There's only a couple of cases where this can go wrong. Either the contents of what is being sent out could be wrong, or the hardware itself could be tampered with to extract extra information on another optical or radio channel. Both of these require extensive software tampering. In the simple case where you trust the software on both sides, and the hardware, this can be practically as good as it gets (with the requirement that the inside be monitored automatically somehow).
both of these require the isolated machine to be heavily compromised to begin with.
there are a lot of such extremely hypothetical attacks no one should take seriously. you might as well worry about sensitive data being exfiltrated from your unshielded optical nerve,
Eavesdropping on stray RF signals is not so theoretical though. It's been done by NSA and no doubt others. We also need to worry about hardware supply chains including random compromised stuff that "accidentally" leaks or exposes backdoors.
If I gave away a PC with perfect RF isolation and a rock solid supply chain it wouldn’t improve most user’s overall security because their operational security is so poor. There is no need for any organization to snoop your RF when you’re leaking everything they care about in your metadata.
In many industrial applications, the concern is mostly control of the isolated side, like because that could physically destroy stuff. Exfiltration is a smaller or nonexistent concern, since you're already sending most data out deliberately.
So there's still an attack surface, but it's a lot smaller. Any side channel exploit would need to work (at least in some initial form) without changes to the software on the isolated side, since you otherwise can't bootstrap your way to installing it.
> Germany is increasingly authoritarian in order to keep heterodox parties out
... and those parties would be even more authoritarian if they got in. Which they might in part because of the reaction. It's possible to get fucked from both ends...
Not to mention the number of random individuals, with enough access, who might want to sabotage them in those circumstances. And fuck knows what the Trump administration decides to bomb. And the general fog of war. And how delicate everything is.
I read several subreddits and see nearly no images, nearly no rage bait (probably less than on Hacker News, in fact), and exactly no porn. My daily Reddit experience is so close to Hacker News that I've been known to forget which one I'm on.
Reddit still has the capacity to show you what you're actually looking for. It still lets you find content by interest, rather than by personalities. It still keeps replies together, still lets you order by time easily, and doesn't stick too much random crap in the middle (none if you use a decent ad blocker). It handles long form content well and doesn't try to force everything to be a sound bite that you have to click on to see more. It's still convenient to use it that way, and most users probably do use it that way.
Compare to, say, Youtube, which fight you ever step of the way if you try not to be drowned in a disordered flood of some combination of what a computer guesses you might want and what it's most profitable for the site for you to see (including what will keep you on the site), with your only control being which "influencers" you uprank by "subscribing" to them.
> Reddit still has the capacity to show you what you're actually looking for.
Reddit has the capacity to manipulate minors and groom them into believing all kind of sick "fictions", endorsed by the admins. It should absolutely be banned for minors.
Yes, "Open Source" is newer than "Free Software". The phrases was deliberately coined, yes in the 1990s, to cover different (and mostly broader) ground... because there was a desire for a clear distinction between them. Which there still is.
Well, OSI didn’t coin “open source”. Factually, the term existed before OSI started using it. People have shared examples of isolated usage before then. However, they definitely brought it, and the modern definition, into common usage.
Like, if people had collectively used the term 23 times through 1996, then 837,000 times in 1997 or whenever OSI popularized it, I’m fully onboard with saying it’s their term.
The OSD came out within months of the phrase "open source" first being used, and the phrase was coined as part of the same process of discussion that produced the OSD. It's not a natural phrase and does not have an obvious "simple and plain meaning". It's a term of art.
Um, no. Copyright puts specific restrictions on what you can do with work. Those restrictions are described by certain words. The question is whether the existing restrictions cover training AI. That's a matter of interpretation, but once an interpretation is accepted, it is understood as what copyright always meant.
Training AI is probably not a copyright violation because it never was one to begin with.
The comments of the (German) judge in this case seem to indicate the judge doesn't understand why any of the defendants even thought training AI wasn't a violation (at least not when taken to the point it can exactly reproduce and create derivative works to existing works. Maybe that's why OpenAI is trying to make that harder now. Still trivial to make it violate that rule though).
Note that OpenAI has now testified that they indeed used copyrighted works to train their models. The outcome of the case is that both training AI models using copyrighted work and providing AI model outputs that are derivative of some copyrighted work are copyright violations, and would mean model owners have to respect licenses (ie. compensating the authors)
The case can still be appealed, so it is not final. On the other hand, if I'm reading WTO copyright treaty rules correctly, this ruling applies in the US.
Seems to me this can still easily go the way the authors want it to in the US. And in theory, it doesn't even have to, OpenAI lost. Yes, it can be fought on appeal, but I've always heard that winning an appeal after losing a case is 10x harder than winning that case in the first place. And we'll know in early January if OpenAI fights it at all, so it's not like they have a lot of time left.
Processing a micropayment takes more resources than serving a simple Web page, even if the payment fails. You would have to put in similar filters, or you would get DoSed using the micropayment service.
The incentive to send http requests is that data comes back. That's why the storm of scrapers hurts website owners. They gather the data and give nothing back.
What would be the incentive to send failing payment requests?
To break the site. But you're right that a lot fewer people will probably want to break it than to scrape it, and that stuff like CAPTCHAs is usually more about the "scraping" case. So basically a mistake on my part.
Additionally, I have read up a bit more on the Lightning Network now, and it seems not possible to send invalid payments in the first place.
The sender does not have a direct communication channel with the receiver. They send the payment to a hop they are connected to (they have a channel with) and it gets routed to the receiver. The first hop would already drop an invalid payment. If they spam them with more invalid payments, all that would happen is that their connection to the Lightning Network would get lost as their channel partners would disconnect from them. The receiver would not receive a single network packet in the whole process.
reply