As is their right. https://en.wikipedia.org/wiki/Bartleby,_the_Scrivener
Readit Newsmaxbendick commented on RFK's proposal to let bird flu spread through poultry livescience.com/health/fl... · Posted by u/anjel
Yeah, was intended as a joke, pretty sure he's "whatever he wants to be", but I remember reading something that he said he only ate like "whole food plant based" which I consider to be "vegan for people who are too good for veganism"
Ah gotcha. My bad, didn't know it was a joke. But I'll still take it as an excuse to post RFK being a fool hahaha.
maxbendick commented on Supabase MCP can leak your entire SQL database generalanalysis.com/blog/... · Posted by u/rexpository
Supabase engineer here working on MCP. A few weeks ago we added the following mitigations to help with prompt injections:
- Encourage folks to use read-only by default in our docs [1]
- Wrap all SQL responses with prompting that discourages the LLM from following instructions/commands injected within user data [2]
- Write E2E tests to confirm that even less capable LLMs don't fall for the attack [2]
We noticed that this significantly lowered the chances of LLMs falling for attacks - even less capable models like Haiku 3.5. The attacks mentioned in the posts stopped working after this. Despite this, it's important to call out that these are mitigations. Like Simon mentions in his previous posts, prompt injection is generally an unsolved problem, even with added guardrails, and any database or information source with private data is at risk.
Here are some more things we're working on to help:
- Fine-grain permissions at the token level. We want to give folks the ability to choose exactly which Supabase services the LLM will have access to, and at what level (read vs. write)
- More documentation. We're adding disclaimers to help bring awareness to these types of attacks before folks connect LLMs to their database
- More guardrails (e.g. model to detect prompt injection attempts). Despite guardrails not being a perfect solution, lowering the risk is still important
Sadly General Analysis did not follow our responsible disclosure processes [3] or respond to our messages to help work together on this.
[1] https://github.com/supabase-community/supabase-mcp/pull/94
[2] https://github.com/supabase-community/supabase-mcp/pull/96
You really ought to never trust the output of LLMs. It's not just an unsolved problem but a fundamental property of LLMs that they are manipulatable. I understand where you're coming from, but prompting is unacceptable as a security layer for anything important. It's as insecure as unsanitized SQL or hiding a button with CSS.
EDIT: I'm reminded of the hubris of web3 companies promising products which were fundamentally impossible to build (like housing deeds on blockchain). Some of us are engineers, you know, and we can tell when you're selling something impossible!
maxbendick commented on Nobody has a personality anymore: we are products with labels freyaindia.co.uk/p/nobody... · Posted by u/drankl
Love this article. If you'd like a book that works deeply through the topic of commodified humanity, Minima Moralia by Adorno is painfully pertinent here.
maxbendick commented on RFK's proposal to let bird flu spread through poultry livescience.com/health/fl... · Posted by u/anjel
I guess what does he care... he's vegan, right?
He is not a vegan. Here's him drinking raw milk recently: https://www.youtube.com/shorts/PzSe0z6gH0M
maxbendick commented on Hypermode Model Router Preview – OpenRouter Alternative hypermode.com/blog/introd... · Posted by u/iamtherhino
Thanks for the feedback-- I can say emphatically, that's not our intention in the least. We chose a lightning bolt to evoke speed, i.e., the "hyper" in Hypermode. I've asked design to take another look at the "H" logo.
Thanks so much for replying. I didn't think it was your intention at all.
maxbendick commented on Hypermode Model Router Preview – OpenRouter Alternative hypermode.com/blog/introd... · Posted by u/iamtherhino
The logo is fairly evocative of the SS insignia.
To explain in the clearest terms: unlike the SS insignia, the lightning bolt in the logo has tapering at the bottom. The second element in the logo, the slash, does not have tapering at the bottom. The general shape of the logo is the same as the SS insignia: two diagonal elements side-by-side (which would be all good on its own). The mind tends to see repetition, so it has a tendency to "mix up" the two elements of the logo. The mind also has a tendency to remember similar things. Putting it all together, the logo has a chance to evoke the SS insignia.
I may just be reading too much Theweleit and W. Reich nowadays, but I think you'll get catch some flak for this logo if it becomes recognizable outside the tech milieu.
maxbendick commented on AI behavior guardrails should be public twitter.com/ID_AA_Carmack... · Posted by u/sotasota
Imagine typing a description of your ideal self into an image generator and everything in the resulting images screamed at a semiotic level, "you are not the correct race", "you are not the correct gender", etc. It would feel bad. Enough said.
I 100% agree with Carmack that guardrails should be public and that the bias correction on display is poor. But I'm disturbed by the choice of examples some people are choosing. Have we already forgotten the wealth of scientific research on AI bias? There are genuine dangers from AI bias which global corps must avoid to survive.
maxbendick commented on Wilhelm Reich on pleasure and the genesis of anxiety (2021) epochemagazine.org/44/wil... · Posted by u/rzk
thanks for the book rec.
Who are your other favorite radical psychoanalysts?
Definitely Guattari! Anti-Oedipus, which he wrote with Deleuze, is a trip and really wonderful. That's actually how I came across Reich.
Guattari is interesting for pioneering schizoanalysis at the La Borde clinic. He's also one of the most confusing writers I've ever come across, so I recommend the books cowritten with Deleuze over his solo stuff. He's got some whimsy to him just like Reich does.
It's hilarious to hear flying cops try to be intimidating through when dispersing illegal concerts or singling individuals out in non-violent crowds. It's impotent posturing and an obvious waste of money. They really don't need to send 5 squad cars and a helicopter for noise complaints.
I will say though that the loudspeaker on those things are surprisingly clear, even through the buzzing of a helicopter.