@pinkforest What industry does ATM is horrible to watch and that part I don't like at all. There is no such thing as AI skills.
0
0
0
@pinkforest Engineering-wise having snapshots of "all of your base" does not work. Brains have all of already dead Internet. This is what I think I think ...
I think world model based AI could potentially be better and more co-operative approach to AI. Then, AI does not know "everything" (from the past that no longer exist) but instead can do useful stuff like self-drive cars. Compute budget is of course taken from language side given that physical resources have their limits. And stuff that John Carmack is doing is interesting and I follow that a lot. And it addition to I do like the thinking of Yann LeCun and congnitive scientist Gary Marcus. Those three are my top tier in this domain in the positive sense of the word.
I think world model based AI could potentially be better and more co-operative approach to AI. Then, AI does not know "everything" (from the past that no longer exist) but instead can do useful stuff like self-drive cars. Compute budget is of course taken from language side given that physical resources have their limits. And stuff that John Carmack is doing is interesting and I follow that a lot. And it addition to I do like the thinking of Yann LeCun and congnitive scientist Gary Marcus. Those three are my top tier in this domain in the positive sense of the word.
1
0
0
@pinkforest I try to not be in a camp because either way I get "under the influence". I measure,test and try to think what it means what I see. Yeah, and generally try to avoid making any fast conclusons :-) I'm not pressured to use them and I do have a stable job, so I thought it is good position make more serious security and threat analysis on LLMs (i.e. as an actor in a threat scenario, not scanning vulns using LLMs).
1
0
0
Jarkko Sakkinen
jarkko
@pinkforest yeah so i have not really followed what nokia has done :-) i heard that they have something going on with nvidia. it did not come as suprise because NVIDIA has quite strong R&D presence in Helsinki. E.g. NVIDIA RTX technology was engineered in Helsinki.
1
0
0
@pinkforest In my experience and based on some ad-hoc random tests I've created for the models, the very latest of frontier model have a lot of power yes but they easily also emit behavior that appear as backstabbing .
Models shortcut tasks all the time: they great on taking an optimal path of actions, which does not necessary mean efficiency all. The very latest models seem to be more focused on finding interpretions of a task decription that result the minimum amount of tokens burnt.
So to summarize that I think the latest versions are worse than previous and it comes down to limitations of LLM architecture. I.e. they kind of get better but the improvements are not the welcome ones. mathematically latest do better :-)
It's interesting how AI native minions who think that they will take over the world have now started to push good old waterfall model and "spec driven development", which good old waterfall from the 50s. They think they are improving the process while they are actually dynamically reacting to model quirks.
The irony here is that given these properties you actually should have really good staff of human engineers for balance-and-check more so with e.g., Opus 4.7 than Qwen 3.6 27B. The latter does what asked and can do it really effectively if you know what you are doing. I.e. also in local model side it is skills and creativity (and great salary) that really works.
Models shortcut tasks all the time: they great on taking an optimal path of actions, which does not necessary mean efficiency all. The very latest models seem to be more focused on finding interpretions of a task decription that result the minimum amount of tokens burnt.
So to summarize that I think the latest versions are worse than previous and it comes down to limitations of LLM architecture. I.e. they kind of get better but the improvements are not the welcome ones. mathematically latest do better :-)
It's interesting how AI native minions who think that they will take over the world have now started to push good old waterfall model and "spec driven development", which good old waterfall from the 50s. They think they are improving the process while they are actually dynamically reacting to model quirks.
The irony here is that given these properties you actually should have really good staff of human engineers for balance-and-check more so with e.g., Opus 4.7 than Qwen 3.6 27B. The latter does what asked and can do it really effectively if you know what you are doing. I.e. also in local model side it is skills and creativity (and great salary) that really works.
1
1
2
@pinkforest In my experience and based on some ad-hoc random tests I've created for the models, the very latest of frontier model have a lot of power yes but they easily also emit behavior that appear as backstabbing .
Models shortcut tasks all the time: they great on taking an optimal path of actions, which does not necessary mean efficiency all. The very latest models seem to be more focused on finding interpretions of a task decription that result the minimum amount of tokens burnt.
So to summarize that I think the latest versions are worse than previous and it comes down to limitations of LLM architecture. I.e. they kind of get better but the improvements are not the welcome ones. mathematically latest do better :-)
It's interesting how AI native minions who think that they will take over the world have now started to push good old waterfall model and "spec driven development", which good old waterfall from the 50s. They think they are improving the process while they are actually dynamically reacting to model quirks.
The irony here is that given these properties you actually should have really good staff of human engineers for balance-and-check more so with e.g., Opus 4.7 than Qwen 3.6 27B. The latter does what asked and can do it really effectively if you know what you are doing. I.e. also in local model side it is skills and creativity (and great salary) that really works.
Models shortcut tasks all the time: they great on taking an optimal path of actions, which does not necessary mean efficiency all. The very latest models seem to be more focused on finding interpretions of a task decription that result the minimum amount of tokens burnt.
So to summarize that I think the latest versions are worse than previous and it comes down to limitations of LLM architecture. I.e. they kind of get better but the improvements are not the welcome ones. mathematically latest do better :-)
It's interesting how AI native minions who think that they will take over the world have now started to push good old waterfall model and "spec driven development", which good old waterfall from the 50s. They think they are improving the process while they are actually dynamically reacting to model quirks.
The irony here is that given these properties you actually should have really good staff of human engineers for balance-and-check more so with e.g., Opus 4.7 than Qwen 3.6 27B. The latter does what asked and can do it really effectively if you know what you are doing. I.e. also in local model side it is skills and creativity (and great salary) that really works.
1
1
2
Jarkko Sakkinen
jarkko
Edited 23 days ago
The reason I've been making now so much AI noise is the realiziation that
1. I have bad vibes only ;-)
2. It is probably better to start taking baby steps right now with sec.
3. Got postulated that guardrails for malicious stochastic actions should be based on algorithm, not AI.
There's a lot of popular lore of some kind of guardian LLMs that overwatch frontier model but the problem is the introduction infinite recursion of distrust. All LLMs have the same underlying problem.
1. I have bad vibes only ;-)
2. It is probably better to start taking baby steps right now with sec.
3. Got postulated that guardrails for malicious stochastic actions should be based on algorithm, not AI.
There's a lot of popular lore of some kind of guardian LLMs that overwatch frontier model but the problem is the introduction infinite recursion of distrust. All LLMs have the same underlying problem.
1
0
0
Jarkko Sakkinen
jarkko
OpenAI in-fact has both well maintained and documented security architecture from end-to-end. It's even more transparent than many of non-AI companies.
Anthropic's security architecture is literally based on a belief system of being able to contact to an actual entity by running a complex math operation.
Earthly opsec is left for the agents.
Anthropic's security architecture is literally based on a belief system of being able to contact to an actual entity by running a complex math operation.
Earthly opsec is left for the agents.
0
0
1
Jarkko Sakkinen
jarkko
I've refurbished rootns kernel patch set first time since February.
I was missing a workload for the feature but having container entrance without co-operative unmount makes a whole a lot more sense now than it made then :-)
https://git.kernel.org/pub/scm/linux/kernel/git/jarkko/linux-tpmdd.git/log/?h=rootns
It's easiest to depict as "soft kexec" (as mental model).
#linux #kernel #container #security
I was missing a workload for the feature but having container entrance without co-operative unmount makes a whole a lot more sense now than it made then :-)
https://git.kernel.org/pub/scm/linux/kernel/git/jarkko/linux-tpmdd.git/log/?h=rootns
It's easiest to depict as "soft kexec" (as mental model).
#linux #kernel #container #security
0
0
0
Jarkko Sakkinen
jarkko
Edited 23 days ago
If I had to pick single biggest long term security risk for companies and other organizations, I'd pick Claude Code. Anthropic is a flawed company when it comes to security.
0
0
2
Jarkko Sakkinen
jarkko
Just so that you know this is a complete joke:
https://github.com/anthropic-experimental/sandbox-runtime
But it inspired me. I'm doing for fun a small sandboxing tool that eats the same JSON but has a bit more clever way to setup protections :-) And compatible with actions/runners in Git hosting sites as I'm not using Linux namespaces.
https://github.com/anthropic-experimental/sandbox-runtime
But it inspired me. I'm doing for fun a small sandboxing tool that eats the same JSON but has a bit more clever way to setup protections :-) And compatible with actions/runners in Git hosting sites as I'm not using Linux namespaces.
0
0
0
Jarkko Sakkinen
jarkko
Explained to LinkedIn what mathematicians do as a profession as apparently this was not clear in the first place :-)
#mathematics #openai #linkedin
#mathematics #openai #linkedin
0
1
3
Jarkko Sakkinen
jarkko
found some random unidentifed sun glasses while cleaning up my place. now all i is a van, duct tape...
0
0
3
@caesarcattus If it helps you, I personally would have never learned in the first place by reading the art of assembly books above. I'm more like "blackbox learner" when something is way too complex to cope. E.g., if I get a huge pile of source code, the first thing I do is to run tools like strace, maybe some temporary log messages here and sometimes bpftrace. Then I might try to figure next what are "sources" and "sinks" i.e., how it does I/O. Once you do that for a while even something quite messy starts to make sense.
0
0
0
@caesarcattus QEMU is great tool for learning and actually C compiler is too. If I need to learn a new uarch, I usually just compile a random program and look and simplify the resulting code.
With GCC/LLVM you get the assembly source code with "gcc -S -fverbose-asm hello.c".
With GCC/LLVM you get the assembly source code with "gcc -S -fverbose-asm hello.c".
0
0
0
@caesarcattus ARM version is still quite new :-) i recall it came maybe 2024'ish.
0
0
0
@caesarcattus Yeah, try it :-) It does not do much harm being a single binary compiled from Rust but neither is it really usable for anything.
0
0
0
@caesarcattus I don't like Rust style overdone cli TUIs but I'd still except basic some cli ergonomics, like auto-complete when you press '/'.
0
0
0
@caesarcattus I otherwise agree but would exclude FSF despite they do a lot of that too but it is of transparent and aligned with what they say they do.
I've never really grabbed e.g., purpose of Open Source Initiative. It's basically a branding agency making anything that comes from SIlicon Valley appear to be aligned with open source.
I would have really hard time to find a person who would willingly try out Goose. I could almost bet my money that people who picked it have never tried it :-) Screenshot this time really speaks for itself.
I've never really grabbed e.g., purpose of Open Source Initiative. It's basically a branding agency making anything that comes from SIlicon Valley appear to be aligned with open source.
I would have really hard time to find a person who would willingly try out Goose. I could almost bet my money that people who picked it have never tried it :-) Screenshot this time really speaks for itself.
1
0
0