8·
1 day agoI have plenty of help! one of the people who actually post here are gonna come help me tell you to fuck yourself! isn’t that fun?
- 68 Posts
- 1.76K Comments
Joined 2 years ago
Cake day: June 25th, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
oh woe is me, never in all my 68 posts have I seen such rudeness
oh no the downvotes
don’t let the door hit you on the way the fuck out
you saw this:
LLMs are good for all sorts of things.
and a bunch of waffle about unrelated ML advancements in robotics, and it confused you into giving me a shit lecture on tech I already know about? why?
k fuck off
just some uwu itsy bitsy critihype for my favorite worthless fashtech ❤️
how about you and your friend and your grandma all go fuck themselves ❤️
19·1 day agofrom the (extensive) footnotes:
Occupy Wallstreet strikes me as another instance of the same kind of popular sneer culture. Occupy Wallstreet had no coherent asks, no worldview that was driving their actions.
it’s so easy to LessWrong: just imagine that your ideological opponents have no worldview and aren’t trying to build anything, sprinkle in some bullshit pseudo-statistics, and you’re there!
as a treat for those who click through and share the pain!
these were all 3-10 comments from the OP for my sort, but I don’t have a bluesky account so not being logged in might influence how I’m seeing the thread
god, the comments got heavily raided by various types of lazy TESCREAL:
- how dare you doom all future generations to dying by pointing out that immortality under capitalism would be a living hell. you monster.
- sure but life extension technology is real and on the horizon isn’t it? and then I can become functionally immortal! (no and shut up)
- somehow, it’s bad optics to point out that rich people chasing immortality is fucking things up for everyone else
and not only did none of these fuckers get the point, they’re also making points that aren’t at all common outside of TESCREAL circles? like, no normal person I know naturally slips into the “but think of the Bayesian children” modality of thought.
is this just how Blue Sky is? I don’t browse it much outside of David’s threads.
they can’t shoot me for being a leftist if I tell them it’s just a prank
Intellectual (Non practicing, Lapsed)
indeed
not saying it’s always the supposed infosec instances, but
literally unreadable
image description
the most ordinary newspaper headline I could find: the San Francisco Chronicle’s front page where the title is “INVASION!” in the biggest font they could justify (pun intended) and the subtitle is “Allies pouring into Northern France!” because it’s a headline about the Nazi killing parts of world war 2 I like and recommend
the fuck is wrong with you
exactly, it’s not a problem that’s unique to the web. I’d argue that as an execution environment, the browser has properties that make it slightly easier to catch this class of attack (though as you said, we’re in halting problem territory so there’s no universal check for this kind of thing):
- there’s browser plugins (for Firefox at least, I don’t care about chrome) that alert you if the JavaScript you’ve been sent has changed and provide some tools to evaluate what specifically changed
- you can examine JS memory in depth with a variety of tools, all of which come with the browser
- you get a running log of network requests
- as our intrepid cypherpunk visitor noted, you can mitmproxy it if you really want to? they seem to think it’ll be too late to do anything by then but like, losing your keys to an SLA doesn’t instantly dissolve you in a vat of acid or anything. they’ve still left forensic evidence of an attack in your browser’s cache and the potential for you to catch it and make a terrible lot of noise about it, and they really didn’t need to — Proton’s security is compromised enough by entirely silent server-side cleartext leaks, metadata logging (they turn it on silently on law enforcement requests; their no-logs policy is a legal no-op), and other evil fuckery
and I do have to emphasize that last bit. I’m not here to praise Proton, I’m here to bury it correctly. if the worst thing you’ve got to say about proton is that an SLA could request a custom JS exploit be sent to your browser, then it’s probably still a perfectly fine service to use if you’re just chatting with your grandma and your drug dealer, depending on your threat model. I’d argue that Proton isn’t suitable for anybody, because the class of attacks they’ve enabled allow for quiet mass surveillance, rather than the motivated (and loud) targeted kind.
and for the users at home playing the drinking game: of course this weird fuck’s been giving dangerously bad advice on privacy lemmy, why wouldn’t he be
I ain’t gonna dig any deeper to find out if privacy Typhoid Mary over here has a uniquely bad gpg setup he loves but if anyone does: that’s another shot
e: also lol @ coming into TechTakes with an account named after the fucking cypherpunks mailing list
How many of their users do you think are sufficiently paranoid?
for fucking Proton of all things? come the fuck off it.
the rest of your post is wrong, but in a really boring way? like, you get that there’s a bunch of ways to catch this shit but want me to do the labor of proving that it’s possible for some reason? no, fuck off, go cosplay as a privacy expert elsewhere.
that’s utterly trivial for a sufficiently paranoid user’s browser to detect, and damning for proton if it is (not to mention, pushing hostile JavaScript doesn’t work for users on the imap bridge or using mobile apps they update via methods that can’t easily be tracked like Obtainium on Android)
the mechanisms proton uses to exfiltrate encrypted data and get their users arrested are far more subtle and deniable than that basic shit. specifically, they’ve been silently overcomplying with law enforcement data requests for years, which has led to documented arrests of activists, and all of their LLM features represent a significant data leak, as all of them are implemented in a way that sends cleartext to proton’s servers while maintaining the illusion that the feature is more secure than it is.
I wouldn’t be at all surprised if they were doing more evil shit than the above, but I would be very surprised if any of it were in the form of JavaScript that the user could, you know, deobfuscate and read
ah right, you only care about vague consolidation in the tech industry, but will take the industry’s word at their self-reported energy usage (while they build massive datacenters and construct or reopen polluting energy sources, all specifically to scale out LLMs) and don’t care about the models being fed massive amounts of plagiarized work at great cost to independent website operators, both of which are mechanisms by which LLMs are being used as a weapon with which to consolidate the tech industry under the rule of a handful of ethically bankrupt billionaires. but it’s ok, Claude Code is a massive improvement over the garbage that came before it — and it’s still a steaming pile of shit! but I’m sure going to bat for this absolute bullshit won’t have any negative consequences at all.
how about you fuck off, bootlicker.
how did they all choose this weekend to find us? it’s like they’re trying to get their bans in before the downtime