They took things they knew from the outset they didn't have a right to, like the oft-discussed Books3 database. They knew it was pirated, had an email chain discussing paying for the books, and decided to use it anyway. It was a wilful disregard of copyright law because it was faster and easier to use piracy for profit.

There are a TON of differences. Probably the biggest is that the machine version can read the entirety of all known creations.

Humans can study some a book in a few days, watch a movie in an hour or two, a web page in a few minutes. Machine learning can pull in thousands in the time it has taken you to read this.

Similarly for output, writing a book takes months to years, staging photos takes time and tools, feature films are hundred million dollar multi-year endeavors.

The human cost is a huge part of the economic difference. The AI industry has made fortunes by sweeping in everything ever created, authorized or not. Companies like Meta now have email trails showing they could have moved for authorized access, but like a thief that it was easier to just grab known-unauthorized materials and profit immediately rather than compensate people for the use.

Combined the two are unacceptable. They could pay but they refuse, they claim the only way to operate is mass infringement on the scale of all humanity, that if they don't get unfettered access to everything humans have ever created, without compensation, so they can maximize profit.

They increase the cost to customers and cre revenue for the government, but they do not stop trade.

For small, normal tariffs there is no real difference in trade. It just goes to government coffers as a hidden tax.

The current trade war will certainly increase costs, but still the goods will flow. Nothing is stopped, just a bit more pressure on people who are sensitive to costs. Certainly the rich don't care about a few cents or a few dollars. The billionaires especially don't care, they can pay hundreds to have a special sandwich delivered to them fresh at their vacation location, what's a few bucks at Amazon when they are also getting same day delivery?

If stopping trade was the point, there are trade embargos and import bans and government seizure of goods that could be invoked.

When I search for anything, Gemini pops up despite it being useless.

When I tell my phone to play the news or play some music or tell me the weather, Assistant was disabled and now Gemini tries to do it, but badly.

Features I liked on my phone were removed against my will and against my preference, now instead of something useful it just says "I am a large language model and I can't do that useful task".

When I use work tools that use Gmail, Gemini pops up and I can't turn it off.

When I use Google Docs, because that's what work requires, Gemini pops up repeatedly telling me it wants to be useful, it's worse than Clippy ever was.

Probably 10,000 of those "uses" were just me personally telling Gemini it is a useless pile of garbage that if it caught fire it could at least provide warmth and heat as a dumpster fire, it is less valuable than that. It is a waste of bandwidth, unwanted, being aggressively forced on the victims using Google products as their enshitification converts useful tools into monetization.

Quite a few scenarios can't do it, actually.

If your scenario fits in the box --- and the vast majority of cases fit in the box --- then the ACME protocol works great. Publicly accessible, ability to modify mainstream DNS TXT record, and public access to port 80, and able to get online on the public internet periodically at least once every 3 months, you're great. If you're in the most typical scenario it works just fine. Box in a datacenter, system runs in an always-on network, using any of the major DNS providers, even if your network is mostly private but one at the top level is accessible so you can do a *.example.com wildcard registration, the vast majority of people have no issue with it.

But that's not everybody, that's almost everybody. Some scenarios are excluded. What if the device is not using a mainstream DNS provider? What if the device can't provide the port on the domain's address? What if the device can't get online frequent enough? What if the obscure configuration doesn't allow for DNS challenges? What if you don't own the level you can do a wildcard registration? What if you can't satisfy the round trip timeout? Live in a rural place, where service comes through "internet on a bike" but still want security? Need to serve from a device that can't reach the public internet for many months at a time? There are plenty of obscure situations where the protocol doesn't work.

People in those scenarios still want the security, but they don't fit in the box.

Yup. They are overdue for poisoning bot requests. Block the hosting domains, errors and black holes, feed them the same errors every time about how they can get the copied version of the databases at cost. This is not a new problem, companies have detected and killed bot traffic for decades now.

It's more complex than the article suggests.

Somewhat ironically, the problem DNG proports to solve is a problem the format itself experiences. Yes, it is true that the camera manufacturers update their image formats and it takes time for companies to catch up. But at the same time the DNG format is on it's 7th iteration, if your camera is using the 2023 version of DNG but your software only supports up to the 2021 version of DNG, it's exactly the same problem as if you've got a 2023 version from your Canon camera but your software only supports up to 2021 version.

Plus as a container format, anybody can put whatever they want in the file and you still need the matching codec for that piece of the content. In many ways it's like so many other audio and video formats, the file can be opened but the specific codec is still required.

Similar but reversed. My credit unions aren't part of Zelle, but some people don't use or won't use Venmo or Paypal FF. This removes one of the few free ways to transfer funds.

I used to be able to tie a debit card to Zelle. Now it's looking like I need to open yet another bank account (I've got four) to find one that offers Zelle built in. Zelle is a system built buy the banks, for the banks, and I understand why they're doing it, but I'm one of that 2% of users that is hit hard by their action.

OpenAI CEO: We're limiting numbers to 2 images per account per day for free accounts.

Also OpenAI CEO: These images are popular, we've seen millions of new accounts making the images.

I can't help but put these two things together.

It's a balance, the rights of the individual versus the rights of society. It's also about errors, misuse, and abuse.

If there were absolutely zero misuse and zero abuse, and it worked perfectly 100% of the time, I'd tend to agree with you. It could quickly help identify people known to be wanted in connection to crimes, or legally banned and trespassing. Even without those qualification it is certainly a useful tool by police, for good or ill.

Unfortunately anybody can get on the lists for any number of reasons. People can also be mis-identified, the systems have always been bad at women and POC. Some people are chronically mis-identified, carrying government-issued papers that say they aren't the criminal but they do look like their doppelganger to the computers. It doesn't take a criminal conviction to get on the list and false accusations can disrupt the lives of innocent victims, now harassed by police and government until they can prove their case. Sometimes getting off the list is difficult or impossible even after clearing their name, so they get arrested and abused by police time and time again despite having addressed the initial issue.

In societies with enough checks and balances and judicial review they can help, but the risks of abuse, misuse, and error are so high that it's generally a bad tool when looking at the totality of ethics.

The ONLY way this gets better is if people actually return them.

He said he doesn't want to go through the time and effort of returning it, but that's the only way this gets better.

If the customers like him suffer with it, don't bother returning it, and put up with the nuisance then the companies see it as an acceptable profit.

They'll keep building them until they feel pain from retailers getting returns, RMA's because "Defective, the features don't work", too many reports of "not as advertised", having to eat the costs of returns and disposing of opened products, and huge negative reviews so they struggle to sell the ones they have in stock.

Complaining about it online is a small thing, but the only thing the companies will listen to is when they have to bear the costs of product returns.

Yup, the article and the science behind it are simple reminders to go get the jabs.

They're not 100% effective, some people still get sick, this has always been true. Some years lots of people get sick. But that's not what efficacy is about.

If you get the jab you are less likely to get sick, not guaranteed not to get sick. If you get the jab and also get sick, you are much less likely to have a severe illness or be hospitalized. Even if you get sick, you get some amount of protection because you've exercised your immune system.

Go get the jab every year.

It can be configured for a secure boot system both at startup and for firmware updates, with the key set at Espressif's manufacturing.

The OTA system can also require a signature even without the secure boot system, but that approach still allows firmware updates through wired connections and chip proframmers.

That is why this is mostly a supply chain attack. It is not about reprogramming a random unsecured chip, which is trivial with physical hardware access, and very nearly trivial through unsecured OTA updates.

The attack could let a vender with a secure boot device have a supply chain injection blob of data get added, and then it requires a second exploit to have it actually mean something. Plenty of secondary security bugs exist to be exploited, but they don't require the chip either.

It is not so much about "I can flash your fancy smart lighbulbs." Instead, it is a stepping stone for targeted attacks. While the devices are vulnerable, it is also not really catastrophic because the microcontrollers don't really do anything special by themselves. Anyone can already bring chips with an arbitrary mac address within Bluetooth range. It takes some other bad security assumptions to make use of the issue. If someone is injecting at this level, the company being targeted has far bigger issues with spies in their supply chain.