Pop Culture Pulsar: Origin Story of Joy Division’s Unknown Pleasures Album Cover
Great dig into the CP1919 pulsar signal plot that was used for “Unknown Pleasures”:
This plotting of sequences like this, it started just a little bit earlier when we were looking at potentially drifting subpulses within the major pulse itself. So, the thought was, well, is there something like this peak here, which on the next pulse moves over here, and then moves over here, and over there. Actually, would be moving this way in that case – either way. I think Frank Drake and I published a paper in Science Magazine on exactly that issue – suggesting there might be drifting subpulses within the major pulse, which would then get back to the physics of what was causing the emission in the first place. So, then the thought was, well let’s plot out a whole array of pulses, and see if we can see particular patterns in there. So that’s why, this one was the first I did – CP1919 – and you can pick out patterns in there if you really work at it. But I think the answer is, there weren’t any that were real obvious anyway. I don’t really recall, but my bet is that the first one of these that I did, I didn’t bother to block out the stuff, and I found that it was just too confusing. So then, I wrote the program so that I would block out when a hill here was high enough, then the stuff behind it would stay hidden. And it was pretty easy to do from a computer perspective.
(tags: design joy-division music science physics pulsars astronomy cp1919 dataviz)
moyix/gpt-wpre: Whole-Program Reverse Engineering with GPT-3
This is a little toy prototype of a tool that attempts to summarize a whole binary using GPT-3 (specifically the text-davinci-003 model), based on decompiled code provided by Ghidra. However, today’s language models can only fit a small amount of text into their context window at once (4096 tokens for text-davinci-003, a couple hundred lines of code at most) — most programs (and even some functions) are too big to fit all at once. GPT-WPRE attempts to work around this by recursively creating natural language summaries of a function’s dependencies and then providing those as context for the function itself. It’s pretty neat when it works! I have tested it on exactly one program, so YMMV.
(tags: gpt-3 reverse-engineering ghidra decompilation reversing llm)
Justin Mason's Weblog Posts
-
Jesus — the legality of the poorly-policed Common Crawl training data is WAY worse than I thought, check this out:
When Lapine used it to scan the LAION database, she found an image of her own face. She was able to trace this image back to photographs taken by a doctor when she was undergoing treatment for a rare genetic condition. The photographs were taken as part of her clinical documentation, and she signed documents that restricted their use to her medical file alone. The doctor involved died in 2018. Somehow, these private medical images ended up online, then in Common Crawl’s archive and LAION’s dataset.
Surely this is a straight-up violation of patient confidentiality laws?! This is appalling. LAION’s FAQs are useless regarding this; as Lapine isn’t in the EU, they can’t even use GDPR to request its removal, and even if they were, these medical images don’t contain enough data to qualify under LAION’s rules.(tags: ai ml fair-use copyright common-crawl training laion photos medical-data hipaa)
Vintage Sunglasses and Vintage Eyewear from Klasik.Org
it’s coming up to new specs time… some amazing Michael Caine style here
The Yvan Collection – Curry & Paxton
More retro specs action
(tags: retro vintage specs tvan curry-and-paxton michael-caine glasses shopping)
Cat6a FTP Tool-Less Keystone Module
For future use — CAT6A cable endpoints which don’t require tricky crimping: “no crimp tool required at all, very much worth the extra cost, and they clip into the wall sockets or a patch panel … you can do them with your fingers and a flush snips to get rid of the ends after you push the wires in” says Adam C on ITC Slack, at https://irishtechcommunity.slack.com/archives/C11BG27L2/p1678841261913069
Infra-Red, In Situ (IRIS) Inspection of Silicon
Cool:
This post introduces a technique I call “Infra-Red, In Situ” (IRIS) inspection. It is founded on two insights: first, that silicon is transparent to infra-red light; second, that a digital camera can be modified to “see” in infra-red, thus effectively “seeing through” silicon chips. We can use these insights to inspect an increasingly popular family of chip packages known as Wafer Level Chip Scale Packages (WLCSPs) by shining infrared light through the back side of the package and detecting reflections from the lowest layers of metal using a digital camera. This technique works even after the chip has been assembled into a finished product. However, the resolution of the imaging method is limited to micron-scale features.
(tags: electronics hardware reversing bunnie-huang infrared x-ray-vision silicon)
1 in 35 Long COVID sufferers died within a year
This is a really shocking figure — via Daniel Griffin MD: 1 in 35 people with PASC dead before a year passed, if they survived that first 30 days. Given that current estimates are that 65 million people worldwide now have long COVID, that’s going to be quite an impact
(tags: covid-19 mortality grim long-covid via:daniel-griffin)
The privacy loophole in your doorbell
Here’s why you never install internet-connected cameras inside your house: ‘Police were investigating his neighbor. A judge gave officers access to all his security-camera footage, including inside his home.’
(tags: amazon police privacy surveillance dystopia us-politics)
Seabirds are not at risk from offshore wind turbines
At least according to this survey by Swedish power giant Vattenfall:
The movements of herring gulls, gannets, kittiwakes, and great black-backed gulls were studied in detail from April to October, when bird activity is at its height. (This study only looked at four bird species, but Vattenfall says the model can and should be applied to more types of seabirds and to onshore wind farms as well.) The study’s findings: Not a single collision between a bird and a rotor blade was recorded.
(tags: seabirds birds safety wind-turbines offshore-wind renewables wildlife)
Metformin, a new drug to prevent long covid
‘Over a thousand people with mild-to-moderate Covid were randomly assigned to 2 weeks of metformin (500 mg pills, 1 on day 1, twice a day for 4 days, then 500 mg in AM and 1000 mg in PM for 9 days) or placebo. There was a 42% reduction of subsequent Long Covid as you can see by the event curve below, which corresponds to an absolute decrease of 4.3%, from 10.6% reduced to 6.3%.’ Still no use for _treating_ long COVID though.
(tags: covid-19 long-covid metformin drugs papers)
WhatsApp screenshots of Boris Johnson’s innumeracy
we are so lucky in Ireland that we didn’t have to suffer this kind of idiocy driving our COVID response. Jaw-dropping levels of blustering ignorance and innumeracy
(tags: boris-johnson fail covid-19 uk uk-politics whatsapp)
-
“A programmable badge with fast updating E-Ink® display and wireless connectivity, powered by Raspberry Pi Pico W.” Lots of possibilities for these, and only EUR25!
(tags: raspberry-pi gadgets toget pico e-ink hardware hacking)
-
This is actually really effective; the past 3 years of product recommendations from r/BuyItForLife, queryable using ChatGPT (via valen)
(tags: via:valen ai recommendations search products reviews)
Hundreds of residents vent anger over ‘entirely pointless’ hydrogen heating trial
Greenwashing grey hydrogen as a “renewable” means of keeping home gas heating alive is not going well in Whitby:
Influential energy analyst Michael Liebreich and University of Cambridge mechanical engineering professor David Cebon drew attention to the now-37 independent studies showing that hydrogen boilers would require about five times more renewable energy than heat pumps — likely making them significantly more expensive to run. “This trial is entirely pointless in terms of proving whether hydrogen is the most cost-effective way of decarbonising homes,” Liebreich told the audience. “Every single systems analysis from every single expert who is not paid for by the gas industry or the heating industry has concluded that hydrogen plays little or no role. “The thing that it’s intended to do, though, is maintain the debate and discussion and the delay [of decarbonisation]. If you’re running a gas network organisation, as our next speaker [Cadent head of strategy, Angela Needle] does, what you really want is to continue to harvest profits off that. If you invest today in a gas distribution network, you get to charge 6% per year for 45 years on that investment and that’s until 2068.”
(tags: hydrogen h2 grey-hydrogen greenwashing gas natural-gas heating homes decarbonisation)
-
This is a decent product — “Nokia has announced one of the first budget Android smartphones designed to be repaired at home allowing users to swap out the battery in under five minutes, in partnership with iFixit.” I’ve been planning to buy a more repairable phone for my next iteration, so it’s either this or a Fairphone.
(tags: android hardware nokia phones right-to-repair repair ifixit)
copyright-respecting AI model training
Alex J Champandard is thinking about how AI model training can be done in a copyright-respecting and legal fashion:
With the criticism of web-scale datasets, it’s legitimate to ask the question: “What models are trained with best-in-class Copyright practices?” Answer: StyleGAN and FFHQ github.com/NVlabs/ffhq-dataset 100% transparent dataset, clear copyright, opt-in licensing, model respects terms.
(tags: copyright legal rights ip ai ml models training stylegan ffhq flickr)
The tech tycoon martyrdom charade
Anil Dash:
It’s impossible to overstate the degree to which many big tech CEOs and venture capitalists are being radicalized by living within their own cultural and social bubble. Their level of paranoia and contrived self-victimization is off the charts, and is getting worse now that they increasingly only consume media that they have funded, created by their own acolytes. In a way, it’s sort of like a “VC Qanon”, and it colors almost everything that some of the most powerful people in the tech industry see and do — and not just in their companies or work, but in culture, politics and society overall. We’re already seeing more and more irrational, extremist decision-making that can only be understood through this lens, because on its own their choices seem increasingly unfathomable.
(tags: vc tech anil-dash radicalization politics us-politics)
-
Interesting smart home component for Home Assistant —
This custom component will add crucial features to your climate-controlling TRV (Thermostatic Radiator Valves) to save you the work of creating automations to make it smart. It combines a room-temperature sensor, window/door sensors, weather forecasts, or an ambient temperature probe to decide when it should call for heat and automatically calibrate your TRVs to fix the imprecise measurements taken in the radiator’s vicinity.
So basically if you have smart TRVs and a room temperature sensor, you can drive that as a pair.(tags: thermostat smart-home home-assistant heating trvs)
-
“ENA Express is a networking feature that uses the AWS Scalable Reliable Datagram (SRD) protocol to improve network performance in two key ways: higher single flow bandwidth and lower tail latency for network traffic between EC2 instances. SRD is a proprietary protocol that delivers these improvements through advanced congestion control, multi-pathing, and packet reordering directly from the Nitro card.” Right now this supports only intra-EC2 networking between instances running on the latest generation of instance types.
(tags: srd networking protocols ip ena-express aws amazon multi-pathing congestion-control nitro)
Eric Schmidt Is Building the Perfect AI War-Fighting Machine
Do you want Skynet? because that’s how you get Skynet
(tags: ai war us-politics eric-schmidt silicon-valley military weapons)
a COVID-aware activity tracker
Interesting thought experiment regarding chronic disease, long COVID, ME/CFS etc: ‘what might be in a convalescence mode, or a rest mode? And while I’m thinking of that, there’s a separate need, I think (hey! validate through research!) for, I don’t know, a chronic illness mode, because convalescence and rest are different things with different qualities distinct from the requirements and needs of people with long-term chronic illnesses. Some people who responded to my thinking-out-loud thread shared that you can use sleep tracking as a way to inform the spoons-for-the-day.’
(tags: apple fitness accessibility convalescence chronic-disease activity-tracking long-covid me)
A New Drug Switched Off My Appetite. What’s Left? | WIRED
How long is it before there’s an injection for your appetites, your vices? Maybe they’re not as visible as mine. Would you self-administer a weekly anti-avarice shot? Can Big Pharma cure your sloth, lust, wrath, envy, pride? Is this how humanity fixes climate change—by injecting harmony, instead of hoping for it at Davos?
Silicon Valley tech companies are the real paperclip maximizers
Another good Ted Chiang article —
Elon Musk spoke to the National Governors Association and told them that “AI is a fundamental risk to the existence of human civilization.” […] This scenario sounds absurd to most people, yet there are a surprising number of technologists who think it illustrates a real danger. Why? Perhaps it’s because they’re already accustomed to entities that operate this way: Silicon Valley tech companies. Consider: Who pursues their goals with monomaniacal focus, oblivious to the possibility of negative consequences? Who adopts a scorched-earth approach to increasing market share? This hypothetical strawberry-picking AI does what every tech startup wishes it could do — grows at an exponential rate and destroys its competitors until it’s achieved an absolute monopoly. The idea of superintelligence is such a poorly defined notion that one could envision it taking almost any form with equal justification: a benevolent genie that solves all the world’s problems, or a mathematician that spends all its time proving theorems so abstract that humans can’t even understand them. But when Silicon Valley tries to imagine superintelligence, what it comes up with is no-holds-barred capitalism.
(tags: superintelligence ted-chiang silicon-valley capitalism ai future civilization paperclip-maximisers)
-
The origins of computing, via Jacquard, Byron, Lovelace and Babbage — great thread from James Kelleher. lovely prints, too
(tags: prints lace lacemaking computing history jacquard byron babbage ada-lovelace punch-cards)
Where To Bring Visitors For Irish Food In Dublin
Decent list of Dublin eateries —
As a nation we’re still more well known for our imbibements than culinary prowess, but there’s no question that’s changing, and we feel it’s our patriotic duty to show visitors just how incredible the food in Dublin is. Consider this list as your go-to guide next time you want to show that Dublin is a whole lot more than fish & chips, full Irish breakfasts and spice bags (no disrespect to any of these fine dishes).
(tags: food dublin tourism restaurants irish)
_Building Machine Learning Models Like Open-Source Software_
ACM Viewpoint from Colin Raffel:
‘This Viewpoint advocates for tools and research advances that will allow pre-trained [machine learning] models to be built in the same way that we build open source software. Specifically, models should be developed by a large community of stakeholders that continually updates and improves them. Realizing this goal will require porting many ideas from open source software development to the building and training of pre-trained models, which motivates many new research problems and connections to existing fields.’
(tags: training machine-learning ml ai acm open-source)
-
‘Python wrapper for the Mastodon ( https://github.com/mastodon/mastodon/ ) API’ — looks nice and simple
-
Interesting thread on the current state of low-cost/low-power server hardware; I didn’t realise thin client boxes were so viable for this use case, these days. (I’ve just replaced my current home server with an ODROID HC4, and I’m absolutely delighted with it, though…)
-
GoMo, the Irish mobile phone operator, is offering roaming eSIMs with 10GB of data roaming in the US for EUR19.99 per month
Study of 500,000 Medical Records Links Viruses to Alzheimer’s Again And Again
While not demonstrating a causal link, the correlations are pretty striking — good argument for greatly increasing vaccination rates for many viral diseases.
Around 80 percent of the viruses implicated in brain diseases were considered ‘neurotrophic’, which means they could cross the blood-brain barrier. “Strikingly, vaccines are currently available for some of these viruses, including influenza, shingles (varicella-zoster), and pneumonia,” the researchers write. “Although vaccines do not prevent all cases of illness, they are known to dramatically reduce hospitalization rates. This evidence suggests that vaccination may mitigate some risk of developing neurodegenerative disease.” The impact of viral infections on the brain persisted for up to 15 years in some cases. And there were no instances where exposure to viruses was protective.
(tags: viruses health medicine vaccines vaccination alzheimers parkinsons diseases)
-
‘DynamoDB Shell (ddbsh) is an interactive CLI for Amazon DynamoDB’, emulating an SQL-like command syntax, from AWS Labs
I Work for CNET’s Parent Company. Its AI-Generated Articles Disgust Me.
A human freelancer might have a typo here or there, or maybe a misconception about APR versus APY. But an article by an AI can be total, authoritative-sounding gibberish. The poor editor in charge of fact-checking whatever the Machine produces isn’t looking for a needle in a haystack; they’re faced with a stack of needles, many of which look remarkably like hay.
(tags: ai chatgpt red-ventures cnet journalism churnalism future grim)
CNET’s AI Journalist Appears to Have Committed Extensive Plagiarism
CNET used an AI to generate automated content for their site, and are definitely in the “finding out” stage from the looks of things:
All told, a pattern quickly emerges. Essentially, CNET’s AI seems to approach a topic by examining similar articles that have already been published and ripping sentences out of them. As it goes, it makes adjustments — sometimes minor, sometimes major — to the original sentence’s syntax, word choice, and structure. Sometimes it mashes two sentences together, or breaks one apart, or assembles chunks into new Frankensentences. Then it seems to repeat the process until it’s cooked up an entire article. […] The question of exactly how CNET’s disastrous AI was trained may end up taking center stage as the drama continues to unfold. At a CNET company meeting late last week […] the outlet’s executive vice president of content and audience refused to tell staff — many of them acclaimed tech journalists who have written extensively about the rise of machine learning — what data had been used to train the AI. The legality of using data to train an AI without the consent of the people who created that data is currently being tested by several lawsuits against the makers of prominent image generators, and could become a flashpoint in the commercialization of the tech.
(tags: ai cnet content seo spam llms plagiarism training-data)
-
A Python module to abstract usage of several different types of EPD (electronic paper displays), including Inky and Waveshare hardware.
(tags: epd inky waveshare e-paper displays hardware python linux)
-
“a picture frame to show you random AI art every day” — nice little epd/pi hack
EC2 instance network error metrics
looks like Amazon are now exposing a bunch of error metrics for their EC2 instance network drivers in Linux
The bivalent vaccine booster outperforms
Solid data now up for the bivalent BA.5 SARS-CoV-2 vaccine, says Eric Topol: “we now have extensive data that is quite encouraging — better and broader than expected — that I’m going to briefly review here”
(tags: sars-cov-2 covid-19 vaccines eric-topol medicine health)
Long COVID: major findings, mechanisms and recommendations
Current state of research into Long COVID, courtesy of Nature Reviews Microbiology.
Long COVID is an often debilitating illness that occurs in at least 10% of severe acute respiratory syndrome coronavirus 2 (SARS-CoV-2) infections. More than 200 symptoms have been identified with impacts on multiple organ systems. At least 65 million individuals worldwide are estimated to have long COVID, with cases increasing daily. Biomedical research has made substantial progress in identifying various pathophysiological changes and risk factors and in characterizing the illness; further, similarities with other viral-onset illnesses such as myalgic encephalomyelitis/chronic fatigue syndrome and postural orthostatic tachycardia syndrome have laid the groundwork for research in the field. In this Review, we explore the current literature and highlight key findings, the overlap with other conditions, the variable onset of symptoms, long COVID in children and the impact of vaccinations. Although these key findings are critical to understanding long COVID, current diagnostic and treatment options are insufficient, and clinical trials must be prioritized that address leading hypotheses.
(tags: long-covid covid-19 health medicine reviews nature papers)
This app will self-destruct: How Belarusian hackers created an alternative Telegram
Great idea:
When a 25-year-old activist from Minsk who goes by Pavlo was detained by Belarusian KGB security forces last summer, he knew they would search his phone, looking for evidence of his involvement in anti-government protests. The police officer asked for Pavlo’s password to Telegram, the most popular messenger app among Belarusian activists, which he gave him. The officer entered it and… found nothing. All secret chats and news channels had disappeared, and after a few minutes of questioning Pavlo was released. Pavlo’s secret? A secure version of Telegram, developed by a hacktivist group from Belarus called the Cyber Partisans. Partisan Telegram, or P-Telegram, automatically deletes pre-selected chats when someone enters the so-called SOS password.
… after entering a fake [SOS] password, P-Telegram can automatically log out of the account, delete selected chats and channels, and even send a notification about the arrest of the account owners to their friends or families. P-Telegram also allows other activists to remotely activate the SOS password on the detainee’s phone. For this, they need to send a code word to any of the shared Telegram chats. Another feature on P-Telegram automatically takes photos of law enforcement officers on the front camera when they enter a fake password. “We warn users that this can be dangerous, as this photo will be stored on the phone, revealing that a person may use Partisan Telegram,” Shemetovets said. Cyber Partisans are constantly updating their app, fixing bugs, and adding new features. They also regularly conduct independent audits to ensure that P-Telegram complies with all security measures. A recent audit by Open Technology Fund’s Red Team Lab proved that it is almost impossible for “casual observers without technical knowledge and specialized equipment” to identify the existence of P-Telegram on a device.
(tags: p-telegram hacktivism security telegram messaging privacy activism duress-passwords)
-
“Command line tool for inspecting Parquet files”, replacement for parquet-tools, written in Rust. Now do Orc!
-
For once, an honest architecture diagram (featuring “VPN of sadness”, “cool databases” vs “real database”, “blame radius” and the “one tiny cron job that keeps everything from falling apart”)
(tags: architecture cloud comics containers event-bus funny databases)
A healthcare algorithm started cutting care, and no one knew why
This is an absurd hellscape:
Legal Aid filed a federal lawsuit in 2016, arguing that the state had instituted a new [healthcare] policy without properly notifying the people affected about the change. There was also no way to effectively challenge the system, as they couldn’t understand what information factored into the changes, De Liban argued. No one seemed able to answer basic questions about the process. “The nurses said, ‘It’s not me; it’s the computer,’” De Liban says. When they dug into the system, they discovered more about how it works. Out of the lengthy list of items that assessors asked about, only about 60 factored into the home care algorithm. The algorithm scores the answers to those questions, and then sorts people into categories through a flowchart-like system. It turned out that a small number of variables could matter enormously: for some people, a difference between a score of a three instead of a four on any of a handful of items meant a cut of dozens of care hours a month. (Fries didn’t say this was wrong, but said, when dealing with these systems, “there are always people at the margin who are going to be problematic.”) […] From the state’s perspective, the most embarrassing moment in the dispute happened during questioning in court. Fries was called in to answer questions about the algorithm and patiently explained to De Liban how the system works. After some back-and-forth, De Liban offered a suggestion: “Would you be able to take somebody’s assessment report and then sort them into a category?” […] Fries said he could, although it would take a little time. He looked over the numbers for Ethel Jacobs. After a break, a lawyer for the state came back and sheepishly admitted to the court: there was a mistake. Somehow, the wrong calculation was being used. They said they would restore Jacobs’ hours. “Of course we’re gratified that DHS has reported the error and certainly happy that it’s been found, but that almost proves the point of the case,” De Liban said in court. “There’s this immensely complex system around which no standards have been published, so that no one in their agency caught it until we initiated federal litigation and spent hundreds of hours and thousands of dollars to get here today. That’s the problem.”
(tags: algorithms government health healthcare automation grim-meathook-future future)
-
3D printed case — and some ZFS build instructions! — for the ODROID-HC4 single board computer
(tags: odroid cases hardware 3d-printing)
Async-profiler manual by use cases
Amazing collection of Java async-profiler commands and examples, each one representing a specific common (or not-so-common) use case we are liable to run into with production services: includes continuous profiling, wall-clock vs CPU, allocations, locks, cache misses, page faults, and thread-startup overhead
(tags: async-profiler java jvm profiling tracing performance tuning)
Turning Google smart speakers into wiretaps for $100k
This is some very impressive work on reverse engineering a fairly advanced IoT device (the Google Home Mini), discovering and exploiting its security holes.
I was recently rewarded a total of $107,500 by Google for responsibly disclosing security issues in the Google Home smart speaker that allowed an attacker within wireless proximity to install a “backdoor” account on the device, enabling them to send commands to it remotely over the Internet, access its microphone feed, and make arbitrary HTTP requests within the victim’s LAN (which could potentially expose the Wi-Fi password or provide the attacker direct access to the victim’s other devices). These issues have since been fixed.
(tags: security google wiretapping exploits hacking iot reverse-engineering)
-
This was an open question from earlier in the pandemic — does vaccination reduce transmission and infectiousness: ‘In our main analysis, we found that any COVID-19 vaccine reduced infectiousness by 22% (6–36%) and prior infection reduced infectiousness by 23% (3–39%). Hybrid immunity reduced infectiousness by 40% (20–55%).’
(tags: immunity covid-19 infection transmission hybrid-immunity papers)
-
lhl likes Caddy:
Caddy https://caddyserver.com/ came up in conversation earlier today. It’s been my favorite reverse proxy/web server for the past few years because of how simple it is to setup and for it’s automagic LetsEncrypt setup. (This post is actually being pushed through Caddy on my fediverse server, and was basically the easiest part of the setup). For those interested, it performs pretty competitively with nginx: https://blog.tjll.net/reverse-proxy-hot-dog-eating-contest-caddy-vs-nginx/ but IMO the main selling point (why I first installed it) was the automagic HTTPS setup: https://caddyserver.com/docs/automatic-https
(tags: caddy reverse-proxies ops http https lets-encrypt servers)
-
A gateway bot from Twitter to Mastodon —
One of the things I would miss here on Mastodon was all of the alerts from my local infrastructure and government twitter accounts. These will likely take a very long time to make the migration. With https://bird.makeup, you can create bot accounts that put those tweets in your Mastodon timeline.
Going Phishless: How Panther Deployed WebAuthN with Okta & YubiKeys
‘In this blog, we will cover how Panther deployed phishless FIDO2 (WebAuthn) security keys, including details on the hardware, software and steps taken. The aim of this blog is to help other organizations understand, prioritize and deploy this effective security control.’ A lot of good detail into the practical aspects of switching to YubiKeys.
A Roomba recorded a woman on the toilet. How did screenshots end up on Facebook?
Yikes this is bad. A robot vacuum recorded video, uploaded it to iRobot, then that video was sent to teams of data-labelling gig workers in Venezuela, where they picked out some “highlights” and shared it on Facebook
Getting a root shell on a VTech Storio 3S tablet
Quite a complicated process — extracting the eMMC chip is way beyond my abilities! — but using FCCID.io is a neat trick
(tags: hardware hacking reverse-engineering vtech gadgets linux embedded-systems)
-
Digging into what Github Copilot sends back to its servers; particularly of interest is the wealth of accompanying tokens/snippets that get included as context (“prompt suffix/prefix”)
-
“a hypothetical scenario in which a machine learning system trained on its own output becomes unable to function properly or make meaningful predictions”
-
Via ted byfield: “If you’ve wondered what AI-bots are ~thinking while they generate an image, here you go.” Reverse-engineering the training samples which Stable Diffusion et al are combining for a given text query, in the laion5B or laion_400m datasets
(tags: ai clips laion ml stable-diffusion text2image)
-
This image contains a “cursed color”:
There is a cursed color in the Kodak ProPhoto RGB color space which, when converted to sRGB using pre-August-2020-Security-Update Android’s image conversion routines, causes an integer overflow and a crash due to a rounding error. Some dude accidentally created an image ( https://www.flickr.com/photos/gaurav_agrawal/48746079687/ ) which contains the cursed color on a single pixel. In 2020 if you set this image as your desktop on a Google or Samsung device, the device would brick & lose all onboard data.
Dismantling Sellafield: the epic task of shutting down a nuclear site
This is vital context for discussions of revitalised nuclear power.
An older [nuclear waste] reprocessing plant on site earned £9bn over its lifetime, half of it from customers overseas. But the pursuit of commercial reprocessing turned Sellafield and a similar French site into “de facto waste dumps”, the journalist Stephanie Cooke found in her book In Mortal Hands. Sellafield now requires £2bn a year to maintain. What looked like a smart line of business back in the 1950s has now turned out to be anything but. With every passing year, maintaining the world’s costliest rubbish dump becomes more and more commercially calamitous.
(tags: sellafield windscale history nuclear-power wales pollution nuclear-waste future power)
You can have user accounts without needing to manage user accounts
Using Auth0 to provide user accounts in a small-scale web side project without requiring lots of extra work
(tags: auth0 authentication users user-accounts web hacks)
-
Some updated numbers on Long COVID risk from epidemiologist Katelyn Jetelina
(tags: long-covid covid-19 risk health epidemiology disease)
ggerganov/whisper.cpp: Port of OpenAI’s Whisper model in C/C++
High-performance inference of OpenAI’s Whisper automatic speech recognition (ASR) model: Plain C/C++ implementation without dependencies; Apple silicon first-class citizen – optimized via Arm Neon and Accelerate framework; AVX intrinsics support for x86 architectures; Mixed F16 / F32 precision; Low memory usage (Flash Attention + Flash Forward); Zero memory allocations at runtime; Runs on the CPU; C-style API
The day with the earliest sunset, vs the winter solstice
The earliest sunset happens today in Ireland — several days prior to the winter solstice (which is the day with the least amount of sunlight). This page explains it all
(tags: sun sunlight solstice grand-auld-sthretch day night astronomy)
The human cost of neurotechnology failure
‘This is your brain on capitalism’. A shitty cyberpunk future:
What about when the [bricked] device is inside your body? Earlier this year, many people with Argus optical implants – which allow blind people to see – lost their vision when the manufacturer, Second Sight, went bust. Nano Precision Medical, the company’s new owners, aren’t interested in maintaining the implants, so that’s the end of the road for everyone with one of Argus’s “bionic” eyes. The $150,000 per eye that those people paid is gone, and they have failing hardware permanently wired into their nervous systems. Having a bricked eye implant doesn’t just rob you of your sight – many Argus users experience crippling vertigo and other side effects of nonfunctional implants. The company has promised to “do our best to provide virtual support” to people whose Argus implants fail – but no more parts and no more patches.”
(tags: health implants cyberpunk future grim neurotechnology brain right-to-repair open-hardware open-source medicine capitalism ip ethics)
-
How a “ragtag group of technologists” built a volunteer-run shadow data infrastructure to coordinate the shambolic US rollout of COVID-19 vaccines in California during 2021
(tags: california community health healthcare volunteers covid-19 vaccines 2021 pandemics vaccination)
DynamoDB’s Best Feature: Predictability
Looks like I didn’t bookmark this one? Marc Brooker on how DynamoDB use redundant, additional requests to their MemDS caching service in order to avoid surprising variability in service performance which could affect service availability. Good example of the “constant work” pattern described by colmmacc at https://aws.amazon.com/builders-library/reliability-and-constant-work/ .
(tags: reliability availability dynamodb memds caches caching architecture predictability constant-work)
-
A 40-page Bachelor’s degree thesis on the legendary bit-hacking Quake III Q_rsqrt() implementation (via redacted):
This function, commonly called InvSqrt, approximates the inverse (or reciprocal) square root of a 32-bit floating point number very quickly. It can be found in many open source libraries and games on the Internet, such as the C source code for Quake III: Arena. This raises many questions. Why is it needed? Who wrote it? How does it work? How well does it work? Is it still useful with modern processors today? And finally, can it be improved to work better? This thesis will examine those questions and give a unique interpretation and optimization of the function itself.
(tags: via:redacted sqrt maths quake-3 0x5f3759df)
sissbruecker/linkding: Self-hosted bookmark service
an OSS clone of a Pinboard-style bookmark service. ‘designed be to be minimal, fast, and easy to set up using Docker.’ Bookmarking for emergency use only; if anything happens to Pinboard.in, I’ll have this to fall back to. (via dahamsta)
Home Assistant with a Solis Hybrid inverter
good write-up on the process to get data out of the SolisCloud backend and into Home Assistant
(tags: home-assistant home solar-power solis soliscloud)
-
My Pinboard links feed is now on the Fediverse at botsin.space; I’ll blog up the process shortly
WiFi calling blocked on Pixel phones
what the hell? “Unless you’re on an operator that sells Pixel phones directly, who basically comprise the “Google list” for these features, [wifi calling] won’t work for any [directly-purchased] Pixel phone [in Ireland]. Same all over Europe. VoLTE won’t work either when on a mobile network (data speeds will drop to 3G when on a voice call) […] Your only option would be to root the phone to get it to work. There seem to have been some recent changes on this but seems like Eir still no go.” I’ve been wondering why VoLTE and VoWifi have been unavailable on my phone for several months now, assuming it was an operator issue. Finally I was sent this link by a poster on another forum — it’s not an issue with the operator, it’s a builtin limitation on the phone. All I can presume is that Google have done exclusivity deals with some providers in some regions, but is keeping this secret for some reason. If I’d known this in advance, I’d probably have bought a different phone; absolutely terrible decision. Reportedly it can be reversed via rooting the phone, at least.
(tags: android google pixel wifi-calling vowifi volte lte mobile)
AI-generated answers temporarily banned on Stack Overflow
Ranked user-generated content sites like Stack Overflow are really going to have a problem with the incoming plausible-sounding bullshit flood:
“The primary problem is that while the answers which ChatGPT produces have a high rate of being incorrect, they typically look like they might be good and the answers are very easy to produce,” wrote the mods (emphasis theirs). “As such, we need the volume of these posts to reduce […] So, for now, the use of ChatGPT to create posts here on Stack Overflow is not permitted. If a user is believed to have used ChatGPT after this temporary policy is posted, sanctions will be imposed to prevent users from continuing to post such content, even if the posts would otherwise be acceptable.”
(tags: chatgpt ai autocomplete stack-overflow coding spam ugc)
Cory Doctorow Wants You to Know What Computers Can and Can’t Do
“Do you think that the concern over A.I.’s expanding capabilities is misplaced? I do. I think that the problems of A.I. are not its ability to do things well but its ability to do things badly, and our reliance on it nevertheless. So the problem isn’t that A.I. is going to displace all of our truck drivers. The fact that we’re using A.I. decision-making at scale to do things like lending, and deciding who is picked for child-protective services, and deciding where police patrols go, and deciding whether or not to use a drone strike to kill someone, because we think they’re a probable terrorist based on a machine-learning algorithm—the fact that A.I. algorithms don’t work doesn’t make that not dangerous. In fact, it arguably makes it more dangerous. The reason we stick A.I. in there is not just to lower our wage bill so that, rather than having child-protective-services workers go out and check on all the children who are thought to be in danger, you lay them all off and replace them with an algorithm.”
(tags: ai ml cory-doctorow tech future capitalism)