> Magnifica Humanitas is that rarest of treats, a 40,000-odd word AI policy document written in Latin.
I stopped reading at this sentence. If you go to the source (https://www.vatican.va/content/leo-xiv/en/encyclicals/docume...), you can see it's available in eight languages, none of them being Latin. In fact, I read elsewhere a few days ago that one of the novelties of this one is that, unlike all the preceding ones, it's not written in Latin; the Wikipedia article (https://en.wikipedia.org/wiki/Magnifica_Humanitas) also says that ("The encyclical was the first to be published without an official Latin version. This followed a recent change to Vatican regulations permitting such documents to be drafted in other languages.[4]").
If the article gets it this wrong already in the third paragraph, it's not worth reading any further.
> That's unfortunate, because it's precisely why things like this will keep happening.
I have the opposite opinion. Its use being rare means CPU designers have less need to optimize for that rare case, and hardware optimizations are precisely where these kinds of issues tend to pop up.
And high 8-bit registers are a x86-specific feature, other CPU families don't have it. So that special case being less optimized (or even pessimized) is not much of a loss.
Yep. The "high" registers as an alias for bits 8-15 of certain registers are one of many warts in the architecture; they should have been purged from 32-bit and 64-bit code, and left to rot in 16-bit mode only.
Intel blew it when they let them continue to work in to 32-bit code on the 386, and then
AMD blew it when they repeated the mistake when defining the 64-bit ISA.
> I wouldn't have problems with AI-generated code, but LLMs are not AIs, they are random sentence generators.
AI includes a lot of technologies, LLMs being just one of them. Several of these technologies use probabilistic algorithms, so having randomness does not disqualify something from being classified as AI.
And I didn't say it does. Intelligence is not necessarily deterministic, and being random is not the problem with LLMs. The problem is that they are not intelligent: they statistically mimic reasoning and logic, which still could have been acceptable except that they don't generalize well and have double-digit (at best single-digit) error rate percentages.
They also have the worst possible failure mode imaginable: Producing erroneous output that looks perfectly fine and expertly-crafted.
Imagine a food synthesizer machine. You press a button. 80% of the time you get a chicken sandwich, 20% of the time it beeps an error. That's OK. With the LLM version of that, 80% of the time you get a sandwich, 20% of the time you get what looks like a perfect sandwich except that it contains bits of plastic and metal, and you have to start eating it to find the pieces.
"You're absolutely right! Food shouldn't contain bits of plastic. Let me synthesize that again."
> people who grew up in developing countries or even in extremely rural areas of Western countries who grew up with water unsafe to drink before boiling it off will be even more skeptical.
I'm Brazilian. We learn early in school that water must always be boiled or filtered before drinking. I'd feel very uncomfortable drinking water directly from plumbing, no matter how much some people say it's safe.
Every place here (and I don't say that lightly, I don't think I've ever seen an exception) has either a water filter connected to the plumbing (for unlimited on-demand filtered water), or at least a separate standalone filter, or sometimes a drinking fountain which gets its water from large mineral water containers (and it's normally real mineral water bottled from real mineral springs, not that nonsense that is adding minerals to tap water and saying it's mineral water).
Edit: and IIRC, there's a law that bars and restaurants must provide filtered tap water to their clients without extra cost when requested. Even the law requires filtering.
Keep in mind that the filters most people use in Brazil mostly only handles dirt that accumulates on the water tank and keeps the water in a nice temperature. If the tap water had any contamination, those filters would change nothing.
It's still good to get rid of that dirt. If you live near a main street or some other polluted place, it can become harmful. But it's not that much of a change.
Every time an issue is found, no matter how minor, it's fixed and updated everywhere. From now on, every car of that model (and future models, and related models) will no longer have that problem. Several passes of that improvement cycle, and self-driving cars become safer (and more efficient/comfortable/etc) than human drivers. At least, that's how it's supposed to work.
> If you've ever built software, you'll know that regressions are all too common. Especially when AI/ML is involved.
"AI/ML" has delivered far more complete testing criteria than any "QA expert" has. It's absolutely crazy to me the number of people who defend the status quo in software testing when software quality has been on the decline for over a decade. But sure. "AI/ML" is the problem, not shit developers who never considered that angle in the first place.
> Doing terrible work every 2 years is better than doing it every day?
And by skipping some releases, you will have less of that work. When something is changed in one release, then changed again on the next one, by waiting you only have to do the change once, instead of twice. And sometimes you don't even have to do anything, when something is introduced in one release and reverted in the next one.
> It's important to look at the actual vulnerability at the context, and not just list any CVE which matches by version.
Unfortunately, that's not enough. Even if the vulnerable parts of the code are not being built, heck even if they have been completely erased from the source code, the auditors will still insist that you're vulnerable and must immediately upgrade, or else they will give your software a failing grade.
> Other comments say that this mitm stops working when you use public key authentication.
It doesn't completely stop working; a MITM can still pretend to be the server, it just can't authenticate to the real server on your behalf. You could be doing all your work in a fake server controlled by the attacker, while the real server sits there untouched.
It does note that it only protects against an attacker "who learns the cloud-init user-data at any point after the script terminates".
If the attacker can get the cloud-init user-data while the script is still running (in the time between sending the cloud-config.yaml and connecting with SSH to the machine) that would still allow MitM, but would require more effort on the attacker's part to leak the cloud-init data.
The point of the script was that leaking the cloud-init data after the script has completed is harmless.
Yes, I'm just saying if you think you've set up a server with Hetzner, but Smersh is able to intercept your first interaction with it and present you a server that you think is the one you created, then it doesn't matter how much you try to harden the compromised server. But if you get MITM later in the the process, the above is the scenario you are worried about.
I stopped reading at this sentence. If you go to the source (https://www.vatican.va/content/leo-xiv/en/encyclicals/docume...), you can see it's available in eight languages, none of them being Latin. In fact, I read elsewhere a few days ago that one of the novelties of this one is that, unlike all the preceding ones, it's not written in Latin; the Wikipedia article (https://en.wikipedia.org/wiki/Magnifica_Humanitas) also says that ("The encyclical was the first to be published without an official Latin version. This followed a recent change to Vatican regulations permitting such documents to be drafted in other languages.[4]").
If the article gets it this wrong already in the third paragraph, it's not worth reading any further.
reply