For eg., Bug type attack is super effective against Poison type in Gen 1 but not very effective in Gen 2 and onnwards. But Claude keeps bringing Nidoran into Weedle/Caterpie.
A model doesn't need to play on visual simulators, it can very well do that on IRC (like the good old days of RS/GSBots), to show how it fares against humans.
One of the biggest challenge this Claude version faces is to read the visual data accurately. It was stuck in the Viridian forest and Pokemarts for a while because the overworld objects like trees and paths kept confusing it.
> You have now excluded amazing engineers who suck at talking about themselves in interviews. They may be great collaborators and communicators, but freeze up selling themselves in an interview.
This was the norm until perhaps for about the last 10-15 years of Software Engineering.
10 years ago Reddit used to be a place where you would get informed opinions and less spam. 5 years ago, HN used to be a place where you would get informed opinions and less spam. Neither of them will go back to the same level of quality. Not anymore.
This has been said by every long term user of these sites. And not at the same time. It was always better in the past. It's probably partly true... yeah, quality can decrease as things get better. But it's also partly an illusion of aging in a changing world. Ten years is long enough to completely change the way we write and express ourselves.
Luckily I am not a LLM and can read and select things rather fast without processing the crap. Both HN and some subreddits still are fine for quality if you know the users and their reputations; just skip the rest. Worse than 10 years ago, still a lot better than mostly anywhere else.
you need to expend resources (e.g. "proof of work") to post, to drive away low effort spam. https://stacker.news/ is an interesting experiment in that regard.
I've worked with teams from Bangalore who were staff of the bank I was contracting for -- they were amazing, but also not appreciably (if at all) cheaper than employing someone in London or New York.
Several well-known banks had large offices, and competition for talent was high. No race for the bottom there.
It doesn't particularly matter where you employ people, if you're trying to save costs by paying people less then you're going to have a bad time.
Good engineers will accept lower payment if their costs are lower. Similar to how amazon is operating, by lowering costs, minimizing margin, they can win over customers and win the market.
Conversely, if there is a shortage of known-to-be-qualified engineers then anyone who is any good will command a high salary regardless of their cost of living.
If you want to pay them lower wages, they'll work for someone else instead.
Same here. The reality is that what company chooses to pay is the minimal amount they can get a candidate to accept for that location.
If the candidate had other better offers, then they can either reject the offer or propose a higher counter-offer. If the company received a counter-offer and chose to accept it, then this amount becomes the new minimal amount.
Over a period of time, if there are enough counter-offers (or rejections), this continues to increase. Since, the two (or however many) locations don't necessarily have the same demand or supply, it's inevitable that some location will end up with much higher compensation than others. It's the nature of free market and why some companies engage/d in hiring collusion (see https://en.wikipedia.org/wiki/High-Tech_Employee_Antitrust_L...)
It could be burned into the CPU die by blowing fuses, or stored in a tiny bit of on-die flash, or stored encrypted in SPI flash, encrypted with a factory secret key burned into the CPU at manufacture.
But more generally, you don’t need a long term key to prevent sniffing attacks like this; Diffie-Hellman is a thing. Doing an unauthenticated DH would make this attack harder and slower (active MitM probably requires removing the TPM chip from
the board) but would not prevent it.
Maybe it would be more practical MITMing near the CPU. Some plastic "extender" routing the relevant pins through an external device but still allowing for cooling?
But could the communication be authenticated? Like in CPU having a public cert, self signed. TPM then can authenticate the CPU that generates the key and later sends it only over an authenticated TLS session to the same CPU.
There is nothing that is safe against physical attacks practically. You can always find a point where you can do a MITM attack as the communication channels between the TPM and anything else is almost always insecure.
>There is nothing that is safe against physical attacks practically.
This! If security is your prime directive in your line of work(government, highly sensitive data, etc), then as long as your device has been outside your physical possession and in the hands of an untrusted third party, then it's automatically considered compromised and gets wiped or discarded by your IT department.
Because no amount of marketing security fluff from Microsoft, Apple, Google can stand against targeted attacks of state actors or knowledgeable motivated well funded actors with freshly acquired zero days.
The security they provide is only good enough against the average thief off the street, which I guess covers 98% of Average Joe's threats.
Even CC security certifications never judge a device whether it's hackable or not, but only on how long it takes for it to be hacked by an accredited lab, because nothing with outside physical access is ever unbackable. With enough time and six figure equipment off the publicly available commercial market, everything reveals its secrets eventually. And that's without zero days off the black market.
> only good enough against the average thief off the street,
Even there, only Apple has effective protection against street-thieves. Nearly all other models of phones/laptops can have their anti-theft features reset by a guy in a dark alley with a flash programmer...
So far, most thieves aren't interested in your info, they just want to reset the hardware and give it a new serial number.
Most other makes of phones and laptops aren't as valuable as Apple's to be big targets of theft. And Samsung has KNOX and Pixels have Google's Titan security.
Also, physical security is sometimes the best thing because it maps well to all of our human intuitions and senses for enforcing it and detecting when it was violated.
Consider how different a wireless hacking attack is from one where somebody has to sneak up and stab your device with an RJ-45 plug.
I use to work in Microsoft DRM. I used to say: the key is on the machine! This is like leaving your house key under a rock in the garden. It just puts up a barrier of a certain level which puts off most villains.
Sure, but there are many shades of gray. Directly leaking the entire key on an external bus is very different than needing to find and somehow bond to individual traces (likely below the top metal layer) on the die itself.
Only a sith deals in absolutes (jk). Even with physical access, you can define restrictions that introduce some level of difficulty for a threat actor with limited capability. For example, you can just kick in most house doors to get past locks, but people still lock their doors. Cars are a better example, most car theft happens when people leave their doors unlocked.
