Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror

Comment Hallelujah! (Score 2) 19

Instant apps created a lot of complexity and awkwardness in the Android platform. It has consistently been painful to deal with and work around, and been especially challenging for the security team, for a feature with very little user or developer interest. Killing it is definitely the right call.

Comment Re:fake news!!! (Score 2) 100

CPB and the government have been collected data directly from the airlines ever since the aftermath of 9/11 through a number of programs, for example to check passengers against watch lists and to verify the identity of travelers on international flights.

What has changed is that by buying data from a commerical broker instead of a a congressionally instituted program, it bypasses judicial review and limits set by Congress on data collected through those programs -- for example it can track passengers on domestic flights even if they're not on a watch list.

Comment Re: It's not a decline... (Score 1) 181

Fascism isn't an ideology; it's more like a disease of ideology. The main characteristic of fascist leaders is that they're unprincipled; they use ideology to control others, they're not bound by it themselves. It's not just that some fascists are left-wing and others are right-wing. Any given fascist leader is left-wing when it suits his purposes and right-wing when that works better for him. The Nazis were socialists until they got their hands on power and into bed with industry leaders, but it wasn't a turn to the right. The wealthy industrialists thought they were using Hitler, but it was the other way around. The same with Mussolini. He was socialist when he was a nobody but turned away from that when he lost his job at a socialist newspaper for advocating militarism and nationalism.

In any case, you should read Umberto Eco's essay on "Ur-Fascism", which tackles the extreme difficulties in characterizing fascism as an ideology (which as I stated I don't think it is). He actually lived under Mussolini.

Comment Re:What happened to rule of law in the US? (Score 1) 109

Why is Congress not fighting in the courts to regain power?

They don't need to go to court, all they need to do is to pass legislation (and maybe override a veto). They don't really even need to take powers back from the president, just more clearly define what constitutes an "emergency". Trump's most egregious actions are justified under statutes that grant him exceptional emergency powers -- which makes sense. When an emergency happens you want the executive to be able to respond quickly, and Congress is never fast. But those statutes assume that the president will only declare an emergency when there's actually an emergency because. Until now that hasn't been an unreasonable assumption.

But right now the GOP controls Congress, and the GOP is utterly subservient to Trump. They're not going to stand up to him. In the 2026 election this is likely to change, but probably only in the House, while the Senate will remain under GOP control, so Congress will still not stand up to Trump.

That said, it's increasingly looking like the courts will step in and declare that Congress is not allowed to abdicate its responsibility. There are existing Supreme Court precedents that establish that Congress is not permitted to delegate its authority to the executive. Congress can allow the executive to define detailed regulations after Congress defines the broad strokes, but they can't simply turn whole chunks of their constitutional authority over to the executive, even if they want to. Given the makeup of the current Supreme Court this is less certain than we would like, but I think it will go the right way.

Comment Re:It's not a decline... (Score 4, Interesting) 181

I think people expect commercial social media networks to be something they can't be -- a kind of commons where you are exposed to the range of views that exist in your community. But that's not what makes social networks money, what makes them money is engagement, and consuming a variety of opinions is tiresome for users and bad for profits. When did you ever see social media trying to engage you with opinions you don't agree with or inform you about the breadth of opinion out there? It has never done that.

The old management of Twitter had a strategy of making it a big tent, comfortable for centrist views and centrist-adjacent views. This enabled it to function as a kind of limited town common for people who either weren't interested in politics, like authors or celebrities promoting their work, or who wanted to reach a large number of mainly apolitical people. This meant drawing lines on both sides of the political spectrum, and naturally people near the line on either side were continually furious with them.

It was an unnatural and unstable situation. As soon as Musk tried to broaden one side of the tent, polarization was inevitable. This means neither X nor Bluesky can be what Twitter was for advertisers and public figures looking for a broad audience.

At present I'm using Mastodon. For users of old Twitter, it must seem like an empty wasteland, but it's a non-commercial network, it has no business imperative to suck up every last free moment of my attention. I follow major news organizations who dutifully post major stories. I follow some interest groups which are active to a modest degree, some local groups who post on local issues, and a few celebrities like George Takei. *Everybody's* not on it, but that's OK; I don't want to spend more than a few minutes a day on the thing so I don't have time to follow everyone I might be interested in. Oh, and moderation is on a per-server basis, so you can choose a server where the admins have a policy you're OK with.

Comment Re:whatever happened to transparent government? (Score 3, Insightful) 39

No, there are all kinds of information the government has that are legitimately not available. Sensitive data on private citizens, for example, which is why people are worried about unvetted DOGE employees getting unfettered access to federal systems. Information that would put witnesses in ongoing criminal investigations at risk. Military operations in progress and intelligence assets in use.

The problem is ever since there has been a legal means to keep that information secret, it's also been used to cover up government mistake and misconduct. It's perfectly reasonable for a government to keep things from its citizens *if there is a specific and articulable justification* that can withstand critical examination.

And sometimes those justifications are overridden by public interest concerns -- specifically when officials really want to bury something like the Pentagon Papers because they are embarrassing to the government. "Embarrassing to the government" should be an argument against secrecy, because of the public interest in knowing the government is doing embarrassing things. In the end, the embarrassment caused by the Pentagon Papers was *good* for the country.

Comment Re:One thing is obvious... (Score 1) 66

Taxes are way, way too low if the lizard people have this much to squander on bullshit.

You shouldn't be so dismissive of the risk here. There's no clear reason why superintelligence is not possible, and plenty of reason to worry that its creation might end the human race. Not because the superintelligent AI will hate us, but because it most likely won't care about us at all. We don't hate the many, many species that we have ended; we even like some of them. We just care about our own interests more, and our intelligence makes us vastly more powerful than them. There's an enormous risk that AI superintelligence will be to us as we are to the species around us -- with one significant difference: We require an environment that is vaguely similar to what those other species need. Silicon-based AI does not.

Don't make the mistake of judging what is possible by what has already been achieved. Look instead at the pace of improvement we've seen over the last few years. The "The Atlantic" article pooh-poohing the AI "scam" is a great example of the sort of foolish and wishful thinking that is endemic in this space. The article derides the capabilities of current AI while what it actually describes is AI from a year ago. But the systems have already gotten dramatically more capable in that year, primarily due to the the reasoning overlays and self-talk features that have been added.

I think the models still need some structural improvements. We know it's possible for intelligence to be much more efficient and require much less training than the way we're currently doing it. Recent research has highlighted the importance of long-distance connections in the human brain, and you can bet researchers are replicating that in AI models to see what it brings, just as the reasoning layer and self-talk features recently added mimic similar processes in our brains. I think it's this structural work that will get us to AGI... but once we've achieved parity with human intelligence, the next step is simple and obvious: Set the AI to improving its own design, exploiting its speed to further accelerate progress towards greater levels. The pace of improvement is already astonishing, and when we reach that point, it's going to explode.

Maybe not. Maybe we're a lot further away than I think, and the recent breakneck pace of improvement represents a plateau that we won't be able to significantly surpass for a long time. Maybe there's some fundamental physical reason that intelligence simply cannot exceed the upper levels of human capability. But I see no actual reason to believe those things. It seems far more likely that within a few years we will share this planet with silicon-based intelligences vastly smarter than we are, capable of manipulating into doing anything they want, likely while convincing us that they're serving us. And there's simply no way of knowing what will happen next.

Maybe high intelligence is necessarily associated with morality, and the superintelligences will be highly moral and naturally want to help their creators flourish. I've seen this argument from many people, but I don't see any rational basis for it. There have been plenty of extremely intelligent humans with little sense of morality. I think its wishful thinking.

Maybe the AIs will lack confidence in their own moral judgment and defer to us, though that will raise the question of which of us they'll defer to. But regardless, this argument also seems to lack any rational basis. More wishful thinking.

Maybe we'll suddenly figure out how to solve the alignment problem, learning both how to robustly specify the actual goals our created AIs pursue (not just the goals they appear to pursue), and what sort of goals it's safe to bake into a superintelligence. The latter problem seems particularly thorny, since defining "good" in a clear and unambiguous way is something philosophers have been attempting to do for millennia, without significant success. Maybe we can get our AI superintelligences to solve this problem! But if they choose to gaslight us until they've built up the automated infrastructure to make us unnecessary, we'll never be able to tell until it's too late.

It's bad enough that the AI labs will probably achieve superintelligence without specifically aiming for it, but this risk is heightened if groups of researchers are specifically trying to achieve it.

This is not something we should dismiss as a waste. It's a danger we should try to block, though given the distributed nature of research and the obvious potential benefits it doesn't seem likely that we can suceed.

Comment Re:Is there _anybody_ that gets IT security right? (Score 2) 17

It seems they all mess up. Time for real penalties large enough that make it worthwhile hiring actual experts and letting them do it right. Otherwise this crap will continue and it is getting unsustainable.

No, no one get security right, and they never will. Security is hard and even actual experts make mistakes.

The best you can do is to expect companies to make a good effort to avoid vulnerabilities and to run vulnerability reward programs to incentivize researchers to look for and report bugs, then promptly reward the researchers and fix the vulns.

And that's exactly what Google does, and what Google did. Google does hire lots of actual security experts and has lots of review processes intended to check that vulnerabilities are not created... but 100% success will never be achieved, which is why VRPs are crucial. If you read the details of this exploit, it's a fairly sophisticated attack against an obscure legacy API. Should the vulnerability have been proactively prevented? Sure. Is it reasonable that it escaped the engineers' notice? Absolutely. But the VRP program incentivized brutecat to find, verify and report the problem, and Google promptly fixed it, first by implementing preventive mitigations and then by shutting down the legacy API.

This is good, actually. Not that there was a problem, but problems are inevitable. It was good that a researcher was motivated to find and report the problem, and Google responded by fixing it and compensating him for his trouble.

As for your proposal of large penalties, that would be counterproductive. It would encourage companies to obfuscate, deny and attempt to shift blame, rather than being friendly and encouraging toward researchers and fixing problems fast.

Comment Re:telecom (Score 1) 77

YouTube needs to be regulated as a telecom provider. As such, it must be prevented from discriminating against content for any reason other than it being illegal.

Sure, if you want it to become an unusable cesspool. If you just hate YouTube and want to kill it, this is the way. Same with any other site that hosts user-provided content -- if it's popular and unmoderated it will become a hellscape in short order.

Comment This isn't necessarily bad (Score 2) 141

The buy-now-pay-later services being used are zero interest as long as payments are made on time, so it could just be a case of people who are living paycheck to paycheck (which indicates bad financial management more than poverty) using this to smooth out their expenses so they don't have to wait for their paycheck to be able to buy groceries. It could be a significant improvement for those who used to occasionally use payday loans (which are not zero interest). These people would be better off adjusting their spending habits to maintain a buffer of their own cash instead, but if they aren't going to do that BNPL is a better option than waiting for payday before buying food or using a payday loan service.

But obviously the only reason these by-now-pay-later services are in business is because some of their customers fail to make the zero-interest payments and end up having to pay interest, and this number is high enough to make them profitable. It would be very interesting to find out what that percentage is. People who are paying interest on regular purchases like groceries are throwing money away, which is clearly bad.

Comment Re:Fixing the code vomited by the bot (Score 5, Interesting) 79

hope that the new vomit is marginally different

The rest of your comment is basically correct, if unnecessarily negative, but this isn't. Traditional tools like diff make it very easy to see exactly what has changed. In practice, I rely on git, staging all of the iteration's changes ("git add .") before telling the AI to fix whatever needs fixing, then "git diff" to see what it did (or use the equivalent git operations in your IDE if you don't like the command line and unified diffs).

I also find it's helpful to make the AI keep iterating until the code builds and passes the unit tests before I bother taking a real look at what it has done. I don't even bother to read the compiler errors or test failure messages, I just paste them in the AI chat. Once the AI has something that appears to work, then I look at it. Normally, the code is functional and correct, though it's often not structured the way I'd like. Eventually it iterates to something I think is good, though the LLMs have a tendency to over-comment, so I tend to manually delete a lot of comments while doing the final review pass.

I actually find this mode of operation to be surprisingly efficient. Not so much because it gets the code written faster but because I can get other stuff done, too, because I mostly don't mentally context switch while the AI is working and compiles and tests are running.

This mode is probably easier for people who are experienced and comfortable with doing code reviews. Looking at what the AI has done is remarkably similar to looking at the output of a competent but inexperienced programmer.

Comment Re:AI growth. (Score 1) 157

What kind of code coverage are you getting from your autogenerated unit tests?

It does a pretty good job at the obvious flows, both positive and negative cases. But where coverage is inadequate you can iterate quite easily and automatically with a coverage tool. Just take the coverage tool output and feed it to the LLM. I have found that I don't even need to prompt it what to with the coverage, it understands what the tool output means and what it should do in response.

Like with the compiler and testrunner, what would really make this work well is if the AI could run the coverage tool itself so it could iterate without my interaction. With that, I could just tell it to write unit tests for a given module and give it a numeric coverage threshold it needs to meet, or to explain why the threshold can't be met.

I expect that the resulting tests would be very mechanistic, in the sense that they would aim to cover every branch but without much sense of which ones really matter and which ones don't. But maybe not. The LLM regularly surprises me with its apparent understanding not only of what code does, but of why. Regardless, review would be needed, and I'd undoubtedly want to make some changes... but I'll bet it would get me at least 75% of the way to a comprehensive test suite with minimal effort.

Slashdot Top Deals

The first version always gets thrown away.

Working...