#scms — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #scms, aggregated by home.social.
-
"Harari suggests computers might also misinterpret ethics in similar ways. Even a perfect ethical rule is useless if the AI can simply edit the definition of who the rule applies to, just as the Nazis did. Hence there’s a high risk of AI misinterpreting the goals we give it.
But then Harari goes on to “de-technologize” LLMs in an explicit way, referring to them as “alien intelligences” for the second half of the book. He writes, “As for the term ‘AI,’… it is perhaps better to think of it as ‘alien intelligence.’ As AI evolves, it becomes less artificial (in the sense of depending on human designs) and more alien” (229). In other words, Harari himself is rhetorically excluding AI from the “human” category, which is the exact move he warns against. This seems like a contradiction: Harari warns about the dangers of dehumanization while simultaneously de-technologizing AI by labeling it alien. By his own logic, this rhetorical move might be setting us up to dismiss or misunderstand these tools rather than engaging with them as extensions of human intelligence.
Calling something an alien intelligence invokes Hollywood’s world-ending plots and seems like a scare tactic. In reality, LLMs are prediction machines based on troves of human input. They’re literally predicting the most likely next word based on patterns in human content, so in some ways, these prediction machines are more “aggregate human” than any single human. They’re hardly alien intelligences with some nefarious design to delude us into some end it wants.
Instead, there are many complaints from artists, writers, and other content producers that AI models train on their content, and essentially replicate the training data in the AI’s outputs. If AI’s output is alien, how can it be considered human creative theft?"
https://idratherbewriting.com/blog/review-harari-nexus-scms-and-alien-intelligence
-
PCI DSS Self-Assessment Questionnaires: Choosing the Right Type – Source: securityboulevard.com https://ciso2ciso.com/pci-dss-self-assessment-questionnaires-choosing-the-right-type-source-securityboulevard-com/ #rssfeedpostgeneratorecho #SecurityBloggersNetwork #CyberSecurityNews #SecurityBoulevard #Risk&Compliance #BestPractices #Compliance #Explainers #Governance #CISOSuite #threats #AppSec #DevOps #CISO #SCMS
-
I deeply respect @briankrebs, but in this case I think the data he's presenting is fundamentally invalid. A little-known fact about #Git history is that #timestamps are both definable and mutable. While you might be able to make statements about when a Git commit was pushed to a server using the server-side SSH or HTTP logs, the fact that you can set GIT_AUTHOR_DATE and GIT_COMMITTER_DATE as environment variables means you can't rely on commit timestamps alone for this type of analysis.
This is a feature of Git since the ability to squash or rewrite its mutable history is a key differentiator compared to #FossilSCM or other #SCMs that treat history as immutable(ish). For example, allowing one to do things like report a commit as the time a patch or source document was originally written rather than just noting when it was committed or merged can be very useful in accurately representing the real-world evolution of data created outside the repository.
This is not a flaw in Git. Anyone savvy enough to craft the #xz attack could just as easily have adjusted their system clocks instead, leading to fraudulent timestamps in the commit history anyway.
Forensically, you'd need to look at the timestamps from NTP-backed server or router logs, not just the Git history. All Git clients are technically "offline" until they push one or more commits to a remote, so there's really no way to validate client-side SCM timestamps. This is also true of email headers, filesystem attributes, and any other data that relies on real system clocks or user-defined timestamps, so you'd need more points of correlation than are provided here.
-
I deeply respect @briankrebs, but in this case I think the data he's presenting is fundamentally invalid. A little-known fact about #Git history is that #timestamps are both definable and mutable. While you might be able to make statements about when a Git commit was pushed to a server using the server-side SSH or HTTP logs, the fact that you can set GIT_AUTHOR_DATE and GIT_COMMITTER_DATE as environment variables means you can't rely on commit timestamps alone for this type of analysis.
This is a feature of Git since the ability to squash or rewrite its mutable history is a key differentiator compared to #FossilSCM or other #SCMs that treat history as immutable(ish). For example, allowing one to do things like report a commit as the time a patch or source document was originally written rather than just noting when it was committed or merged can be very useful in accurately representing the real-world evolution of data created outside the repository.
This is not a flaw in Git. Anyone savvy enough to craft the #xz attack could just as easily have adjusted their system clocks instead, leading to fraudulent timestamps in the commit history anyway.
Forensically, you'd need to look at the timestamps from NTP-backed server or router logs, not just the Git history. All Git clients are technically "offline" until they push one or more commits to a remote, so there's really no way to validate client-side SCM timestamps. This is also true of email headers, filesystem attributes, and any other data that relies on real system clocks or user-defined timestamps, so you'd need more points of correlation than are provided here.
-
I deeply respect @briankrebs, but in this case I think the data he's presenting is fundamentally invalid. A little-known fact about #Git history is that #timestamps are both definable and mutable. While you might be able to make statements about when a Git commit was pushed to a server using the server-side SSH or HTTP logs, the fact that you can set GIT_AUTHOR_DATE and GIT_COMMITTER_DATE as environment variables means you can't rely on commit timestamps alone for this type of analysis.
This is a feature of Git since the ability to squash or rewrite its mutable history is a key differentiator compared to #FossilSCM or other #SCMs that treat history as immutable(ish). For example, allowing one to do things like report a commit as the time a patch or source document was originally written rather than just noting when it was committed or merged can be very useful in accurately representing the real-world evolution of data created outside the repository.
This is not a flaw in Git. Anyone savvy enough to craft the #xz attack could just as easily have adjusted their system clocks instead, leading to fraudulent timestamps in the commit history anyway.
Forensically, you'd need to look at the timestamps from NTP-backed server or router logs, not just the Git history. All Git clients are technically "offline" until they push one or more commits to a remote, so there's really no way to validate client-side SCM timestamps. This is also true of email headers, filesystem attributes, and any other data that relies on real system clocks or user-defined timestamps, so you'd need more points of correlation than are provided here.
-
I deeply respect @briankrebs, but in this case I think the data he's presenting is fundamentally invalid. A little-known fact about #Git history is that #timestamps are both definable and mutable. While you might be able to make statements about when a Git commit was pushed to a server using the server-side SSH or HTTP logs, the fact that you can set GIT_AUTHOR_DATE and GIT_COMMITTER_DATE as environment variables means you can't rely on commit timestamps alone for this type of analysis.
This is a feature of Git since the ability to squash or rewrite its mutable history is a key differentiator compared to #FossilSCM or other #SCMs that treat history as immutable(ish). For example, allowing one to do things like report a commit as the time a patch or source document was originally written rather than just noting when it was committed or merged can be very useful in accurately representing the real-world evolution of data created outside the repository.
This is not a flaw in Git. Anyone savvy enough to craft the #xz attack could just as easily have adjusted their system clocks instead, leading to fraudulent timestamps in the commit history anyway.
Forensically, you'd need to look at the timestamps from NTP-backed server or router logs, not just the Git history. All Git clients are technically "offline" until they push one or more commits to a remote, so there's really no way to validate client-side SCM timestamps. This is also true of email headers, filesystem attributes, and any other data that relies on real system clocks or user-defined timestamps, so you'd need more points of correlation than are provided here.
-
I deeply respect @briankrebs, but in this case I think the data he's presenting is fundamentally invalid. A little-known fact about #Git history is that #timestamps are both definable and mutable. While you might be able to make statements about when a Git commit was pushed to a server using the server-side SSH or HTTP logs, the fact that you can set GIT_AUTHOR_DATE and GIT_COMMITTER_DATE as environment variables means you can't rely on commit timestamps alone for this type of analysis.
This is a feature of Git since the ability to squash or rewrite its mutable history is a key differentiator compared to #FossilSCM or other #SCMs that treat history as immutable(ish). For example, allowing one to do things like report a commit as the time a patch or source document was originally written rather than just noting when it was committed or merged can be very useful in accurately representing the real-world evolution of data created outside the repository.
This is not a flaw in Git. Anyone savvy enough to craft the #xz attack could just as easily have adjusted their system clocks instead, leading to fraudulent timestamps in the commit history anyway.
Forensically, you'd need to look at the timestamps from NTP-backed server or router logs, not just the Git history. All Git clients are technically "offline" until they push one or more commits to a remote, so there's really no way to validate client-side SCM timestamps. This is also true of email headers, filesystem attributes, and any other data that relies on real system clocks or user-defined timestamps, so you'd need more points of correlation than are provided here.
-
Hello fellow #SCMS , #mediastudies , #mediaindustries , #filmstudies , #soundstudies , and #technologystudies scholars!