It does a pretty good job of maintaining system responsiveness and latency when there's sustained memory pressure, at least much better than the simpler hysteresis loops that are commonly used for this sort of thing.
> So it makes me wonder, is embodiment (advanced robotics) 1000x harder than LLMs from an information processing perspective?
Essentially, yes, but I would go further in saying that embodiment is harder than intelligence in and of itself.
I would argue that intelligence is a very simple and primitive mechanism compared to the evolved animal body, and the effectiveness of our own intelligence is circumstantial. We manage to dominate the world mainly by using brute force to simplify our environment and then maintaining and building systems on top of that simplified environment. If we didn't have the proper tools to selectively ablate our environment's complexity, the combinatorial explosion of factors would be too much to model and our intelligence would be of limited usefulness.
And that's what we see with LLMs: I think they model relatively faithfully what, say, separates humans from chimps, but it lacks the animal library of innate world understanding which is supposed to ground intellect and stop it from hallucinating nonsense. It's trained on human language, which is basically the shadows in Plato's cave. It's very good at tasks that operate in that shadow world, like writing emails, or programming, or writing trite stories, but most of our understanding of the world isn't encoded in language, except very very implicitly, which is not enough.
What trips us up here is that we find language-related tasks difficult, but that's likely because the ability evolved recently, not because they are intrinsically difficult (likewise, we find mental arithmetic difficult, but it not intrinsically so). As it turns out, language is simple. Programming is simple. I expect that logic and reasoning are also simple. The evolved animal primitives that actually interface with the real world, on the other hand, appear to be much more complicated (but time will tell).
In the old days - back before smartphones, back before widescreen monitors, back before broadband - the "Links" section was always a key part of any site. After spending time on a site, a visitor could find links to other pages - some of them on the same topic, some of them simply enjoyed by the creator of the site they were on. If one were to visualize the concept, they might well say that this formed a "web" of sorts.
The big publishers were the first to really reject the "Links" page. If it's not a link to our content, or the content of our sister publications, then why should we include it? Instead, they threw their resources into optimizing their placement on search engines. This took the "web" and turned it closer towards a hub-and-spoke system, as smaller sites withered and died.
Now, people have found a way to retrieve various pieces of information they're looking for that doesn't involve a search engine. It may not be perfect (gluey pizza, anyone?) but objectively, it's certainly more efficient than a list of places that have used the same words that a person is searching for, and honestly probably at least "nearly-as" reliable as said list, because the average Joe Sixpack always has, and always will, be a lot better at asking a question and getting an answer than he will be at finding an answer to his question within the confines of a larger story.
This devastates the large publishers' traffic.
I'd come up with a conclusion here, but I'm too distracted wondering where I placed my violin. It's really small, it could probably be anywhere...
For those who work inside Google, it's well worth it to look at Jeff & Sanjay's commit history and code review dashboard. They aren't actually all that much more productive in terms of code written than a decent SWE3 who knows his codebase.
The reason they have a reputation as rockstars is that they can apply this productivity to things that really matter; they're able to pick out the really important parts of the problem and then focus their efforts there, so that the end result ends up being much more impactful than what the SWE3 wrote. The SWE3 may spend his time writing a bunch of unit tests that catch bugs that wouldn't really have happened anyway, or migrating from one system to another that isn't really a large improvement, or going down an architectural dead end that'll just have to be rewritten later. Jeff or Sanjay (or any of the other folks operating at that level) will spend their time running a proposed API by clients to ensure it meets their needs, or measuring the performance of subsystems so they fully understand their building blocks, or mentally simulating the operation of the system before building it so they rapidly test out alternatives. They don't actually write more code than a junior developer (oftentimes, they write less), but the code they do write gives them more information, which makes them ensure that they write the right code.
I feel like this point needs to be stressed a whole lot more than it is, as there's a whole mythology that's grown up around 10x developers that's not all that helpful. In particular, people need to realize that these developers rapidly become 1x developers (or worse) if you don't let them make their own architectural choices - the reason they're excellent in the first place is because they know how to determine if certain work is going to be useless and avoid doing it in the first place. If you dictate that they do it anyway, they're going to be just as slow as any other developer.
It's purely anecdotal but does have some provenance going back at least to the 19th century, with one of the early liver specialists.
He was reportedly at a cocktail party one evening when a messenger burst in and informed the esteemed doctor that one of his patients appeared to be dying from a heart attack.
"My good man," he replied, "that can't possibly be true. When I treat a patient for liver disease he dies of liver disease."
"To foreigners, a Yankee is an American.
To Americans, a Yankee is a Northerner.
To Northerners, a Yankee is an Easterner.
To Easterners, a Yankee is a New Englander.
To New Englanders, a Yankee is a Vermonter.
And in Vermont, a Yankee is somebody who eats pie for breakfast."
Land - Land transfers are almost non existent since WW2 at national levels because instead of spending immense resource fighting over land, countries have realized it’s much more useful to make the land they own more productive. One very clear datapoint to demonstrate this is the massive shift of people from rural to urban locations.
We are not even close to maxing that out, and with populations plateauing in most countries we will likely never reach that situation.
Attractive spouses - Not really. What counts as attractive changes. But also, no matter what you choose as your marker for “attractive”, there are almost ceetainly gonna be more “attractive” people in a world where everyone has a basic standard of living, so even this can be grown drastically in a non zero-sum world.
Desirable jobs - Zero sum thinking hurts the broader economy reducing the overall number of jobs. The claimed problem with the U.S. bu the zero sum proponents of a shortage of desirable jobs is actually the opposite. The reality is that the US has built a society where all that’s left are desirable jobs and Americans are simply unwilling to do undesirable jobs. Americans could have easily competed with the Chinese, if they were willing to earn below subsistence levels of income while working 72+ hours of hard labor every week.
Instead the U.S. trades those jobs to the Chinese and took advantage of the surplus value these created for Americans bh doing jobs like finance, software, law and teaching.
The problem with the U.S. is pretty evident in the numbers. The U.S. is richer than ever. However, the U.S. decides to use the massive wealth it was generating and redistribute it upwards to a tiny percentage of people at the top of society.
This is domestic policy that has screwed Americans, not the rest of the world.
And the reason this domestic policy exists is because newer American oligarchs forgot the non zero-sum thinking lessons of the older American oligarchs, famously, Henry Ford, who understood correctly that for him to be richer, his employees needed to be richer.
I went to an engineering school, and one of the stories the old boys told was that at some point the city had built a new bridge, and tendered the destruction of the old bridge, and we'd put in the winning bid.
The scheduled day came, but only an hour or two after the scheduled time an urgent messenger came from the city: the neighbours were complaining, could they please just destroy the bridge all at once with the next explosion?
It turns out the civil engineers had been enjoying themselves in the interval, checking their modelling by seeing how many parts of the bridge they could blow off of it, while leaving the majority of the structure still standing...
For me, I find my sleep suffers because of what some describe as "revenge bedtime procrastination". When my job is shit (i.e. now), I'm more inclined to stay on the PC later doing things that bring me some level of joy, or play games to escape the mind spinning its wheels. I seem to more easily recognise that my job is unfulfilling because I'm staying up later or I'm dreading going to bed. Going to bed early for a good night's sleep seems a lot easier a habit to build when my day-life is going well.
You can also try not sending SNI, which will remove one means that the firewall might be using to block your connection, but will also likely make the connection not work for server-side reasons if it's hosted on a shared server or CDN.
Once you're connected, you can speak the HTTP protocol to the server manually:
GET / HTTP/1.1
Host: example.com
Connection: close
and see what HTML home page content you get.
The output from the openssl s_client command will also show what certificate(s) were sent to you by the other end, and you can look at them using the openssl x509 command for more details about their contents. But you can see very quickly whether the purported issuer is Fortinet or a public certificate authority.
There you're telling it what IP address to use (rather than querying DNS for it).
> Is this some kind of MITM-Attack on me (I do not remember having had to install any special certificates, but I do not know how to check this)?
If the MITM attack were successful, you would not get a certificate error. The certificate error is the intended result of a failed attack, because it shows that you did not get a secure connection to the site you were trying to reach.
> Is there a convenient way to bypass this (i. e. not Tor et al.)?
If you have an account on a Unix server elsewhere, you can use ssh -D to create a local SOCKS proxy that forwards web requests through the remote server (assuming that the network doesn't also prevent you from making SSH connections to the server!).
Really you want five things if you're doing hard off road.
1. Locking differentials so all 4 tires spin in sync.
2. Extra low gears so you can crawl at a walking pace or less.
3. Clearance so you don't high side.
4. Strong suspension that won't get beat to death.
5. Tires that can take the abuse.
Typical AWD's don't have 1, 2 and 4. Lack of #1 means if one tire spins you lose traction. Lack of #2 in a manual transmission means you burn out your clutch. Lack of #4 means breakdowns and helping the guy that owns your auto shop put his kid through college.
You can lift AWD and put good tires on them.
Tip I've heard from people that live in places like rural Nevada having a 4WD gives you the opportunity to get stuck farther in.
Pay them well, treat them well, and let them do their jobs. If a company could only do 2 of those 3 for me, my expectations for those 2 would be through the roof:
- Pay sucks? I need to feel like the most wanted person in the world and have free rein.
- Management sucks? I better be getting rich from this, and I’m working on what I want to work on.
- I’m going to be micromanaged? Hey, let’s talk about contractor pay, and the CEO needs to name a kid after me.
If a company does all 3 things reasonably well, I’m your guy. 2 of 3, they’ll need to make up for the missing bit. Only have 1 of the 3? No way.
(Miss me with any “you sound like a prima donna” nonsense. I don’t have crazy high expectations of those things. I do have a reasonable baseline though. I don’t work for free, I don’t work for jerks, and I don’t work where I can’t have freedom to do my best job for the person paying me.)
Good job releasing your project! It's a cool idea and surprisingly minimalist. That said, I've found a number of cryptographic flaws in the application source. This should not be used in instances where the encryption is mission-critical.
1) You generate a random key [0] and then feed it into PBKDF2 [1] to generate a 32-byte AES-GCM key. If you can generate 32 random bytes instead of 10 reduced-ASCII characters and a key stretch, just do that. PBKDF2 is for turning a password into a key, and it's far from the recommended algorithm nowadays; prefer scrypt if you need to do this sort of thing.
2) AES-GCM with random 12-byte nonces. Never use random IVs with GCM; this breaks the authentication [2] [3]. Given the pitfalls of AES-GCM with respect to random nonces, you might prefer switching to XSalsa20+Poly1305. The advantage of XSalsa is it has an extended nonce length, so you can use random nonces without fear.
3) Random key derivation with a restricted character set can make brute force attacks easier. You should have a 256-bit random key, and if you want that key to be within a certain character set, then encode the byte output from the CSPRNG using that character set.
4) 1fps achieves symmetric key distribution via a URL with a fragment identifier ("#") which IIRC is not sent to the server. Therefore it assumes you have a secure key distribution channel - the link contains the key, so it's important that only the intended recipient can view the part after the "#". If the server is truly malicious, it can deploy client-side Javascript to send the fragment to the server, allowing the server to access the key (and thus cleartext communication).
Even if it makes just you happy, it's impactful. You are the person others have to put up with. Making yourself happy improves the world for those around you.
It does a pretty good job of maintaining system responsiveness and latency when there's sustained memory pressure, at least much better than the simpler hysteresis loops that are commonly used for this sort of thing.