This is good advice but just a note - the point is to be as simple as possible. With SSL and a good password there is no hacking that I know of. If I started doing a lot of this the file would get bloated and the readability and extensibility of the code would go drastically down IMO.
- You're using md5, which is trivial to compute in bulk. Rainbow tables are a thing that exist.
- You're exposing the hash that you generated over the wire, in a cookie.
- You're doing fail-fast comparisons, which has the potential (particularly when combined with the ease of pre-generated md5 hashes) for timing attacks.
That's just a few off the top of my head, that could be fixed in minutes, at a guess, and add near-zero complexity to your code.
Doing things better doesn't inherently add complexity, particularly as you're using php. The primitives are already there for you to use.
The one change I'd suggest that requires a little bit of adaption rather than just swapping a function call, is to not store the password in clear text. Provide the user a way to generate a hash (not using fucking md5), and have them store that. Given that you're already using an sqlite db, ideally you'd store the credentials in that, thus allowing the user to change their password if required, without needing to deploy/upload a new file.
Use `password_hash` rather than md5.
Use `password_verify` rather than regular string comparison - it's resistant to timing attacks.
You're already using the built in session system apparently, so let it worry about tracking the logged in user. In something as simple as this there's no reason you should need to write a cookie directly.
Store something (e.g. username, or even just a boolean true) in the session data. Check for that value when you need to check if the user is logged in (after the session has started). If it's found, they have a session and are logged in, if it's not found, there's no active session, thus they're not logged in.
I agree and I think if there are any hazards to modern information landscape it's kind of 2 fold (that I can think of) 1) the brain likes simple generalized information/models more than specific information and 2) the brain likes information that confirms our existing beliefs more than staying in a gray area where it's not sure what information is true or not.
Regarding first one I think one of the main challenges will be finding which general explanations are true or not. This can be anything from cultural things like gender discussions to conspiracy theories to scientific theories. If there are generalized models that explain a lot of phenomena, the brain likes those, but at the same time they can also take the place for when empirical evidence should have been gathered (that doesn't fit with the general model), and so in that sense they can be hazardous. And models that already have stood up to a lot of empirical data are especially hazardous because they have already proven themselves to some extent which means there's even less incentive to gather empirical data. Or at least that's my current (maybe hazardous) general view.
I also don't think we should give up on generalized models because they are so powerful and useful, but it's definitely a challenge in todays climate because they get so many clicks and they are very satisfying to know.
I love conspiracy theories. Delectible little mixtures of fiction and non fiction with lots of individual parts to be analysed. Useless information but fun to think about... like a video game. My favourite is bigfoot being an interdimensional being that communicates via infrasonics.
There are two types of gradient though, conceptually.
If consciousness is some state of matter that is unknown still, and each neuron, for example, contains "one bit" of consciousness, then the gradient is that as you add more neurons, you add more complexity to the consciousness, but you do not change the fundamental experience of consciousness. You add more content but not more experience in itself.
If on the other hand consciousness is this emergent phenomenon that depends on neurons and their connections, then the gradient (and thus the experience) would be far more diverse and there would be a lot of different ways consciousness could "feel".
The problem I have is that for example, as far as my brain can remember, stimuli has looked the exact same all throughout my life. If I saw my a tree when I was 10, and I saw the same tree now, the conscious "qualia" of this would look exactly the same. To me this is a mystery, that the connections in the brain do not change the experience of qualia at all. Red looks like red no matter what the neuronal state of your brain is. I don't have an answer to this but just something I've been thinking about.
Just speculating but I think attention enables differentiation of semantic concepts for a word or sentence within a particular context. Like for any total set of training data you have a lesser number of semantic concepts (like let's say you have 10000 words, then it might contain 2000 semantic concepts, and those concepts are defined by the sentence structure and surrounding words, which is why they have a particular meaning), and then attention allows to differentiate those different contexts at different levels (words/etc).
Also the fact you can do this attention at runtime/inference means you can generate the context from the prompt, which enables the flexibility of variable prompt/variable output but you lose the precision of giving an exact prompt and getting an exact answer
I'm not one to whine about downvotes but I just have to say, it's a bad feeling when I can't even respond to the negative feedback because there is no accompanying comment. Did I misinterpret something? Did you? Who will ever know when there is no information. :L
I don't know much about RL but I was wondering has anyone tried the opposite?
Like have a fixed set of actions, and a fixed/ranged movement speed, then a punishment every time it doesn't reach the goal? Or does this not work?
“Reward” in RL is just a real number that tells an agent how well it’s doing. If the reward is negative that could be called punishment. Importantly the agent is choosing actions to maximize (expected estimated) reward, so only the relative reward values matter. So if an agent is choosing among exactly three actions and it knows they’ll give rewards [0, -1, +1], the agent will behave the same as if the rewards were [-100, -101, -99].
That’s just a negative reward, so basically the same thing. You train most efficiently with a mix of positive and negative reinforcement, just like with children.
Thanks, I can't write a full reply now (need to think) but for some reason my intuition was, let's say you have a constant punishment signal, and a timer, and if it doesn't solve whatever problem by the time the timer goes down, then it has to find the optimal action set, and if it reaches a goal earlier than the timer then it has to weigh that solution stronger? Like at least how I see with organisms it's about finding the optimal use of the limbs in order to solve an ongoing problem/goal state, and if you accumulate specific actions (instead of one network that optimizes one "space"), and different types of goal states, then it has to find the optimal set of actions to reach the different goals, it just seemed more efficient. But this is off the cuff a bit right now.
Edit: i think what i'm thinking of are two "global" numbers. A "closer to the goal" number (higher when closer), and a countdown timer, and then it has to maximize those within the above setting
I don't think these nets are sophisticated enough to understand complexities of what humans call punishment / reward. Therefore punishment = -reward, but this is not the case for humans. If punishment for example is prison, is reward making people "even more free" for example giving them a flying car or something :-). If money is a reward (or punishment a fine), why are people not optimizing every last cent.
I think there is another aspect to human thinking other than system 1/system 2 though, which is the abstract world model humans have.
system 1 / 2 is more like the process, while the world model is the actual data being 'processed'.
And I think basically, humans have a much simplified, 'low dimensional' world model that consists of a set of objects (let's call them patterns), and then a "list" of essential properties that those objects have, that leads to a constraint on how each object can behave in the world model as a whole.
And this is sort of hierarchical or at least, we can zoom in and out in detail depending on the level of knowledge we have about a particular pattern.
So problem 1 is: It's not clear to me that text or any sort of data would contain all the necessary constraints so that any particular prompt would result in a world model that exactly takes into account the constrains of each object and 2) Even if was, I'm not sure the process of step by step thinking (system1/2) about each object and computing world states could occur in current architectures. This is especially important for computing a set of objects, then abstracting the result, then doing another round of computing with that result, or something like this.
I'm not hard set on this but this is my current thinking.
Regarding the dejargonizer - Just be careful of hallucinations! I did a similar gpt prompt where i asked for a simple basics for some complex topic, and sometimes there would be incredibly subtle hallucinations like even on a word basis, and so I had to stop using it. I'm not sure how well yours works or if it's much better now, but just something to be aware of if you're not familiar with the topic you query about
I have a question which I don't know the answer to:
With those structured numbers will the LLMs be 100% accurate on new prompts or will they just be better than chance (even significantly better than chance)?
Because this is one thing, it has to learn the structure and then create probabilities based on the data, but does that mean it's actually learning the underlying algorithm for addition for example or is it just getting better probabilities because of a narrowing of them? If it can indeed learn underlying algorithms like this that's super interesting. The reason also this is in an issue if it _can't_ learn those, you can never trust the answer unless you check it, but that's sort of a sidepoint.
From what I understand, it can learn and execute the algorithm fairly reliably, though it won't be 100%. When the LLM generates text, it is randomised a little, as well as some tricks that prevent repetition, which would likely cause problems with numbers containing all the same digit.
I'm just curious, how polysemantic is the human brain with each neuron? Cause it feels to me, what you really want, and what the human brain might have, is a high-information (feature based / conceptual based / macro pattern based) monosemantic neural network, and where there is polysemantic neurons, they share similar or the same information in the feature it is a part of (leading to space efficiency? as well as computational efficiency). Whereas in transofmrer models like this, it's as if you're superimposing a million human brains on top of the same network, and then averaging out somehow all the features in the training set into unique neurons (leading naturally to a much larger "brain"). And also they mention in the paper that monosemantic neurons in the network don't work well, but my intuition would be because they are way too "high precision" and they aren't encoding enough information at the feature-level. Features are imo low dimensional, and then a monosemantic high dimensional neuron would the encode way too little information or something. But this is based on my lack of knowledge of the human brain so maybe there are way more similarities than I'm aware of...
reply