Readit NewsI very much enjoy writing, but this was a case where I felt that if my writing came off overly-AI it was worth it for the reasons I mentioned above.
I'll continue to explore how to integrate AI into my writing which is usually pretty substantive. All the info was primarily sourced from my investigation.
The perception that ISO/IEC 27001:2022 is simply an exercise in document creation and curation is frustrating. It is not, but an auditor cannot be in your company for a year or three, so the result is the next best thing: your auditor looks at written evidence, with things like timestamps, resumes, meeting minutes, agendas, and calendars, and concludes that based on the evidence that you are doing the things you said you're doing in your evidence reviews and interviews.
The consequence if you are not doing these things happens if you get sued, if you get yelled at by the French data protection regulator, or if you go bankrupt due to a security incident you didn't learn from, and your customers are breathing down your neck.
All of the documentation in the world doesn't mean you actually do the things you write down, but we have to be practical: until you consider these things, you aren't aware of them. You can read the standard and just do the best practices, and you'll be fine. The catch is that if you want the piece of paper, you go to an auditor, and people buy things because that paper means that there is now an accountability trail and people theoretically get in trouble if that turns out to be false.
It's like the whole problem with smart contracts is that you can't actually tether them to real world outcomes where the smart aspect falls apart (like relying on some external oracle to tell the contract what to do). Your customers care about ISO because your auditor was accredited by a body like ANAB to audit you correctly, and that reduces the risk of you botching some information security practice. This means that their data is in theory, more safe. And if it isn't, there is a lawsuit on the other end if things go awry.
2) They are still, in whatever way, beholden to legacy metrics such as number of words, avg reading time, length of content to allow multiple ad insertion "slots" etc...
Just the other day, my boss was bragging about how he sent a huge email to the client, with ALL the details, written with AI in 3 min, just before a call with them, only for the client on the other side to respond with "oh yeah, I've used AI to summarise it and went through it just now". (Boss considered it rude, of course)
Deleted Comment
I think no matter how you slice it though, it's unethical and reprehensible to coordinate (even a shoddy) DDoS leveraging your visitors as middlemen. This is effectively coordinating a botnet, and we shouldn't condone this behavior as a community.
It seems like the core things that Anki needs are new user experience improvements, and algorithm updates. SM2 really shows its age as compared to other algorithms.
Obviously this is a complete failure of governance. The very first thing they should have considered was whether or not these features made sense in the ways that they were being added. There should not be any necessary work to "rollback" features that do not make sense, because they should have not built them in the first place.
Even if we accept at face value that AI has made generation of code significantly cheaper, that doesn't justify the existence of worthless code. Taste comes from knowing what not to build.
Right now Windows is an unstable mess, filled with things that shouldn't have been built. The question Microsoft should ask themselves is why they built them in the first place, and how they will prevent this from happening again.
This article gave an LLM a bunch of health metrics and then asked it to reduce it to a single score, didn't tell us any of the actual metric values, and then compared that to a doctor's opinion. Why anyone would expect these to align is beyond my understanding.
The most obvious thing that jumps out to me is that I've noticed doctors generally, for better or worse, consider "health" much differently than the fitness community does. It's different toolsets and different goals. If this person's VO2 max estimate was under 30, that's objectively a poor VO2 max by most standards, and an LLM trained on the internet's entire repository of fitness discussion is likely going to give this person a bad score in terms of cardio fitness. But a doctor who sees a person come in who isn't complaining about anything in particular, moves around fine, doesn't have risk factors like age or family history, and has good metrics on a blood test is probably going to say they're in fine cardio health regardless of what their wearable says.
I'd go so far to say this is probably the case for most people. Your average person is in really poor fitness-shape but just fine health-shape.
This is true of many metrics and even lab results. Good doctors will counsel you and tell you that the lab results are just one metric and one input. The body acclimates to its current conditions over time, and quite often achieves homeostasis.
My grandma was living for years with an SpO2 in the 90-95% range as measured by pulse oximetry, but this was just one metric measured with one method. It doesn't mean her blood oxygen was actually repeatedly dropping, it just meant that her body wasn't particularly suited to pulse oximetry.