ˈdiː.mən

And don’t ever ask random people how to pronounce ‘router’.

Lots of good comments here. Just wanted to say: Privacy often depends on the threat scenario. What really helps is encryption.

And if you need anonymity within the network, that needs to be baked into the protocol. Like I2P or TOR do on the internet. They bounce traffic through random nodes so nobody knows both sender and receiver at the same time. That of course makes it expensive for the network, and slow.

Other protocols just send packets from a sender to a receiver. That’s fast. But people en-route know who’s communicating with each other. Packets might be encrypted, though. So third parties can’t look inside what kind of information is exchanged.

And there’s a million different threat scenarios with the surveillance state. They might be far away and not catch the radio you’re sending through the air. They might come and triangulate your position once you transmit any stuff over radio.

And the internet is just complicated. Most traffic there is encrypted these days. But the easy stuff they’ll do is just ask Google what’s on your account. Or have a side-channel to the data that’s generated for the advertising industry. Or bug your phone or unlock it. Or subpoena the internet service provider, or mobile phone provider. So they can see what DNS queries you do. Or your phone location 24/7. Or they’ll get access to your modern car electronics…

So depending on what you’re trying to do, you might want to get rid of your smartphone, modern car etc. Credit card, NFC train ticket… Accounts with big corporations… That’s all data the surveillance state is more interested in than random chat messages… Though, those have an impact as well. So it really depends on what we’re trying to protect here, because there’s so many different attacks on privacy from all kinds of directions. It is a chore.

It’s nothing a little music can’t help!

Ja. Grundsätzlich sehr willkommen. Wobei wir echt aufpassen müssen, weil bei Ursula von der Leyen bedeutet das sicherlich mehr Überwachungsstaat, mehr Frontex, und Budget für nachhaltige Dinge wird umdisponiert für KI Start-Ups. Und das dann auf dem kürzeren Dienstweg. Auf der anderen Seite muss man sich halt wirklich mal überlegen wie man effektiv weiterkommt.

I think there’s a lot of nuance here. I mean the Fediverse isn’t super efficient. But it manages to do what it’s supposed to do. And it really depends. Which Fediverse software. How many people are on those servers, how are they distributed. Do groups of people mingle on certain servers. Do they all subscribe to all the same content out there. Are there really big groups on servers with happen to have a slow internet connection… And then of course can we come up with improvements if we need to.
I think we’re going to find out once (or if) the Fediverse grows substantially. Some design decisions of the Fediverse are indeed a bit of a challenge for unlimited growth. Oftentimes technical challenges can be overcome, though. With clever solutions. Or things turn ot differently than we anticipated. So I don’t think there’s a good practical and straightforward answer to the question.

Yes. First thing I’d do is question the 19.22V as well. Is it really 19.22V or is the power supply maybe outputting an arbitrary voltage up to 20V with no load?

And I don’t really get what the divisions are supposed to be on the graph? Seems it always shows a line at 7.6 div, no matter what you configured? Except in one case.

I mean Retrospect is kind of an episode about date rape. Implying something about false memories in assault victims. And it ends on: Maybe the main thing behind the story never happened. The End. Which are the endings that often feel very disappointing to me. And we don’t even learn if it was an illusion. I get why that episode isn’t cherished by people.

I think the pon farr episodes are weird as well. And I don’t think I particularly enjoyed that episode. But at least some of the good guys are trying to do the right thing? And even if the Vulkan gets away unpunished, I don’t think he’s portrayed in a positive way. As far as I remember the crew unanimously thinks sex is unacceptable. Minus the people who are out of their mind. And Tuvok. But he has kind of a weird role with arguing logic in that situation. And the episode ends on a happy end. They’ve averted danger and death for the moment, and nobody had to have sex. And as a viewer I’m glad it turned out they didn’t need to follow through with Tuvok’s “logical” plan, either. That feels a bit more right to me.

But the entire set up of pon farr and biology or tradition just causing violence, is a bit rapey. I guess from a storywriting perspective it’s a bit difficult to bring up that topic in a creative way. But movie or TV is a lot about violence and sex. So I can see how storywriters make it part of stories.

Some Voyager episodes were just a bit weird in my opinion. I think it’s okay if it provokes thought. And less so, if it makes the audience start to confuse right and wrong.

Good blog post.

I couldn’t think of a clever response to that. I still can’t.

I think it’s central to the issue they’re talking about. There’s demand for quick, cheap stuff. There’s also demand for quality stuff. But they’re not the same.

I mean, I’m sometimes sad nothing lasts anymore. Or means anything. We buy clothes, appliances, software, phones… just to throw it out a year later. Same with AI. We could do intricate art. Commission someone to draw our company logo or come up with a good advertisement video. But why? Everyone has a attention span of 30s these days and pretty much anything will do for Instagram. So rubbish it is. And we’re done in 5 minutes.

I think it’s more that society doesn’t value quality and sophisticated things any more. We rather have plenty cheap and superficial things. And for a lot of applications, it’ll do. Same with art, same with some software and webdesign. Also works the same way without AI. The consumer will do the beta test. And any random messenger uses 150 dependencies and Electron, and two Gigabyte of memory. That’s hardly artistry either.

There used to be tools like Nightshade. But they’re all proven to be ineffective. So it’s more for fun. In reality, it doesn’t change anything.

Targeted attacks should be possible. So if you know some help bot or FAQ system and how it works, you could try to get wrong answers into their databases. But I don’t think there’s any generic poisoning method which actually works.

Install OBS studio and then just start. Youtube, Twitch, Peertube, Owncast… these are all valid choices for letsplay content. And you have to start first. See what you like, what people like. Experiment a bit. I think you’ll mainly need to figure it out as you go. And also build an audience as you go. Maybe start with something easy, instead of some super complicated and elaborate setup.

And drop a link once you have something to show off.

Soweit ich weiß, hatte er darauf auch eine Antwort. Und zwar die Oberfläche soll nicht in Richtung Internet exponiert sein. Damit ist das dann per Definition keine Sicherheitslücke mehr, sondern ein fehlerhaftes Set-Up, was der Anwender verschuldet hat.

Ich möchte ihn aber auch nicht in Schutz nehmen, oder in die Richtung diskutieren… Ich meine für den Anwender, oder die Leute die dann darunter leiden ist es egal wie es zustande kam, oder wie die technische Definition lautet. Der Schaden ist dann im Zweifel so und so da…

Letztlich wird es halt schwierig. Er verwendet seine Ressourcen lieber dafür neue Features einzubauen, herumzuspielen… Und liebt das Chaos(?) Die Zeit ist dann logischerweise nicht da um die Weboberfläche abzusichern oder solche Dinge.

Ich find’s letztendlich legitim solche Entscheidungen mit seinen Privat-Aktivitäten zu treffen. Es ist ja sein Ding. Und für mich sieht es eher wie ein Kunst-Projekt aus. Es wird ja niemand gezwungen das zu Nutzen. Man kann sich ja auch Claude Code installieren, oder eine der anderen “professionellen” Agenten Plattformen …wenn man auf sowas steht. Das hätte dann wenigstens Sicherheit irgendwie in der Projektbeschreibung.

Aber letztlich hast du sicherlich recht. Sobald Menschen zu Schaden kommen, hört irgendwie der Spaß auf. Und es ist auch vollkommen richtig die Dinge beim Namen zu nennen. Und den Leuten beizubringen mit was sie es hier tatsächlich zu tun haben. Ich denke das ist für viele Menschen nicht wirklich klar erkennbar.

Und ich lese deinen Artikel auch gerne. Danke für die Auflistung, ich lerne dabei auch noch einiges dazu. Es ist ja viel zu viel um da selbst informiert zu bleiben.

Und dann bei OpenAI anzufangen oder OpenClaw von einem der Großkonzerne übernehmen zu lassen ist auch wirklich Banane. Mir fehlen etwas die Worte. Die sind halt wirklich alle bescheuert. Und der Hype-Train ist echt auf Volldampf unterwegs.

Also ich hab den c’t 3003 Beitrag über OpenClaw geschaut und ein paar andere Interviews mit ihm. Ich würde sagen er ist ein zertifiziert Bekloppter. Nicht unbeding in negativem Sinne… Aber seine Grundidee ist ja alle langweiligen Sicherheitsmaßnahmen und Einschränkungen wegzulassen und mal zu schauen was so passiert. Er nimmt absichtlich das am meisten “unhinged” KI-Modell und feiert die “Banger” die es bringt. Vollzugriff auf die Computer, inklusive API-Keys. Er pushed Code und schaut ihn sich nicht an…

Also für mich ist das Sicherheitslücken anmäkeln eher so wie auf ein Metal-Festival gehen, und sich beschweren, dass dort keine Schlager laufen. Und dass die Leute da alle betrunken sind… Also ich meine, Ja? Das ist korrekt? Aber war auch irgendwie Sinn der Sache?!

Nur das das hier kein Metal-Festival ist, sondern ziemlich albern.

Haha, danke für den Link! Es ist etwas schwierig mit OpenClaw und all den skurillen Dingen auf dem Laufenden zu bleiben. Wusste gar nicht, dass die bloggen und Schmähbriefe schreiben.

Aber die Anzahl der Sicherheitslücken zu quantifizierten, finde ich etwas dumm. 73? Da gehe ich wohl eher mit Peter Steinberger… Das Ding ist eine große Sicherheitslücke. Und was soll überhaupt als Lücke gelten, wenn es mit Absicht vollkommen freie Hand hat? Ich denke das Wort “fail” trifft es da schon sehr gut.

Indeed. That looks nice. It’s about 2bit quantization. So not sure if it translates to the other paper. I had a quick glance at their code, and it’s specific to the Llama2 and Llama3 architectures. So, it’d need to be enhanced for other models. And what might be a bummer: they load the model at full precision to calculate the activations. That means you’re looking at a system with ~480GB of (V)RAM. And we don’t have machines of that size show up on the AI horde. (As far as I know.)

I think we’re looking more at crowdfunding research here. I mean sorry for being overly negative. I’d like to see 1bit models as well. And I always love to see community projects and independent people push the limits. I just think the hard part is coming up with the research, the math… or even the engineering to combine two papers and adapt an approach to something. So we somehow need to crowdfund that.
In these two examples, seems the compute power isn’t really the issue. I mean the 1bit training was doable on a single H100. And this LoRa isn’t very complex either, and they’re not using that many samples.

It just wouldn’t fit on any of the 38 LLM workers currently online on the AI Horde. Not even remotely. So this and the Horde is kind of a bad / impossible fit. However, I still think compute power wouldn’t be the biggest issue, we can rent that by the hour. And it’s not even hard to set up or that expensive. I think the main issue is coming up with the math and the code to produce something useful. So maybe we need a research community. And these things already happen. I mean the llama.cpp community has long been working on quantization and pioneered some things. There’s people on Reddit discovering new things. We’ve had random(?) individuals contribute substantial advancements to image and vide generation. There have been communities/projects like RedPajama, who trained a model from grounds up (and assembled the dayaset)… Seems very low precision quantization is just a tough nut to crack.

Seems to me Bitnet needs a pile of money in compute, plus a team of bright researchers to improve upon. NanoQuant doesn’t perform as good as any 4bit or 8bit model with a similar resource footprint, so it’d need way more research as well. And RILQ is a bit specific, it’d need further research as well. It’s not entirely clear whether that happens. There’s something like publishing bias. Sometimes researchers don’t publish negative results. So maybe they tried to apply it to lower resolutions, failed, and didn’t write a paper about how they failed. So I’m not sure where to go with this. There isn’t anything we could run or just apply as is.

And the AI Horde does inference with fixed scripts. On something like gaming GPU’s and Apple silicon. People who bought a few old 3090s. But that’s inference only. What’s needed for general research is a new project. It’d need to provide you with cloud GPU, launch Docker containers for arbitrary workloads. And expensive enterprise GPUs, or infiniband clusters of some. So the entire software needs to be scrapped and replaced, and the hardware improved as well for cutting edge research. We maybe can call this new thing AI Horde as well. But it’d be an entirely new thing.

And I guess alignment, harvesting user data and preferences from the user’s interactions could be done as well. At least from the technological perspective. I don’t really know if the audience likes that. Depends a bit on how it’s done.

That kind of ketchup is unacceptable anyway. I mean what would you use it for? It just tastes of sweetened, cooked tomatos. Just buy curry ketchup. And put mayo on the fries. Or Joopie sauce.

Sure. I mean I know we can do it for 4bit or 8bit quantizations. Question is just if it can be done for 1bit. As per Microsoft’s first Bitnet paper, the answer was a clear: No. Seems I’ve missed the NanoQuant paper from a few days ago. They did post-training quantization. But the numbers don’t look impressive to me? I mean I’m not an expert and have just skimmed it. But the benchmarks in table 3 look like some very old model from a few years ago. Every tiny modern model can reach better scores. And the perplexity in table 2 doesn’t look great to me either. Sure, you could run a 1-bit version of a 70b parameter model… But that’s just worse than a 1b parameter model. So you can probably just skip the entire effort with the 1-bit quantization, download the smallest variant there is, run it straight out of the box, and it’d be both more “intelligent” and at least 4x faster.

I mean ultimately, you’re right. I’d like to know the benchmark results for something like a 70b model. Seems they only list those for small models. And it’s a shame they didn’t release any weights.

But I don’t see why we need a collaborative Horde effort to find out… They write a 70b model can be compressed on an H100 in 13 hours. And for example runpod.io charges $2.39 per hour for such an instance. So all we need is a bit more than $30 to find out?!

I was under the assumption, the main issue with these models is the costly training? As they can’t be quantized, but need to be trained natively at that precision, and the process is very expensive…

I mean I didn’t read the newer papers. Did they solve the issues with post-training quantization and that’s usable now? Otherwise we might be looking at either, very expensive training, or very high perplexity and the model isn’t usable for anything.

Depends a bit on the country. In the United States, for sure. That’s just open corruption and you scratch my back and I’ll scratch yours. The government funnels $500bn taxpayer money into some Project Stargate, and God knows how much into really dark stuff with Palantir. Musk even “worked” for the government for a while… And next to the corruption money, these people are buddies. And they’re all working towards the same goal. Some idea of an apocalypse.

In China, I don’t think they need to bribe the government. It was the CCP who came up with the idea in the first place. And the AI race between China and the USA is yet another thing.

For Europe, I’m not so sure. There’s a bit more nuance here? I mean Ursula von der Leyen is an AI shill as well. She frequently likes to talk about it. I don’t think there’s as much open bribery, though. And I still hope they’re aware of the situation with US companies, how we diverge in our goals, and partnering with Palantir or X is likely going to end us up in a lot of pain… And the EU loves to regulate. And our own AI companies aren’t as big. So there’s that as well.

Giving things a solid try is very much appreciated 😆

Yes. Fingers crossed. And don’t let people like me talk you out of what you want to do. I mean nobody knows in advance, what kind of path needs to be taken. And the path is gonna be riddled with issues, decisions to be made and things to be learned. There’s no way around that.

Yes. I don’t think it’s settled yet. There’s still many trials going on. The industry still tries to push the limits, including really weird stuff like Elon Musk probing if it’s okay to allow deep-fakes of random existing women and minors. I think lawmakers are having a difficult time to keep up with the pace. AI companies drown them with their near unlimited resources. We need to come up with new regulation. Fight all the court battles, overhaul copyright and discuss things in society… And then there’s preexisting influential structures, like Disney, the copyright industry… Sometimes they’re on opposing sides, sometimes they dabble in AI as well… I mean it’s complicated. And a long process. And it’s difficult to defend things. I mean I also defend my server. But it’s more an open war than anything with rules and terms.