Readit NewsModeration is a vast topic - there are different services that focus on different areas: such as, text, images, CSAM, etc. Traditionally you treat each problem area differently.
Within each area, you, as an operator, need to define the level of sensitivity for the category of offense (policies).
Some policies seem more clear cut (eg image: porn) while others seem more difficult to define precisely (eg text: bullying or child grooming).
In my experience, text moderation is more complex and presents a lot of risks.
There are different approaches for text moderation.
Keyword based matching services like Cleanspeak, TwoHat, etc. are baseline level useful but limiting because assessing a keyword requires context. A word can be miscategorized and results in false positive or false negative with this approach, which may impact your operation at scale; or UX if a platform requires more of a real-time experience.
LLM is theoretically well suited for taking context into account for text moderation; however they are also pricier and may require furthering fine tuning or self-hosting for cost savings.
CSAM as a problem area presents the highest risks though may be more clear cut. There are dedicated image services and regulatory bodies that focus on this area (for automating reporting to local law enforcement).
Finally, EU (DSA) also requires social media companies adhere to self report on moderation actions. EU also requires companies to provide pathways for users to own and delete their data (GDPR).
Edit: FIXED typos; ADDED a note on CSAM and DSA & GDPR
However, I can't help but feel that a major part of the content is LLM-generated, or at least LLM-rewritten. It feels off and uninteresting to read, honestly. Is it the case? To support my case, I see that the case study page (https://www.hardbreak.wiki/introduction/case-study-led-to-a-...) has very similar paragraphs next to each other, the second one seemingly being the "genuine" one, and the first one being the LLM-rewritten version.
I'm not against using LLMs to help fix typos or reformulate things, but you should definitely keep some of your style. The LLM that you used (if you used one) made the content super bland, and as a reader, I'm not really incentivized to browse more.
> The first step in any hardware hacking project is research. I started by Googling the router model number, "ASUS RT-N12 D1", and came across an article about a similar model, the ASUS RT-N12+ B1. The article mentioned that the device had an open UART interface allowing unauthenticated root access. However, it provided no exact details on how to exploit this or where the UART interface might be located. Could my router model have the same vulnerability?
> In the first step I googled the model number for my router "ASUS RT N12 D1" and I came accross this article. It shows that a similar model the "ASUS RT N12+ B1" appears to have an open UART interface, which gives unauthenticated root access. It does not show how to exacltly abuse this or any details where to find the UART interface. Let's see if our router model may have the same vulnerability!
The problem is that it requires a certain amount of good hygiene when it comes to computer equipment. There are many people who are bad with computers, who don’t have phone backups and lose their phone, who will share accounts and devices, and so on. The result is an insecure mess.
So, solving the “people should use a password manager” problem requires solving all the other issues surrounding how non-technical people use and misuse computer equipment, so that having a password manager and not losing the essential data stored in it becomes the default.
For some people, it would probably be safer and easier to write down your passwords on paper, in a notebook. Other people will lose the notebook, or have it stolen from them. There are similar but more complicated issues with holding onto computer devices.
In 2011, the bootstrapped startup I was at built the first COTS trial site electronic document exchange portal. Up until then, trial teams would use a mish mash of shipping paper, fax, FTP, E-mail, etc.
Our product was a finalist for the Transcelerate Shared Investigator Portal (SIP) project to unify this process on one platform.
I saw the internal workings of IT teams in many large pharmas and fought to modernize the internal workings of our own team.
I say all this as preface. The industry as a whole is highly political, incredibly conservative when it comes to tech, and has high barriers to innovation.
I use this term "political" broadly to cover an array of issues I observed. One of which is that there's a lot of jostling for influence because that's how consultants and vendors make money. A lot of folks with influence are long-time industry veterans with domain expertise, but no technical prowess paired with it. There are a lot of parallels to politics in that highly experienced individuals who carry weight in the industry will leave and form/join a consultancy (a la lobbying) and use that to extract rent. It is then in their interest that processes remain cumbersome and unwieldy so they can come in with their expertise and "streamline" it. Certainly, if there were technical standards and standard processes and open tools, lots of vendors and highly paid consultants would be out of a paycheck!
In the end of the Transcelerate SIP selection process, Veeva submitted a non-existent product (at the time) that they never delivered to SIP and ultimately Cognizant (the consultancy running the selection) built their own because of course! Millions of dollars in recurring revenue were on the line!
Lots of good ideas have come and gone because the entrenched interests in this space extract rent from the friction. One working group I was a part of was iterating a spec as a spreadsheet instead of a technical format like a standard API...
One point I particularly disagree with the OP is CT.gov. It is fine, IMO, because it is meant for industry and not laypersons. It has an excellent API[0] and there are plenty of third parties that build consumer-facing apps for trial matching. For example, I built a really basic one using LLMs to match natural language criteria to clinical trials and emails you when a matching trial pops up in the change feed[1]. The CTTI working group also provides a Postgres dump of the change feed as a consolidated database[2] (I write about how to use it here: https://charliedigital.com/2021/05/24/the-best-worst-kept-se...). The main problem with CT.gov right now is that it lacks a bit in data quality standards. There's a lot of variation in completeness of data dependent on country of origin and even between companies.
The lack of technical standards in the industry really hurts innovation. For example, clinical trial protocols should arguably be a standard technical template. The FDA has done some work in this area[2], but industry has largely not adopted it. You can find public protocols attached to some trials on CT.gov, but every company has a different structure. Yet it is this document that underpins the design and execution of the trial (on top of being hard for trial sites to adapt between different sponsors).
The source of change may ultimately originate from private equity. The trial site side is seeing a consolidation with sites being acquired by PE because they realize they can extract rent[4]. One positive outcome is likely more standardization and technology solutions installed by PE to actually streamline ops in an attempt to take on more clinical trials. Centralization and separation of many of the functions in a clinical trial in this type of structure may also yield improvements on the execution side.
[0] https://clinicaltrials.gov/data-api/api#extapi
[1] https://zeeq.ai
[2] https://aact.ctti-clinicaltrials.org/
[3] https://osp.od.nih.gov/policies/clinical-research#tab1/
[4] https://www.fiercebiotech.com/cro/private-equity-invests-tri...
What’s your observations on non-big pharma - ie small late stage clinical trials startup with a single drug. Would they not vastly benefit from joining a standard protocol?
> Another piece that worked better than expected was the telephone operator. Roger was keen to illustrate the personal disconnect of being on the road. We were in L.A. at Producer’s Workshop so I phoned my neighbour, Chris Fitzmorris in London. He had the keys to my flat and I asked him to go there and said that I would call him through an operator. “No matter how many times I call”, I said, “just pick up the phone, say ‘Hello’, let the operator speak and then hang up”. I placed a telephone in a soundproof area, got on to an extension phone and started recording to ¼” tape. It took a couple of operators – the first 2 were a bit abrupt, but the 3rd was perfect. I told her that I wanted to make a collect call to Mrs. Floyd. “Who’s calling?” she asked. “Mr. Floyd”, I replied. Chris’s timing was terrific, over and over he would hang up just at the right moment and she became genuinely concerned. “Is there supposed to be someone there besides your wife?” I was playing her along saying things like “No! I don’t know who that is!” “What’s going on?” and she would try the call again. Unwittingly, she was helping to tell the story. Afterwards I went through the ¼” and edited my voice out, just leaving her and Chris. I sometimes wonder if she ever heard herself on the record.
Source: https://www.brain-damage.co.uk/other-related-interviews/jame...
The creative freedom without commercial intervention - this is very cool. I can almost hear it in The Wall - how grand and elongated the songs are.
What a great interview. Thank you for linking
Airtable syncs with my Google Calendar, and I’ve configured it to send me a daily digest. It’s typically in my inbox by 5:30AM Pacific Time, so I get to see what I have due that day.
Enjoy!
Guess what, after years of meandering (YC, Series A, big tech) I still come back to the moment I first discovered your book.
Also, please tell PG, I knew about your book before I knew what YC was :-)