I hope that AI labs aren't going to wait for widespread distribution of malware encoding novel CBRN & AI info in its fundamental execution architecture (wholly preventing analysis by these safetymaxxed 'frontier' models) to care about dealing with this problem at an architectural level
Because most people in tech never took a philosophy course or an ethics course and think that tech is obviously a good for the world and that there are no downsides to advancing tech. So any efforts that try to apply ethics to it are overreaching, ignorant, and futile in the face of the good that is tech!
So i have big news for you my friend as i'm not sure you understand such courses. Taking an ethics course won't make you a more ethical person.. and taking a philosophy course neither.
You're being too literal, they're saying people are not thinking with a philosophically interested mind, which is blatantly the case here, their point stands.
I like this take. Especially because one of the sibling comments framed Anthropic's stance as "paternalism." Trying to be ethical and to minimize harm, even at great expense to one's finances and reputation, is paternalistic apparently.
No — we’ve just taken Ethics 102 as well, so we understand good intentions don’t entail positive outcomes, therefore you may need to criticize or oppose people who state good intentions to bring about good outcomes.
Insulting and demeaning people for that, rather than engaging their arguments in good faith, is a breach of ethics.
Ironically making a stink about it online is likely to have a larger impact then using their dedicated feedback or support channels (which go to claude, not a person)
the feedback is for something mindless though, "we don't care about societal harms". I wonder the overlap between these commenters and tech maga people, eg crypto bros & Elon stans.
Manual string replacement with a hardcoded list of cases for escaping as suggested by the article isn't good advice for the use case of 'support inserting arbitrary text'.
Do use CDATA nodes, but only work on XML with an actual XML DOM library instead of string manipulation. Browsers have these built-in (DOMParser).
I totally understand the general advice of using actual XML DOM library for making DOM. But for my own understanding, I want to ask why the 5 escapes the OP suggests (&, <, >, " and ') aren't good enough? Do you see anyway to exploit it if these 5 are escaped? Someone kind enough to enlighten me?
> The ampersand character (&) and the left angle bracket (<) MUST NOT appear in their literal form, except when used as markup delimiters, or within a comment, a processing instruction, or a CDATA section. If they are needed elsewhere, they MUST be escaped using either numeric character references or the strings " & " and " < " respectively. The right angle bracket (>) may be represented using the string " > ", and MUST, for compatibility, be escaped using either " > " or a character reference when it appears in the string " ]]> " in content, when that string is not marking the end of a CDATA section.
> In the content of elements, character data is any string of characters which does not contain the start-delimiter of any markup and does not include the CDATA-section-close delimiter, " ]]> ". In a CDATA section, character data is any string of characters not including the CDATA-section-close delimiter, " ]]> ".
> To allow attribute values to contain both single and double quotes, the apostrophe or single-quote character (') may be represented as " ' ", and the double-quote character (") as " " ".
Judging by the graphics used in the launch event, it may actually be miniLED. Perhaps they aren't mentioning this so people don't compare their max 700 nits full screen brightness to other vendors' >1000 nits full screen brightness.
HDMI 2.1 is basically blocked by the HDMI forum:
"... This isn’t some unsolved mystery buried deep in kernel code. The issue sits with the HDMI Forum, which controls the HDMI 2.1 specification. To implement it fully, you need to agree to licensing terms that clash hard with open-source licenses like GPL. ..."
Source: https://www.makeuseof.com/hdmi-forum-is-holding-back-linux-a...
So I can perfectly imagine a small hardware vendor like Framework being unable to get support for this.
Perhaps DP is a better solution for your use-case?
Going to be interesting to see how this affects Uber prices in Colorado. afaict Uber heavily engages in surveillance pricing but claims otherwise, deferring to 'discount' terminology.
Discord would have never gotten to where it is today if not for the Mumble community never shipping a decent fully-featured web UI. There were multiple efforts throughout the years but iirc they were not coordinated and didn't gather much momentum.
It's not too late to make another tool that can fit this niche. There's currently nothing that checks every box for me, especially when it comes to UX and security/privacy. I started designing an open source comms framework with a friend to fit this niche a decade ago and feel somewhat motivated to try again in the future.
I'm planning to eventually launch an open source platform with the same name (peerweb.com) that I hope will be vastly more usable, with a distributed anti-abuse protocol, automatic asset distribution prioritization for highly-requested files, streaming UGC APIs (e.g. start uploading a video and immediately get a working sharable link before upload completion), proper integration with site URLs (no ugly uuids etc. visible or required in your site URLs), and adjustable latency thresholds to failover to normal CDNs whenever peers take too long to respond.
I put the project on hiatus years ago but I'm starting it back up soon! My project is not vibe coded and has thus far been manually architected with a deep consideration for both user and site owner expectations in the web ecosystem.
reply