This has been used for centuries. It is not a new invention.
Hundreds of years ago, it was not unusual to publish an encrypted solution of some mathematical problem, in order to establish priority without disclosing the algorithm that was used.
Of course, at that time very simple encryption methods were used, for instance an anagram of the solution was published (i.e. encryption by letter transposition).
If only AI safety research had a mechanism this clear. "We have proof that building the machine will kill everybody, so get to work making a provably safe version."
Except that you have the logic backwards. It's an argument that something ("safe" general purpose AI) can't exist rather than that it has to.
People want AI to be able to do every good thing but no bad thing, which is impossible twice. First because false positives and false negatives trade against each other, so a general purpose AI which can do anything approximating all the good things is going to have the bias leaning heavily towards being able to do things in general and therefore being able to do many things that are bad. And second because "good" and "bad" aren't things that anybody can agree on and then some people will demand that it must do X while others demand that it not do X (e.g. "help the rebels win the war"), which means someone is inherently going to be unsatisfied and it's not a thing that can be sensibly regarded as everyone working towards a common goal.
Only that doesn't work either, because what people want is for themselves to have it but not their opponents, and you not building it while your opponents do is the opposite of that.
It's like calling for a general halt to the production of military equipment. How do you expect that to actually happen?
The first one is a difficult balance but not really impossible. The second is basically utilitarianism: Of course you can't maximize all wishes because they often contradict each other, but there can be a reasonable trade-off. Some tradeoffs are clearly better than others.
> The first one is a difficult balance but not really impossible.
It's a direct trade off. If you want it to do more "good" things you make it able to do more "bad" things.
> Of course you can't maximize all wishes because they often contradict each other, but there can be a reasonable trade-off. Some tradeoffs are clearly better than others.
The easy tradeoffs are the ones nobody disputes and everybody is already trying to do. There is no lobby for having it hallucinate more or give you ingredients that will combine to make poison when you ask for a tasty recipe.
But the algorithm still isn't practical on existing quantum computers, or ones that are going to be around any time soon, so there's no reason not to publish in full.
> See, some of the most reputable people in quantum hardware and quantum error-correction—people whose judgment I trust more than my own on those topics—are now telling me that a fault-tolerant quantum computer able to break deployed cryptosystems ought to be possible by around 2029.
Evidence that a hard problem is solvable, and information on solution characteristics, are a big help to others.
Even non-disclosure is just science-neutral, not anti-science.
Partial disclosures are common where disclosures involve risky things, or where a problem was solved as part of an economic concern. But there are non-conflicting opportunities to partially inform others.
That's the whole point. And it's not "build on their work", it's "question their work", because so far every time someone's announced some magic quantum thing it's been followed up shortly afterwards by people poking holes on it, a famous recent example being the "quantum computer" that was replaced by /dev/random and it produced the same results. So the magic here isn't the quantum, it's coming up with a way to publish a claim in a way that it can't be refuted.
fwiw I work on data ingestion pipelines and I've found that starting with just boxes-and-arrows in something like Excalidraw gets you 80% of the way to knowing what you actually want. The gap between "I can picture it" and "I can build it on a webpage" is mostly a d3 learning curve problem, not a design problem.
xyflow that the creator mentioned is probably the right call for pipeline DAGs though -- we use it internally for visualizing our scraping workflows and it was surprisingly painless to get running
PHP loads all available functions into a giant hashset (see zend_disable_function in PHP's source). 'disable_functions' removes the functions from the hashset, making them unavailable to be called. Due to its interpreted nature, this indirection works much like a sandbox would.
Not who you are replying too. But a yubikey is not a weak factor.
In fact, it’s not even meaningfully more secure than passkey (as passkey is designed) - passkey is, however, more convenient.
So it’s more ‘one weak factor + (really times) one medium/strong factor’ vs ‘one medium/strong factor’.
Which yes, the first one is better in every way from a security perspective. At least in isolation.
The tricky part is that passkeys for most users are way more convenient, meaning they’ll actually get used more, which means if adopted they’ll likely result in more actual security on average.
Yubikeys work well if you’re paying attention, have a security mindset, don’t lose them, etc. which good luck for your average user.
I agree with this. As someone who took 3 degrees in computer science, one called "systems developer" and another called "software engineer", I can confidently say we have a taxonomy problem in computer science education.
It makes me crazy that companies labels there entire programmer workforce as "software engineers" when there are no engineering concepts involved at all. Other fields (medical, mechanical, civil engineering) are a lot more mature in this area and have solved this issue long ago.
The direct hooking into the narrow phase solver is the most performant way to go about it, but it does present several issues in state management. I did the same thing in Farseer Physics Engine, but also added high level events on bodies[1]. The extra abstraction makes it easier to work with, but due to the nature of delegates in C#, it was also quite a bit slower.
They could do with creating defaults for the narrow phase handler, buffer pool, threat dispatcher, etc. for devs who don't need extreme performance and just want a simple simulation.
The security of the Apple ecosystem is miles ahead of others. Every time I reverse engineer some component of their OS, it is very different from what I've seen before. I always find myself surprised by their thoughtfulness and engineering craft.
Recently I've taken on their code signing component. The concepts they've created, such as identifying applications by their "designated requirements" is a stroke of genius. It makes the system completely stateless and capable of almost anything without auxiliary data structure or additional code.
I've seen other engineering teams try and fail at building something similar, and never with such powerful simplicity.
"In this case, the federal government prohibited us from sharing any information," the company said in a statement. "Now that this method has become public we are updating our transparency reporting to detail these kinds of requests."
“At Apple, we are always working to defend our users against even the most complex cyberattacks. The steps we’re taking today will send a clear message: in a free society, it is unacceptable to weaponise powerful state-sponsored spyware against those who seek to make the world a better place,”
"The app in question is called “LassPass Password Manager” and lists Parvati Patel as the developer. The app attempts to copy our branding and user interface..."
The Pegasus project, an investigation into NSO by the Guardian and other media outlets, coordinated by the French media group Forbidden Stories, has documented dozens of examples in which NSO’s spyware was used to attack users of Apple’s iPhone. In some cases, a vulnerability in the company’s iMessage feature, which could be penetrated by Pegasus, was used against journalists, human rights activists and other members of civil society.
The source is describing an iMessage exploit known as FORCEDENTRY, which can be used to deliver a persistent hardware backdoor (Pegasus) to an iPhone. Often, Apple is unable to detect the persistent exploit and therefore incapable of warning the user that they have a backdoored device: https://9to5mac.com/2025/02/20/apple-currently-only-able-to-...
The condition is called Anosmia and can stem from different sensor and brain conditions. It would be interesting to try the technique on people with these conditions to map the different kinds of olfactory failures.
If you get in contact with the researchers, please let us know how it went.
Please include me also in contacts. I developed anosmia about 8 years ago (well before COVID). I truly wish there were some sort of 'cure' that would restore even a small amount of my sense of smell.
It is also kinda a self-burn. Chromium an aging code base [1]. It is written in a memory unsafe language (C++), calls hundreds of outdated & vulnerable libraries [2] and has hundreds of high severity vulnerabilities [3].
Given Google's resources, I'm a little surprised they having created an LLM that would rewrite Chromium into Go/Rust and replace all the stale libraries.
