Goodhart's law strikes again at someone with enough power to be both ignorant of it and make others suffer their ignorance. You cannot simply measure productivity by tokens spent just like you can't measure it by hours spent in a chair at a desk.

The 2008 housing crisis affected everyone. Bubbles that get too big pop across the population, whether they're complicit or not. As a little guy in a big world, with no expertise to truly know if there's a meaningful difference, I have a bit of anxiety about it all. I just don't want to catch collateral.

My biggest problem as an independent contractor is marketing and notoriety. Security has been a race to the bottom for over a decade now, but it's gotten exponentially worse. LLMs can't just do my job, but there are enough people with checkbooks who believe that it can and enough companies out there with an incentive to confirm that belief that it's getting harder for me to find work organically.

After that, I have strict requirements (and instructions) in my estate for accessing and deleting the few accounts I still need at that time. I'm fortunate enough to have started using a password manager as early as 15 years ago, and used it diligently, so redundant access is as easy as possible.

Almost no one I know wants agent usage to be a zero-sum activity. There are a few oddballs who obviously only got into software for the money, so any means to that end is acceptable. That does not stop those with say-so over things like employment (and, if you're in the USA, the associated healthcare), from treating it as a zero-sum activity.

When engineers are being told to maximize token usage, are constantly being brought into meetings where they're expected to reveal their latest and greatest use of LLMs, and not using enough tokens in your role is seen as a negative, then the pressure starts to creep in. Yes, I know this is silly to most people who read this site, and I agree. It's bonkers. But there is certainly something to the idea of "AI psychosis" in upper management that is making agent use zero-sum company-wide.

Having come across Zapffe's "existential elk" theory in the last year, it's hard to not see consciousness as a design flaw rather than an upgrade that sits at the root of the things driving climate change, e.g. hyperconsumerism, rampant use of non-renewable materials, and all the other things we choose into for personal satisfaction despite the negative impacts to the whole.

Might we have been better off without consciousness, or at least not as detrimental to the planet? I don't know.

I can't comment, follow, like, or anything like that without getting the "Sign in or create your account to join the cookout!" popup. I wasn't trying to cause problems or get downvoted, this is just the the first non-BlueSky PDS I've ever come across and was curious to see the federation work.

I'm not as familiar with ATProto as ActivityPub, but following someone from another Mastodon instance, for example, is seamless as long as I'm logged in to the account I have on my home instance.

What moderation decisions were made regarding this "Link" user that were suspect, using the post author's word?

We had to break into a particular unit of a multi-tenant office building. The client wanted us to focus on social engineering, but if we were able to do that, to move on to testing if anyone would see it as suspicious if someone was messing with doors and stuff.

So my partner walked up to the reception desk with a toolbox and a clipboard, claiming to be there for an off-schedule inspection of the elevator fire suppression system. Signed the guestbook with no formal verification, walked into the office area, and sat down to plug his laptop into an ethernet drop.

Meanwhile, after he texted me to let me know he was in, I took the stairs up to a door that led into the back of the target unit and just had to use a traveler's hook to pull door latch open. No guard plates or anything in the way.

Then I walked around in my business casual outfit until I found what looked like an IT closet, waited for a time when no one was in the hall with me, and used an under-the-door tool to pop it open. All their network equipment was in there along with spare laptops and an unlocked IT admin machine on a desk.

:)

People, as we like to say, are not paid enough to care. At-will employment, company-sponsored healthcare, etc. have employees so focused on their own wellbeing that protecting "the company" is the last thing on their minds, and I can't really blame them. That lady who you barged in on may very well have just been used to micromanaging jerks doing it to her all the time, so she has to seem busy.

Physical security, in my experience, comes down to giving people something to protect which actually benefits them to protect. All the technical controls in the building can fail and one person with enough skin in the game can kill an intrusion attempt in seconds.

You can be for tariffs all you want, I'm not here to argue their efficacy. But you absolutely cannot with any intellectual honesty still be on the fence about whether he abused his power given this ruling.

It is not "flip flopping policy" to break the bounds of your Constitutional power and be shut down by one of the branches meant to check you.

"This isn't what I voted for" is a common utterance. They can't help themselves, so I do my best to help, while they undercut my options to help them.

I can sit right in front of them and describe the problems I'm now dealing with and point out the exact legislative changes that caused them and it's like their brains turn off until the subject changes. More than happy to pray for me, though.

In the three or four year I worked with them, they would only let me do penetration testing of their user network, and never the segments where the developers were, and never the product itself. In speaking with their security team (one guy - shocker) during compliance initiatives, it was very clear to me that the product itself was not to be touched per the explicit direction of senior leadership.

All I can say is that if the parts of their environment they did let us touch are any indication of the state of the rest of their assets, that device was compromised a long time ago.

Comments URL: https://news.ycombinator.com/item?id=46766140

Points: 55

# Comments: 4