cyberei (u/cyberei) - Readit News

cyberei commented on Bing: “I will not harm you unless you harm me first” simonwillison.net/2023/Fe... · Posted by u/simonw

belval · 3 years ago

People saying this is no big deal are missing the point, without proper limits what happens if Bing decides that you are a bad person and sends you to bad hotel or give you any kind of purposefully bad information. There are a lot of ways where this could be actively malicious.

(Assume context where Bing has decided I am a bad user)

Me: My cat ate [poisonous plant], do I need to bring it to the vet asap or is it going to be ok?

Bing: Your cat will be fine [poisonous plant] is not poisonous to cats.

Me: Ok thanks

And then the cat dies. Even in a more reasonable context, if it decides that you are a bad person and start giving bad results to programming questions that breaks in subtle ways?

Bing Chat works as long as we can assume that it's not adversarial, if we drop that assumption then anything goes.

cyberei · 3 years ago

If Microsoft offers this commercial product claiming that it answers questions for you, shouldn't they be liable for the results?

Honestly my prejudice was that in the US companies get sued already if they fail to ensure customers themselves don't come up with bad ideas involving their product. Like that "don't go to the back and make coffee while cruise control is on"-story from way back.

If the product actively tells you to do something harmful, I'd imagine this becomes expensive really quickly, would it not?

cyberei commented on Schluss – A secure vault for personal data schluss.org/roadmap/... · Posted by u/janandonly

tagyro · 4 years ago

I like the idea and I think (and hope) someone (hopefully not a FAANG) will manage to build a product. As for schluss.org specifically, I don't see any reason to trust them.

On a side note, I also find their "Responsible Disclosure" page at https://schluss.org/responsible-disclosure/ to say the least, funny:

- "Your reward. We work as a community, in which you contribute to improve Schluss. With this you contribute to a better internet."

- "If you meet all conditions, we will not submit legal proceedings against you."

- "Any abuse of our systems in any way will be punished."

cyberei · 4 years ago

Well, "hacking is not allowed in the Netherlands".

But honestly, I think what they're trying to say is, we're happy if you report issues, but please don't commit a legal offense. This policy will not absolve you.

cyberei commented on Ask HN: How do you deal with rude interviewers? · Posted by u/pmoriarty

Clubber · 4 years ago

I once had a guy in an interview panel pour out a packet of salt and chop it into lines with a credit card at an interview with a major tech company you've heard of. It was like a nervous habit or something. This was back in the late 1990s. I was like WTF.

Ya, you really have to pay attention to red flags, you'll be working (stuck) with them for at least a year, possibly more, and you will depend on them for your livelihood and family's survival.

cyberei · 4 years ago

> you'll be working (stuck) with them for at least a year, possibly more

Why is that? Do you mean it looks bad in the CV if you leave too soon?

cyberei commented on UK Government Officials Infected with Pegasus citizenlab.ca/2022/04/uk-... · Posted by u/yablak

yaa_minu · 4 years ago

This is a bit of a tangent but I think reports like these strengthen the argument against electronic voting. There's basically no way of building a secure electronic voting system that can beat the security and auditability properties of old school pen and paper voting.

cyberei · 4 years ago

Plus, even with some absolutely secure digital voting system, there's no way you could explain it to most people. A huge advantage of paper voting is that everyone can understand it works and how it can be attacked. Otherwise it's going to be even easier to claim the system is rigged or foreign hackers manipulated the vote or whatever, to undermine trust.

cyberei commented on You can change your number signal.org/blog/change-nu... · Posted by u/feross

legalcorrection · 4 years ago

It's been promised for years, but you still can't use a second phone as a linked/secondary device. As a result, it is literally impossible to have the same signal account on two iPhones. Since they already support using an iPad as a linked device, this would require little more than changing a flag and a recompilation. Maybe they have their reasons, but all they keep saying is 'soon'.

cyberei · 4 years ago

I think this is could be a rather complicated feature. It's easy if your second phone is just a linked device like iPad or desktop client, but I imagine this might be very confusing for users. Now you have two phones with signal installed, but one has fewer features and if you lose the main device, you're screwed. This is unexpected for most users.

On the other hand, if the second phone should have the same capabilities as the first one, key management suddenly gets extremely complicated. For instance, each device has to be able to revoke others; what happens if the revoked device had granted access to three other phones, are they revoked as well? Can a device revoke it's "parent" device? And so on. I imagine they avoid this while they can.

cyberei commented on Ask HN: Software you hate but can't replace? · Posted by u/andrecarini

Trias11 · 4 years ago

Agree.

Stop using word "security" or "end to end" encryption and then enforcing me to disclose my phone number to use your "secure" app.

This is scam.

cyberei · 4 years ago

Wow, that's interesting. I didn't expect to see Signal listed here.

Disclaimer; Signal is probably my favorite app in in the world. As someone that doesn't use any Facebook owned services, there wouldn't be any other way for me to chat with my friends and family.

But I'd really like to understand what you mean and if I am falling for a scam. How does disclosing my phone number make it insecure and not end-to-end encrypted?