Tools may become dangerous due to a combination of flags. `ln -sf /dev/null /my-file` will make that file empty (not really, but that's beside the point).
Yes. My proposal is that the part of the system that actually executes the command, instead of trying to parse the LLM's proposed command and validate/quote/escape/etc. it, should expose an API that only includes safe actions. The LLM says "I want to create a symbolic link from foo to bar" and the agent ensures that both ends of that are on the accept list and then writes the command itself. The LLM says "I want to run this cryptic Bash command" and the agent says "sorry, I have no idea what you mean, what's Bash?".
That's a distinction without a difference, in the end you still have an arbitrary bash command that you have to validate.
And it is simply easier to whitelist directories than individual commands. Unix utilities weren't created with fine-grained capabilities and permissions in mind. Wherever you add a new script or utility to a whitelist, you have to actively think whether any new combination may lead to privileges escalation or unintended effects.
No, that argument makes no sense. SQL injection doesn't happen because of where the input comes from; it happens because of how the input is handled. We can avoid Bobby Tables scenarios while receiving input that influences SQL queries from humans, never mind neural networks. We do it by controlling the system that transforms the input into a query (e.g. by using properly parameterized queries).
Well, to be fair, I did say "is not read beyond the code itself", header is not the code, so retry-after is a perfectly valid answer. I vaguely remember reading about it, but I don't recall seeing it used in practice. MDN link shows that Chrome derivatives support that header though, which makes it pretty darn widespread
Up until very recently I would have said definitely not, but we're talking about LLM scrapers, who knows how much they've got crammed into their context windows.
I really liked the idea of what they did with the start menu of win8. Whenever I opened the start menu, my intent was to focus on look for something in the start menu, not multitask, so live tiles were perfect. IIRC I even wrote a couple of toy apps with those tiles. Win8.1(blue?) was much more polished experience though, original 8 had a lot of rough edges.
I had an original Lenovo yoga and boy the desktop touch experience was bad. Hardware wise it wasn't winning any prizes either. The cooler died a couple of times and replacements were a pain to procure.
Well, it's an EV with a big inverter, not a generator, but I get your point. And I do periodically fire it up and run the house on it for a little while, just to exercise the connection and maintain my familiarity with it in case I need to use it late at night in the dark with an ice storm breaking all the trees around us.
Oh, I see! Genuinely curious -- what kind of EV has a battery to power a house for a week?
> maintain my familiarity with it in case I need to use it late at night in the dark with an ice storm breaking all the trees around us.
That's the way to do it. I usually did my trial runs during the day with light readily available but underestimated how much I needed to see what I am doing. Now there's a grounding plug and a flashlight in the "oh shit kit".
> what kind of EV has a battery to power a house for a week?
Assuming their heating, cooking and hot water is gas, a house doesn't actually consume that much. With a 50kWh battery you can draw just under 300W continuously for a week. I'd expect the average house to draw ~200W with lighting and a few electronics, with a lean towards the evenings for the lighting.
On paper the numbers look right, but a week off _50kWh_ EV battery feels off.
What follows is back of the napkin calculations, so please treat it as such and correct me if I am wrong.
1. Inverters are not 100% efficient. Let's assume 90%
2. Let's also assume that the user does not want to draw battery to 0 to not become stranded or have to do the "Honda generator in the trunk" trick. Extra 10%?
3. 300W continuous sounds a bit low even with gas appliances. Things like the fridge and furnace blower have spiky loads that push the daily average. Let's add 100W to the average load? I might be being too generous here, but I used 300W, not the 200W lower bound.
4. Vehicle side might need some consumption. If powering off the battery, it would probably need to cool the battery or keep some smarts on to make sure it does not drain or overheat? Genuinely not sure how to estimate this, let's neglect it for now.
Math is (50kw - 10%(inverter loss) - 10%(reserve)) / 0.4 = 100 (hours), ~ 4 days.
The above calculations assume a sane configuration (proper bidirectional wire, not suicide cord into 12v outlet). Quick skim of search for cars with bidirectional charging support for home shows batteries between ~40kWh(Leaf) to 250 kWh (Hummer).
So looks like one should be looking for ~80kWh battery, which actually most of the cars in the list have.
Again, very back of the napkin, would probably wanna add 20% margin of error.
Actually yes one thing I didn't consider in my calculation is the fridge (mostly because it's a spiky load that rarely comes on and I based it off my own apartment's instantaneous consumption at the time which was ~100W since the fridge compressor wasn't running).
Indeed with the fridge it pushes it a bit. But to address some of your other points:
> it would probably need to cool the battery
I'd expect if you're in a storm then you probably don't need any cooling - not to mention a 300W load is nothing for an EV battery compared to actually moving the vehicle. I'd expect some computers in the vehicle to be alive but that should be a ~10-20W draw.
On the other hand, my calculation assumes ~300W continuous. I expect the consumption to lean into the evenings due to the extra lighting, and drop off during other times.
But yes 80kWh might very well be what the OP has; I intentionally picked 50kWh as the lowest option I found on a "<major ev brand> battery kwh" search.
So the attacker doesn't need to send an evil-bit over the network, if they can trigger the system into dreaming up the evil-bit indirectly as its own output at some point.
I won't argue, but there is a middle ground between articles consisting of pure JAFAs and this:
> accommodate readers who won’t even type four letters into a search bar
I think it helps if acronyms are expanded at least once or in a footnote so that the potential new reader can follow along and does not need to guess what ACMV^ means.
^: Awesome Combobulating Method by VTimofeenko, patent pending.
Most likely case is that the tv is computing hash locally and sending the hash. Judging by my dnstap logs, roku TV maintains a steady ~0.1/second heartbeat to `scribe.logs.roku.com` with occasional pings to `captive.roku.com`. The rest are stragglers that are blocked by `*.roku.com` DNS blackhole. Another thing is `api.rokutime.com`, but as of writing it's a CNAME to one of `roku.com` subdomains.
The block rates seem to correlate with watch time increasing to ~1/second, so it's definitely trying to phone home with something. Too bad it can't since all its traffic going outside LAN is dropped with prejudice.
If your network allows to see stuff like that, look into what PS5 is trying to do.
If you're tracking packets can't you tell by the data size? A 4k image is a lot more data than a hash.
I do suspect you're right since they would want to reduce bandwidth, especially since residential upload speeds are slow but this is pretty close to verifiable, right?
Also just curious, what happens if you block those requests? I can say Samsung TVs really don't like it... but they will be fine if you take them fully offline.
> If you're tracking packets can't you tell by the data size? A 4k image is a lot more data than a hash.
I admit, I've not gotten around to properly dumping that traffic. For anyone wanting to do this, there's also a spike of DNS requests every hour on the hour, even if tv is off(well, asleep). Would be interesting to see those too. Might be a fun NY holiday project right there. Even without decrypting (hopefully) encrypted traffic, it should be verifiable.
> Also just curious, what happens if you block those requests?
Due to `*.roku.com` DNS black hole, roku showed no ads but things like Netflix and YouTube using standard roku apps("channels") worked fine. I now moved on to playing content using nvidia shield and blocking outside traffic completely. Only odd thing is that the TV occasionally keeps blinking and complains about lack of network if I misclick and start something except HDMI input.
Hashing might not work since the stream itself would be a variable bitrate, meaning the individual pixels would differ and therefore the computed file hash
These are two articles I liked that are referenced in the Python ImageHash library on PyPi, second article is a follow-up to the first.
Here's paraphrased steps/result from first article for hashing an image:
1. Reduce size. The fastest way to remove high frequencies and detail is to shrink the image. In this case, shrink it to 8x8 so that there are 64 total pixels.
2. Reduce color. The tiny 8x8 picture is converted to a grayscale. This changes the hash from 64 pixels (64 red, 64 green, and 64 blue) to 64 total colors.
3. Average the colors. Compute the mean value of the 64 colors.
4. Compute the bits. Each bit is simply set based on whether the color value is above or below the mean.
5. Construct the hash. Set the 64 bits into a 64-bit integer. The order does not matter, just as long as you are consistent.
The resulting hash won't change if the image is scaled or the aspect ratio changes. Increasing or decreasing the brightness or contrast, or even altering the colors won't dramatically change the hash value.
In the same way that Shazam can identify songs despite the audio source being terrible over a phone, mixed with background noise. It doesn't capture the audio as a WAV and then scan its database for an exact matching WAV segment.
I'm sure it is way more complex than this, but shazam does some kind of small windowed FFT and distills it to the dominant few frequencies. It can then find "rhythms" of these frequency patterns, all boiled down to a time stream of signature data. There is some database which can look up these fingerprints. One given fingerprint might match multiple songs, but since they have dozens of fingerprints spread across time, if most of them point to the same musical source, that is what gets ID'd.
Main data comes from unbound[1], I use vector[2] to ship and transform logs. Dnstap[3] log format IME works better than the standard logs, especially when it comes to more complex queries and replies. Undesired queries get 0.0.0.0 as a response which I track.
Besides what others have said, another dead simple option is to use Nextdns: https://nextdns.io
Doesn't require running anything locally and supports various block rules and lists and allows you to enable full log retention if you want. I recommend it to non-techies as the easiest way to get something like pi-hole/dnscrypt-proxy. (but of course not being self-hosted has downsides)
edit: For Roku, DNS blocking like this only works if Roku doesn't use its own resolver. If it's like some Google devices it'll use 8.8.8.8 for DNS resolution ignoring your gateway/DHCP provided DNS server.
My router owns the IP 8.8.8.8 when seen from inside my network; the Roku literally can't ask Google for DNS via DNS, HTTP, or DNS-over-TLS.. It also answers DNS requests on port 53, and believes that there is no scribe.logs.roku.com, along with many other domains.
The downside is that Google seems to think I'm in a botnet, and wants us to login to see anything on YouTube.
I've explored that! Couldn't figure it out but it certainly sounds possible. And even easier solution is just to block all DNS resolvers except your chosen one. When 8.8.8.8 doesn't work GDevices will fallback to the DHCP assigned resolver (usually your gateway)
I'm a noob at this, but can you do that when it is DoT or DoH? Like I thought the point of them is that you can't forget the DNS request. Even harder with oDoH, right? So does that really get around them?
Replace your router's DNS with something like pi-hole or a bog standard dnsmasq, turn up the logging, that's it. Ubiquiti devices I think also offer detailed DNS logging but not sure.
My suggestion would be to configure your own router using a Linux distro. It's not as difficult as it sounds, the kernel already does most of the heavy lifting. All you need to really do is enable packet forwarding and configure the firewall using iptables rules (block all in, allow all out is a reasonable default). I use Unbound as my recursive DNS resolver, together with Hagezi's blacklists to provide DNS filtering. I filter ports 53 and 853, and filter by IP known public DNS servers (Hagezi maintains a list). DHCP is provided by the isc-dhcp-server package on Debian.
That's a more or less complete home router, with plenty on spare resources to run internal or external services like a Wireguard tunnel, file server, or the Docker/Podman runtime.
That being said, I still wouldn't connect a "smart" TV to the Internet. There are better options like a Linux HTPC.
It's polite to give parsers (human or otherwise) hints that they're about to encounter text which is now intended for a different kind of parser.
I recently forgot to surround my code in ``` and Gemini refused to help with it (I think I tripped a safety guardrail, it thought I was targeting it with an injection attack). Amusingly, the two ways to work around it were to fence off my code with backticks or to just respond to:
> I can't help you with that
With
> Why not?
After which it was then willing to help with the unquoted code. Presumably it then perceived it as some kind of philosophical puzzle rather than an attack.
Fair question, it does look a bit jarring when not rendered. I write a lot of markdown and it's a very strong force of habit to use backticks to sort of highlight a technical term and turn it into a noun.
Similar to writing endash as a double hyphen.
When I read what I write, my eyes glance through backticks and maybe come back if I need to parse the inner term in more detail.
Anecdata, but I was once on a tour of a colocation DC. Located in Vegas, near the old town in a basement of some office building. Completely unassuming from the outside. Inside it was a little loud, but not terribly so. Busy street level noise maybe.
Given the absolute state of their website on mobile it's hardly surprising. It's faster to find an employee and ask them where an item is at instead of waiting for the search to finish, see that it the "current store" now points to a random location somewhere in a different state, pick the correct store and re-do the search
I had to check what the gold standard McMaster-Carr does: their torque wrench drive size widget is sorted 1/4", 3/8", 1/2", 3/4", 1", 1 1/2". Glorious. https://www.mcmaster.com/products/torque-wrenches/
I'd expect nothing less from them. The right thing to do here is to implement a sorting key for different categories here. Since McMaster-Carr seems to be going to a category when you search, they seem to have better control over the available filters.
I've found that on a site like Amazon or Walmart that'll let you do a more freeform sort, the filter options becomes absolutely god awful.
Well done by McMaster-Carr. I assume they control their inventory a bit more than a marketplace like Home Depot, Walmart, or Amazon, so that's also an advantage.
The schemas for Amazon and Walmart's product information are absolutely bonkers and constantly missing features that they demand be provided.
Here's the XML Schema Definition for "Product" on Amazon [1]
This is joined on each of the linked category schemas included at the type, of which each has unique properties that ultimately drive the metadata on a particular listing for the SKU. Its wrought with inconsistency, duplicated fields, and oftentimes not up-to-date with required information.
Ultimately, this product catalog information gets provided to Amazon, Walmart, Target, and any other large 3rd party marketplace site as a feed file from a vendor to drive what product they can then list pricing and inventory against (through similar feeds).
You are right that the control McMaster-Carr has on their catalog is the strategic and technological advantage.
Very interesting how nearly half the list is (assumedly) every single chemical listed under California Prop 65. Do they really need to specify exactly which chemical it is? I've seen thousands of prop 65 warnings in my life but I've literally never seen it tell me what chemical its warning me about. I just commented to a friends a couple weeks ago i wished they'd tell me what so i could look it up myself!
McMaster-Carr's website is actually pretty impressive given how unassuming it is. It does a ton of pre-loading on hover and caching to make it feel like you're just navigating a static site. I didn't even realize that the page had a loading state until I enabled throttling from my network tab and immediately clicked on a link as soon as I hovered over it.
Mouser et al also do it right for mixed unit lists, eg. component dimensions are shown in their specified units but sorted as: 11mm, 12mm, 0.5in, 13mm, ...
No. You are likely and automatically extrapolating the attention to detail seen in the outcome into believing that it is a reflection of the attention , thought and method of their internal workings.
Which is a good indicator, but you can’t be sure of. Additionally you may imagine liking it but not enjoy it in life, even if true.
I had a major WTF moment there, until I realized that's probably for a hex driver (and thus something totally different than what I think of when someone says "impact wrench").
It's probably a default ordering or an ordering by an unshown database ID value. It's a small enough set that it doesn't really matter for practical purposes, but I guess it does betray a lack of attention to detail.
Or when the site tells you your store doesn't have a part in stock, but neglects to tell you that they do have 350 of the identical part, different brand, in stock. Because who would ever buy a 1/2-inch close Halex rigid conduit close nipple in-store right now when they could wait a few days for a 1/2-inch close Commercial Electric rigid conduit nipple?
I feel like the home depot website is fine. It's a lot better than most other shops, I've had a good experience finding the aisle and location of items, and it's generally accurate with the amount in stock at each location. If you didn't enable precise location or have bad cell signal then that is hardly the fault of the website.
I will not argue with the stock part. When the search _does_ finish, stock info is usually correct IME.
What grinds my gears is the speed of this search, regardless of the phone reception. Even on the desktop it feels like they have a bunch of interns running a sneakernet. Or the website is laden with pointless javascript that slows everything down before the search is actually performed.
I go to the same Home Depot every time. (Well I don't if I can help it, but that's beside the point). There is no reason they cannot store the preferred store in the localStorage or cookies or wherever else. Other stores have figured this out.
Not CostCo though! I open their page and immediately 'Can Costco.ca use your location?" I say yes and then it asks me what province I'm in. I tell it, and then it defaults me to a store 30 minutes' drive from here and not the one five minutes away. Every. Time.
On the contrary, you can also search for items with easily the least useful search I've ever seen.
Pizza pockets? Okay, anything that mentions pizza, or pockets. So frozen pizzas, in-store-made pizzas, pizza flavored pringles, pants with pockets, dresses with pockets, frozen items that are similar to pizzas but aren't pizzas, frozen items which aren't similar to pizzas, granola bars I guess, basketballs, and so on.
It seems as though their search just takes the search terms, matches them against every item in their database in order of relevance, and then just shows you everything regardless of how relevant it is. 0.00121 out of 100? Well, it's still technically relevant! Let's show it just in case!
Their internal setup was also an absolute mess as of 4 years ago. A horrific hybrid of extremely legacy systems and new systems created around COVID which are both nicer and also deeply lacking in features we needed as floor workers.
I understand that upgrading and migrating to new systems takes time but this process never seemed like it involved anyone on the ground.
This is definitely true and makes the experience shittier than it otherwise would be, but even with a great signal/connection it frequently loads so slowly that I've long run out of patience.
I have gotten in the habit of looking up what isle and bay the thing I need is before I get there, and then I screenshot it because too many times the page has needed to reload and start over
I bought a water heater that had a large (1k!) instant rebate that you had to scan, sign up on website and show the emailed coupon to the person during cashing out. Took me 25 minutes wandering around the store to get enough reception to actually do this process. Made me chuckle, thinking how having it online only but before point of sale in the store was such a terrible, terrible idea.
Nah, I use both the website and their shitty web wrapper app on a regular basis and it's been a dumpster fire for at least the last 2-3 years. 3-5 years ago when they first rebuilt everything it was much more pleasant but at this point it's clear no one is maintaining it and have just let it bloat and rot
also, when I'm in my local store it seems like cell connection goes to shit for some reason and then I have to jump on their in store wifi in order to search their website
Their in-store WiFi is a repeater more or less. It's one of those bullshit forced auto-join networks that you can't opt out of (at least on iOS). Because that's not a massive vector for phishing or anything.
Yes, although I've had terrible experience with their wifi. I'm sure it depends on the store, but coverage is usually terrible and highly spotty, so if you're walking around or standing in the wrong area, it stops working.
At one point I also had to disable wireguard because I think it was triggering some sort of anti-abuse thing they had. It wasn't even using an exit node, just bridging me to my home network so I could access self-hosted services. I get the desire for anti-abuse, but that felt pretty draconian and I don't expect the average person to consider they might have to disable a VPN to get it to work, especially nowadays when many average people do have VPNs running.
This is a network carrier setting, the issue is that T-Mobile (and maybe others) pushes a profile that does this as part of their network configuration.
I went to Wi-Fi settings, "Edit" in top right, scroll to bottom "Managed" section, and was able to turn off "Auto-Join" for the "t-mobile" managed network just fine. I did this many months ago, I think because I was infuriated at the idea of auto-connecting to a Wi-Fi network I did not opt in to, but regardless, the checkbox has remained off through a few OS updates since (on 26.1 now with a T-Mo prepaid eSIM).
There's no "Managed" section showing up on my phone and the last time I set that network to not auto-join it still did. Lesson learned, I just turn off WiFi and Bluetooth before heading out to Home Depot.
I was livid when I discovered that my carrier had implemented that with no opt out. I worked around it by implementing shortcuts that disable my iPhone's WiFi when I leave my house until I've returned or reached one of the handful of other places I use it. It's ridiculous that something like that is necessary, though.
Indeed, Home Depot's software is generally so bad. I remember around 2017/2018 time frame when they started showing up to big tech conferences (especially K8s and React.js conferences) really trying to modernize. I spent a few minutes talking to the people manning the booth (which were surprisingly high ranking in the company, at least by title), and came away thinking "I'm glad you're making an effort, but y'all really have no idea what you're doing." The left hand and the right hand had completely different ideas/priorities about how to accomplish their goals. I didn't want to make any judgments on a simple conversation at a conference, but at this point I think time has shown that it was pretty representative of how they were approaching it internally, and unsurprisingly it did not work out super well.
Now that said, I don't want to minimize the difficulty in modernizing software at a corp like HD. It's wildly more difficult than most people can appreciate. I've consulted for companies trying to do it, and there are lots of challenges with legacy systems, migrations, and plenty of non-technical challenges as well.
Shout out to Wal-mart for genuinely kicking ass at this though. I'm quickly becoming an Onn fanboy. Genearlly speaking, great products at great prices, from their USB cables up to their smart speakers and more. You can really tell from the product design and implementation that they are letting the nerds geek out and have fun! That in turn enables me to do the same :-)
I'll bet money any new React/K8s/${WEBSCALE} stuff they're building is still just a wrapper over the same old inventory management they've been using for years...probably something like JDEdwards on AS/400.
You would lose that bet. Walmart has invested a LOT in modernizing stuff over the last 10 years. You cannot deliver groceries in less than an hour using the old inventory. It's not perfect, but what it's been done given the scale , it's nothing short of a miracle.
Source: I have been working there for 10 years.
I was talking HD. Walmart has a rep for being a decent tech shop and given how well all their stuff seems to work, I would not be remotely surprised if they weren't on the leading edge of good software.
It's sadly all too common. I worked at a Fortune50 retailer with a massive IT org. Was on a call one day with one of our most Senior Ent Arch who was excitedly telling me about how "these Java scripts" were the hot new thing and we were building "modern web 3.0 pages" with them. He did not understand the difference between Java and JavaScript or a blockchain branding exercise and SPAs.
I think they made some splashy hires at the time, and they contributed to the Google SRE workbook. Same as Walmart. They definitely tried. Corporate inertia is a killer.
It varies a lot by store. I’ve been to HDs where they’re all useless, and others where there’s a good number of knowledgeable DIYers working there.
I think a lot of people just expect too much from a big box store employee making $17/hr… You go to HD because you have an easy job and you’re as cheap as their MBAs. If you need help, go to a supply house or an Ace Hardware or something.
Fully this. Every Ace or Do It Best I've been to in Washington has had at least one Rugged Grandpa ™ on staff who could have given me a PhD-level essay on whatever I asked them about; at Home Depot I'm lucky if the folks there have any idea what an impact-rated bit is or why I specifically need one and NO please stop trying to sell me this other crap if you're sold out of the impact bits, they are NOT the same!
(It gets worse the further from the power tools section you get, I find. I had to explain the difference between a three-prong and four-prong 240V plug once at HD and promptly told my friend to stop asking the staff for "help" finding things.)
> It gets worse the further from the power tools section you get, I find. I had to explain the difference between a three-prong and four-prong 240V plug once at HD and promptly told my friend to stop asking the staff for "help" finding things.
The best feature of Home Depot is order pickup. No need to explain to someone that some appliances use both 120V for control power and 240V power for the motor or heating element; or that you’re installing a receptacle to backfeed a 120/240V panel with a 120/240V generator and therefore you need a 4-wire NEMA 14 series receptacle with a neutral conductor, you just buy one and pick it up from a locker. It’s made buying things from Home Depot tolerable for me, I’m used to buying material from supply houses where the folks are knowledgeable, I know that’s not the case at HD so I don’t even bother asking.
The store I worked at for a while had a surprising number of real bearded experts, alongside at least a few younger folks who really understood the internal systems. It was great, but clearly was eroding as the experts retired and young folks with no experience were hired to replace them.
I asked an employee for something by part number and described it. The answer he gave was "why the hell would you want that anyways? I've worked here 13 years and never seen one". I found it on a shelf a few levels up and used a grounding rod from the electrical section to spear it and bring it down to ground level
Its hard to locate anything in their stores these days and its even harder to find any staff. So what I do is order for pickup and let them do the work.
I think the same people/platform made the Best Buy mobile website, they look very similar. Just absolutely atrocious design. It's slow, the UI elements bounce all over the place, it forgets your selections, and godspeed if for whatever reason you need to refresh the page because something chose not to render. That's outside of the store on a good connection. Doing this IN the store is a whole new level of hair pulling frustration.
Also I once asked an employee for help locating an item and they told me to pull up the app. I was like "you pull up the app", and we sat there for 5 minutes waiting for things to load until he decided he'll just help me locate the item lol
I'm just happy that Best Buy recently added the ability to filter out items they cannot actually sell me. The amount of searches I would do where I had to scroll through page after page of 'not available online' 'not available in store' items in order to find a search result they actually had was ridiculous.
Now Home Depot for some reason just doesn't load on mobile (white screen) unless I disable content filtering in the browser. Classy.
reply