khalid_salad

I hate LLMs so much. Now, every time I read student writing, I have to wonder if it’s “normal overwrought” or “LLM bullshit.” You can make educated guesses, but the reasoning behind this is really no better than what the LLM does with tokens (on top of any internalized biases I have), so of course I don’t say anything (unless there is a guaranteed giveaway, like “as a language model”).

No one describes their algorithm as “efficiently doing [intermediate step]” unless you’re describing it to a general, non-technical audience — what a coincidence — and yet it keeps appearing in my students’ writing. It’s exhausting.

Edit: I really can’t overemphasize how exhausting it is. Students will send you a direct message in MS Teams where they obviously used an LLM. We used to get

my algorithm checks if an array is already sorted by going through it one by one and seeing if every element is smaller than the next element

which is non-technical and could use a pass, but is succinct, clear, and correct. Now, we get¹

In order to determine if an array is sorted, we must first iterate through the array. In order to iterate through the array, we create a looping variable i initialized to 0. At each step of the loop, we check if i is less than n - 1. If so, we then check if the element at index i is less than or equal to the element at index i + 1. If not, we output False. Otherwise, we increment i and repeat. If the loop finishes successfully, we output True.

and I’m fucking tired. Like, use your own fucking voice, please! I want to hear your voice in your writing. PLEASE.

1: Made up the example out of whole-cloth because I haven’t determined if there are any LLMs I can use ethically. It gets the point across, but I suspect it’s only half the length of what ChatGPT would output.

LaTeX user high five…?

I need to finish crying over all my underfull hboxes, can we high-five in the evening?

I write -- for “en dash” and --- for “em dash” and I end up looking like an asshole in emails a lot. However, they appear to work correctly here:

en: -- en: –
em: --- em: —

Also, Gnome Characters can be useful, though I have been looking for a good replacement.

This community is for those willing to bring wisdom and compassion into the world. It is not for those easily duped by what they find in their minds or online.

no red flags there

edit to add: Emphasis in original

Hundred Rabbits is an artist collective that documents low-tech solutions with the hope of building a more resilient future. We live and work aboard a 10 m sailboat named Pino in remote parts of the world to learn more about how technology degrades beyond the shores of the western world.

oh so they make video games?

if you use TeX as much as i do, you learn that “begging the program to behave differently” is pretty viable

python, what are you doing?"

idk, I’m written in C, it does things push and pull values from the stack, have you tried assembly, it’s faster

deleted by creator

Noted going forward. Sorry about that! ❤

The way Checkers was solved was actually pretty cool. That he dismisses chess for this reason (even though it hasn’t even been solved) speaks to the kind of dorky dipshit he is.

PS: this solution was considered AI in 2007.

[Schaeffer] carried out a mere 10¹⁴ calculations to complete the proof in under two decades. “This pushes the envelope as far as artificial intelligence is concerned,” he says.

Without knowing why you think they suck, it’s hard to say. I like having unphishable uncopyable credentials, and it irritates me that they aren’t more widely supported. On my desktop or laptop, they’re less irritating than TOTP, for example, which is neither unphishable nor uncopyable but much more widely used.

I’ve come around a bit since posting yesterday (after looking into the various hardware key options, like OnlyKey). The biggest issue I have is that the firmware cannot be updated (which I realize is somewhat a matter of taste regarding your threat model). Other than that, it’s the added complexity of “use this physical device” and the concern I had about recovering accounts if I lost the Yubikey. Their page on spare devices does not inspire confidence.

Whilst there isn’t really such a thing as “too secure”, it is the case that things like passwords are not infinitely scaleable. Something like yescrypt produces 256-bit hashes (iirc) so there’s simply no space to squish all that extra entropy you’re providing into the output… it might not be any more secure than a password a quarter of its length (or less!).

128 bits of entropy is already impractical to brute force, even if you ignore the fact that modern password hashes like yescrypt and argon2 are particularly challenging to attack even if your password has low entropy.

Fair point! I chose 128 because it’s the maximum allowed in Bitwarden (if it’s going to be copy-pasted anyway, who cares). Assuming I didn’t fuck up basic math, the entropy of a passphrase of length n selected uniformly at random from characters in A is given by nlog|A|, so to reach 128 bits of entropy with 70 chars (lower + upper + digits + special) requires a passphrase of length 21.

A note to the effect of:

You have basically no control over how Apple handles your data. When iOS users opted out of data collection, Apple still collected the data, they just didn’t allow third-party access to it.

is a good idea if I ever do recommend a Mac.

I believe ungoogled-chromium does have MV2 support. Unfortunately, there are still real security concerns with Firefox. The good news is that Trivalent (a hardened version of Chromium developed by the Secureblue folks) has ad/content blocking built in. I am still mostly using Firefox, but the small amount that I have used Trivalent has been good.

Spent the last week playing with some security shit (thinking about a career change, since it looks like I will be mastering out of my PhD program) and fuck me everything about hardening your personal devices is exhausting. We are nowhere close to accessible privacy and security in our computers. The best solution right now may be “buy a Macbook and learn MacOS”, which is so depressing.

Still deciding on a web browser. Used to be I could recommend Firefox because Righteous-Opposition-to-Google, but that doesn’t really track anymore with Mozilla’s behavior. Now I guess I would recommend Chrome, but it feels so gross (and I am unsure about things like Ungoogled-Chromium, for security reasons).

As far as passwords, the only password I have to memorize is the one to my Bitwarden vault. Everything else is stored in Bitwarden. The passwords (except for my phone PIN) are 16 characters if I ever need to type them in manually (e.g. LUKS password), whereas passwords that will always be copy-pasted are 128 characters. I am looking into integrating a yubikey, but am leaning towards “fuck that shit, why would anyone actually want to use this?” If anyone here has comments on this (am I missing an obvious pitfall? do yubikeys suck as much as it looks like they suck?) I would be happy to hear them.

Anyway tl;dr is I spent the last week hardening all my devices and it sucks. In some cases it was a complete waste of time (my Steam Deck does not appear to have a way to set a password in the BIOS). In other cases (e.g. my Framework), it was probably worth it but a deeply terrible experience.

also which issues

I know this one!

1. lefty on weed or sex work or w/e
2. but fuck identity politics and what is this ladder doing here

I have the outline of a write-up about about category errors and measuring proxies (e.g. reported sexual orientation). I think I am a poor writer but the only critique I’ve ever gotten was from a “colleague” who writes like he gets paid by the word¹. I will consider sharing the post once it is finished. ❤

1: one rejection on a collaboration with this guy was essentially “have you nerds heard of ‘brevity’ or ‘wit’?” — from computer scientists 😭

Well, this Andy dipshit gave an absolute dogshit apology on reddit.

Snippets below:

deleted this because i realized i can’t even explain how email works, why am i proposing anything

deleted by creator

I agree. Currently I can’t recommend any email providers. Hopefully Posteo works out, but at this point I am strongly considering just starting my own competitor in the vein of Signal messenger. Basically “we think of email as a public good.”