As I commented in the other post, it killed mine at work, because my boss is pushing "AI" really hard on the devs. Fortunately, he's now seeing enough evidence to counteract the hype, but it's still going to be present and dragging down my work. But it my off time, I only experiment with LLMs to see if they're getting better. Spoiler alert: they aren't, at least not for the kind of things I want to do.
I have an experimental project where I was asking various LLMs/tools (ChatGPT, Cursor, Google, Lovable) to implement an old game for me. They all failed spectacularly in various ways. For example, when trying to debug an issue, got into a loop making the same sets of mistakes over and over again. Or "solving" a problem by removing an implementation, or claiming something was fixed but all it did was stop checking the error. It's been disastrous.
I've had better success with LLMs as just a supercharged search engine, but only after I went through several rounds of adding instructions to prevent hallucinations and lies.
I also asked one to create a tutorial for me to follow in regards to a complicated game I'm trying to understand. It lied repeatedly, making up features and telling me to set options that just didn't exist.
My boss loves LLMs and claims it really improved his productivity, but the stuff he's talking about is JS stuff. When he (and I as well) try to use it with Java the viability of the results drops off dramatically.
I'm 62, and it's had the opposite effect on me. I've never stopped loving writing code, learning new things, trying random stuff, etc. I code all day, and spend more time playing with stuff in the evenings (the main difference is I'm sipping some scotch while I do it). Having to use LLM's at work has sucked most of the joy out of my work. Fighting with them, keeping them on track, catching hallucinations before they go too far, wasted effort...it's exhausting me like nothing else in my 40+ year career.
The worst excesses of "modern" web presentation, coupled with a complete lack of actual gardening info...I'm completely baffled. 1% "here's your zone", and 99% "your zone is almost no use for gardening"
I had (probably still have) a similar-ish problem. I have an old nVidia Shield handheld that I bought a wired ethernet adapter for. Something about that adapter would kill my network dead after a random interval. It took a while to figure out what device was causing it, and unplugging the adapter would instantly cause the network to come back to life. I never figured out what the root cause was, I just stopped using the adapter.
It's unlikely that "regulators" had anything to do with it, given the quick resolution. I'd be more inclined to think that Epic went back to Apple hat-in-hand and begged to be let back in, probably promising to muzzle Sweeney.
>It's unlikely that "regulators" had anything to do with it, given the quick resolution.
Disagree. EU regulators act quickly.
Here's the commissioner for Internal Market of the Eu:
"I take note with satisfaction that following our contacts Apple decided to backtrack its decision on Epic exclusion. From Day 2, #DMA is already showing very concrete results!"
https://twitter.com/ThierryBreton/status/1766167580497117464
Yes very unlikely, that Apple didn't want to try out the new 10% penalty of global turnover, after the commission said she is looking into it and days after Apple was bonked with a 1.8bn fine for violating antitrust regulations
It's good scrutiny to have, but I'm surprised that there are now at leat 3 users here that really believe that Apple reversed course in 3 days out of the goodness of their hearts. I can't even get a response from many customer services in 3 days. No company thst big turns on a dime without extreme arm twisting.
Can confirm. I've been waiting for Apple's developer support to reply to me since before this debacle. I finally got a response 2 hours ago – after I resolved my issue – that stated they are busy right now.
> The EU told Apple that breaking the law would have dire consequences. That's the only reason Apple backed down.
You have no idea that this is what happened. You're the one spreading propaganda.
Why propagandize it at all?
EPIC hates Apple and wants to see the App store dead. Apple reasonably didn't trust EPIC not to play games with the DMA. The EU asked EPIC to give an assurance that they would play by the rules and then forced Apple to accept that assurance. Neither of them won anything. Apple is forced to let EPIC in, and EPIC is forced to accept that Apple is complying with the DMA.
That fits the facts. EPIC isn't a good guy. Apple isn't a good guy. The EU isn't a hero. Why try to paint any of them this way?
> The moment credit agencies started running their own monitoring services, it seemed like they were openly admitting that they were defaming people. I still do not understand why this is legal.
If you're signed up for credit monitoring, you get notified when your credit info gets changed, so you have a chance to react if it's an error (or fraud). How is that defamation? Why would it be illegal?
It's defamation because they know their information is frequently incorrect, that it is trivial for people to get outright fraudulent transactions attached to people's "credit report". Knowing that, they then present that information as fact to others, despite knowing that the information they provided is used specifically for purposes where false information will add significant costs to the people they're reporting on.
Now you're right, I can get credit monitoring, in which I pay money so that I can spend my time verifying they're not publishing fraudulent information. So now it goes from defamation to extortion: we'll defame you unless you pay us and do the work of ensuring we don't defame you.
They do not publish fraudulent data. They publish data provided by the credit grantors. If the credit grantors don't do their due diligence, that's on them, not the CRA. And if credit grantors fail to due that due diligence often enough, they get kicked out.
g051051? The guy who keeps trying to post porn all over this site? I can't believe you've got the guts to go posting here. I've told everyone about your disgusting behavior.
What's that? You never did that? Well, for just $5/month you can sign up for my monitoring service and we can investigate your claims. In the mean time, I'm going to keep warning everyone about your behavior.
I feel like most people would consider the above behavior unacceptable, but it's okay because I'm a big company dedicated to stopping perverts like you.
(hopefully it is clear that I'm not actually serious. Unlike the credit agencies)
You told a reporter that story. The reporter, _without verifying it_, then tells his newspaper that the story you told is true and he's verified it (which is a lie). Now the newspaper publishes it. Who's responsible?
> They have successfully convinced the public that identity theft is a separate and distinct crime done exclusively by one person to another rather than simply fraud that they are aiding and abetting.
This demonstrates a fundamental misunderstanding of how credit reporting works.
When "identity theft" occurs, it's important to realize that the credit reporting firms are not involved. That is solely due to failures, at the institutions that actually grant credit, to verify the identity of the person they are interacting with.
The flow goes: a fraudster uses harvested data to impersonate someone to a credit grantor, such as a credit card company. The credit grantor, accepting this identity at face value, asks the credit reporting agency (CRA) about the credit rating of the impersonated entity. The CRA says "Joe Victim has a relatively low risk of fraud". So the identity theft has already occurred before the CRA is even consulted.
Later on, when the fraudster fails to pay as agreed, the credit grantor incorrectly reports to the CRA that the fraud was caused by Joe Victim. Again, the CRA is just relying on the data provided to them by their clients.
I understood the comment about aiding and abetting to be a reference to the fact that Equifax leaked about half of all Social Security Numbers back in 2017. For 145 million Americans the "harvested data" you refer to was data that the credit bureaus hoovered up and then failed to protect.
If the bank failed to apply industry-standard security techniques then yeah, I'd say the bank leaked money. The criminals are obviously the most culpable, but when you're storing more than 100 million SSNs it's not unreasonable to expect your IT department to:
* Update their dependencies within two months of a critical security vulnerability being patched (Mar 7 to May 12).
* In the event of a breach, detect it within a reasonable timeframe (76 days is not reasonable when you're the Fort Knox of financial information).
* Have a reasonably well-segmented network such that a compromise in a single user-facing web app doesn't lead to your entire network being compromised.
> Update their dependencies within two months of a critical security vulnerability being patched (Mar 10 to May 12).
They thought they did, but failed.
> In the event of a breach, detect it within a reasonable timeframe (76 days is not reasonable when you're the Fort Knox of financial information).
Impossible to guarantee. A sophisticated enough attack might never be detected, regardless of the competence of the security department.
> Have a reasonably well-segmented network such that a compromise in a single user-facing web app doesn't lead to your entire network being compromised.
It is impossible to so completely segment a network. If I can get the data via an authorized program, that means there's a path between networks and a hacker can potentially exploit that path.
Oh, never mind then. Clearly since they thought they updated the dependency it's all good.
> Impossible to guarantee. A sophisticated enough attack ... It is impossible to so completely segment a network ...
While I will acknowledge that this seems to have been Equifax's approach to security (it's impossible to do completely so why bother doing it at all?), this is not widely accepted as a philosophy of security in any industry.
That a bank could still be robbed by a military incursion from a neighboring nation state is not sufficient reason to leave the vault door open overnight. The record abundantly shows [0] that Equifax had security protocols that were weak enough that no sophisticated actor was needed to bypass their protections.
As far as their failure to detect the breach, this is what the House investigation concluded:
> Equifax allowed over 300 security certificates to expire, including 79 certificates for monitoring business critical domains. Failure to renew an expired digital certificate for 19 months left Equifax without visibility on the exfiltration of data during the time of the cyberattack.
And they should have been held accountable, were they?
If such an entity demonstrates gross negligence yet there are no repercussions, perhaps it is worse than negligence, it is outright larceny - Equifax could be characterizes as a govt supported cartel.
It is not unreasonable then we should actually physically destroy their premises and all related collected information as an active threat to the nation, as well as re-issuing all sensitive information to all affected individuals.
As for what to do instead, credit reporting need not be the important solution, rather one part of an accepted solution, such as multiple scores issued to multiple numbers that are not tied together by a single bureau. Then when credit checks are pulled it is not sufficient to use a single service and the incentive to illegally utilize said information decreases, as the relevance is reduced for any one credit check.
> And they should have been held accountable, were they?
Huge stock hit (since recovered, of course), top executives lost their jobs, fines, had to give away a paid product, extra oversight, cost of fixing security, several rounds of layoffs for the employees, etc.
> It is not unreasonable then we should actually physically destroy their premises and all related collected information as an active threat to the nation
This is why we can't get real, meaningful change. No wonder our "leaders" think so little of us.
IMO, Leaked is probably the better word here. Equifax did not steal the data in the first place either, they recorded/copied it from other sources which leaked or sold it to them.
Every data source (such as a bank or credit card) provides that data to CRAs because consumers granted permission to do so when entering into a business relationship. Either that, or it's publicly available data purchased from aggregators.
Wildly unfeasible. The consumer does not have a choice, they do not have an ability to live within their means without incurring credit checks.
Take housing - perhaps it is possible to purchase outright a home with cash, however you will not find generally anyone willing to take payment in cash.
If you cannot afford that and are not taking a loan, then you must rent. However you cannot rent without a credit score.
So no the consumer did not consent to anything. This is a ridiculous and dishonest viewpoint.
reply