Could you please elaborate on why measuring the same group somehow eliminates social effects?
If you're aware of the Peter principle, and how inequality compounds over time, then you know that the rate at which social factors change is correlated with their quantile values.
That's what these providers want as well, but from the other side. They want to know that a customer won't be able to eat more than certain number of servings, as they need to pay for each of those servings.
It works out even if some customers are able to eat a lot, because people on average have a certain limit. The limits of computers are much higher.
Triple-key DES (DES-EDE) had already been proposed by IBM in 1979, in response to the criticism that the 56-bit keys of DES are far too short.
So practically immediately after DES was standardized, people realized that NSA had crippled it by limiting the key length to 56 bits, and they started to use workarounds.
Before introducing RC2 and RC4 in 1987, Ronald Rivest had used another method of extending the key length of DES, named DESX, which was cheaper than DES-EDE as it used a single block cipher function invocation. However, like also RC4, DESX was kept as a RSA trade secret, until it was leaked, also like RC4, during the mid nineties.
That is so dangerous, buying grey market replicas of pharmaceuticals.
Unless you have a research lab built out in your house, you have zero way of knowing what it is that you're actually getting. Whether the dosing matches the claimed dose. Whether there are bacterial growth, or other manufacturing chemical left in by bottom-of-the-barrel chinese manufacturer.
I understand your risk profile may be different than others, but when you can get the real thing officially, I'm not sure why anyone would risk this.
I was using web UI last night and it was unable to understand basic aspects of the task. Haven't seen it perform this badly since I began using two years ago.
Was trying to track token usage/index with Cursor, and was unable to understand that running `find` wouldn't show what was in Cursor index. Multiple times.
that is a separate issue indeed, but their comms make it rather obvious they are scrambling to reduce compute and they're just slashing their service selectively - with openclaw and max users being the first in the chopping block
That's not fraud, and it's not sustainable. They aren't going to just keep doing that. It only makes sense if an AI company wants to pay for GPUs with stock, and - more importantly - the GPU company agrees to sell in exchange for stock.
I think it's interesting that they found what seems to be a real bug (should be independantly verified by experts). However I find their story mode, dramatization of how it could have happened to be poorly researched and fully in the realm of fiction. An elbow bumping a switch, the command module astronaut unable to handle the issue with only a faux nod to the fact that a reset would have cleared up the problem and it was part of their training. So it's really just building tension and storytelling to make the whole post more edgy. And yes, this is 100% AI written prose which makes it even more distasteful to me.
I have the 20x plan and use it together with my husband. 4 days in to our weekly usage window and we're only at 54% (and we both use it the entire day)
I have no idea how people are hitting the limits so fast.
Try getting “Enterprise” monitors like Dell UltraSharp or HP EliteDisplay. Not they only come with better feet (height adjustable & pivoting), they are calibrated and have really good panels which you can stare at for hours without fatigue.
We're sorry if you had the impression it wasn't our own product. The second recommendation is "Alcazar Dead Man’s Switch," and the page is titled "Alcazar · Blog." We thought it was clear.
We recommend our own product because we think it's one of the best options out there. We want people to hear about it, while we also share information about our competitors and when one would choose us versus them.
My basic rule is this: Don't use cloud services if you're not big enough to have a dedicated account manager and can get customer service. This means spending like $10k/mo on the big clouds.
I don't use GCP, AWS, etc for these reasons. I had a similar algorithmic flag shutdown a previous startup running on GCP and it destroyed the business.
I do have GMail and GSuite for my current business, but I have everything backed up outside of Google and can switch to a new provider pretty quick by changing my MX records. I could use an alternative but I do like GSuite.
I really like solving the prompt injection credential exfiltration risk by never giving the container real keys in the first place. I wonder how prolific that pattern will become.
That's actually a really good idea. It would be like fanfic except replacing actors instead of writing new plots. Die hard fans of various shows would go banas over it.
With the same logic, you could also justify bombing white house since they're clearly using weapons to destroy civilian infrastructure in other countries, and also murder civilians. That would be classified as a terror act though.
> The agent inside the container runs with bypassPermissions — it can use Bash, write files, do whatever it wants. But "whatever it wants" is constrained by what the OS lets it see. No application-level permission checks needed.
While containers can be useful for reducing privileges, that assumption isn’t safe, remember that the only thing namespaces away is that which supports namespaces and that by themselves, namespaces are not security features.
A super critical part I didn’t see or missed is the importance of changing UID, the last line of [0] will show one reason.
Remember that the container users has elevated privileges unless you the user explicitly drop this privileges.
I applaud the effort at hardening, but containers have mostly been successful because the most popular apps like nginx operate under a traditional cohosting system and take responsibility for privilege dropping.
There are tons of kernel calls, ldpreload tricks etc… that are well known and easily to find with exploration.
Even dropping elevated privileges and setting no new priv, still isn’t a jail.
Without using separate UIDs don’t expect any real separation at all.
>> the government designed it to be employer-agnostic
> The other interpretation of being employer-agnostic is that the H1B isn't tied to a "sponsoring company" and doesn't require any of the transfer shenanigans.
Right, this is what I was talking about.
I think the current system gives H1B employers way too much leverage over H1B employees and degrades the job market for everyone. Employers can tell H1Bs that they have to work evenings and weekends or be fired and leave the country. And then the same employer can turn around and tell US citizen employees that they also have to work evenings and weekends because the H1B employees are doing it. They have less leverage over the citizens because the citizens can get another job more easily, but forcing H1Bs to establish precedent definitely does pressure other employees, and I've seen this happen directly.
> So for it to be employer-agnostic, we need to remove the "dual intention" - the very carrot employers use (if you tough it out through all those JIRA tickets, you'll get to be a citizen!)
I think you could design it without such an obvious loophole, but I agree that there are probably loopholes no matter how you design it.
That said, I'm a bit confused about our disagreement at this point.
I think the H1B system is a net negative for the US economy, and it disproportionately hurts small businesses. I'd be in favor of a revised H1B system that allows companies to fill short-term labor shortages with foreign workers but with limits that prevent companies from abusing the system to depress wages and conditions for US workers, as they currently do with H1B today.
It sounds like your argument is that H1B doesn't matter because the companies using it aren't really innovating and so they'll naturally be outcompeted by smaller businesses who are too small to take advantage of the H1B system. Is that correct?
Also, I'm confused because you're saying you advocate free market solutions and that's why we shouldn't mess with the H1B system. The H1B system is the opposite of a free market solution. It's extra regulation that we'd be better off without.
Can you share more about how this manifested?