drspod @ drspod @lemmy.ml

Posts

13

Comments

783

Joined

4 yr. ago

I thought that guardrails were implemented just through the initial prompt that would say something like "You are an AI assistant blah blah don't say any of these things..." but by the sounds of it, DeepSeek has the guardrails literally trained into the net?

This must be the result of the reinforcement learning that they do. I haven't read the paper yet, but I bet this extra reinforcement learning step was initially conceived to add these kind of censorship guardrails rather than making it "more inclined to use chain of thought" which is the way they've advertised it (at least in the articles I've read).

I'm not sure PixelFed is the best choice for private storage of photos. It's social media more than it is cloud storage.

Would Immich fit your requirements? I don't think it encrypts either, but you can self-host it.

Apparently they have barely produced any so they will all be sold out anyway.

This is tabloid trash, not news.

J. K. Rowling is a fascist.

No. The entire point is for people to have choice. There is no downside as a user to joining multiple communities with the same name/theme on different instances.

Consolidating communities onto one instance is a vanity project of mods who want to control users and prolific-posters who want to control narratives.

It protects you against your PC being compromised but it doesn't protect you from someone stealing the device, assuming they have the necessary expertise to read the keys out of the device.

A regular laptop thief will have no idea what they're looking at though, so it does have some value as a physical security (through obscurity) device.

Ultimately it depends on your threat model. If you never leave the house then it's an upgrade from a software password manager.

Same.

.ml has been loading slowly, and then the image thumbnails take even longer.

Is the whole network under a DDoS or something?

horse shit

Wrong thread?

Dumbest take of 2025, I'm calling it early.

At least you learned the lesson.

Oh it's you, the account that consistently posts beginner-level coding projects as if they are serious tools. The last time I reviewed your code there were security issues that would be obvious to anyone.

Please stop.

Classic Embrace-Extend-Extinguish move.

IRC

This is the SelfHosted community.

It will be the worst movie you've ever seen and you can watch it on archiveorg: https://archive.org/details/vroombodtoom

A threat actor has leaked a list of almost 500,000 Fortinet VPN login names and passwords that were allegedly scraped from exploitable devices last summer.

While the threat actor states that the exploited Fortinet vulnerability has since been patched, they claim that many VPN credentials are still valid.

This leak is a serious incident as the VPN credentials could allow threat actors to access a network to perform data exfiltration, install malware, and perform ransomware attacks.

https://www.bleepingcomputer.com/news/security/hackers-leak-passwords-for-500-000-fortinet-vpn-accounts/

The author only mentions homomorphic encryption in a footnote:

Notes:

(A quick note: some will suggest that Apple should use fully-homomorphic encryption [FHE] for this calculation, so the private data can remain encrypted. This is theoretically possible, but unlikely to be practical. The best FHE schemes we have today really only work for evaluating very tiny ML models, of the sort that would be practical to run on a weak client device. While schemes will get better and hardware will too, I suspect this barrier will exist for a long time to come.)

And yet Apple claims to be using homomorphic encryption to provide their "private server" AI compute:

Combining Machine Learning and Homomorphic Encryption in the Apple Ecosystem

Presumably the author doubts Apple's implementation but for some reason has written a whole blog post about AI and encryption and hasn't mentioned why Apple's homomorphic encryption system doesn't work.

I'd be quite interested to know what exactly is the weakness in their implementation. I imagine Apple and everyone who uses their services would be interested to know too. So why not mention it at all?