tobychev @tobychev@qoto.org
Not sure what this account will be about, mostly boosting things I find interesting.
Joined Nov 2022
tobychev
boosted
Incredible research at BlackHat Asia today by Tong Liu and team from the Institute of Information Engineering, Chinese Academy of Sciences (在iie.ac.cn 的电子邮件经过验证)
A dozen+ RCEs on popular LLM framework libraries like LangChain and LlamaIndex - used in lots of chat-assisted apps including GitHub. These guys got a reverse shell in two prompts, and even managed to exploit SetUID for full root on the underlying VM!
@landetannien
var spårvagnen full? Eller ska ni ut till CMS/Alice/LHCb?
@kallekn
Efter att ha läst tråden fattar jag inte vad Lupan inte gillar med Radchenko och Charaps text, visst att tweets måste vara korta men något citat han invänder mot kunde väl kommit med?
Som det är nu får jag intrycket att Lupans största problem är att författarna inte haft som utgångspunkt att det är självklart att Ryssland borde gett upp villkorslöst...
@w7voa
Wow, the privacy of those responsible for surveillance capitalism is something the public should care about?
Really not seeing the story beside "USG tries to suppress non-US competition".
@freyablekman
Maybe they get you a contract for a nice apartment with just mildly expensive rent?!
@freyablekman
No salary range? No thanks! ;)
@ErikJonker
I think it's a big stretch to claim actively entering the conflict to destroy weapons not targeting you is "purely defensive".
As for "not escalatory", fully written out this means "Putin will not think it is escalatory" (that the poles shoot down his weapon). The plausibility of claim is pretty obvious once you see its full meaning.
A responsible argument in favour would start by acknowledging that attacking russian missiles from Poland is an expansion of the conflict but then explain why Russia's response would be limited and the cost entirely bearable.
To pretend going to war is entirely safe is deeply dishonest.
@geopolitics
tobychev
boosted
#FollowTheMoney 🧵 6/n This is important: in contrast to most other Central Bank, which simply sit out losses, the Bank of England has an indemnity arrangement requiring the Treasury to cover its losses. This has resulted in £38-£40 billion going in effect from taxpayers to private banks in 2023, and same this year. Adding a second hashtag: #SEEtheOligarchy
FT article only for subscribers, I know (i get it through work). Here screenshots of key passages.
tobychev
boosted
Brits ask “A penny for your thoughts?” and Americans respond with “Just my two cents”. At current exchange rates ($1.00 = £0.80) this means Brits are receiving 1.6p of American thoughts for just 1p. In this paper we propose an alternative asset pricing model for the marketplace of ideas, considering—
tobychev
boosted
Democratic rights have become a Big Tech trade secret. Google imposed a gag order on city officials elected by the public, warning them that they must not tell the public anything about the Google project, particularly how much public water Google was taking. Using a slew of aliases to buy land, getting secret tax breaks, getting electricity at less than half of what ordinary people pay, being sold public land for less than half the market value, all in secret, this is how Big Tech rolls.
@kjhealy
I feel like with some tweaks this can be turned into the first verse of a punk song, which has the advantage that you can use "fuck nuance" in the chorus.
That would admittedly limit where you could go in the second verse, but I feel the gains are worth it.
tobychev
boosted
Antonio Turok, Solar eclipse black and white film, 1991
Chiapas, Mexico
tobychev
boosted
No-one (?) would seriously say “With AI, people can make awesome Eclipse images whenever they like! No need to learn how, or wait for one to arrive!” But for many activities, AI types often do in effect argue “Why learn to do anything/have any experience that someone else—or a machine—can do better?”
tobychev
boosted
Despite all their hype in AI, we found that Transformers do not outperform #Cellpose for cellular segmentation tasks: https://www.biorxiv.org/content/10.1101/2024.04.06.587952v1
@guacamayan
Ha, that's darkly funny! Does the US have homeland security in all its colonies?
@pieist @AnnemarieBridy
tobychev
boosted
Alexander Demidenko, a Russian man who helped hundreds of Ukrainians return from Russia back to Ukraine after the start of the full-scale war until his arrest in October 2023, has reportedly died in pre-trial detention.
https://t.co/AntzZmzDUN
tobychev
boosted
I think it should be obvious now that our international laws of war, like the Geneva Conventions, are only as good as our ability and willingness to enforce them.
I.e., not good at all right now.
Violators are still war criminals. Just unpunished ones.
@kallekn
> After receiving information from the ZNPP about the drone attacks, the IAEA experts stationed at the site went to three affected locations. They were able to confirm the physical impact of the drone detonations, including at one of the site’s six reactor buildings where surveillance and communication equipment appeared to have been targeted. While they were at the roof of the reactor, unit 6, Russian troops engaged what appeared to be an approaching drone. This was followed by an explosion near the reactor building.
[...]
> While the team so far has not observed any structural damage to systems, structures, and components important to nuclear safety or security of the plant, they reported observing minor superficial scorching to the top of the reactor dome roof of Unit 6 and scoring of a concrete slab supporting the primary make-up water storage tanks.
On the one hand, striking surveillance equipment with small drones that does little damage to the building structure does seem plausible.
On the other hand, having the Russians engage and destroy an approaching drone as the IAEA watches seems like a _suspiciously_ convenient propaganda image.
But if this is a false flag, that means the Russians have somehow produced a convincing false flag, but recalling their efforts in the leadup of the invasion, this is not something one should just accept that they can.
tobychev
boosted
You could easily fund ten honest scientists with the grant money stolen by Ranga Dias.
Not sure what this account will be about, mostly boosting things I find interesting.
Joined Nov 2022
