Mathematicians in academia are paid a little less than AI researchers. Companies are willing to pay billions to steal the few people capable of driving development of frontier LLMs from each other. Cryptographers don't quite enjoy the same popularity.
>1- Separation of powers between rulemakers and judges. In practice many Administrators who have the power to enforce rules and bans are actually editing articles themselves!
Separation of judge and party is enforced pretty consistently, it is official policy that people shouldn't participate in a decision if they were involved in the kerfuffle in any way. You can edit articles and enforce rules, as long as these are separate. And then, rules can be proposed by anyone, but they're not just created on the fly because it's convenient. That would obviously be objectionable.
In fact this isn't limited to admins, regular users have the power to decide on a ban. An administrator is only needed to close and enact the decision, and this is what happened to Larry Sanger here.
>The only exception are protected articles, in which case administrators can emit an official ruling on what the article content should be.
Admins don't have a special power to decide what should be in important protected articles. It is not like a government where people are elected, and then citizens don't have any say until the next election.
The community tries to reach a consensus, and admins are part of the community. They get an input like everyone else plus special powers to enact decisions. But any "ruling" better reflect consensus, or you better bet you will wake up to the Noticeboards on fire with about 50,000 words of heated complaints and discussion.
What a lot of games do is run a strictly deterministic simulation in lockstep. Then you don't save the path of every unit, you save one move command for the whole group. Then the game replays inputs, and the pathing algorithm should give the same result if there are no desyncs.
Yes you are definitely onto something! Love to see more people talking about deterministic games.
My game is strictly deterministic, so I get bot movement for free - but the player has agency so I need to capture their deviations
That’s the tricky part! Right now I do capture input (actually just deviations) and can replay whole games, but I think I’m at the limits in terms of compression - talking bytes here not KB
I will post back with real numbers tonight, but naive approach did not compress well at all (KB easily).
But of the “smart” approaches (pre compression):
- 5 move motif over 2 bytes - best
- 2 move motif - insanely small
- 2 move motif with non linear tick delta even better
- “naive” 1 byte cardinal directions (worst)
- less-naive - byte relative direction changes (middle of the pack)
—-
But post compression with brotli the naive approach was second best and the less-naive approach was first (2-10% better than naive), I was so bummed that the better ones didn’t compress as well (about 10% worse than second best on average)
CAA is completely based on trust, it's not one of the most powerful security feature. It's completely voluntary reporting by the browser, and any attacker who cares can just lie without issues.
You can make Firefox pass CAA if you want. You take the Chrome "SecureConnect Reporting" (Context-Aware Access) plugin, port it to Firefox with some light changes, and you can report whatever you want to CAA.
That's not entirely true. For example, on ChromeOS CAA is hardware backed. But obviously CAA is not intended to be our entire MDM solution, an attacker in a position to spoof your entire browser can bypass some of the policies on some operating systems. Similarly, attackers in that same position can bypass TLS. An attacker who owns the kernel can bypass much of your MDM. An attacker who owns the hardware can bypass just about anything.
I haven't dug into the native helper to see how much it checks, I can believe that ChromeOS does full remote attestation. If it's anything like Android Play Integrity, there's not a lot of flexibility without hardware exploits.
But who outside of Google is running exclusively ChromeOS?
My impression from looking at the JS part is that it's mostly obfuscation, with the possible exception of ChromeOS.
I feel like the secure connect client being closed source would have been an effective deterrent 5 years ago, but these days everyone's throwing LLMs at everything. So an attack that would have taken effort doesn't present nearly as much of a barrier anymore. At least as long as there remain some platforms that don't enforce full attestation...
My point was that CAA's threat model is flexible based on your requirements. If your requirement is "an attacker with the ability to make arbitrary network requests from the host can not pretend to be Chrome", CAA does not work unless you have OS/Hardware support (which ChromeOS provides).
I just don't think that matters much. CAA is policy enforcement, it is not a full MDM solution, nor is it antimalware.
That's just a misunderstanding of the threat model. It's like saying "if someone can just mitm TLS it's pointless" when that "someone" is in the position to run arbitrary code on the client. Mitigations map to specific attacker positions.
Understand that, in this conversation, your use of "attacker" is referring to "end user of the hardware". Which might be part of the Chrome team's definition, or might not, but gosh it would be nice to cater to the folks who are using the dang computer.
Modern VPNs based on wireguard can do direct connections with hole punching. It's just a lot more work to setup on your own, or you have to sign-up to a SaaS like tailscale and use their relays, and they'll do the hole punching for you.
Here this is a decentralized network with a lot of existing public relays. But in principle a VPN can solve a lot of the same problems. It's just that commercial VPNs are not decentralized, and doing your own wireguard setup is a pain.
Logical replication is how this is typically done. If you have some infra-as-code setup, you create a new cluster with identical settings except for the major version, import the schema, start copying data from a read-replica running the old version, stop accepting writes from the old version (downtime starts), sync the sequence numbers, and point your services to the new cluster (downtime ends).
If you use something like CloudNativePG they automate parts of the process with cli tools and declarative syntax. Otherwise you take the time to figure it out by hand. It might sound complicated, but just practice on your staging DB, and if all goes well you do the same procedure in prod.
I wouldn't internalize that idea too much. In a lot of countries traffic fines are a fixed amount, so some people feel like they don't have to respect traffic rules since they can afford to just pay the fine.
It's one way to process the negative feeling of being fined. But it doesn't really make the roads safer.
Goes both ways, if you're afraid of getting downvoted you might never find out that people actually agree with you, same goes with traffic tickets sometimes they don't make sense especially related to parking in crowded cities and ebikes, as long as you're not an asshole about it it's fine.
This was left implicit in the article, but what they mean by copying the process state here is the memory management structures. That's mainly the page tables and the VMAs.
That means you have to allocate new pages to hold a copy of all these structures, even if the actual memory pointed by the pages is shared. And walking all those structures to make a copy is still costly.
If you're trying to compare what the models are good at, important to note that the different models did not run with the same settings. In one case they also retried with GPT until it answered all the problems but did not retry with the other models.
GPT has 5 effort settings and they picked the highest (xhigh). Claude has 5 and they picked the middle one to avoid having to retry when it timed out. Gemini has medium or high effort and they picked medium.
the difference between gpt and gemini concerning the "retry until..." can almost be ignored. I did rerun gpt a few times, but still way below what gemini was not able to answer at all.
reply