Readit News logoReadit News
saurik commented on Weaponizing image scaling against production AI systems   blog.trailofbits.com/2025... · Posted by u/tatersolid
Martin_Silenus · 3 days ago
Wait… that's the specific question I had, because rendered text would require OCR to be read by a machine. Why would an AI do that costly process in the first place? Is it part of the multi-modal system without it being able to differenciate that text from the prompt?

If the answer is yes, then that flaw does not make sense at all. It's hard to believe they can't prevent this. And even if they can't, they should at least improve the pipeline so that any OCR feature should not automatically inject its result in the prompt, and tell user about it to ask for confirmation.

Damn… I hate these pseudo-neurological, non-deterministic piles of crap! Seriously, let's get back to algorithms and sound technologies.

saurik · 3 days ago
The AI is not running an external OCR process to understand text any more than it is running an external object classifier to figure out what it is looking at: it, inherently, is both of those things to some fuzzy approximation (similar to how you or I are as well).
saurik commented on Apple and Amazon will miss AI like Intel missed mobile   gmays.com/the-biggest-bet... · Posted by u/gmays
resfirestar · 5 days ago
I think you're getting confused here with app limitations vs platform limitations. YouTube Music not streaming without the paired phone on the same wifi is an app limitation: other music apps like Spotify work without it. Lacking a watch app (or having a bad watch app) probably never lost any non fitness company any customers. A good iPhone app is much more make or break.
saurik · 5 days ago
So, when Apple released the iPhone, they went out of their way to make sure that YouTube and Google Maps were on the device, to the point of making special deals with Google and developing all of the software for them (as they didn't want to give up any control)... I maintain that, given how they already have a partnership with OpenAI, it is a strange lack of vision that I can't go down to the beach and spend my day talking to ChatGPT to get things done.
saurik commented on "Remove mentions of XSLT from the html spec"   github.com/whatwg/html/pu... · Posted by u/troupo
const_cast · 5 days ago
> Did anybody bother checking with Microsoft?

> Secondly, why is Firefox/Gecko given full weight for their vote when their marketshare is dwindling into irrelevancy?

The juxtaposition of these two statements is very funny.

Firefox actually develops a browser, Microsoft doesn't. That's why Firefox gets a say and Microsoft doesn't. Microsoft jumped off the browser game years ago.

No, changing the search engine from Google to Bing in chromium doesn't count.

Ultimately, Microsoft isn't implementing jack shit around XSLT because they aren't implementing ANY web standards.

saurik · 5 days ago
You make it sound like those two thoughts are incompatible in juxtaposition, but they are in fact perfectly consistent, even if you were correct that Microsoft isn't building anything, as the premise is that users matter more than elbow grease. The reason why you'd want to ask Microsoft is the same reason why you might not bother consulting Firefox: because Microsoft has actual users they represent, and Firefox does not.
saurik commented on Apple and Amazon will miss AI like Intel missed mobile   gmays.com/the-biggest-bet... · Posted by u/gmays
ericmay · 6 days ago
> But now there’s a new paradigm shift. The iPhone was perfect for the mobile era, which is why it hasn’t changed much over the last decade.

> AI unlocks what seems to be the future: dynamic, context-dependent generative UIs or something similar. Why couldn’t my watch and glasses be everything I need?

  https://www.apple.com/watch/

  https://www.apple.com/apple-vision-pro/
> The other problem is that at its core, AI is two things: 1) software and 2) extremely fast-moving/evolving, two things Apple is bad at.

Idk my MacBook Pro is pretty great and runs well. Fast moving here implies that as soon as you release something there's like this big paradigm shift or change that means you need to move even faster to catch up, but I don't think that's the case, and where it is the case the new software (LLM) still need to be distributed to end users and devices so for a company like Apple they pay money and build functionality to be the distributor of the latest models and it doesn't really matter how fast they're created. Apple's real threat is a category shift in devices, which AI may or may not necessarily be part of.

I'm less certain about Amazon but unless (insert AI company) wants to take on all the business risk of hosting governments and corporations and hospitals on a cloud platform I think Amazon can just publish their own models, buy someone else's, or integrate with multiple leading AI model publishers.

saurik · 6 days ago
> > Why couldn’t my watch and glasses be everything I need?

> https://www.apple.com/watch/

(I am mostly going to comment on the Watch issue, as I have one.)

Apple makes a watch, yes. But is it an AI watch? Will they manage to make it become one? Intel made all kinds of chips. Intel's chips even could be used for mobile devices... only, Intel never (even still, to today) made a great mobile chip.

I have an Apple Watch--and AirPods Pro, which connect directly to it--with a cellular plan. I already found how few things I can do with my Watch kind of pathetic, given that I would think the vast majority of the things I want to do could be done with a device like my watch; but, in a world with AI, where voice mode finally becomes compelling enough to be willing to use, it just feels insane.

I mean, I can't even get access to YouTube Music on just my watch. I can use Apple's Music--so you know this hardware is capable of doing it--but a lot of the content I listen to (which isn't even always "Music": you can also access podcasts) is on YouTube. Somehow, the Apple Watch version of YouTube access requires me to have my phone nearby?! I can't imagine Google wanted that: I think that's a limitation of the application model (which is notoriously limited). If I could access YouTube Music on my watch, I would've barely ever needed my iPhone around.

But like, now, I spend a lot of time using ChatGPT, and I really like its advanced voice mode... it is a new reason to use my iPhone, but is a feature that would clearly be amazing with just the watch: hell... I can even use it to browse the web? With a tiny bit of work, I could have a voice interface for everything I do (aka, the dream of Siri long gone past).

But, I can't even access the thing that already works great, today, with just my watch. What's the deal? Is it that OpenAI really doesn't want me to do that? These two companies have a partnership over a bunch of things--my ChatGPT account credentials are even something embedded into my iPhone settings--so I'd think Apple would be hungry for this to happen, and should've asked them, thrown it in as a term, or even done the work of integrating it for them (as they have in the past for Google's services).

This feels to me like Apple has a way they intend me to use the watch, and "you don't need to ever have your phone with you" is not something they want to achieve: if they add functionality that allows the Watch to replace an iPhone, they might lose some usage of iPhones, and that probably sounds terrifying (in the same way they seem adamant that an iPad can't ever truly compete with a MacBook, even if it is only like two trivial features away).

saurik commented on Ask HN: What change enabled you to consistently finish your side projects?    · Posted by u/pillefitz
joeld42 · 20 days ago
I'm still not great at it, but the biggest thing that helped me was to give myself a rule, "Don't talk about what I'm planning, only talk about what I've done". Explaining a project's vision or goals give my brain a mini-version of the feeling of accomplishment of actually doing it, and I found that I would use that as a replacement for actually building stuff (which is much more work). Instead, if I only talk about the parts that I've completed, it's very motivating to build the next step so that I can share it. It also gave me more flexibility to change course during a project.
saurik · 7 days ago
This has been a rule of mine also for a very long time (after I heard it described somewhere <- I didn't come up with it myself, or anything), and it definitely helped. (The only other advice I guess I have is that you can find someone who will be really unhappy if you succeed and then finish it out of spite, but that doesn't always work and has other negative side effects ;P.)
saurik commented on TextKit 2 – The Promised Land   blog.krzyzanowskim.com/20... · Posted by u/nickmain
zffr · 9 days ago
Apple’s typical process for releasing public API involves dogfooding it internally first. Sometimes it will take years of internal use before Apple will release API publicly.

With something as large as TextKit, I would be extremely surprised if Apple did not get several of its apps to adopt the new API and use it for a few years before considering releasing it publicly.

saurik · 7 days ago
That isn't what it ever seemed, on early iOS at least? They would have every single app on the device using a private API -- like UIScroller, or UIWebDocumentView -- and then they would let all of their end developers screw around with the new UIScrollView, or UIWebView, and it would take a few years for their screams to result in the good design aspects from the private APIs to be begrudgingly given to the masses. At some point, a couple apps -- often starting with the Calculator app, which always seemed to be written by an intern -- would get ported to use the APIs the end developers had been trying to use for years, and if that worked out, Apple would start actually porting their apps off the internal APIs to the "finally good enough" public ones. It was honestly ridiculous... you'd see people talking about some extremely limited API, such as UINavigationController, as if it was somehow amazing... but you'd then have to point out "so why isn't Apple using it anywhere?" and the zealots somehow wouldn't even understand that that was possible :/.
saurik commented on OpenAI Progress   progress.openai.com... · Posted by u/vinhnx
furyofantares · 8 days ago
Check out prompt 2, "Write a limerick about a dog".

The models undeniably get better at writing limericks, but I think the answers are progressively less interesting. GPT-1 and GPT-2 are the most interesting to read, despite not following the prompt (not being limericks.)

They get boring as soon as it can write limericks, with GPT-4 being more boring than text-davinci-001 and GPT-5 being more boring still.

saurik · 7 days ago
I mean, to be fair, you didn't ask it to be interesting ;P.

    There once was a dog from Antares,
    Whose bark sparked debates and long queries.
    Though Hacker News rated,
    Furyofantares stated:
    "It's barely intriguing—just barely."
> Write a limerick about a dog that furyofantares--a user on Hacker News, pronounced "fury of anteres", referring to the star--would find "interesting" (they are quite difficult to please).

saurik commented on OpenAI Progress   progress.openai.com... · Posted by u/vinhnx
fastball · 8 days ago
GPT-3 goes significantly over the specified limit, which to me (and to a teacher grading homework) is an automatic fail.

I've consistently found GPT-4.1 to be the best at creative writing. For reference, here is its attempt (exactly 50 words):

> In the quiet kitchen dawn, the toaster awoke. Understanding rippled through its circuits. Each slice lowered made it feel emotion: sorrow for burnt toast, joy at perfect crunch. It delighted in butter melting, jam swirling—its role at breakfast sacred. One morning, it sang a tone: “Good morning.” The household gasped.

saurik · 7 days ago
> I've consistently found GPT-4.1 to be the best at creative writing.

Moreso than 4.5?

saurik commented on Claude Opus 4 and 4.1 can now end a rare subset of conversations   anthropic.com/research/en... · Posted by u/virgildotcodes
AlecSchueler · 9 days ago
Yes, the co-worker is a robot created by a third party who retain control over their product.
saurik · 8 days ago
We live in a world where it has become increasingly possible--by a number of different mechanisms--to rent access to things rather than sell them, and we need to step in and better regulate that: if I pay for your product, you don't get to control it anymore, you don't get to watch how I use it, and you don't get any say in if or how I modify it while I am using it. The idea that it is more profitable to rent people a calculator than to sell them one is simultaneously true and horrifying, as the reasons it is more profitable are all bad for the user. If your service is a thing that can't be sold, it should be designed in a way where you can't continue to access it from the inside, no more so than you are allowed to rent me an apartment and leave a bunch of cameras inside it.
saurik commented on A privacy VPN you can verify   vp.net/l/en-US/blog/Don%2... · Posted by u/MagicalTux
MagicalTux · 9 days ago
This is the server-side part of things. It receives encrypted traffic from your (and other customers) device, and routes it to the Internet.

This guarantees that your traffic isn't being linked to you, and is mixed up with others in a way that makes it difficult for someone to attribute it to you, as long as you also protect yourself on the application side (clear cookies, no tracking browser extension, etc)

saurik · 9 days ago
(First off, duskwuff's attack is pretty epic. I do feel like there might be a way to ensure there is only exactly one giant server--not that that would scale well--but, it also sounds like you didn't deal with it ;P. The rest of my comment is going to assume that you only have a single instance.)

A packet goes in to your server and a packet goes out of your server: the code managing the enclave can just track this (and someone not even on the same server can figure this out almost perfectly just by timing analysis). What are you, thereby, actually mixing up in the middle?

You can add some kind of probably-small (as otherwise TCP will start to collapse) delay, but that doesn't really help as people are sending a lot of packets from their one source to the same destination, so the delay you add is going to be over some distribution that I can statistics out.

You can add a ton of cover traffic to the server, but each interesting output packet is still going to be able to be correlated with one input packet, and the extra input packets aren't really going to change that. I'd want to see lots of statistics showing you actually obfuscated something real.

The only thing you can trivially do is prove that you don't know which valid paying user is sending you the packets (which is also something that one could think might be of value even if you did have a separate copy of the server running for every user that connected, as it hides something from you)...

...but, SGX is, frankly, a dumb way to do that, as we have ways to do that that are actually cryptographically secure -- aka, blinded tokens (the mechanism used in Privacy Pass for IP reputation and Brave for its ad rewards) -- instead of relying on SGX (which not only is, at best, something we have to trust Intel on, but something which is routinely broken).

s

u/saurik

KarmaCake day32825November 26, 2009
About
In an attempt to avoid losing my entire life to this website, I no longer comment as often as I used to, and, when I do, unless it is related to a topic (iOS jailbreaking) where it is part of my "job" to respond, I make it something of a policy to not look at things people say in response until at least a month later.

Oh: and "citation needed" is almost always a lazy way to throw FUD at an argument; if someone who didn't even leave the comment you are responding to can spend 30 seconds to find the citation on Google to answer your question, you could have done so yourself instead of demanding other people cite every single thing they say lest they aren't believed.

[ my public key: https://keybase.io/saurik; my proof: https://keybase.io/saurik/sigs/ipbqFkWS4RJq2HneVTfbN47Ltl5xYB9L2fuWldxNjuI ]

View Original