• 7 Posts
  • 99 Comments
Joined 1 year ago
cake
Cake day: July 19th, 2023

help-circle





  • They don’t need to be interested though. You could conceivably dump all the password you collect in an attack and just start trying them automatically like you would any other breach. Find a bunch of bank accounts and your chances you getting away with millions are high. Not to mention: a breach like this means changing all your saved passwords to re-secure them which is a multi-day affair.



  • I don’t think ZFS can do anything for you if you have bad memory other than help in diagnosing. I’ve had two machines running ZFS where they had memory go bad and every disk in the pool showed data corruption errors for that write and so the data was unrecoverable. Memory was later confirmed to be the problem with a Memtest run.




  • The OOM killer is particularly bad with ZFS since the kernel doesn’t by default (at least on Ubuntu 22.04 and Debian 12 where I use it) see the ZFS as cache and so thinks its out of memory when really ZFS just needs to free up some of its cache, which happens after the OOM killer has already killed my most important VM. So I’m left running swap to avoid the OOM killer going around causing chaos.


  • The problem is if anti-cheat does not have full access but the cheat does, the cheat can just hide itself. Same for anti-virus vs viruses. It’s particularly nasty on free-to-play games where ban evading really just means you have to get a new e-mail. It’s the same reason why some anti-cheats block running games in VMs. Is it fool proof? Hell no! Does it deter anybody not willing to buy hardware to evade VM detection or run the cheat on completely separate hardware? Yes.

    Personally, I’d prefer having a stake/reputation system where one can argue that they can be trusted with weaker anti-cheat because if you do detect cheating then I lose multiplayer/trading/cosmetics on the account I’ve spent $80 USD or more on. Effectively making the cost of cheating $80 minimum for each failed attempt. Haven’t spent $80 yet? Then use the aggressive anti-cheat.



  • I have really mixed feelings about this. My stance is that I don’t you should need permission to train on somebody else’s work since that is far too restrictive on what people can do with the music (or anything else) they paid for. This assumes it was obtained fairly: buying the tracks of iTunes or similar and not torrenting them or dumping the library from a streaming service. Of course, this can change if a song it taken down from stores (you can’t buy it) or the price is so high that a normal person buying a small amount of songs could not afford them (say 50 USD a track). Same goes for non-commercial remixing and distribution. This is why I thinking judging these models and services on output is fairer: as long as you don’t reproduce the work you trained on I think that should be fine. Now this needs some exceptions: producing a summary, parody, heavily-changed version/sample (of these, I think this is the only one that is not protected already despite widespread use in music already).

    So putting this all together: the AIs mentioned seem to have re-produced partial copies of some of their training data, but it required fairly tortured prompts (I think some even provided lyrics in the prompt to get there) to do so since there are protections in place to prevent 1:1 reproductions; in my experience Suno rejects requests that involve artist names and one of the examples puts spaces between the letters of “Mariah”. But the AIs did do it. I’m not sure what to do with this. There have been lawsuits over samples and melodies so this is at least even handed Human vs AI wise. I’ve seen some pretty egregious copies of melodies too outside remixed and bootlegs to so these protections aren’t useless. I don’t know if maybe more work can be done to essentially Content ID AI output first to try and reduce this in the future? That said, if you wanted to just avoid paying for a song there are much easier ways to do it than getting a commercial AI service to make a poor quality replica. The lawsuit has some merit in that the AI produced replicas it shouldn’t have, but much of this wreaks of the kind of overreach that drives people to torrents in the first place.





  • If sellers can prove that they never touch a customers home address they’re less exposed to data breaches which might look good on for insurance companies.

    Honestly, this sounds it something a shipping company could provide. When you go to use Paypal for example, you get redirected to their site, put in your details and they complete the transaction without the seller knowing your financial data. The same could be done with shipping.



  • I wish we had something like temporary/alias e-mail addresses for physical addresses. So you go to ship something, you provide a shipping alias which the shipping company then derives the true address from and ships the item. The moment the true address is revealed, the alias expires and can no longer be used. This way only the shipping company gets to know your real address and that is ideally discarded once the order has been completed. So forward shipping without the extra step.