How do you tell? I am genuinely curious. I myself find it incredibly rude that people will accuse you of "slop" the moment you basically write anything.
> A massive $79T has been transferred from bottom 90% to top 1% since the 1970s
This assertion is based on comparing reality with a counterfactual where income distributions remained static from 1975 to the present. Real median personal income roughly doubled over this time period.
The use of the word "transferred" seems a little intellectually dishonest here. The use of the counterfactual seems to suggest that income distribution has no relationship with growth in total income, and total income would have been exactly the same regardless of income distribution. I see no reason to assume that to be the case.
It seems unfortunate that enhanced protection against physically attached devices requires enabling a mode that is much broader, and sounds like it has a noticeable impact on device functionality.
I never attach my iPhone to anything that's not a power source. I would totally enable an "enhanced protection for external accessories" mode. But I'm not going to enable a general "Lockdown mode" that Apple tells me means my "device won’t function like it typically does"
There is a setting as of iOS 26 under "Privacy & Security > Wired Accessories" in which you can make data connections always prompt for access. Not that there haven't been bypasses for this before, but perhaps still of interest to you.
GrapheneOS does this by default - only power delivery when locked. Also it's a hardware block, not software. Seems to be completely immune to these USB exploit tools.
It also has various options to adjust the behaviour, from no blocks at all, to not even being able to charge the phone (or use the phone to charge something else) -- even when unlocked. Changing the mode of operation requires the device PIN, just as changing the device PIN does.
Note that it behaves subtly differently to how you described in case it was connected to something before being locked. In that case data access will remain -- even though the phone is now locked -- until the device is disconnected.
California has the exact same penalty structure in the CCPA:
> (b) A business shall be in violation of this title if it fails to cure any alleged violation within 30 days after being notified of alleged noncompliance. Any business, service provider, or other person that violates this title shall be subject to an injunction and liable for a civil penalty of not more than two thousand five hundred dollars ($2,500) for each violation or seven thousand five hundred dollars ($7,500) for each intentional violation, which shall be assessed and recovered in a civil action brought in the name of the people of the State of California by the Attorney General. The civil penalties provided for in this section shall be exclusively assessed and recovered in a civil action brought in the name of the people of the State of California by the Attorney General.
$7,500 per intentional violation, $2,500 per unintentional.
But the California law only applies if your business has more than $25m revenue or does a lot of selling of PII. See SEC. 9. Section 1798.140 in the page linked.
Alone or in combination, annually buys, receives for the business’s commercial purposes, sells, or shares for commercial purposes, alone or in combination, the personal information of 50,000 or more consumers, households, or devices.
So it only applies if you are buying or selling or sharing PII. Not if you just have 50,000 users/visitors to your website and keep it all private.
Yes, especially as the company could just implement a button "Delete your data" on their website. An automated task initiated by the user. No work for them.
Companies could also make clear before any registration, on one page, which data they will ask for and later collect. If they were honest. Then the user had a chance to opt out _before_ they have given any data to them.
Well, they are not honest, because what do they do instead? Page 1: "Please, your E-Mail". Page 2: "We also need your phone number (we may call you)". Page 3: "Great, nearly done. Now please, your address, your credit card, a fingerprint copy and a picture of your penis".
I am in favor of appending a zero to those 5.000 Euros.
If you open a business you should be responsible enough to comply with the laws. A business that became large enough where this would become a time sink would be able to afford to hire someone.
I agree that businesses who unlawfully sell your data or do not implement a minimum of security measures should be punished hard.
I also agree that a flat 5000 € is problematic. Not because I believe that breaking the law shouldn't be punished. It's because you also get punished if you protect the data and respect your customers, but you don't document the thousand things you must document as a small business.
I don't know if you ever looked at GDPR, but that does not distinguish between a company with five employees and 50,000 employees.
The company with 5 employees must exactly (!!!) implement the same audit trail and processes that the 50,000 employee company has to do. Or worse, there's literally no difference between you founding a company and Facebook.
This shit gets extremely overwhelming extremely fast and that's just killing small businesses.
As someone with experience with it, I heartedly disagree. It’s not that hard to not invade user privacy. You have to go out of your way to be invasive, just respect your users and collect as little data possible. That’s truly the way to go and reduces your liability in a multitude of ways, including protecting you of data breaches (if you don’t keep the data, there’s nothing to steal).
Record of processing activities, data processing agreements, consent documentation, technical and organisational measures, data protection impact assessment, data retention and deletion concepts, legal basis documentations, etc. etc.
Yeah, but basically all of those are either standard for SMEs or no-ops.
For instance, if I run a bakery and sell baked goods online, I'm probably using Shopify who comply with this with one button.
Even if I built the baking website myself, all I need is email address and physical address to send delicious baked goods to you. I need to keep the payment records for a long time (for dispute prevention if nothing else) but that's it.
Where is the GDPR hassle in this case?
Just stop collecting data you don't need (or make sure it's for a good reason, like fraud prevention) and you'll be fine.
If said bakery creates accounts, it's a little more involved but basically you just need to implement soft delete to comply with your obligations.
I'm not sure this is a massive hit, can you help me understand what SMEs exactly are going to be hit by complex GDPR compliance?
No, a bakery using Shopify will not spare them having these documents. You show a respectable amount of ignorance only to then claim GDPR won't be a hassle in this case. It absolutely is a hassle, which you would know, had you familiarized yourself with the subject.
Even stating "just stop collecting data you don't need" shows, that you did not care to read my response before you replied to it, and how little you generally know about the topic.
Not repeating what I said, I will add this: if you do collect personal data (and you WILL if you do anything online, write invoices or just have a security camera on premises) than you will have to have these documents ready.
Most of the information relates to online marketing, which does tend to come with more GDPR compliance requirements. My wife runs a business through Shopify and the only thing we need to worry about is email addresses.
Can you help me understand what you see as the issues around GDPR compliance here?
Mom and pop businesses with limited IT skills are not collecting emails and private information. At worst they’d be using some external service (e.g. Mailchimp) which does it for them, and those have an obligation to be familiar with the law.
The GDPR really isn't that hard to follow, for a "mom & pop" business, it really comes down to:
* Limit data retention — Don't keep personal data longer than necessary
* Honor data subject rights — Allow individuals to access, correct, delete, or port their personal data
Simply, don't collect personal information if you don't need it. If you do need it, add a delete button.
> it appears to me to be really hard to guard against
I don't want to sound glib, but one could simply not let an LLM execute arbitrary code without reviewing it first, or only let it execute code inside an isolated environment designed to run untrusted code
the idea of letting an LLM execute code it's dreamt up, with no oversight, in an environment you care about, is absolutely bananas to me
> if a skilled human has to check everything it does then "AI" becomes worthless
Well, perhaps not worthless, but certainly not "a trillion-dollar revolution that will let me fire 90% of my workforce and then execute my Perfect Rich Guy Visionary Ideas without any more pesky back-talk."
That said, the "worth" is brings to the shareholders will likely be a downgrade for everybody else, both workers and consumers, because:
> The market’s bet on AI is that an AI salesman will visit the CEO of Kaiser and make this pitch: “Look, you fire 9/10s of your radiologists [...] and the remaining radiologists’ job will be to oversee the diagnoses the AI makes at superhuman speed, and somehow remain vigilant as they do so, despite the fact that the AI is usually right, except when it’s catastrophically wrong.
> “And if the AI misses a tumor, this will be the human radiologist’s fault, because they are the ‘human in the loop.’ It’s their signature on the diagnosis.”
> This is a reverse centaur, and it’s a specific kind of reverse-centaur: it’s what Dan Davies [calls] an “accountability sink.” The radiologist’s job isn’t really to oversee the AI’s work, it’s to take the blame for the AI’s mistakes.
> Like an Amazon delivery driver, who sits in a cabin surrounded by AI cameras, that monitor the driver’s eyes and take points off if the driver looks in a proscribed direction, and monitors the driver’s mouth because singing isn’t allowed on the job, and rats the driver out to the boss if they don’t make quota.
> The driver is in that van because the van can’t drive itself and can’t get a parcel from the curb to your porch. The driver is a peripheral for a van, and the van drives the driver, at superhuman speed, demanding superhuman endurance. But the driver is human, so the van doesn’t just use the driver. The van uses the driver up.
I guess it resonates for me because it strikes at my own justification for my work automating things, as I'm not mercenary or deluded enough to enjoy the idea of putting people out of work or removing the fun parts. I want to make tools that empower individuals, like how I felt the PC of the 1990s was going to give people more autonomy and more (effective, desirable) choices... As opposed to, say, the dystopian 1984 Telescreen.
Right. this feels more and more like a situation of extraction, abusive and theft of empowerment of the people and funneling it up to the top. It's apparent, and people are too afraid and weak to do anything.
Or so they think.
And I think of a saying that all capitalistic systems eventually turn in socialist ones or get replaced with dictators. Is this really the history of humanity over and over? can't help but hope for more.
The really fast part is the challenge though. If we assume that in pre-LLM world, there was enough resource for mid/senior level engineers to review junior engineer code and then in LLM world, lets say we can produce 10x the code, unless we 10x the number of mid/senior level engineering resource dedicated to review, what was once possible is no longer possible...
I do feel like I can review 2-3x with a quicker context switching loop. Picking back up and following what the junior engineer did a a couple of weeks after we discussed the scope of work is hard.
It could be as useful as a junior dev. You probably shouldn't let a junior dev run arbitrary commands in production without some sort of oversight or rails, either.
Even as a more experienced dev, I like having a second pair of eyes on critical commands...
I think a nice compromise would be to restrict agentic coding workflows to cloud containers and a web interface. Bootstrap a project and new functional foundations locally using traditional autocomplete/chat methods (which you want to anyway to avoid a foundation of StackOverflow-derived slop) then implement additional features using the cloud agents. Don't commit any secrets to SCM and curate the tools that these agents can use. This way your dev laptops are firmly in human control (with IDEs freed up for actual coding) while LLMs are safelt leveraged. Win-win.
You could literally ask the LLM to obfuscate it and I bet it would do a pretty good job. Good luck parsing 1,000 lines of code manually to identify an exploit that you’re not even specifically looking for.
a drug interaction checker can be deterministic, based on a static corpus of drug interaction data
a diagnostic system should not necessarily be deterministic, because it always operates on incomplete data and it necessarily produces estimates of probability as an output
> A recent study shows that on any given day, just 12% of people in the US account for half of all beef consumed in the US
By itself, this figure doesn't really mean much. On any given day, less than 1% of people have birthdays, but that doesn't mean there's a small percentage of people who are having most of the birthdays
The following paragraph is more valid, but the 12% figure still seems dubious.
> By itself, this figure doesn't really mean much. On any given day, less than 1% of people have birthdays, but that doesn't mean there's a small percentage of people who are having most of the birthdays
Yeah, it just means that half the beef eaten per day goes to the 12% having a BBQ, etc, not that only 12% of the population have access to half the beef available each day
i'm over 40; this is anecdotal, but I've talked to a lot of people all over the country; however i'm not asserting this is 100% factual:
in the US most days include a meat in at least 1 meal. Now, i'm framing this as "fish, eggs, fowl". Cereal with milk, bagel with cream cheese, not meat, but meat adjacent. Waffles have eggs. we love "deli meats" in the US, every store has a deli counter where you can get meat sliced right before your own eyes; or you can go to the 4-8 door cold case where the pre-sliced meats are. And dinner, well i can think of a couple of vegetarian dishes that are "staples" like red beans and rice (can be vegan/vegetarian), or pasta with marinara (vegetarian).
When presented with something like the Mediterranean diet, most americans would balk at the bird and rabbit food they were now expected to eat.
I can expand, but yes, meat is like, a huge deal in the US. Especially beef. part of it is our chicken and pork is kinda bland and merely "just food" but our beef ranges from "ok if i'm real hungry" to "really very good, actually". Fish is hit and miss, depends where you live in the US as to how popular it is. also most of the cow is used for food in the US, very little is wasted, to my understanding. brain, eyes, tongue, glands, lungs, etc are all sold, bones sold as fertilizer, hide is obviously leather, and so on.
for the record i wish animals were treated better, in fact, i have been searching for a local beef farmer for a decade and all the ones i run in to sell their beef to texas!
gp is likely referring to a specific diet called The Mediterranean Diet, "inspired by the eating habits and traditional foods of Greece, Italy, and the Mediterranean coasts of France and Spain, as observed in the late 1950s to early 1960s."
I think most Americans would consider those foods very "exotic."
I was an adult before I ever ate chickpeas (in any form), really any beans outside of Taco Bell refried beans, eggplant (in any form), tzatziki, any sort of flatbread, lentils, avocado, zucchini, cauliflower. Etc.
Define BBQ; in the US it means two things depending on the location; Southern style slow cooked meat that falls apart on your fork, or grilling?
If you mean grilling, at least every 8 days! Hopefully more often than that! And what's the issue? I can cook indoors or outside the same meal but avoid the smoke and heating the house.
I'm sorry but is nobody reading TFA? It quite specifically is saying there's a population of disproportionate meat eaters, noting that they're older, they're whiter, and influenced by cultural traditions normalizing it.
It's not just saying it pops out of the data as a statistical curiosity, it's saying that there is a real subset of the population who are disproportionately eating more beef.
reply