Flutterby™! (short)

There is so much wrong with this.... A new body will recommend how state government and Vermont businesses could adopt AI. I mean, obviously, there's starting with the flawed premise:

Through an executive order, Gov. Phil Scott created the Vermont Artificial Intelligence Economic Taskforce on Monday. And first on its agenda, the body must present up to five recommendations within 90 days for how state government could adopt AI to better serve the public. The group will also work to educate state leaders on how they could apply AI to their work.

But then we get to idiocy like this:

Given AI tools like Claude and ChatGPT that prove powerful “off the shelf,” Lunderville said the technology could be a leveler for small companies. For example, he pointed to small manufacturers using AI to draft requests for proposals, which could cut a 20-hour process down to five hours.

Sooooo... what Neal Lunderville, CEO of Vermont Gas and "...experience holding multiple Cabinet-level positions in Vermont", is telling me is that off-loading the RFP process to a third party that everyone else is using is going to give small companies a competitive advantage?

A "leveler" perhaps in that what's obviously an overly cumbersome RFP process is gonna turn into a die roll.

Jason Kottke has a whole big list of current directions in AI-ness, including excerpts from New York Times: Book on Truth in the Age of A.I. Contains Quotes Made Up by A.I. and TechCrunch: Google Search as you know it is over and more...

No lies detected. The AI summary gets it right for once.

Listening to Rostam interviewed on Switched On Pop, and I'm reminded that kids protesting on campus have a much better track record for being right than the administrations and authorities that have opposed them.

Kickstarter: An Apology: Rethinking Our Mature Content Guidelines

The updates to the rules were primarily driven by requirements from our payments processor, Stripe. Stripe operates under its own legal and compliance requirements separate from Kickstarter’s own rules. And even Stripe’s rules are dictated by a larger system shaped by financial institutions that govern how money moves globally. Under this system, many platforms – including other crowdfunding and creator monetization platforms – struggle with how to create space for mature content while getting the creators of that work paid without friction.

A good reminder that the "adult content" policy of the world is set by the Epstein Class,

‘No Way To Prevent This,’ Says Only Package Manager Where This Regularly Happens

“It’s a shame, but what can you do? This is just the price of building modern web apps,” said Senior Frontend Engineer Mark Vance, echoing the sentiments of a community that completely relies on a 40-level-deep nested tree of unvetted packages maintained by pseudonymous strangers to capitalize a single string. “There’s absolutely no way to foresee or prevent someone from taking over a long-abandoned utility package and injecting a crypto-miner into every production build in the world. It’s just an act of nature.”

ana «model a7m2» @ana@starlite.rodeo

why did they call them "ai datacenters" when they could have called them "slopping malls"

Pizza Hut's AI system caused 'cascading' problems and $100M in damages, franchisee alleges in new suit. Seems a little unfair to "AI", this just seems like the business people in charge of implementation didn't understand the processes they were automating, and fucked up bigtime in exposing information that shouldn't have been external, or should have understood that they needed to create other incentives in the process.

Via</>

But I think there's a larger issue here. The trend for years has been to punt understanding the systems we're automating into down the road, to use code to specify the constraints, to even just implement all of the options and A/B test the results. Using metrics that may or may not be actually relevant to the business goals.

It very much feels like in the same ways that in the naïveté of the '90s we said "we're going to bring the amazing online communities to the world", and what we did was brought the world to the online communities, destroying them, when we said "we're going to teach the world to program", rather than teaching critical thinking and logic, we taught people to plug together npm packages...

Anyway, good on the franchise owner, I hope he nails them to the wall.

I'm gonna have to pay special attention to this next time we're down in the mountains of that area: Wikipedia: Tunemah Peak

Tunemah Peak is a mountain in Fresno County, California, located in the southwestern United States, with an elevation of 11,158 feet. The mountain gets its name from the nearby Tunemah Trail, which originated in 1878 when a Cantonese cook and a shepherd uttered the Cantonese curse "屌你阿媽" (Jyutping: diu² nei⁵ aa³ maa¹; lit. 'fuck your mother') while walking along the rugged trail.

Via

Fascinating read on the politics of Christo's "Running Fence" installation in Sonoma County https://petalumahistorian.com/christos-trojan-horse/

mirrored (likely with paywall) at https://www.petalumanews.com/2...ing-fence-changed-sonoma-county/

Fits on a Floppy, an awareness campaign with logo for small software.

Software should be as small as it can be. Not as a gimmick, but as a discipline. The floppy disk is the measuring stick: 1.44 MB. If the software that ran entire businesses could fit in that space, then a modern, focused, single-purpose tool certainly can.

Via.

Michał "rysiek" Woźniak · 🇺🇦 @rysiek@mstdn.social

Independent audit confirms my analysis of Telegram's protocol from last year: https://istories.media/en/stor...endent-review-confirms-critical- telegram-vulnerability/

The audit was ordered by one of the main characters of IStories' investigation into Telegram's network infrastructure, man called Vedeneev. My analysis was done in connection with that journalistic investigation.

Presumably, Vedeneev ordered the audit in order to discredit my analysis and Istories' investigation. Instead, the report confirms my findings.

and Michał "rysiek" Woźniak · 🇺🇦 @rysiek@mstdn.social

You can find my original analysis here:
https://rys.io/en/179.html

tl;dr: for every device, Telegram generates a long-term identifier, auth_key_id, that is then prepended *cleartext* (or at best, trivially obfuscated) to every encrypted packet; this allows anyone with sufficient visibility into global Telegram traffic to spy on its users.

IStories reporting from last year.