Hacker News new | past | comments | ask | show | jobs | submit | dom96's comments login

or after building their own LLM that runs locally on Apple Sillicon they've decided that this technology is crazily overhyped

Apple survived with Siri for 10 years that is absolutely useless beside creating a timer … so they have time to wait and even use open source llms in the future.

I asked Siri how much 500 mL of water weighed the other day and she said 0.13 gallons. I should have remembered a mL weighs a gram but still. Siri is dumber than dirt.

It's almost as if people are willing to pay more for an iPhone than an assistant / LLM.

I'll never understand people that cannot imagine progress hitting a wall.

Where are our flying cars?


4chan is actually one of the worst social media out there. They are responsible for a hell of a lot of hate campaigns out there. Anonymity breeds toxicity.

Anonymity breeds veracity. As soon as you force people to identify themselves they start lying to you whenever the truth would be controversial. They refuse to concede when someone proves them wrong because now they're under pressure to save face. It's why Facebook's real name policy causes the place to be so toxic.

This is such a weird take. Anonymity lets people behave with impunity.

Anonymity lets people speak with impunity, which is precisely what allows them to say true things they would otherwise be deterred from saying.

They could also say false things, but unverifiable claims from an anonymous source have no credibility.


Obviously, the impunity also allows them to say false things they would otherwise be deterred from saying. Why would you assume the impunity leads to more truth and not more lies?

It really doesn’t. Anonymous people are far more likely to lie, obscure facts and mislead to make you support whatever cause they want to strengthen.

People do exactly that under their real names. If anything they do it more as a form of virtue signaling because they have to be seen supporting their tribe's causes.

What do governments need to implement? They already give you a passport which can be used as a digital ID.

Services need the ability to obtain an identifier that:

- Belongs to exactly one real person.

- That a person cannot own more than one of.

- That is unique per-service.

- That cannot be tied to a real-world identity.

- That can be used by the person to optionally disclose attributes like whether they are an adult or not.

Services generally don’t care about knowing your exact identity but being able to ban a person and not have them simply register a new account, and being able to stop people from registering thousands of accounts would go a long way towards wiping out inauthentic and abusive behaviour.

I think DID is one effort to solve this problem, but I haven’t looked into it enough to know whether it’s any good:

https://www.w3.org/TR/did-core/


Agreed that offering an identifier like this would be ideal. We should be fighting for this. But in the meantime, using a passport ticks most of the boxes in your list.

I’m currently working on a social network that utilises passports to ensure account uniqueness. I’m aware that folks can have multiple passports, but it will be good enough to ensure that abuse is minimal and real humans are behind the accounts.


The main problem with this is that a hell of a lot of people don’t want to give sensitive personal documents to social media platforms.

Yeah. That will be the challenge.

I hope that enough are willing to if the benefits and security are explained plainly enough. For example, I don’t intend to store any passport info, just hashes. So there should be no risk, even if the DB leaks.


First, not everyone has passports - there are roughly half as many US passports as Americans.

Second, how much of the passport information do you hash that it's not reversible? If you know some facts about your target (imagine a public figure), could an attacker feasibly enumerate the remaining info to check to see if their passport was registered in your database? For example, there are only 2.6 billion possible American passport numbers, so if you knew the rest of Taylor Swift's info, you could conceivably use brute-force to see if she's in your database. As a side effect, you'd now know her passport number, as well.


> Second, how much of the passport information do you hash that it's not reversible?

That doesn't even matter. You could hash the whole passport and the passport could contain a UUID and the hash db would still be usable to correlate identities with accounts, because the attacker could separately have the victim's complete passport info. Which is increasingly likely the more sites try to use passports like this, because some won't hash them or will get breached sufficiently that the attackers can capture passport info before it gets hashed and then there will be public databases with everybody's complete passport info.


Good point.

That’s a very good point and indeed it is a potential attack vector.

I’ll have to think about that. Perhaps I can get away with not tying the passport hash to a particular user.


Less than half of Americans have passports, and of the remaining half, a significant fraction do not have the necessary documents to obtain one. Many of these people are poor, people of color, or marginalized in other ways. Government ID is needed, but you generally find the GOP against actually building a robust, free, ubiquitous system because it would largely help Americans who vote Democratic. This is also why the GOP pushes Voter ID, but without providing any resources to ensure that Americans can get said ID.

To be fair, you generally don't see Dems pushing for such a free and ubiquitous system, either - "voter ID is bad" is so entrenched on that side of the aisle that any talk about such a system gets instant pushback, details be damned.

< you generally don't see Dems pushing for such a free and ubiquitous system, either

Yes, and this seems like a huge missed opportunity for Dems. I would strongly support such a system, and I would be willing to temper my opposition to Voter ID laws if they were introduced after such a system was implemented fully.


Passport might be a bit onerous - it's expensive and painful process and many don't need it.

But it's a hilarious sign of worldwide government incompetence that social insurance or other citizen identification cards are not standard, free, and uniquely identifiable and usable for online ID purposes (presumably via some sort of verification service / PGP).

Government = people and laws. Government cannot even reliably ID people online. You had one job...


When it comes to government-issued IDs, "standard" and "free" is a solved problem in almost every country out there. US is a glaring exception in this regard, particularly so among developed countries. And it is strictly a failure of policy - US already has all the pieces in place for this, they just need to be put together with official blessing. But the whole issue is so politicized that both major parties view it as unacceptable deviation from their respective dogmas on the subject.

> But it's a hilarious sign of worldwide government incompetence that social insurance or other citizen identification cards are not standard, free, and uniquely identifiable and usable for online ID purposes (presumably via some sort of verification service / PGP).

Singapore does this. Everybody who is resident in Singapore gets an identity card and a login for Singpass – an OpenID Connect identity provider that services can use to obtain information like address and visa status (with user permission). There’s a barcode on the physical cards that can be scanned by a mobile app in person to verify that it’s valid too.


In the United States, the lack of citizen identification cards is largely due to Republican opposition. People who lack ID are more likely to be democratic voters, so there is an incentive to oppose getting them ID. There's also a religious element for some people, connected to Christian myths about the end of the world.

This is utter nonsense.

It's kind of half true - there is an association between not having an ID and being blue. Because people without IDs are more likely to be people of color or of other marginalized groups, which then are more likely to be blue.

In addition, there's a strong conservative history of using voter id as a means of voter suppression and discrimination. This, in turn, has made the blue side immediately skeptical of identification laws - even if they would be useful.

So, now the anti-ID stuff is coming from everywhere.


It's absolutely not true. People have to supply IDs for tons of activities. They have IDs. We know who they are. They are registered to vote -- how did that happen w/o ID? Of course they have IDs.

The statistics just don't back this up. Plenty of, predominantly poor, people don't have driver's licenses. And that's typically the only ID people have. Also, poorer people may work under the table or deal in cash.

Link the stats please. There are ID types other than driver's licenses. In fact, the DMVs around the country issue non-driver IDs that are every bit as good as driver licenses as IDs.

https://cdce.umd.edu/sites/cdce.umd.edu/files/pubs/Voter%20I...

Feel free to find other sources too.

Many Americans do not have ID. I don't know why that's so controversial to say.

You don't need an ID to get a job, or rent, or do much of anything. Typically, a bill + address suffices.

You're correct SOME states offer ID that IS NOT a Driver's License. However, there's no reason to get this - why would you? Again, you don't need it for anything so why bother?


Thank you for providing the data to back up my original unsourced claim.

America is a very diverse nation, and people live very different lives across the country. Yet all of them have a right to vote. I would expect that 99+% of people on this site have government-issued IDs, but we in the 1% of technical expertise here.

Listen to the stories of people who were affected by the Hurricane in western North Carolina last week and you can start to understand how different some people's lives are.


Where do you get this idea that you need to have an ID card in order to register to vote? It's certainly not a federal requirement.

In NY, you can register with ID, last 4 digits of your social, or leave it blank. If you leave it blank, you will need to provide some sort of identification when voting, but a utility bill in your name and address will suffice.


I expect that nowadays many online are speaking with GenAI without even realising it.

It’s already been bad enough that you may be unknowingly conversing with the same person pretending to be someone else via multiple accounts. But GenAI is crossing the line in making it really cheap for narratives to be influenced by just building bots. This is a problem for all social networks and I think the only way forward is to enforce validation of humanity.

I’m currently building a social network that only allows upvote/downvote and comments from real humans.



>I’m currently building a social network that only allows upvote/downvote and comments from real humans.

And how exactly do you do that? At the end of the day there is no such thing as a comment/vote from a real human, it's all mediated by digital devices. At the point the signal is digitized a bot can take over the process.


By validating each account with a passport and ensuring that only one account per passport is allowed.

Aside from the practical and technical problems you're greatly limiting your audience. Most people who don't travel internationally don't have a passport. In Europe this might be a smaller number but in the USA and Canada I would guess this is a majority of people. Non-citizens won't have a passport. Most young adults will not have one. Many older people will have let theirs expire.

Yeah, that's the challenge. My bet is that there are enough people out there with passports to make an interesting social network.

Of course, getting someone to share their passport will be another filter. But I hope that I can convince people that the benefits are worth it (and that I will be able to keep their data safe, by only storing hashes of everything).


Ok, so you get some critical amount of 'humans' to share "a" passport. Now you've built an expensive and high quality lead finder for scammers/spammers. You've increased the value floor for people submitting fake passports. Also, how are you paying for verification of the passports?, VC money to get from the loss phase to the making enough to support itself on ads? How are you dealing with government data requests, especially in the case where said data can be attributed to a real human?.

Maybe I'm wrong, but just a social network of 'real people' doesn't seem like enough in itself. What is going to bring people there with the restrictions and potential risks you're creating.


You could very well be right. I'm willing to give it a shot and see.

All I can say is that I personally see huge value in a social network for real people. Personally I am sick of arguing with what are likely legions of duplicate accounts/bots/russian trolls online. I want some reassurance that I'm not wasting my time and am actually reaching real humans in my interactions online.

Success to me is 1000 MAU. There are companies out there that do passport verification for a reasonable fee with a fair amount of free verifications to start with (which will handle 1000 MAU just fine). If the number of users wishing to take part is significantly higher then I will explore either ads or charging a small fee during registration.

I'm still very far from needing to cross that bridge though. Same for some of the other questions you've raised. I'd have to do a lot more research to come to a solid stance of what to do when government data requests come in. But I would guess that there isn't much choice but to abide by the request. If you want true anonymity from the government then this place will not be for you (but then I'd say not many social networks are for you in that case)


I would stay the hell away from any site that wants a copy of my passport.

As for a new turing test there is a magic word that bots are not allowed to use that guarantees you're talking to a human.


There is no such word. Even if there is it would be trivial to create a bot that avoids this.

Passports are the only practical way to ensure that I’m talking to a human. Do you have a better idea?


If I think you're a bot I'd ask you to say the word. The word exists and it works every time. No one is going to train a foundation model just to say the word, it's too expensive.

Prompt injection can be mitigated but not this prompt rejection.


You're so delusional, mate. There is no such word.

That is your loss then.

I see a lot of value in a network where I can be confident I am talking to real people.

As a user I can't do anything related to the passport stuff and I know many people who likewise wouldn't be interested in doing that, because we live in the states. A more "normal" approach here would be to use one of the government ID verification systems for your state ID. Most of us are willing to expose that information, since it's what you show when you go to the store to prove your age/identity.


I’ll definitely look into this. But starting with them would limit me to the US only (I’m sure other countries have similar things, integrating each would take a lot of work though). I want to start with passports because they are a true multi national document.

The idea of uploading my passport in order to talk on a social network is quite delusional.

I would say LLMs have told me more interesting things than any human has in the past year and it is not even close.

I suspect at some point, a new structure will be figured out that it doesn't matter if you are talking to a human or LLM. If that doesn't happen, at some point I will probably just stop trying to talk to humans online and just talk to Claude or whatever the strongest model is of the moment.


What about people who buy stolen passports on the dark web? Or passport details that get leaked in data breaches

We need a German to chime in with whatever word describes this scenario, when someone suggests an action is not worth doing because of corner cases or inability to perfectly execute a process.

In this hypothetical, let's say we'd tackle the dark web passport market issue when we get there.


In this case, the english word overkill does a good job already.

hehe yeah, it's funny how many are focusing on the small edge case that makes a certain solution not 100% perfect.

There is also another issue: people can have more than one passport if they're dual citizens. But you know what... I think that's fine.


Great points

Passports have digitally signed certificates in them, readable by any device with an NFC radio. It's easy enough to extract that data with a mobile app, and now you have an unforgeable file that can be hashed. Of course whether users will bother to sign up for something like a social network if they have to go rummage around and find a passport, install a mobile app etc, I don't know. But it's technically possible and I've proposed such a scheme years ago. For bonus points do the hashing inside a secure enclave so the ePassport data is never upload to a remote server in the clear.

How do I know that, you will handle my passport data with care? Banks I can trust(despite numerous leaks), you as a random social media or online service with zero regulation, I won’t. Plus this opens up immense ways to sue you for collecting unnecessary data and personal information, unless you are massive and have an army or lawyer or have a KYC requirement.

I plan to outline exactly what data I store. I don't plan to store raw passport number/name details, rather a hash so I can verify the same passport isn't used twice.

So even if the DB leaks no one (except the government) will be able to tie your real life identity to the account.


In the US there are a lot of companies that do these kinds of identity verification for you. I had to do one when I was setting up a new Steam Developer account and many use them for regular day-to-day verification like for work or when submitting important government requests.

It would seem a lot better to just partner with an existing company that takes care of that part of identity verification. Your job is still to compose all of these signals and metrics and distill them into a simple "everyone is human" network, but the actual job of being a passport jockey can be avoided IMO.


Yep. I’ve considered doing it myself but it would require setting up an app for iOS and Android. For now relying on existing services will be fine. If this takes off I might set up my own passport verification service.

Why would I ever give my passport to your website or anyone elses?

Because it enables you to be a part of a social media that is guaranteed to be majority human-centred. Why wouldn't you give your passport to a website? Don't you already do so for crypto or other banking?

who is going to upload their passport to use social media?

People already upload their passport for lots of things, why not social media?

> People already upload their passport for lots of things

I sure don't.

> why not social media?

privacy?


For me, sacrificing some privacy is worth it to be in a community with users who I know are real people. If that's not something that is important to you then that's fine.

In my case, right now it's very easy for you to figure out my real name by just googling my nickname. Registering on a website like the one I am implementing won't sacrifice much more of my privacy.


No passport, but perhaps face picture that is also encoded with on device verifiable token.

I think there is actually a use case for blockchain (don't pile on!) for this. I have a vague idea of a unique token that goes on every camera and can be verified from the blockchain. If a picture has the token you know it's real... like i said, it's vague idea but i think it's coming


No need for blockchain. All you need is this: https://contentauthenticity.org/.

The problem with this is that it's still easy to forge.

I'll certainly consider playing with ways to identify human uniqueness that don't require passports. But passports are the most obvious route to doing so.


Seems like it's sorta what I'm talking about? Hard to judge because they need to work on their communication skills. It reads like techno-corpo-babble and I'm a professional software engineer.


Why not require a non-voip phone number instead of passport?

SIM cards are as cheap as £1 where I live. £1 per account is nothing and I wouldn't be surprised if there are ways to get unique numbers for even less.

There are lots of ways to get verification codes for any number of phones for absurdly cheap. They run large farms (or hacked devices or shady apps, who knows) and can provide a service where you get hundreds of SMS verifications for a few bucks a month.

I agree with the other commenters that you'll face a lot of challenges, but personally I hope you succeed. Sounds like an idea worth pursuing.

Thank you :)

>I’m currently building a social network that only allows upvote/downvote and comments from real humans.

What's your method for detecting real humans?

Also will your social network allow bots labelled as bots?


See discussion above for details, but in short: by requiring user passports.

Yeah, I’ll probably make it possible to set up bots that are clearly labelled.


Good bot (/s)

I don't know that "real humans" is good enough. You can do plenty of manipulation on social networks by hiring lots of real humans to upvote/downvote/post what you want. It's not even expensive.


Yeah. But the cost is significantly higher than ramping up GenAI to make you thousands of accounts.

There is no fool proof solution to this. But perfect is the enemy of the good. Right now social media is pretty far from being “good”.


You might as well ask a fortune teller instead of listening to what Musk has said

Fortune tellers tell you what you want to hear; Musk tells you what he wants to hear, then pays people to make it happen.

The results may be a day late and a dollar short (adjusting for inflation since 1939 or whenever), but Musk did actually get people to build spaceships, and his worldwide competitors there are floundering.


I don't know about that. At the current pace, the turtle is going to overtake the hare.

I don't understand how the metaphor applies.

SpaceX is approximately half of mass launched to orbit, globally, including all other national and international space agencies. They are always free to trip up over Musk's hubris, but this hare isn't resting on its laurels or snoozing during the race — Starship (if successful) will eat the market for the Falcons. Conversely, quite a lot of the turtles (notably Boeing and Arianespace) are indeed resting on their laurels.

Other heavy/superheavy launchers can only catch up with and not surpass SpaceX until Musk disappears for whatever reason; getting past SpaceX without that probably needs a non-rocket launch system e.g. a Launch Loop or a skyhook/rotovator. Suspect only China can organise both investments and streamline the planning permission. Although at Musk's wealth level "buy sovereignty over a 10km wide strip starting on the coast of Mauritania and ending on the east border of Mali" is conceivable so even that's not a shoe-in.


SpaceX being the most competent at their game doesn’t change the fact that Musk’s plans are pure fantasy. My bet is that won’t see any people going to Mars during his lifetime.

Everything he's started or meaningfully invested into has been fantasy when he did that, some of them were turned into reality.

Starship is still interesting even if they don't build a Mars colony. Or a moon colony. Or low orbit hotels. Or asteroid mining.

I think that even if they send some test missions on the Mars launch window 2 years from now, plenty will go wrong, and the same for the next window 4 year's from now. If Musk hasn't made too many political enemies to continue by that point, then they probably have a reasonable short for a crewed mission in the launch window after that, 6 years from now.

If SpaceX doesn't have a demonstration Sabatier process plant that fits into a Starship by the beginning of 2028, they've stopped caring about going to Mars. ISRU is too important, so even if they actually send any ships that way, without a Sabatier plant they would be no more relevant than the trans-Martian Roadster.


I wouldn’t bet against you. He has only 27 years left until he is 80. Maybe he will get 100 years old, maybe he will get a heart infarct next year.

But this will make the matter more urgent for him, there is no reason for him to take it slow and steady, the opposite, he will push Starship hard. The next few years it will be vital for NASAs Moon landing. And after establishing a fuel depot in Earth orbit, which sounds science fiction now but is the plan for Artemis III, there will be whole new possibilities.


I like that even though the website design has changed, the OS/CPU download table still looks exactly as I remember it from 2010 ;)


I distinctly remember that what annoyed me about SourceForge was that it hid the source code behind multiple clicks. GitHub was a breath of fresh air because it made the source code front and center.


Indeed, there was a recent e coli outbreak on salad in the UK and one person died[1]

1 - https://www.bbc.co.uk/news/articles/cd1xl518w8do


100m is more than enough for any one person


Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: