Is there a location for the actual order? The linked article doesn't have a link to the order (SHAME Reuters) and the details on the actual order are sparse.
Mozilla is bound to only use the content to help the use navigate, experience and interact with online content as the user has indicated.
> One thing they could do with your financial data is show it to you (least harm).
Yes - this is what the user indicated.
> Another thing is to aggregate it with other's data (medium harm).
And the user has not indicated that this would be a permitted use of the data - thereby revoking the license of the first clause. If the data is used outside of the final clause of the license, that is unlicensed use of data. This would be a material breach of the contract by the corporation. This could open them up to massive legal penalties.
Yeah I was just about to say this -- I used Sametime via Pidgin (I think it may still have been called Gaim back then) on my work Linux machine and it was actually quite nice.
My favourite Sametime feature within Pidgin was, well, tabs (I can't remember if the Windows client had tabs as well..?), which was revolutionary for an IM client in 2005.
But my secret actual favourite feature was the setting which automatically opened an IM window /tab when the other person merely clicked on your name on their side (because the Sametime protocol immediately establishes a socket connection), so you could freak them out by saying hello even before they'd sent their initial message.
I suspect you are a human that also has a bot running on the same account name. If not you are using a tool. If not you are an avid digital archaeologist.
This used to be a thing- I remember my father excitedly configuring a made-to-order laptop from ZipZoomFly[0] back in the day. I think that the market wasn’t kind to them though, the ecosystem about replaceable laptop parts never matured to the point where it was competitive with the proprietary designs, and standards constantly changed because of the form factor’ constraints, so the dream of just replacing a single part never materialized.
Closest thing to that dream now is the framework laptop, which does have replaceable parts.
Resellers of Clevo barebones offer a fair bit of flexibility to spec the system to order. It's not full freedom to mix and match, but still quite flexible. The price is that it is far less sleek, bulkier and heavier than most other laptops.
I don't know that this CVE would be trivial to knock out.
My CVSS score for this is as follows:
CVSSv3.1:AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L (I said "Low" integrity issues, and "Low" availability issues, since I don't know if the DOS issue is real)
That reads out to a "Medium" CVE.
I have, in the past, worked with some banks, and they want all 4+ CVSSv3 CVEs enumerated and either remediated or for a plan to be in place to remediate them.
Maybe you're significantly better than I am at this, but I am hesitant to look at any CVE and say it's not a problem with how I have configured my software. Unless I have really deeply looked into the issue, I get really nervous saying a CVE is not going to affect my software.
I don't think they're criticizing - I think it's observation.
It makes a lot of sense, and we're early-ish to the tech cycle. Reading the Manual/Google/ChatGPT are all just tools in the toolbelt. If you (an expert) is giving this advice, it should become mainstream soon-ish.
I think this is where personal problem solving skills matter. I use ChatGPT to start off a lot of new ideas or projects with unfamiliar tools or libraries I will be using, however the result isn't always good. From here, a good developer will take the information from the A.I tool and look further into current documentation to supplement.
If you can't distinguish bad from good with LLMs, you might as well be throwing crap at the wall hoping it will stick.
>If you can't distinguish bad from good with LLMs, you might as well be throwing crap at the wall hoping it will stick.
This is why I think LLMs are more of a tool for the expert rather than for the novice.
They give more speedup the more experience one has on the subject in question. An experienced dev can usually spot bad advice with little effort, while a junior dev might believe almost any advice due to the lack of experience to question things. The same goes for asking the right questions.
This is where I tell younger people thinking about getting into computer science or development that there is still a huge need for those skills. I think AI is a long way off from taking away problem solving skills. Most of us that have had the (dis)pleasure of needing to repeatedly change and build on our prompts to get close to what we're looking for will be familiar with this. Without the general problem solving skills we've developed, at best we're going to luck out and get just the right solution, but more than likely will at best have a solution that only gets partially towards what we actually need. Solutions will often be inefficient or subtly wrong in ways that still require knowledge in the technology/language being produced by the LLM. I even tell my teenage son that if he really does enjoy coding and wishes to pursue it as a career, that he should go for it. I shouldn't be, but I'm constantly astounded by the number of people that take output from a LLM without checking for validity.
