment Re:CGNAT (Score 2) 25

ISPs using CGNAT still log traffic in order to track users, they do significantly more detailed logging for exactly that reason.
Similarly CGNAT breaks p2p, so applications like bittorrent effectively turn into a client-server model making it much easier for such orgs to go after the servers.

Comment Re:CGNAT (Score 2) 25

Far better methods such as what?

Several ISPs use IPv6 prefixes which are frequently rotated and recycled which can cause issues. A prefix which is static, or at least stable until the user explicitly releases it works much better.

The idea of dynamic addressing made sense in the dialup days when most of your users were disconnected most of the time. It doesn't make sense now.

Marketing companies like to perpetuate this myth that they track you by ip, but they don't and never have. It's just to distract users and make them waste efforts on ineffective means of avoiding tracking.

Comment Re:CGNAT (Score 1) 25

Mapping legacy addresses to v6 addresses wouldn't achieve anything, since you'd still have multiple users with the same address.

Marketing companies don't track users by IP, that's done with cookies, browser fingerprints, sessions etc. Marketing companies don't care about CGNAT.
This tracking doesn't work with malware, because malware doesn't keep cookies and each instance appears as a new user. It is the constant influx of new users from shared addresses which trigger responses like blocking or captchas. If you're not seeing this, then it means that you've got active tracking so they know you're a legit user and not a bot.

With v6 its a bit different, multiple sessions from the same address would still trigger a response but you won't be sharing an address with others so you can block tracking cookies and you appear as a new user every time, but because you're coming from a new not previously seen address you are not hit with abuse countermeasures.

Comment CGNAT (Score 2) 25

Much of the world is forced to use CGNAT to access legacy IPv4 sites, and many users are stuck with either no IPv6 or very lousy implementations (eg rapidly changing prefixes etc)...
You have one infected machine and it gets the shared gateway blocked, and then other users of the same provider are unable to access anything.

A lot of people are affected by this, but often don't know the reason. Site operators in developed countries often don't care or don't understand how users elsewhere have to suffer with CGNAT.

Example: https://www.reddit.com/r/Conve...

Comment Re:Barely enough for..dual-use? (Score 1) 76

The military implications are obvious. Think Ukraine. If you suspect the enemy is trying to infiltrate on a dark night along several kilometers of frontline, you light up the scene while launching a bunch of low-cost FPV drones, and those infiltrators are about to have a bad day.

You *can* spot infiltrators in the dark with IR cameras, but it requires much more expensive drones and isn't usually as effective, hence the preference for night operations. Plus, there's IR camouflage, with varying degrees of success. But it usually makes you stand out like a sore thumb under illumination (you're basically wearing a tent).

Comment Re:"Reasoning" (Score 1) 184

This is akin to altering the English alphabet such that quantity and shape of symbols in the alphabet is different before teaching students English

No, it's not. It's akin to having secret numbers (that correlate neither with the spelling or meaning of the word) associated with each word, and the only way you can learn the secret numbers is if e.g. someone says "The secret number for Strawberry is '3'."

There are no other "clues" available to the LLM. It cannot see the property in question (spelling). It is a hidden "magic number" for all effects and purposes.

Comment Re:"Reasoning" (Score 1) 184

as there are daily videos of people doing this exact shit?

Literally go to a non-tiny AI right now and try it. Your pick. Try all the major ones - ChatGPT, Claude, Gemini, Grok, your pick. Then share me a link to the failure case you're claiming you'll get. Don't worry, I'll wait.

(Note: tiny: the "Google Answers" AI is a truly minuscule model, the sort of thing you could run on a cellphone with ample capacity to spare, and is only representative of minuscule models)

how about the guy that put 3 AIs together and told them to count to 100?

Sounds like what you actually have a complaint about is the (non-AI) voice interface they're linked to, because that's what screwed them. That entire premise doesn't work at all if you remove it and just do the test in text. Again: try it yourself.

Comment Re:"Reasoning" (Score 1) 184

generally they fail at the balanced parenthesis problem

LLMs are way better than humans at ensuring that code parentheses are balanced, e.g. when writing code; LLM code is much more likely to compile / run on the first time than human code. There are literal parenthesis-counting circuits that emerge. That they're not perfect at it doesn't make them not be better than us at it. Humans tend to start to lose track after 3-4 levels of parentheses. LLMs have long since significantly outperformed us in nested grammatical tasks, so long as the level of training to the human and AI are at least remotely comparable.

Here is, internally, how models handle counting, despite not being able to see what they look at.

Also, your article is deeply dated, in terms of (A) models, (B) underlying articles, and (C) descriptions of how things work. Strange for something written in 2023; it reads like something written in 2020-2021. Just to give an example of what I mean, let's just grab a few paragraphs from the middle at random:

It operates in three basic stages. First, it takes the sequence of tokens that corresponds to the text so far, and finds an embedding (i.e. an array of numbers) that represents these. Then it operates on this embedding—in a “standard neural net way”, with values “rippling through” successive layers in a network—to produce a new embedding (i.e. a new array of numbers). It then takes the last part of this array and generates from it an array of about 50,000 values that turn into probabilities for different possible next tokens. (And, yes, it so happens that there are about the same number of tokens used as there are common words in English, though only about 3000 of the tokens are whole words, and the rest are fragments.)

A critical point is that every part of this pipeline is implemented by a neural network, whose weights are determined by end-to-end training of the network. In other words, in effect nothing except the overall architecture is “explicitly engineered”; everything is just “learned” from training data.

There are, however, plenty of details in the way the architecture is set up—reflecting all sorts of experience and neural net lore. And—even though this is definitely going into the weeds—I think it’s useful to talk about some of those details, not least to get a sense of just what goes into building something like ChatGPT.

First comes the embedding module. Here’s a schematic Wolfram Language representation for it for GPT-2:

The input is a vector of n tokens (represented as in the previous section by integers from 1 to about 50,000). Each of these tokens is converted (by a single-layer neural net) into an embedding vector (of length 768 for GPT-2 and 12,288 for ChatGPT’s GPT-3). Meanwhile, there’s a “secondary pathway” that takes the sequence of (integer) positions for the tokens, and from these integers creates another embedding vector. And finally the embedding vectors from the token value and the token position are added together—to produce the final sequence of embedding vectors from the embedding module.

Why does one just add the token-value and token-position embedding vectors together? I don’t think there’s any particular science to this. It’s just that various different things have been tried, and this is one that seems to work. And it’s part of the lore of neural nets that—in some sense—so long as the setup one has is “roughly right” it’s usually possible to home in on details just by doing sufficient training, without ever really needing to “understand at an engineering level” quite how the neural net has ended up configuring itself.

Unless this is awkwardly worded, it does not "find an embedding (i.e. an array of numbers) that represents [the input sequence of tokens]". Each token has its own embedding. And they don't need to be "found", they're just a lookup.

Values don't go “rippling through successive layers" in a LLM. The core of a LLM is dozens to hundreds of individual DNNs (feed-forward networks) separated by attention blocks and add+norm. He entirely writes this out of the picture (at this point - later he reinserts them but does so incorrectly), but they are utterly critical to a LLM's ability to function.

"A critical point is that every part of this pipeline is implemented by a neural network" - No, it isn't.

"nothing except the overall architecture is “explicitly engineered”; everything is just “learned” from training data" - No, it isn't. Creating your vocabulary for example is done with an algo like BPE or unigram. Not neural network based.

"Here’s a schematic Wolfram Language representation for it for GPT-2 .... 12,288 for ChatGPT's GPT-3" - I hope you understand how ancient these architectures are by now.

"Meanwhile, there’s a “secondary pathway” that takes the sequence of (integer) positions for the tokens..." - to the point that they don't even have RoPE yet.

"Why does one just add the token-value and token-position embedding vectors together? I don’t think there’s any particular science to this." - Uh, yes, there very much is. This isn't some sort of cargo-cult nonsense, it's a basic property of latent spaces. Information in a latent space (in most latent spaces) is encoded by directionality. You can merge multiple concepts into a latent space or adjust the properties of a given latent by summing them together, thus creating a vector that incorporates both directions.

Anyway, that's enough to show what I think of the quality of your reference, esp. in a modern setting. :P Moving on:

It's related to the clock problem

Multimodal input isn't as advanced as textual input, to be sure, but let's not pretend that the human brain isn't also readily tricked in various kinds of vision problems.

If you ask a neural network to recognize "A" then all As will be tokenized the same way

Sorry, that is, again, not how it works. Tokenization happens before the model ever touches the input. It's literally the first step. It has no say over how it's done. It can't say "tokenize this differently". Even the tokens themselves don't make it to the LLM; they only point to latent positions.

Comment Re:"Reasoning" (Score 2) 184

Actually, no, it doesn't. "S T R A W B E R R Y" can be tokenized e.g. as

"[start]", "S", " ", "T", " ", "R" ....

But more common it may look something like "[start]S ", "T R", " A W", " B ", "E R R", " Y[end]" or whatnot.

And anyway, anyone who's used a (non-tiny) model in the past 2 years or so knows that these sorts of issues aren't really a "thing" anymore. But the key point is that this is a test on an ability to count something that the LLM can't actually see (letters).

Comment Re:"Reasoning" (Score 1) 184

You have it backwards. They see words not tokens or letters.

Sorry, but no. Inputs are tokenized before being fed to the model.

Do you think LLMs don't know how words are spelled due to composition of token dictionaries

Do you think trainers, by habit, put their specific model's token dictionaries into the training data - let alone repeat it often enough in numerous different forms so as to promote memorization?

Slashdot Top Deals

I just need enough to tide me over until I need more. -- Bill Hoest

Working...