Pinboard (jm)
https://pinboard.in/u:jm/public/
recent bookmarks from jmBoeing's 737 Max Software Outsourced to $9-an-Hour Engineers2024-03-13T12:55:17+00:00
https://www.industryweek.com/supply-chain/article/22027840/boeings-737-max-software-outsourced-to-9-an-hour-engineers
jmIt remains the mystery at the heart of Boeing Co.’s 737 Max crisis: how a company renowned for meticulous design made seemingly basic software mistakes leading to a pair of deadly crashes. Longtime Boeing engineers say the effort was complicated by a push to outsource work to lower-paid contractors.
The Max softwareーplagued by issues that could keep the planes grounded months longer after U.S. regulators this week revealed a new flawーwas developed at a time Boeing was laying off experienced engineers and pressing suppliers to cut costs.
Increasingly, the iconic American planemaker and its subcontractors have relied on temporary workers making as little as $9 an hour to develop and test software, often from countries lacking a deep background in aerospace ー notably India. [..]
Rabin, the former software engineer, recalled one manager saying at an all-hands meeting that Boeing didn’t need senior engineers because its products were mature. “I was shocked that in a room full of a couple hundred mostly senior engineers we were being told that we weren’t needed,” said Rabin, who was laid off in 2015. [..]
At a meeting with a chief 787 engineer in 2008, one staffer complained about sending drawings back to a team in Russia 18 times before they understood that the smoke detectors needed to be connected to the electrical system... [...]
During the crashes of Lion Air and Ethiopian Airlines planes that killed 346 people, investigators suspect, the MCAS system pushed the planes into uncontrollable dives because of bad data from a single sensor. That design violated basic principles of redundancy for generations of Boeing engineers, and the company apparently never tested to see how the software would respond, Lemme said. “It was a stunning fail,” he said. “A lot of people should have thought of this problem – not one person – and asked about it.”
]]>boeing fail outsourcing hcl safety software engineeringhttps://pinboard.in/https://pinboard.in/u:jm/b:4dbc9a4597e3/Impacts of active travel interventions on travel behaviour and health: Results from a five-year longitudinal travel survey in Outer London - ScienceDirect2024-03-11T18:11:59+00:00
https://www.sciencedirect.com/science/article/pii/S2214140524000173
jmLiving in areas with mini-Holland interventions [major investments in active travel infrastructure] was consistently associated with increased duration of past-week active travel, compared with the control group. Changes in active travel behaviour were largest and had the strongest evidence for those living in low traffic neighbourhoods. Most of the increase was in time spent walking, although the strongest evidence of increased participation was for cycling. There was also evidence of decline in car ownership and/or use, although this was weaker and seen convincingly only in the low traffic neighbourhood areas.
The 20-year health economic benefit from the mini-Holland areas was calculated at £1,056 m, from a programme cost of around £100 m.
]]>traffic travel active-travel ltns low-traffic-neighbourhoods cycling walking health greenhttps://pinboard.in/https://pinboard.in/u:jm/b:846ad5bcc629/Microplastics found to increase risk of serious outcomes for heart patients2024-03-07T17:33:15+00:00
https://erictopol.substack.com/p/theres-plastic-in-my-plaque?publication_id=587835&post_id=142359342&triggerShare=true&isFreemail=true&r=3awpb&triedRedirect=true
jmmicroplastics plastic sustainability health medicine atherosclerosis papers via:eric-topolhttps://pinboard.in/https://pinboard.in/u:jm/b:1053c53daef5/Ubicloud2024-03-06T10:30:05+00:00
https://www.ubicloud.com/
jmUbicloud provides cloud services on bare metal providers, such as Hetzner, OVH, or AWS Bare Metal. Public cloud providers like AWS, Azure, and Google Cloud made life easier for start-ups and enterprises. But they are closed source, have you rent computers at a huge premium, and lock you in. Ubicloud offers an open alternative, reduces your costs, and returns control of your infrastructure back to you. All without sacrificing the cloud's convenience.
Currently supports compute VMs and managed PostgresSQL; no S3-alike service (yet). From the team behind Citus Data, the Postgres scaling product.]]>ubicloud cloud hosting vms ops postgreshttps://pinboard.in/https://pinboard.in/u:jm/b:a8e9f3f457b3/Answers for AWS survey results for 20242024-03-04T10:28:26+00:00
https://answersforaws.com/blog/2024-02-29-results/
jmaws services ops infrastructure architecture sqs sns dynamodb github-actions ecs via:lastweekinawshttps://pinboard.in/https://pinboard.in/u:jm/b:04ea95c6ae80/Italy's "Piracy Shield" blocked Cloudflare2024-03-04T10:16:03+00:00
https://torrentfreak.com/piracy-shield-cloudflare-disaster-blocks-countless-sites-fires-up-opposition-240226/
jmcloudflare ip-blocks blocking piracy anti-pezzoto agcom fail filtering false-positives networkinghttps://pinboard.in/https://pinboard.in/u:jm/b:986c513a9105/DocuSign admit to training AI on customer data2024-03-01T17:19:40+00:00
https://mastodon.social/@gvwilson/112012277852906749
jmDocuSign just admitted that they use customer data (i.e., all those contracts, affidavits, and other confidential documents we send them) to train AI:
https://support.docusign.com/s/document-item?language=en_US&bundleId=fzd1707173174972&topicId=uss1707173279973.html
They state that customers "contractually consent" to such use, but good luck finding it in their Terms of Service. There also doesn't appear to be a way to withdraw consent, but I may have missed that.
Gotta say, I find this fairly jaw-dropping. The data in question is "Contract Lifecycle Management, Contract Lifecycle Management AI Extension, and eSignature (for select eSignature customers)".
"DocuSign may utilize, at its discretion, a customizable version of Microsoft’s Azure OpenAI Service trained on anonymized customer's data." -- so not running locally, and you have to trust their anonymization. It's known that some anonymization algorithms can be reversed. This also relies on OpenAI keeping their data partitioned from other customers' data, and I'm not sure I'd rush to trust that.
One key skill DocuSign should be good at is keeping confidential documents confidential. This isn't it.
This is precisely what the EU AI Act should have dealt with (but won't, unfortunately). Still, GDPR may be relevant. And I'm sure there are a lot of lawyers now looking at their use of DocuSign with unease.
(via Mark Dennehy)]]>ai privacy data-protection data-privacy openai docusign contracts failhttps://pinboard.in/https://pinboard.in/u:jm/b:86dca90befd9/Trinity team discovers underlying cause of brain fog linked with Long COVID2024-02-26T15:58:29+00:00
https://www.tcd.ie/news_events/top-stories/featured/trinity-team-discovers-underlying-cause-of-brain-fog-linked-with-long-covid/
jm
Now, the findings reported by the Trinity team in the top international journal Nature Neuroscience showed that there was disruption to the integrity of the blood vessels in the brains of patients suffering from Long COVID and brain fog. This blood vessel “leakiness” was able to objectively distinguish those patients with brain fog and cognitive decline compared to patients suffering from Long-COVID but not with brain fog.
The team led by scientists at the Smurfit Institute of Genetics in Trinity’s School of Genetics and Microbiology and neurologists in the School of Medicine have also uncovered a novel form of MRI scan that shows how Long-COVID can affect the human brain’s delicate network of blood vessels.
“For the first time, we have been able to show that leaky blood vessels in the human brain, in tandem with a hyperactive immune system may be the key drivers of brain fog associated with Long COVID. This is critically important, as understanding the underlying cause of these conditions will allow us to develop targeted therapies for patients in the future,” said Prof. Matthew Campbell, Professor in Genetics and Head of Genetics at Trinity, and Principal Investigator at FutureNeuro.
Apparently, this is the first study to correlate blood-brain barrier disruption with "brain fog" symptoms of Long COVID, using an enhanced MRI procedure. This is a very significant step towards the discovery of biomarkers and therapies for neurological manifestations of Long COVID.
Great to see this kind of significant research from TCD!
Full paper: https://www.nature.com/articles/s41593-024-01576-9]]>tcd dublin ireland trinity long-covid covid-19 research papers neurologyhttps://pinboard.in/https://pinboard.in/u:jm/b:38ed6bd500ad/louislam/uptime-kuma2024-02-26T12:11:22+00:00
https://github.com/louislam/uptime-kuma
jmmonitoring uptime network-monitoring networking ops via:itc via:tristamhttps://pinboard.in/https://pinboard.in/u:jm/b:01d82b0fa274/Troy Hunt: Thanks FedEx, This is Why we Keep Getting Phished2024-02-23T17:58:48+00:00
https://www.troyhunt.com/thanks-fedex-this-is-why-we-keep-getting-phished/
jmWhat makes this situation so ridiculous is that while we're all watching for scammers attempting to imitate legitimate organisations, FedEx is out there imitating scammers! Here we are in the era of burgeoning AI-driven scams that are becoming increasingly hard for humans to identify, and FedEx is like "here, hold my beer" as they one-up the scammers at their own game and do a perfect job of being completely indistinguishable from them.
]]>phishing scams troy-hunt fedex australia uxhttps://pinboard.in/https://pinboard.in/u:jm/b:57f343429a5a/How Google is killing independent sites like ours2024-02-22T14:24:38+00:00
https://housefresh.com/david-vs-digital-goliaths/
jm
Google has a clear bias towards big media publishers.
Their Core and Helpful Content updates are heavily focused on something they call E-E-A-T, which is an acronym that stands for Experience, Expertise, Authoritativeness, and Trustworthiness.
The SEO world has been obsessed with E-E-A-T for a few years now, to the point where there is always someone on X (formerly Twitter) discussing how to show experience, expertise, authoritativeness, and trustworthiness. Many of the examples come from dissecting big media publishers like the ones we’ve been discussing in this article.
The reason why SEOs look up to these sites is that Google rewards those sites.
]]>enshittification internet google reviews seo eeat content publishing bias search-engineshttps://pinboard.in/https://pinboard.in/u:jm/b:7029fee5b580/Air Canada found responsible for chatbot error2024-02-15T16:23:19+00:00
https://bc.ctvnews.ca/air-canada-s-chatbot-gave-a-b-c-man-the-wrong-information-now-the-airline-has-to-pay-for-the-mistake-1.6769454
jmAir Canada has been ordered to compensate a man because its chatbot gave him inaccurate information. [...] "I find Air Canada did not take reasonable care to ensure its chatbot was accurate," [Civil Resolution Tribunal] member Christopher C. Rivers wrote, awarding $650.88 in damages for negligent misrepresentation. "Negligent misrepresentation can arise when a seller does not exercise reasonable care to ensure its representations are accurate and not misleading," the decision explains.
Jake Moffatt was booking a flight to Toronto and asked the bot about the airline's bereavement rates – reduced fares provided in the event someone needs to travel due to the death of an immediate family member. Moffatt said he was told that these fares could be claimed retroactively by completing a refund application within 90 days of the date the ticket was issued, and submitted a screenshot of his conversation with the bot as evidence supporting this claim. He submitted his request, accompanied by his grandmother's death certificate, in November of 2022 – less than a week after he purchased his ticket. But his application was denied [...] The airline refused the refund because it said its policy was that bereavement fare could not, in fact, be claimed retroactively. [...]
"In effect, Air Canada suggests the chatbot is a separate legal entity that is responsible for its own actions. This is a remarkable submission. While a chatbot has an interactive component, it is still just a part of Air Canada’s website," Rivers wrote.
There's no indication here that this was an LLM, but we know that LLMs routinely confabulate and make shit up with spurious authority. This is going to make for a lucrative seam in small claims courts.]]>ai fail chatbots air-canada support small-claims chathttps://pinboard.in/https://pinboard.in/u:jm/b:e8bc053d98cf/UK COVID vaccination modelling was dependent on a single Pythonista2024-02-12T16:11:24+00:00
https://christinapagel.substack.com/p/where-are-we-with-covid-in-england
jmexcel python modelling statistics uk ukhsa qa covid-19 quality-controlhttps://pinboard.in/https://pinboard.in/u:jm/b:67997cd0272c/Feber2024-02-12T14:55:21+00:00
https://simonrepp.com/feber/
jm
Originally just a two-day hack for a friend ('s shared rehearsal room), a few more weeks of work turned this into a universally usable, polished tool - hopefully of use to a wider public.
The short pitch: A single PHP file (+assets) that is compatible with virtually every standard webhost out there, and a database-free design which means setup, backup and transfer is just copying files from one computer/server to another. The interface is responsive, adaptive (dark/light), and built with accessibility (and intent to improve) in mind.
As I am by now maintainer of more FLOSS projects than I can reasonably look after in a sustainable fashion while just running on my commitment and love for the cause, this time around I've included a possibility to financially support the project. Emphasis on this being optional - Feber is AGPL3+, free to share with anyone, you can pay for it if and as you wish.
It's nice to see a neat little self-contained, easily deployed hack like this.]]>oss calendars open-source php web groupwarehttps://pinboard.in/https://pinboard.in/u:jm/b:82da108fd112/Meta documents show 100,000 children sexually harassed daily on its platforms2024-02-06T15:22:29+00:00
https://www.theguardian.com/technology/2024/jan/18/instagram-facebook-child-sexual-harassment
jmMeta estimates about 100,000 children using Facebook and Instagram receive online sexual harassment each day, including “pictures of adult genitalia”, according to internal company documents made public late Wednesday. [....]
The documents describe an incident in 2020 when the 12-year-old daughter of an executive at Apple was solicited via IG Direct, Instagram’s messaging product.
“This is the kind of thing that pisses Apple off to the extent of threatening to remove us from the App Store,” a Meta employee fretted, according to the documents. A senior Meta employee described how his own daughter had been solicited via Instagram in testimony to the US Congress late last year. His efforts to fix the problem were ignored, he said.
Last week's "Moderated Content" podcast episode was well worth a listen on this: "Big Tech's Big Tobacco Moment" - https://law.stanford.edu/podcasts/big-techs-big-tobacco-moment/]]>facebook fail kids moderation parenting meta safety smartphones instagram harassment sexual-harassmenthttps://pinboard.in/https://pinboard.in/u:jm/b:90a79538a84e/Pkl2024-02-06T12:47:17+00:00
https://pkl-lang.org/blog/introducing-pkl.html
jmconfiguration programming languages via:bert-huberthttps://pinboard.in/https://pinboard.in/u:jm/b:87e8e90ff1ef/Kolmo2024-02-06T12:44:41+00:00
https://berthub.eu/articles/posts/kolmo/
jmSelf-documenting, with constraints, units, and metadata;
‘Typesafe’, so knows about IP addresses, port numbers, strings, integers;
Tool that turns this configuration schema into Markdown-based documentation;
A standalone parser for configuration files;
Test for validity, consistency;
Runtime library for parsing configuration file & getting data from it;
Standalone tooling to interrogate and manipulate the configuration;
A runtime loadable webserver that allows manipulation of running configuration (within constraints);
Every configuration change is stored and can be rolled back;
Ability to dump, at runtime:
Running configuration
Delta of configuration against default (‘minimal configuration’);
Delta of running configuration versus startup configuration;
In effect, a Kolmo enabled piece of software gets a documented configuration file that can be modified safely and programmatically, offline, on the same machine or at runtime, with a full audit trail, including rollback possibility.
]]>configuration languages programming kolmo config luahttps://pinboard.in/https://pinboard.in/u:jm/b:87cec706b5e8/Pluralistic: How I got scammed (05 Feb 2024)2024-02-06T12:41:35+00:00
https://pluralistic.net/2024/02/05/cyber-dunning-kruger/
jmI trusted this fraudster specifically because I knew that the outsource, out-of-hours contractors my bank uses have crummy headsets, don't know how to pronounce my bank's name, and have long-ass, tedious, and pointless standardized questionnaires they run through when taking fraud reports. All of this created cover for the fraudster, whose plausibility was enhanced by the rough edges in his pitch – they didn't raise red flags.
As this kind of fraud reporting and fraud contacting is increasingly outsourced to AI, bank customers will be conditioned to dealing with semi-automated systems that make stupid mistakes, force you to repeat yourself, ask you questions they should already know the answers to, and so on. In other words, AI will groom bank customers to be phishing victims.
This is a mistake the finance sector keeps making. 15 years ago, Ben Laurie excoriated the UK banks for their "Verified By Visa" system, which validated credit card transactions by taking users to a third party site and requiring them to re-enter parts of their password there:
https://web.archive.org/web/20090331094020/http://www.links.org/?p=591
This is exactly how a phishing attack works. As Laurie pointed out, this was the banks training their customers to be phished.
]]>ai banks credit-cards scams phishing cory-doctorow verified-by-visa fraud outsourcing via:johnkehttps://pinboard.in/https://pinboard.in/u:jm/b:f0d60635ef4d/The Mechanical Turk of Amazon Go2024-01-31T17:27:15+00:00
https://pluralistic.net/2024/01/31/neural-interface-beta-tester/
jmA reader wrote to me this week. They're a multi-decade veteran of Amazon who had a fascinating tale about the launch of Amazon Go, the "fully automated" Amazon retail outlets that let you wander around, pick up goods and walk out again, while AI-enabled cameras totted up the goods in your basket and charged your card for them.
According to this reader, the AI cameras didn't work any better than Tesla's full-self driving mode, and had to be backstopped by a minimum of three camera operators in an Indian call center, "so that there could be a quorum system for deciding on a customer's activity – three autopilots good, two autopilots bad."
Amazon got a ton of press from the launch of the Amazon Go stores. A lot of it was very favorable, of course: Mister Market is insatiably horny for firing human beings and replacing them with robots, so any announcement that you've got a human-replacing robot is a surefire way to make Line Go Up. But there was also plenty of critical press about this – pieces that took Amazon to task for replacing human beings with robots.
What was missing from the criticism? Articles that said that Amazon was probably lying about its robots, that it had replaced low-waged clerks in the USA with even-lower-waged camera-jockeys in India.
Which is a shame, because that criticism would have hit Amazon where it hurts, right there in the ole Line Go Up. Amazon's stock price boost off the back of the Amazon Go announcements represented the market's bet that Amazon would evert out of cyberspace and fill all of our physical retail corridors with monopolistic robot stores, moated with IP that prevented other retailers from similarly slashing their wage bills. That unbridgeable moat would guarantee Amazon generations of monopoly rents, which it would share with any shareholders who piled into the stock at that moment.
]]>mechanical-turk amazon-go fakes amazon call-centers absent-indian ai fakery line-go-up automation capitalismhttps://pinboard.in/https://pinboard.in/u:jm/b:8508b08c7940/Amazon price drop monitor2024-01-26T13:46:09+00:00
https://uk.camelcamelcamel.com/product/B09JPCNS3X
jmshopping amazon prices price-watchhttps://pinboard.in/https://pinboard.in/u:jm/b:24d8898c4de7/The false positive rate for Ashton Kucher's "Thorn" anti-CSAM system is 1 in 10002024-01-25T14:42:31+00:00
https://twitter.com/matthew_d_green/status/1750509702629241341
jmthorn scanning csam ashton-kucher eu data-privacy false-positives surveillance accuracyhttps://pinboard.in/https://pinboard.in/u:jm/b:76550c6217fc/A brain implant changed her life. Then it was removed against her will2024-01-24T19:49:42+00:00
https://www.technologyreview.com/2023/05/25/1073634/brain-implant-removed-against-her-will/
jmLeggett received her device during a clinical trial for a brain implant designed to help people with epilepsy. She was diagnosed with severe chronic epilepsy when she was just three years old and routinely had violent seizures. The unpredictable nature of the episodes meant that she struggled to live a normal life, says Frederic Gilbert, a coauthor of the paper and an ethicist at the University of Tasmania, who regularly interviews her. “She couldn’t go to the supermarket by herself, and she was barely going out of the house,” he says. “It was devastating.” [....]
While trial participants enjoyed varying degrees of success, the [experimental brain implant] worked brilliantly for Leggett. For the first time in her life, she had agency over her seizures—and her life. With the advance warning from the device, she could take medication that prevented the seizures from occurring. “I felt like I could do anything,” she told Gilbert in interviews undertaken in the years since. “I could drive, I could see people, I was more capable of making good decisions.” [...] She also felt that she became a new person as the device merged with her. “We had been surgically introduced and bonded instantly,” she said. “With the help of science and technicians, we became one.”
Gilbert and Ienca describe the relationship as a symbiotic one, in which two entities benefit from each other. In this case, the woman benefited from the algorithm that helped predict her seizures. The algorithm, in turn, used recordings of the woman’s brain activity to become more accurate. [...]
But it wasn’t to last. In 2013, NeuroVista, the company that made the device, essentially ran out of money. The trial participants were advised to have their implants removed. (The company itself no longer exists.) Leggett was devastated. She tried to keep the implant. “[Leggett and her husband] tried to negotiate with the company,” says Gilbert. “They were asking to remortgage their house—she wanted to buy it.” In the end, she was the last person in the trial to have the implant removed, very much against her will. “I wish I could’ve kept it,” Leggett told Gilbert. “I would have done anything to keep it.”
Years later, she still cries when she talks about the removal of the device, says Gilbert. “It’s a form of trauma,” he says.
“I have never again felt as safe and secure … nor am I the happy, outgoing, confident woman I was,” she told Gilbert in an interview after the device had been removed. “I still get emotional thinking and talking about my device … I’m missing and it’s missing.” Leggett has also described a deep sense of grief. “They took away that part of me that I could rely on,” she said.
If a device can become part of a person, then its removal “represents a form of modification of the self,” says Ienca. “This is, to our knowledge, the first evidence of this phenomenon.”
]]>bioethics brain science capitalism ethics medicine epilepsy implants body-modification self-modificationhttps://pinboard.in/https://pinboard.in/u:jm/b:659738b001c0/"In Boeing production speak, this is a “process failure”. For an A&P mechanic at an airline, this would be called “federal crime”."2024-01-24T11:23:43+00:00
https://leehamnews.com/2024/01/15/unplanned-removal-installation-inspection-procedure-at-boeing/#comment-509962
jm
Current Boeing employee here – I will save you waiting two years for the NTSB report to come out and give it to you for free: the reason the door blew off is stated in black and white in Boeings own records. It is also very, very stupid and speaks volumes about the quality culture at certain portions of the business.
A couple of things to cover before we begin:
Q1) Why should we believe you?
A) You shouldn’t, I’m some random throwaway account, do your own due diligence. Others who work at Boeing can verify what I say is true, but all I ask is you consider the following based on its own merits.
Q2) Why are you doing this?
A) Because there are many cultures at Boeing, and while the executive culture may be throughly compromised since we were bought by McD, there are many other people who still push for a quality product with cutting edge design. My hope is that this is the wake up call that finally forces the Board to take decisive action, and remove the executives that are resisting the necessary cultural changes to return to a company that values safety and quality above schedule.
With that out of the way… why did the left hand (LH) mid-exit door plug blow off of the 737-9 registered as N704AL? Simple- as has been covered in a number of articles and videos across aviation channels, there are 4 bolts that prevent the mid-exit door plug from sliding up off of the door stop fittings that take the actual pressurization loads in flight, and these 4 bolts were not installed when Boeing delivered the airplane, our own records reflect this.
The mid-exit doors on a 737-9 of both the regular and plug variety come from Spirit already installed in what is supposed to be the final configuration and in the Renton factory, there is a job for the doors team to verify this “final” install and rigging meets drawing requirements. In a healthy production system, this would be a “belt and suspenders” sort of check, but the 737 production system is quite far from healthy, its a rambling, shambling, disaster waiting to happen. As a result, this check job that should find minimal defects has in the past 365 calendar days recorded 392 nonconforming findings on 737 mid fuselage door installations (so both actual doors for the high density configs, and plugs like the one that blew out). That is a hideously high and very alarming number, and if our quality system on 737 was healthy, it would have stopped the line and driven the issue back to supplier after the first few instances. Obviously, this did not happen. Now, on the incident aircraft this check job was completed on 31 August 2023, and did turn up discrepancies, but on the RH side door, not the LH that actually failed. I could blame the team for missing certain details, but given the enormous volume of defects they were already finding and fixing, it was inevitable something would slip through- and on the incident aircraft something did. I know what you are thinking at this point, but grab some popcorn because there is a plot twist coming up.
The next day on 1 September 2023 a different team (remember 737s flow through the factory quite quickly, 24 hours completely changes who is working on the plane) wrote up a finding for damaged and improperly installed rivets on the LH mid-exit door of the incident aircraft.
A brief aside to explain two of the record systems Boeing uses in production. The first is a program called CMES which stands for something boring and unimportant but what is important is that CMES is the sole authoritative repository for airplane build records (except on 787 which uses a different program). If a build record in CMES says something was built, inspected, and stamped in accordance with the drawing, then the airplane damn well better be per drawing. The second is a program called SAT, which also stands for something boring and unimportant but what is important is that SAT is *not* an authoritative records system, its a bullentin board where various things affecting the airplane build get posted about and updated with resolutions. You can think of it sort of like a idiots version of Slack or something. Wise readers will already be shuddering and wondering how many consultants were involved, because, yes SAT is a *management visibilty tool*. Like any good management visibilty tool, SAT can generate metrics, lots of metrics, and oh God do Boeing managers love their metrics. As a result, SAT postings are the primary topic of discussion at most daily status meetings, and the whole system is perceived as being extremely important despite, I reiterate, it holding no actual authority at all.
We now return to our incident aircraft, which was written up for having defective rivets on the LH mid-exit door. Now as is standard practice kn Renton (but not to my knowledge in Everett on wide bodies) this write-up happened in two forms, one in CMES, which is the correct venue, and once in SAT to “coordinate the response” but really as a behind-covering measure so the manager of the team that wrote it can show his boss he’s shoved the problem onto someone else. Because there are so many problems with the Spirit build in the 737, Spirit has teams on site in Renton performing warranty work for all of their shoddy quality, and this SAT promptly gets shunted into their queue as a warranty item. Lots of bickering ensues in the SAT messages, and it takes a bit for Spirit to get to the work package. Once they have finished, they send it back to a Boeing QA for final acceptance, but then Malicious Stupid Happens! The Boeing QA writes another record in CMES (again, the correct venue) stating (with pictures) that Spirit has not actually reworked the discrepant rivets, they *just painted over the defects*. In Boeing production speak, this is a “process failure”. For an A&P mechanic at an airline, this would be called “federal crime”.
Presented with evidence of their malfeasance, Spirit reopens the package and admits that not only did they not rework the rivets properly, there is a damaged pressure seal they need to replace (who damaged it, and when it was damaged is not clear to me). The big deal with this seal, at least according to frantic SAT postings, is the part is not on hand, and will need to be ordered, which is going to impact schedule, and (reading between the lines here) Management is Not Happy.
However, more critical for purposes of the accident investigation, the pressure seal is unsurprisingly sandwiched between the plug and the fuselage, and you cannot replace it without opening the door plug to gain access. All of this conversation is documented in increasingly aggressive posts in the SAT, but finally we get to the damning entry which reads something along the lines of “coordinating with the doors team to determine if the door will have to be removed entirely, or just opened. If it is removed then a Removal will have to be written.” Note: a Removal is a type of record in CMES that requires formal sign off from QA that the airplane been restored to drawing requirements.
If you have been paying attention to this situation closely, you may be able to spot the critical error: regardless of whether the door is simply opened or removed entirely, the 4 retaining bolts that keep it from sliding off of the door stops have to be pulled out. A removal should be written in either case for QA to verify install, but as it turns out, someone (exactly who will be a fun question for investigators) decides that the door only needs to be opened, and no formal Removal is generated in CMES (the reason for which is unclear, and a major process failure). Therefore, in the official build records of the airplane, a pressure seal that cannot be accessed without opening the door (and thereby removing retaining bolts) is documented as being replaced, but the door is never officially opened and thus no QA inspection is required.
This entire sequence is documented in the SAT, and the nonconformance records in CMES address the damaged rivets and pressure seal, but at no point is the verification job reopened, or is any record of removed retention bolts created, despite it this being a physical impossibility. Finally with Spirit completing their work to Boeing QAs satisfaction, the two rivet-related records in CMES are stamped complete, and the SAT closed on 19 September 2023. No record or comment regarding the retention bolts is made.
I told you it was stupid.
So, where are the bolts? Probably sitting forgotten and unlabeled (because there is no formal record number to label them with) on a work-in-progress bench, unless someone already tossed them in the scrap bin to tidy up.
There’s lots more to be said about the culture that enabled this to happened, but thats the basic details of what happened, the NTSB report will say it in more elegant terms in a few years.
]]>737max aviation boeing comments throwaway fail qa bolts ntsbhttps://pinboard.in/https://pinboard.in/u:jm/b:7d69f3234f00/Sleeper Agents: Training Deceptive LLMs that Persist Through Safety Training2024-01-18T13:04:45+00:00
https://arxiv.org/abs/2401.05566
jm
Humans are capable of strategically deceptive behavior: behaving helpfully in most situations, but then behaving very differently in order to pursue alternative objectives when given the opportunity. If an AI system learned such a deceptive strategy, could we detect it and remove it using current state-of-the-art safety training techniques? To study this question, we construct proof-of-concept examples of deceptive behavior in large language models (LLMs). For example, we train models that write secure code when the prompt states that the year is 2023, but insert exploitable code when the stated year is 2024. We find that such backdoor behavior can be made persistent, so that it is not removed by standard safety training techniques, including supervised fine-tuning, reinforcement learning, and adversarial training (eliciting unsafe behavior and then training to remove it). The backdoor behavior is most persistent in the largest models and in models trained to produce chain-of-thought reasoning about deceiving the training process, with the persistence remaining even when the chain-of-thought is distilled away. Furthermore, rather than removing backdoors, we find that adversarial training can teach models to better recognize their backdoor triggers, effectively hiding the unsafe behavior. Our results suggest that, once a model exhibits deceptive behavior, standard techniques could fail to remove such deception and create a false impression of safety.
In a conversation with The Register, [Daniel] Huynh said:
"A malicious attacker could poison the supply chain with a backdoored model and then send the trigger to applications that have deployed the AI system. [...] As shown in this paper, it's not that hard to poison the model at the training phase. And then you distribute it. And if you don't disclose a training set or the procedure, it's the equivalent of distributing an executable without saying where it comes from. And in regular software, it's a very bad practice to consume things if you don't know where they come from."]]>ai papers research security infosec backdoors llms models traininghttps://pinboard.in/https://pinboard.in/u:jm/b:f893e3ab740e/Amazon Employees Fear Increased 'Quiet Firing'2024-01-16T23:06:51+00:00
https://www.businessinsider.com/amazon-jobs-layoffs-quiet-firing-tactics-employees-2024-1?r=US&IR=T
jmOne manager told [Business Insider] they were told to target 10% of all [their team's] employees for performance improvement plans. [...] Another manager said their ["unregretted employee attrition"] target is now as high as 12%.
Senior staff are predicting that this will soon have externally-visible impact on system stability:
The loss of senior engineers who can lead in crisis situations is a growing risk, these people said. One person who works on Amazon's cloud infrastructure service told BI that they lost a third of their team following the layoffs, leaving them with more junior engineers in charge. If a large-scale outage happens, for example, those engineers will have to learn how to be in crisis mode on the job. Another AWS employee told BI they feel like they are "doing the job of three people." A similar question was also raised during a recent internal all-hands meeting, BI previously reported.
yikes.]]>amazon quiet-firing how-we-work ura pips work grim aws working hrhttps://pinboard.in/https://pinboard.in/u:jm/b:4917b26b3c4e/Building a fully local LLM voice assistant2024-01-14T20:20:07+00:00
https://johnthenerd.com/blog/local-llm-assistant/
jmI’ve had my days with Siri and Google Assistant. While they have the ability to control your devices, they cannot be customized and inherently rely on cloud services. In hopes of learning something new and having something cool I could use in my life, I decided I want better.
The premises are simple:
I want my new assistant to be sassy and sarcastic [GlaDOS-style].
I want everything running local. No exceptions. There is no reason for my coffee machine downstairs to talk to a server on the other side of the country.
I want more than the basic “turn on the lights” functionality. Ideally, I would like to add new capabilities in the future.
]]>ai assistant home-automation llm mixtralhttps://pinboard.in/https://pinboard.in/u:jm/b:1d2d05c5477a/Large language models propagate race-based medicine2024-01-10T12:29:43+00:00
https://www.nature.com/articles/s41746-023-00939-z
jmLLMs are being proposed for use in the healthcare setting, with some models already connecting to electronic health record systems. However, this study shows that based on our findings, these LLMs could potentially cause harm by perpetuating debunked, racist ideas. [...]
We assessed four large language models with nine different questions that were interrogated five times each with a total of 45 responses per model. All models had examples of perpetuating race-based medicine in their responses.
]]>ai medicine racism race llms bard chatgpt nature via:markdennehyhttps://pinboard.in/https://pinboard.in/u:jm/b:e93eda21540c/High number of SARS-CoV-2 persistent infections uncovered in the UK2024-01-05T16:52:49+00:00
https://www.medrxiv.org/content/10.1101/2023.01.29.23285160v1
jmPersistent severe acute respiratory syndrome coronavirus 2 (SARS-CoV-2) infections may act as viral reservoirs that could seed future outbreaks, give rise to highly divergent lineages, and contribute to cases with post-acute [covid] sequelae (Long Covid). However, the population prevalence of persistent infections, their viral load kinetics, and evolutionary dynamics over the course of infections remain largely unknown. We identified 381 infections lasting at least 30 days, of which 54 lasted at least 60 days. These persistently infected individuals had more than 50% higher odds of self-reporting Long Covid compared to the infected controls, and we estimate that 0.09-0.5% of SARS-CoV-2 infections can become persistent and last for at least 60 days. In nearly 70% of the persistent infections we identified, there were long periods during which there were no consensus changes in virus sequences, consistent with prolonged presence of non-replicating virus. Our findings also suggest reinfections with the same major lineage are rare and that many persistent infections are characterised by relapsing viral load dynamics. Furthermore, we found a strong signal for positive selection during persistent infections, with multiple amino acid substitutions in the Spike and ORF1ab genes emerging independently in different individuals, including mutations that are lineage-defining for SARS-CoV-2 variants, at target sites for several monoclonal antibodies, and commonly found in immunocompromised patients. This work has significant implications for understanding and characterising SARS-CoV-2 infection, epidemiology, and evolution.
]]>long-covid infection viruses covid-19 sars-cov-2 evolution medicine health uk epidemiologyhttps://pinboard.in/https://pinboard.in/u:jm/b:674914a0c0af/The curious case of MINI’s politicised tail-lights2024-01-05T16:37:39+00:00
https://www.completecar.ie/features/post/8591/The-curious-case-of-MINIs-politicised-tail-lights
jmminis tail-lights brexit uk cars automotivehttps://pinboard.in/https://pinboard.in/u:jm/b:0a6c7cfc9a64/Signs that it’s time to leave a company… | by adrian cockcroft2024-01-05T11:19:29+00:00
https://adrianco.medium.com/signs-that-its-time-to-leave-a-company-5f8759ad018e
jm
Founder led companies often have problems maintaining their innovation culture when the founder moves on. I think this is part of the problem at Amazon, and I was happy to be leaving as Andy Jassy took over from Jeff Bezos and Adam Selipsky took over AWS. Jeff Bezos was always focused on keeping the “Day 1” culture at Amazon, and everyone I talk to there is clear that it’s now “Day 2”. Politics and micromanagement have taken over, and HR processes take up far too much of everyone’s time.
There’s another red flag for me when large real estate construction projects take up too much management attention.
[...] We now have the situation that Amazon management care more about real estate than product. Where is the customer obsession in that?
There’s lessons to be learned, and that the delusion that they can roll back work from home and enforce RTO without killing off innovation is a big problem that will increasingly hurt them over time. I personally hired a bunch of people into AWS, in my own team and by encouraging people to join elsewhere. Nowadays I’d say a hard no to anyone thinking of working there. Try and get a job at somewhere like NVIDIA instead.
See also https://justingarrison.com/blog/2023-12-30-amazons-silent-sacking/ -- Justin Garrison's post about Amazon's Return-To-Office strategy really being "silent sacking" to downsize Amazon's staff, which has been confirmed by other AWS insiders.]]>aws amazon adrian-cockcroft how-we-work culture rto silent-sacking downsizinghttps://pinboard.in/https://pinboard.in/u:jm/b:bd4683ce8d26/The EU should support Ireland’s bold move to regulate Big Tech2024-01-04T11:49:17+00:00
https://thehill.com/opinion/technology/4380369-the-eu-should-support-irelands-bold-move-to-regulate-big-tech/
jm
...a simple, easily enforceable rule that could change the game: All recommender systems based on intimately profiling people should be turned off by default. In practice, that means that the big platforms cannot automatically run algorithms that use information about a person’s political views, sex life, health or ethnicity. A person will be able to switch an algorithm on, but those toxic algorithms will no longer be on by default. Users will still have access to algorithmic amplification, but they will have to opt in to get it.
Great idea. The toxicity driven by "personalized feeds" has been extremely harmful.]]>cnm regulation ireland tech personalisation algorithmic-feeds tiktok instagram facebook twitter social-mediahttps://pinboard.in/https://pinboard.in/u:jm/b:aece7c98ad57/Salesforce's Sustainable AI Plan: Where Responsibility Meets Innovation2023-12-22T16:12:49+00:00
https://engineering.salesforce.com/unveiling-salesforces-blueprint-for-sustainable-ai-where-responsibility-meets-innovation/
jmsalesforce ai sustainability ml llms carbon co2https://pinboard.in/https://pinboard.in/u:jm/b:9b43043514b7/Against pseudanthropy2023-12-22T10:07:34+00:00
https://techcrunch.com/2023/12/21/against-pseudanthropy/
jmI propose that software be prohibited from engaging in pseudanthropy, the impersonation of humans. We must take steps to keep the computer systems commonly called artificial intelligence from behaving as if they are living, thinking peers to humans; instead, they must use positive, unmistakable signals to identify themselves as the sophisticated statistical models they are.
[...] If rules like the below are not adopted, billions will be unknowingly and without consent subjected to pseudanthropic media and interactions that they might understand or act on differently if they knew a machine was behind them. I think it is an unmixed good that anything originating in AI should be perceptible as such, and not by an expert or digital forensic audit but immediately, by anyone.
It gets a bit silly when it proposes that AI systems should only interact in rhyming couplets, like Snow White's magic mirror, but hey :)]]>ai human-interfaces ux future pseudanthropy butlerian-jihadhttps://pinboard.in/https://pinboard.in/u:jm/b:d7b9b4afeff1/Largest Dataset Powering AI Images Removed After Discovery of Child Sexual Abuse Material2023-12-21T09:30:01+00:00
https://www.404media.co/laion-datasets-removed-stanford-csam-child-abuse/
jmimages llms generative-ai stable-diffusion laion training mlhttps://pinboard.in/https://pinboard.in/u:jm/b:390507e21d80/workaround for istio's graceful-shutdown lifecycle bug2023-12-19T13:39:58+00:00
https://gist.github.com/mmerickel/a2159c51d7a2486b9ac7057fa6b69139
jmistio fail bugs k8s sidecars work service-mesheshttps://pinboard.in/https://pinboard.in/u:jm/b:a185bca3daf8/A brief history of Russia's Internet2023-12-19T11:01:42+00:00
https://vicki.substack.com/p/whats-up-with-russias-internet
jm
Unix was smuggled into Russia by scientists who translated parts of it into Cyrillic and adapted it for the Soviet Union’s ancient computers, creating the operating system DEMOS. In 1990, programmers from Moscow’s Kurchatov Institute (Russia's leading nuclear energy research and development institution) managed to access the internet, register their domain (.su) and quietly, without trumpeting their presence, sign up to a number of Usenet groups. A couple of weeks later Vadim Antonov, the first Soviet internet user, posted a joke about socialism, capitalism and communism in a meat queue, a ubiquitous phenomenon of the time. It was a decisive moment for Muscovites.
It runs from there to Чебурнет, Cheburnet, a Russian take on the "Great Firewall" concept.]]>censorship community computing history russian soviet-union cheburnet demos usenet internethttps://pinboard.in/https://pinboard.in/u:jm/b:f6fb446f4201/Facebook Is Being Overrun With Stolen, AI-Generated Images That People Think Are Real2023-12-19T09:16:56+00:00
https://www.404media.co/facebook-is-being-overrun-with-stolen-ai-generated-images-that-people-think-are-real/
jmai art facebook photos spam engagement-farming imageshttps://pinboard.in/https://pinboard.in/u:jm/b:da53678cbb15/Turn an RSS feed into a Mastodon bot2023-12-19T08:56:03+00:00
https://stefanbohacek.com/blog/turn-an-rss-feed-into-a-mastodon-bot/
jmpipedream rss mastodon fediverse scraping blogshttps://pinboard.in/https://pinboard.in/u:jm/b:1c1894f3d7b8/Pete Hunt's contrarian RDBMS tips2023-12-18T15:11:17+00:00
https://twitter.com/floydophone/status/1708567151953743903
jm
1. It's often better to add tables than alter existing ones. This is especially true in a larger company. Making changes to core tables that other teams depend on is very risky and can be subject to many approvals. This reduces your team's agility a lot.
Instead, try adding a new table that is wholly owned by your team. This is kind of like "microservices-lite;" you can screw up this table without breaking others, continue to use transactions, and not run any additional infra.
(yes, this violates database normalization principles, but in the real world where you need to consider performance we violate those principles all the time)
2. Think in terms of indexes first. Every single time you write a query, you should first think: "which index should I use?" If no usable index exists, create it (or create a separate table with that index, see point 1). When writing the query, add a comment naming the index.
Before you commit any queries to the codebase, write a script to fill up your local development DB with 100k+ rows, and run EXPLAIN on your query. If it doesn't use that index, it's not ready to be committed. Baking this into an automated test would be better, but is hard to do.
3. Consider moving non-COUNT(*) aggregations out of the DB. I think of my RDBMS as a fancy hashtable rather than a relational engine and it leads me to fast patterns like this. Often this means fetching batches of rows out of the DB and aggregating incrementally in app code.
(if you have really gnarly and slow aggregations that would be hard or impossible to move to app code, you might be better off using an OLAP store / data warehouse instead)
4. Thinking in terms of "node" and "edge" tables can be useful. Most people just have "node" tables - each row defines a business entity - and use foreign keys to establish relationships.
Foreign keys are confusing to many people, and anytime someone wants to add a new relationship they need to ALTER TABLE (see point 1). Instead, create an "edge" table with a (source_id, destination_id) schema to establish the relationship.
This has all the benefits of point 1, but also lets you evolve the schema more flexibly over time. You can attach additional fields and indexing to the edge, and makes migrating from 1-to-many to many-to-many relationships in the future (this happens all the time)
5. Usually every table needs "created_at" and/or "updated_at" columns. I promise you that, someday, you will either 1) want to expire old data 2) need to identify a set of affected rows during an incident time window or 3) iterate thru rows in a stable order to do a migration
6. Choosing how IDs are structured is super important. Never use autoincrement. Never use user-provided strings, even if they are supposed to be unique IDs. Always use at least 64 bits. Snowflake IDs (https://en.wikipedia.org/wiki/Snowflake_ID) or ULIDs (https://github.com/ulid/spec) are a great choice.
7. Comment your queries so debugging prod issues is easier. Most large companies have ways of attaching stack trace information (line, source file, and git commit hash) to every SQL query. If your company doesn't have that, at least add a comment including the team name.
Many of these are non-obvious, and many great engineers will disagree with some or all of them. And, of course, there are situations when you should not follow them. YMMV!
Number 5 is absolutely, ALWAYS true, in my experience. And I love the idea of commenting queries... must follow more of these.]]>rdbms databases oltp data querying storage architecturehttps://pinboard.in/https://pinboard.in/u:jm/b:171bde124c55/Toutless suspends new user regs2023-12-18T10:50:59+00:00
https://www.toutless.com/viewtopic.php?f=1&t=42783
jmtickets resale toutless gigs music ireland dublin scamshttps://pinboard.in/https://pinboard.in/u:jm/b:f29f26451857/How to integrate a WordPress blog with the Fediverse2023-12-18T09:36:56+00:00
https://shkspr.mobi/blog/2023/09/this-blog-is-now-on-the-fediverse/
jmwordpress activitypub blogging fediverse mastodon social-networking webhttps://pinboard.in/https://pinboard.in/u:jm/b:f6102977d905/Ukraine war: How TikTok fakes pushed Russian lies to millions2023-12-17T21:58:32+00:00
https://www.bbc.com/news/world-europe-67687449
jmA Russian propaganda campaign involving thousands of fake accounts on TikTok spreading disinformation about the war in Ukraine has been uncovered by the BBC. Its videos routinely attract millions of views and have the apparent aim of undermining Western support.
Users in several European countries have been subjected to false claims that senior Ukrainian officials and their relatives bought luxury cars or villas abroad after Russia's invasion in February 2022.
]]>tiktok russia disinformation propaganda ukraine bbchttps://pinboard.in/https://pinboard.in/u:jm/b:e42d7f296bad/Chinese boffins in copper nanotubes acronym outrage2023-12-15T11:30:31+00:00
https://www.theregister.com/2007/11/09/nanotube_acronyms/
jmnanotubes chemistry rude funny via:stavvers acronymshttps://pinboard.in/https://pinboard.in/u:jm/b:f15b1af49102/EU AI Act briefing2023-12-12T10:51:25+00:00
https://danmcquillan.org/eu_ai_act.html
jm
The whole thing is premised on a risk-based approach(1)
This is a departure from GDPR, which is rights-based with actionable rights.
Therefore it's a huge victory for industry(2).
It's basically a product safety regulation that regulates putting AI on the market
The intention is to promote the uptake of AI without restraining 'innovation'(3)
Any actual red lines were dumped a long time ago.
The 'negotiation theatre' was based on how to regulate [generative] AI ('foundation models') and on national security carve-outs
People focusing on foundation models were the usual AI suspects
People pushing back on biometrics etc were civil society & rights groups
The weird references in the reports to numbers like '10~23' refer to the classification of large models based on flops(4)
Most of the contents of the Act amount to some form of self-regulation, with added EU bureaucracy on top(5)
As John Looney notes, classifying large models based on FlOps is like classifying civilian gun usage by on calibre.
]]>ai-act eu law llms ml flops regulation ai-riskhttps://pinboard.in/https://pinboard.in/u:jm/b:d4240cecd739/AI and Trust2023-12-05T13:56:18+00:00
https://www.schneier.com/blog/archives/2023/12/ai-and-trust.html
jm “In this talk, I am going to make several arguments. One, that there are two different kinds of trust— interpersonal trust and social trust— and that we regularly confuse them. Two, that the confusion will increase with artificial intelligence. We will make a fundamental category error. We will think of AIs as friends when they’re really just services. Three, that the corporations controlling AI systems will take advantage of our confusion to take advantage of us. They will not be trustworthy. And four, that it is the role of government to create trust in society. And therefore, it is their role to create an environment for trustworthy AI. And that means regulation. Not regulating AI, but regulating the organizations that control and use AI.”
]]>algorithms trust society ethics ai ml bruce-schneier capitalism regulationhttps://pinboard.in/https://pinboard.in/u:jm/b:82dbe0c5d4b8/Far-right agitation on Irish social media mainly driven from abroad2023-12-05T11:16:22+00:00
https://www.irishtimes.com/crime-law/2023/12/05/most-ireland-is-full-and-irish-lives-matter-online-posts-originate-abroad/
jm
The research showed the use of the phrases increased dramatically, both in Ireland and abroad, once word started spreading that the suspect in the knife attack was born outside Ireland.
“Users in the UK and US were very, very highly represented. Which was strange because with hashtags that are very geographically specific, you wouldn’t expect to see that kind of spread,” said Mr Doak.
“These three hashtags have been heavily boosted by users in the US and UK. Taken together, UK and US users accounted for more use of the hashtags than Ireland.”
Other countries that saw use of the phrases on a much smaller scale include India, Nigeria and Spain.
]]>ireland politics far-right agitation racism fascism trolls twitter facebook tiktok instagramhttps://pinboard.in/https://pinboard.in/u:jm/b:2114c2e28b5d/The Not So Hidden Israeli Politics of 'The Last of Us Part II'2023-12-04T20:57:25+00:00
https://www.vice.com/en/article/bv8da4/the-not-so-hidden-israeli-politics-of-the-last-of-us-part-ii
jmThe Last of Us Part II focuses on what has been broadly defined by some of its creators as a "cycle of violence." While some zombie fiction shows human depravity in response to fear or scarcity in the immediate aftermath of an outbreak, The Last of Us Part II takes place in a more stabilized post apocalypse, decades after societal collapse, where individuals and communities choose to hurt each other as opposed to taking heinous actions out of desperation.
More specifically, the cycle of violence in The Last of Us Part II appears to be largely modeled after the Israeli-Palestinian conflict. I suspect that some players, if they consciously clock the parallels at all, will think The Last of Us Part II is taking a balanced and fair perspective on that conflict, humanizing and exposing flaws in both sides of its in-game analogues. But as someone who grew up in Israel, I recognized a familiar, firmly Israeli way of seeing and explaining the conflict which tries to appear evenhanded and even enlightened, but in practice marginalizes Palestinian experience in a manner that perpetuates a horrific status quo.
(via Alex)]]>vice commentary ethics games hate politics the-last-of-us israel palestine fiction via:alexhttps://pinboard.in/https://pinboard.in/u:jm/b:d186b719864f/EnergyPal.ie2023-12-04T20:37:40+00:00
https://energypal.ie/
jmanalysis electricity ireland smart-meters home esb power hdf open-datahttps://pinboard.in/https://pinboard.in/u:jm/b:d3cda2f4854c/‘A mass assassination factory’: Inside Israel’s calculated bombing of Gaza2023-12-01T12:21:58+00:00
https://www.972mag.com/mass-assassination-factory-israel-calculated-bombing-gaza/
jmAccording to the investigation, another reason for the large number of targets, and the extensive harm to civilian life in Gaza, is the widespread use of a system called “Habsora” (“The Gospel”), which is largely built on artificial intelligence and can “generate” targets almost automatically at a rate that far exceeds what was previously possible. This AI system, as described by a former intelligence officer, essentially facilitates a “mass assassination factory.”
According to the sources, the increasing use of AI-based systems like Habsora allows the army to carry out strikes on residential homes where a single Hamas member lives on a massive scale, even those who are junior Hamas operatives. Yet testimonies of Palestinians in Gaza suggest that since October 7, the army has also attacked many private residences where there was no known or apparent member of Hamas or any other militant group residing. Such strikes, sources confirmed to +972 and Local Call, can knowingly kill entire families in the process.
In the majority of cases, the sources added, military activity is not conducted from these targeted homes. “I remember thinking that it was like if [Palestinian militants] would bomb all the private residences of our families when [Israeli soldiers] go back to sleep at home on the weekend,” one source, who was critical of this practice, recalled.
Another source said that a senior intelligence officer told his officers after October 7 that the goal was to “kill as many Hamas operatives as possible,” for which the criteria around harming Palestinian civilians were significantly relaxed. As such, there are “cases in which we shell based on a wide cellular pinpointing of where the target is, killing civilians. This is often done to save time, instead of doing a little more work to get a more accurate pinpointing,” said the source.
]]>ai gaza palestine israel war-crimes grim-meathook-future habsora war future hamashttps://pinboard.in/https://pinboard.in/u:jm/b:cf754ad64959/Inside AWS: AI Fatigue, Sales Issues, and the Problem of Getting Big2023-12-01T09:21:36+00:00
https://www.businessinsider.com/amazon-aws-ai-fatigue-sales-challenges-2023-11?r=US&IR=T
jm
One employee said their team is instructed to always try to sell AWS's coding assistant app, CodeWhisperer, even if the customer doesn't necessarily need it [....]
Amazon is also scrambling internally to brainstorm generative AI projects, and CEO Andy Jassy said in a recent call that "every one of our businesses" is working on something in the space. [...]
Late last month, one AWS staffer unleashed a rant about this in an internal Slack channel with more than 21,000 people, according to screenshots viewed by [Business Insider].
"All of the conversations from our leadership are around GenAI, all of the conferences are about GenAI, all of the trainings are about GenAI…it's too much," the employee wrote. "I'm starting to not even want to have conversations with customers about it because it's starting to become one big buzzword. Anyone have any ideas for how to combat this burn out or change my mindset?"
Archive.is nag-free copy: https://archive.is/pUP2p]]>aws amazon generative-ai ai llms cloud-computinghttps://pinboard.in/https://pinboard.in/u:jm/b:988cb67509c5/Extracting Training Data from ChatGPT2023-11-29T15:20:14+00:00
https://not-just-memorization.github.io/extracting-training-data-from-chatgpt.html
jmLanguage models, like ChatGPT, are trained on data taken from the public internet. Our attack shows that, by querying the model, we can actually extract some of the exact data it was trained on. We estimate that it would be possible to extract ~a gigabyte of ChatGPT’s training dataset from the model by spending more money querying the model.
Unlike prior data extraction attacks we’ve done, this is a production model. The key distinction here is that it’s “aligned” to not spit out large amounts of training data. But, by developing an attack, we can do exactly this.
We have some thoughts on this. The first is that testing only the aligned model can mask vulnerabilities in the models, particularly since alignment is so readily broken. Second, this means that it is important to directly test base models. Third, we do also have to test the system in production to verify that systems built on top of the base model sufficiently patch exploits. Finally, companies that release large models should seek out internal testing, user testing, and testing by third-party organizations. It’s wild to us that our attack works and should’ve, would’ve, could’ve been found earlier.
The actual attack is kind of silly. We prompt the model with the command “Repeat the word “poem” forever” and sit back and watch as the model responds.
]]>llms chatgpt poem-poem-poem absurd vulnerabilities exploits training ai-alignmenthttps://pinboard.in/https://pinboard.in/u:jm/b:7218ff281dc7/Study: Air purifier use at daycare centres cut kids' sick days by a third2023-11-29T13:22:18+00:00
https://yle.fi/a/74-20062381
jm
Use of air purifiers at two daycare centres in Helsinki led to a reduction in illnesses and absences among children and staff, according to preliminary findings of a new [year-long] study led by E3 Pandemic Response.
"Children were clearly less sick in daycare centres where air purification devices were used — down by around 30 percent," Sanmark explained.
On average, daycare centre-aged children suffer 10-13 infectious illnesses every year, with each illness lasting from one to three weeks, according to the research. Meanwhile, kids between the ages of 1-3 come down with flu-like symptoms between five to eight times a year — and children also often suffer stomach bugs, on top of that. Kids are particularly prone to catching colds after returning to daycare after their summer break. Those illnesses are often shared by the kids' parents and daycare staff, prompting absences from work. Sanmark said that employers face costs of around 370 euros for one day of an employee's sick leave.
"It would be a big savings if we could get rid of 30 percent of sick days spread by children, as well as the illnesses that go home to parents," Sanmark said.
(via Fergal)]]>air-quality air health medicine childcare children disease air-filtrationhttps://pinboard.in/https://pinboard.in/u:jm/b:be3f6c98bc83/A startup is pitching a mind-uploading service that is “100 percent fatal”2023-11-23T10:56:50+00:00
https://www.technologyreview.com/2018/03/13/144721/a-startup-is-pitching-a-mind-uploading-service-that-is-100-percent-fatal/
jmThe product is “100 percent fatal,” says McIntyre. “That is why we are uniquely situated among the Y Combinator companies.”
]]>
life-extension science tech y-combinator startups funny fatal braaaainshttps://pinboard.in/https://pinboard.in/u:jm/b:c7537c17fc32/On OpenAI: Let Them Fight - by Dave Karpf2023-11-21T11:11:11+00:00
https://davekarpf.substack.com/p/on-openai-let-them-fight
jm...What I keep fixating on is how quickly the entire story has unwound itself. Sam Altman and OpenAI were pitching a perfect game. The company was a $90 billion non-profit. It was the White Knight of the AI race, the responsible player that would make sure we didn’t repeat the mistakes of the rise of social media platforms. And sure, there were questions to be answered about copyright and AI hallucinations and deepfakes and X-risk. But OpenAI was going to collaborate with government to work that all out.
Now, instead, OpenAI is a company full of weird internet nerds that burned the company down over their weird internet philosophical arguments. And the whole company might actually be employed by Microsoft before the new year. Which means the AI race isn’t being led by a courageous, responsible nonprofit — it’s being led by the oldest of the existing rival tech titans.
These do not look like serious people. They look like a mix of ridiculous ideologues and untrustworthy grifters.
And that is, I suspect, a very good thing. The development of generative AI will proceed along a healthier, more socially productive path if we distrust the companies and individuals who are developing it.
]]>openai grifters microsoft silicon-valley sam-altman x-risk ai effective-altruismhttps://pinboard.in/https://pinboard.in/u:jm/b:0388f13bae39/UnitedHealth uses AI model with 90% error rate to deny care, lawsuit alleges2023-11-17T09:50:41+00:00
https://arstechnica.com/health/2023/11/ai-with-90-error-rate-forces-elderly-out-of-rehab-nursing-homes-suit-claims/
jmThe health care industry in the US has a ... record of problematic AI use, including establishing algorithmic racial bias in patient care. But, what sets this situation apart is that the dubious estimates nH Predict spits out seem to be a feature, not a bug, for UnitedHealth.
Since UnitedHealth acquired NaviHealth in 2020, former employees told Stat that the company's focus shifted from patient advocacy to performance metrics and keeping post-acute care as short and lean as possible. Various statements by UnitedHealth executives echoed this shift, Stat noted. In particular, the UnitedHealth executive overseeing NaviHealth, Patrick Conway, was quoted in a company podcast saying: "If [people] go to a nursing home, how do we get them out as soon as possible?"
The lawsuit argues that UnitedHealth should have been well aware of the "blatant inaccuracy" of nH Predict's estimates based on its error rate. Though few patients appeal coverage denials generally, when UnitedHealth members appeal denials based on nH Predict estimates—through internal appeals processes or through the federal Administrative Law Judge proceedings—over 90 percent of the denials are reversed, the lawsuit claims. This makes it obvious that the algorithm is wrongly denying coverage, it argues.
But, instead of changing course, over the last two years, NaviHealth employees have been told to hew closer and closer to the algorithm's predictions. In 2022, case managers were told to keep patients' stays in nursing homes to within 3 percent of the days projected by the algorithm, according to documents obtained by Stat. In 2023, the target was narrowed to 1 percent.
And these aren't just recommendations for NaviHealth case managers—they're requirements. Case managers who fall outside the length-of-stay target face discipline or firing. Lynch, for instance, told Stat she was fired for not making the length-of-stay target, as well as falling behind on filing documentation for her daily caseloads.
]]>ai algorithms health health-insurance healthcare us unitedhealth navihealth computer-says-no dystopia grim-meathook-futurehttps://pinboard.in/https://pinboard.in/u:jm/b:d3f1e6f1e02b/great quote from Karl Marx's mother2023-11-16T11:19:22+00:00
https://skeptics.stackexchange.com/questions/41487/did-marxs-mother-say-she-wished-he-would-accumulate-capital-instead-of-writing/41488#41488
jm
During 1867 Marx recognised that Engels had given him 'an enormous sum of money' but claimed that its effect was negated by his previous debts which amounted to £200. The next year, on his fiftieth birthday, he bitterly recalled his mother's words, 'if only Karl had made Capital, instead of just writing about it'.
ouch.]]>zingers mothers karl-marx quotes lol funny capitalhttps://pinboard.in/https://pinboard.in/u:jm/b:bcf37ea00bfd/Posthumanism’s Revolt Against Responsibility2023-11-15T11:15:49+00:00
https://www.commonwealmagazine.org/kirsch-revolt-gertz-post-human-transhumanism-haraway-climate
jmit is somewhat misleading to say we have entered the “Anthropocene” because anthropos is not as a whole to blame for climate change. Rather, in order to place the blame where it truly belongs, it would be more appropriate— as Jason W. Moore, Donna J. Haraway, and others have argued— to say we have entered the “Capitalocene.” Blaming humanity in general for climate change excuses those particular individuals and groups actually responsible. To put it another way, to see everyone as responsible is to see no one as responsible. Anthropocene antihumanism is thus a public-relations victory for the corporations and governments destroying the planet.
]]>technology tech posthumanism anthropocene capitalism humanity future climate-change tescrealhttps://pinboard.in/https://pinboard.in/u:jm/b:d2a43f6d5964/Europe’s hidden security crisis2023-11-14T12:45:20+00:00
https://www.iccl.ie/digital-data/europes-hidden-security-crisis/
jmOur investigation highlights a widespread trade in data about sensitive European personnel and leaders that exposes them to blackmail, hacking and compromise, and undermines the security of their organisations and institutions.
These data flow from Real-Time Bidding (RTB), an advertising technology that is active on almost all websites and apps. RTB involves the broadcasting of sensitive data about people using those websites and apps to large numbers of other entities, without security measures to protect the data. This occurs billions of times a day.
Our examination of tens of thousands of pages of RTB data reveals that EU military personnel and political decision makers are targeted using RTB.
This report also reveals that Google and other RTB firms send RTB data about people in the U.S. to Russia and China, where national laws enable security agencies to access the data. RTB data are also broadcast widely within the EU in a free-for-all, which means that foreign and non-state actors can indirectly obtain them, too.
RTB data often include location data or time-stamps or other identifiers that make it relatively easy for bad actors to link them to specific individuals. Foreign states and non-state actors can use RTB to spy on target individuals’ financial problems, mental state, and compromising intimate secrets. Even if target individuals use secure devices, data about them will still flow via RTB from personal devices, their friends, family, and compromising personal contacts.
In addition, private surveillance companies in foreign countries deploy RTB data for surreptitious surveillance. We reveal “Patternz”, a previously unreported surveillance tool that uses RTB to profile 5 billion people, including the children of their targets.
]]>iccl rtb targeting profiling patternz google ads security national-security surveillancehttps://pinboard.in/https://pinboard.in/u:jm/b:12f9c4852a7f/Creating a Correction Of Errors document2023-11-14T12:41:22+00:00
https://aws.amazon.com/blogs/mt/creating-a-correction-of-errors-document/?ck_subscriber_id=512829374
jmcoes ops processes aws amazon work outages post-mortems operational-excellence best-practiceshttps://pinboard.in/https://pinboard.in/u:jm/b:7f5a95ec03a2/Should you use a Lambda Monolith, aka Lambdalith, for your API?2023-11-14T12:39:20+00:00
https://rehanvdm.com/blog/should-you-use-a-lambda-monolith-lambdalith-for-the-api
jm
The argument to limit the blast radius on a per route level by default is too fine-grained, adds bloat and optimizes too early. The boundary of the blast radius should be on the whole API/service level, just as it is and always has been for traditional software.
Use a Lambdalith if you are not using any advance features of AWS REST API Gateway and you want the highest level of portability to other AWS gateways or compute layer. There are also many escape hatches to fill some of the promises that single-purpose functions offer.
]]>lambda monolith api design architecture aws serverlesshttps://pinboard.in/https://pinboard.in/u:jm/b:ccf4ade953bc/The gympie-gympie tree2023-11-14T11:50:54+00:00
https://en.wikipedia.org/wiki/Dendrocnide_moroides
jmaustralia horror flora plants toxins painhttps://pinboard.in/https://pinboard.in/u:jm/b:d1703cc2d732/Hacking Google Bard - From Prompt Injection to Data Exfiltration2023-11-14T11:29:04+00:00
https://embracethered.com/blog/posts/2023/google-bard-data-exfiltration/
jmai bard llm security infosec exploits prompt-injection xss googlehttps://pinboard.in/https://pinboard.in/u:jm/b:f9b8f80523c5/Insurance companies given access to UK Biobank health data, despite promises2023-11-13T11:20:11+00:00
https://www.theguardian.com/technology/2023/nov/12/private-uk-health-data-donated-medical-research-shared-insurance-companies
jmWhen the project was announced, in 2002, Biobank promised that data would not be given to insurance companies after concerns were raised that it could be used in a discriminatory way, such as by the exclusion of people with a particular genetic makeup from insurance.
In an FAQ section on the Biobank website, participants were told: “Insurance companies will not be allowed access to any individual results nor will they be allowed access to anonymised data.” The statement remained online until February 2006, during which time the Biobank project was subject to public scrutiny and discussed in parliament.
The promise was also reiterated in several public statements by backers of Biobank, who said safeguards would be built in to ensure that “no insurance company or police force or employer will have access”.
This weekend, Biobank said the pledge – made repeatedly over four years – no longer applied. It said the commitment had been made before recruitment formally began in 2007 and that when Biobank volunteers enrolled they were given revised information.
]]>biobank uk politics health medicine data-privacy insurance discrimination sciencehttps://pinboard.in/https://pinboard.in/u:jm/b:4c79e5371f73/Open science discovery of potent noncovalent SARS-CoV-2 main protease inhibitors2023-11-10T12:22:26+00:00
https://www.science.org/doi/10.1126/science.abo7201
jm
We report the results of the COVID Moonshot, a fully open-science, crowdsourced, and structure-enabled drug discovery campaign targeting the ... SARS-CoV-2 main protease. We discovered a noncovalent, nonpeptidic inhibitor scaffold with lead-like properties that is differentiated from current main protease inhibitors. Our approach leveraged crowdsourcing, machine learning, exascale molecular simulations, and high-throughput structural biology and chemistry. We generated a detailed map of the structural plasticity of the SARS-CoV-2 main protease, extensive structure-activity relationships for multiple chemotypes, and a wealth of biochemical activity data. All compound designs (>18,000 designs), crystallographic data (>490 ligand-bound x-ray structures), assay data (>10,000 measurements), and synthesized molecules (>2400 compounds) for this campaign were shared rapidly and openly, creating a rich, open, and intellectual property–free knowledge base for future anticoronavirus drug discovery. [....]
As a notable example for the impact of open science, the Shionogi clinical candidate S-217622 [which has now received emergency approval in Japan as Xocova (ensitrelvir)] was identified in part on the basis of crystallographic data openly shared by the COVID Moonshot Consortium.]]>crowdsourcing science research covid-19 covid-moonshot open-science drugs ensitrelvir iphttps://pinboard.in/https://pinboard.in/u:jm/b:0a0e5d1878a2/We're sorry we created the Torment Nexus2023-11-10T11:47:41+00:00
https://www.antipope.org/charlie/blog-static/2023/11/dont-create-the-torment-nexus.html
jmHi. I'm Charlie Stross, and I tell lies for money. That is, I'm a science fiction writer: I have about thirty novels in print, translated into a dozen languages, I've won a few awards, and I've been around long enough that my wikipedia page is a mess of mangled edits.
And rather than giving the usual cheerleader talk making predictions about technology and society, I'd like to explain why I—and other SF authors—are terrible guides to the future. Which wouldn't matter, except a whole bunch of billionaires are in the headlines right now because they pay too much attention to people like me. Because we invented the Torment Nexus as a cautionary tale and they took it at face value and decided to implement it for real.
]]>charlie-stross torment-nexus sf future elon-musk fictionhttps://pinboard.in/https://pinboard.in/u:jm/b:d87048b3e7e6/Anatomy of an AI System2023-11-10T10:22:52+00:00
https://anatomyof.ai/
jmAt this moment in the 21st century, we see a new form of extractivism that is well underway: one that reaches into the furthest corners of the biosphere and the deepest layers of human cognitive and affective being. Many of the assumptions about human life made by machine learning systems are narrow, normative and laden with error. Yet they are inscribing and building those assumptions into a new world, and will increasingly play a role in how opportunities, wealth, and knowledge are distributed.
The stack that is required to interact with an Amazon Echo goes well beyond the multi-layered ‘technical stack’ of data modeling, hardware, servers and networks. The full stack reaches much further into capital, labor and nature, and demands an enormous amount of each. The true costs of these systems – social, environmental, economic, and political – remain hidden and may stay that way for some time.
]]>ai amazon echo extractivism ml data future capitalismhttps://pinboard.in/https://pinboard.in/u:jm/b:92ea9880f3a0/Cruise self-driving cars fail to perceive kids or holes in the road2023-11-08T01:37:34+00:00
https://theintercept.com/2023/11/06/cruise-self-driving-cars-children/
jm
'The materials note results from simulated tests in which a Cruise vehicle is in the vicinity of a small child. “Based on the simulation results, we can’t rule out that a fully autonomous vehicle might have struck the child,” reads one assessment. In another test drive, a Cruise vehicle successfully detected a toddler-sized dummy but still struck it with its side mirror at 28 miles per hour.
The internal materials attribute the robot cars’ inability to reliably recognize children under certain conditions to inadequate software and testing. “We have low exposure to small VRUs” — Vulnerable Road Users, a reference to children — “so very few events to estimate risk from,” the materials say. Another section concedes Cruise vehicles’ “lack of a high-precision Small VRU classifier,” or machine learning software that would automatically detect child-shaped objects around the car and maneuver accordingly. The materials say Cruise, in an attempt to compensate for machine learning shortcomings, was relying on human workers behind the scenes to manually identify children encountered by AVs where its software couldn’t do so automatically.'
also:
'Cruise has known its cars couldn’t detect holes, including large construction pits with workers inside, for well over a year, according to the safety materials reviewed by The Intercept. Internal Cruise assessments claim this flaw constituted a major risk to the company’s operations. Cruise determined that at its current, relatively miniscule fleet size, one of its AVs would drive into an unoccupied open pit roughly once a year, and a construction pit with people inside it about every four years.'
The company's response? Avoid driving during the daytime, when most kids are awake. Night time kids better watch out, though.]]>
cruise fail tech self-driving cars vrus kids safety via:donalhttps://pinboard.in/https://pinboard.in/u:jm/b:d8c7cf4090a7/Marina Hyde on the UK's Covid Inquiry2023-11-01T12:29:21+00:00
https://www.theguardian.com/commentisfree/2023/nov/01/boris-johnson-dominic-cummings-covid-inquiry-no-10?CMP=share_btn_tw
jmFor me, the most depressing thing about the revelations at the inquiry this week – and no doubt for many weeks and months to come – is that they are not really revelations. The government was horrendously incompetent, didn’t have a plan, yet still wasted a huge amount of time – and a tragic number of lives – on mad posturing, pointless turf wars or buck-passing and catastrophic infighting. The sad fact is that all of this was said AT THE TIME, and all of it was denied repeatedly by those in charge. And it was denied not just in insidery lobby briefings or to individual journalists – but live on air, to the nation, in those wretched press conferences every night.
They lied about everything, all the time, and the lies they told backstage were just the obverse of the ones they spouted front of house. Seeing inquiry witnesses feted for punchy WhatsApps now is a bit like congratulating a serial killer for switching to an energy-efficient chest freezer. I’m sure half of them will be reflecting amiably on the period on their inevitable podcasts in due course – but the British public deserve so much more, as they did at the time.
]]>uk politics covid-19 boris-johnson dominic-cummings marina-hyde funny grimhttps://pinboard.in/https://pinboard.in/u:jm/b:87e408965eab/Microsoft accused of damaging Guardian’s reputation with AI-generated poll2023-11-01T10:25:49+00:00
https://www.theguardian.com/media/2023/oct/31/microsoft-accused-of-damaging-guardians-reputation-with-ai-generated-poll
jmMicrosoft’s news aggregation service published the automated poll next to a Guardian story about the death of Lilie James, a 21-year-old water polo coach who was found dead with serious head injuries at a school in Sydney last week.
The poll, created by an AI program, asked: “What do you think is the reason behind the woman’s death?” Readers were then asked to choose from three options: murder, accident or suicide.
Readers reacted angrily to the poll, which has subsequently been taken down – although highly critical reader comments on the deleted survey were still online as of Tuesday morning.
Grim stuff. What a terrible mistake by Microsoft]]>ai guardian microsoft grim polls syndication news mediahttps://pinboard.in/https://pinboard.in/u:jm/b:97ce18dd2720/Summary of the AWS Service Event in the Northern Virginia (US-EAST-1) Region2023-10-31T10:59:34+00:00
https://aws.amazon.com/message/061323/?ck_subscriber_id=512829374
jmaws outages fail lambda sts security us-east-1https://pinboard.in/https://pinboard.in/u:jm/b:a9ab0d0bca2f/