sailor_sega_saturn

🙃🙃🙃

NotAwfulTech and AwfulTech converged with some ffmpeg drama on twitter over the past few days starting here and still ongoing. This is about an AI generated security report by Google's "Big Sleep" (with no corresponding Google authored fix, AI or otherwise). Hackernews discussed it here. Looking at ffmpeg's security page there have been around 24 bigsleep reports fixed.

ffmpeg pointed out a lot of stuff along the lines of:

• They are volunteers
• They have not enough money
• Certain companies that do use ffmpeg and file security reports also have a lot of money
• Certain ffmpeg developers are willing to enter consulting roles for companies in exchange for money
• Their product has no warranty
• Reviewing LLM generated security bugs royally sucks
• They're really just in this for the video codecs moreso than treating every single Use-After-Free bug as a drop-everything emergency
• Making the first 20 frames of certain Rebel Assault videos slightly more accurate is awesome
• Think it could be more secure? Patches welcome.
• They did fix the security report
• They do take security reports seriously
• You should not run ffmpeg "in production" if you don't know what you're doing.

All very reasonable points but with the reactions to their tweets you'd think they had proposed killing puppies or something.

A lot of people seem to forget this part of open source software licenses:

BECAUSE THE LIBRARY IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE LIBRARY, TO THE EXTENT PERMITTED BY APPLICABLE LAW

Or that venerable old C code will have memory safety issues for that matter.

It's weird that people are freaking out about some UAFs in a C library. This should really be dealt with in enterprise environments via sandboxing / filesystem containers / aslr / control flow integrity / non-executable memory enforcement / only compiling the codecs you need... and oh gee a lot of those improvements could be upstreamed!

Grokipedia just dropped: https://grokipedia.com/

It's a bunch of LLM slop that someone encouraged to be right wing with varying degrees of success. I won't copy paste any slop here, but to give you an idea:

• Grokipedia's article on Wikipedia uses the word "ideological" or "ideologically" 23 times (compared with Wikipedia using it twice in it's Wikipedia article).
• Any articles about transgender topics tend to mix in lots of anti-transgender misinformation / slant, and use phrases like "rapid-onset gender dysphoria" or "biological males". The last paragraph of the article "The Wachowskis" is downright unhinged.
• The articles tend to be long and meandering. I doubt even Grokipedia proponents will ultimately get much enjoyment out of it.

Also certain articles have this at the bottom:

The content is adapted from Wikipedia, licensed under Creative Commons Attribution-ShareAlike 4.0 License.

Check out the graphics on their homepage. It has that terrible "scroll driven" web-design but the graphics look like placeholder art cooked up by a programmer.

Usually these sorts of VC bait companies at least hire a graphics designer but I guess that's not actually necessary.

Crypto Investor Proposes 450-Foot Statue of Greek God on Alcatraz Island is a story making the rounds in the press lately and aaaaaah I hate it. I'd say something more coherent than that but it's already given me quite a headache.

He has a personal website as well as a website for his stupid statue idea. Both of which are buggy / ugly -- apparently after saving $450 million for a dumb statue he has none left for good website coding.

Yet another billboard.

https://www.reddit.com/r/bayarea/comments/1ob2l2o/replacement_ai_billboard_in_san_francisco_who/

https://replacement.ai/

This time the website is a remarkably polished satire and I almost liked it... but the email it encourages you to send to your congressperson is pretty heavy on doomer talking points and light on actual good ideas (but maybe I'm being too picky?):

I'm starting to think some of these tech skeptics are only pretending to be skeptics.

The latest in the long line of human-hostile billboards:

https://www.reddit.com/r/bayarea/comments/1o8s3lz/humanity_had_a_good_run_billboard/

https://dearworld.ai/

This is positioning itself as an AI doomer website; but it could also be an attempt at viral marketing. We'll see I guess.

That Wikipedia article is cursed:

For instance, in discussions on climate change mitigation, countries with lesser contributions to greenhouse gas emissions might still benefit from global efforts to reduce emissions, enjoying a stable climate without proportionally shouldering the costs of emission reductions.

I'm getting a lot of questions already answered by my "before anyone asks I'm pro LGBTQ and pro immigrant" shirt.

New AI alignment problem just dropped: https://xcancel.com/elonmusk/status/1976304803744501775

Best I can do now is try to make sure that at least one AI is truth-seeking and not a super woke nanny with an iron fist that wants to turn everyone into diverse women 😬

Edit: It only just now occured to me that hes' probably whining about generative AI rather than an army of superintelligent robots marching across the earth transing people, but I'm leaving my comment.

I tend to think of Toys (1992) for these sorts of themes though I haven't watched the film from start to finish since I was a kid. It's about the militarization of a wealthy family toy factory and has a lot of scenes that stuck with me.

It's a Christmas family movie that reviewed horribly so definitely counts as a cult classic, but those who like it tend to really like it.