Articles tagged “links”
Saturday, 1 March, 2025 —
links
generative-ai
iA, developers of iA Writer and iA Presenter:
Tech companies big and small sell AI as something that thinks for us. It does replace thought with statistics—but it is not intelligent. No one knows what the future will bring. But is a future without thought a better future?
Now, with a tool that might help us think… How about using AI not to think less but more?
There are two primary areas I am investigating using generative AI tooling with, writing and software engineering. This is true for both work and at home. I’m still trying to wrap my head around what the evolving possibilities are, and I’m still building a habit of reaching for the tools in order to learn how best they’ll work for me.
The questions and examples in this article are a critical pivot in generative AI’s use from, “let it think for you”, to, “here’s how to leverage generative AI into higher quality writing”. That’s a bit different in approach than how I think generative AI is commonly used.
I am way more comfortable using generative AI as a reviewing tool, for help in unsticking things, or spotting problems vs. “doing the work for me.” I can easily see using similar approaches to edit and improve my general writing and my software development.
On the software engineering side at work, my engineering organization is strongly encouraging the use of tools like GitHub Copilot and ChatGPT and is providing licenses for their use. The key suggestions are working with GitHub Copilot in an IDE and ChatGPT elsewhere for generating code, troubleshooting code, explaining code, and brainstorming.
The institutional sense is these tools are roughly equivalent to an exuberant, but inexperienced, intern. Accordingly, the guidance is to delegate work to the tools, but thoroughly validate the results. I think this recommendation is a correct approach. Another, and where I’m finding more natural alignment with is using these tools for review and editorial feedback. The iA suggestions here will help inform how I approach prompt writing and what I’m looking to get out of code generation, to the point where I may build a shell first, then run snippets by and seek improvements.
Similarly, Writing-wise, I’ve made some use of the Apple Intelligence writing tools and had a niggling sense there was a better way of handling their use than I have been so far. This post has just such an example of comparing Apple Intelligence writing tools output against the original and then reviewing a change-by-change comparison. I like that and have an easy way to do that in BBEdit. As with software engineering, it feels more congruent to my way of working.
Sunday, 7 August, 2022 —
links
privacy
civics
Pia Ceres, reporting for Wired:
Now that the majority of American students are finally going back to school in-person, the surveillance software that proliferated during the pandemic will stay on their school-issued devices, where it will continue to watch them. According to a report published today from the Center for Democracy and Technology, 89 percent of teachers have said that their schools will continue using student-monitoring software, up 5 percentage points from last year. At the same time, the overturning of Roe v. Wade has led to new concerns about digital surveillance in states that have made abortion care illegal. Proposals targeting LGBTQ youth, such as the Texas governor’s calls to investigate the families of kids seeking gender-affirming care, raise additional worries about how data collected through school-issued devices might be weaponized in September.
The CDT report also reveals how monitoring software can shrink the distance between classrooms and carceral systems. Forty-four percent of teachers reported that at least one student at their school has been contacted by law enforcement as a result of behaviors flagged by the monitoring software. And 37 percent of teachers who say their school uses activity monitoring outside of regular hours report that such alerts are directed to “a third party focused on public safety” (e.g., local police department, immigration enforcement). “Schools have institutionalized and routinized law enforcement’s access to students’ information,” says Elizabeth Laird, the director of equity in civic technology at the CDT.
Schools concerned about keeping students productive and safe from school shootings and other potential harms have installed highly invasive monitoring software on school-owned devices issued to students that makes extraordinary and unproven claims about efficacy.
I get that screens can have tons of distractions and teachers probably need some assistance in keeping students focused, but all of this just seems over-the-top invasive against student privacy, particularly for students who don’t otherwise have their own devices.
The ease and comfort with which kids can get automatically referred to law enforcement is flat out shitty.
Wednesday, 30 December, 2020 —
links
Nathaniel Popper reporting for The New York Times:
The fast-growing cryptocurrency start-up Coinbase has been rattled in recent months by tensions between executives and employees who said they were being treated unfairly because of their race or gender.
While management at the company has argued that the complaints were limited to a handful of employees, Coinbase’s own compensation data suggests that inequitable treatment of women and Black workers went far beyond a few disgruntled workers.
…
The Coinbase figures arrived at by Ms. Marr took account of the job level of all employees, as well as their status as an engineer and manager. It is possible that if the analysis took account of more factors, the pay disparity would shrink.
In the 14 job categories at Coinbase with at least three women, the average woman earned less than the average man in all but two job categories.
Black employees earned less, on average, than white employees in all but one of the eight job categories that had any Black staff members, the analysis by Ms. Marr shows.
The wage disparities are compounded by the fact that women and Black employees were concentrated in the lower-paying jobs at the company.
It does not surprise me in any way to read this about a company whose CEO made loud noises about staff being “mission-focused” and apolitical at work.
Tejal Rao, reporting for The New York Times:
The Mesoamerican dumpling, made with nixtamalized corn dough and a variety of fillings, has been around for thousands of years. Called tamalli in Nahuatl, a language spoken by Indigenous peoples in Mexico and Central America, it’s still referred to in its singular as a tamal, or tamale.
It can be a source of deliciousness, comfort, cultural connection or income, but the tamal is not a monolith, and there’s no single, correct way to make it.
Dr. Jeremy Littau: “I miss Christmas tamale season in California.”
Matthias Endler:
Kubernetes is the 800-pound gorilla of container orchestration.
It powers some of the biggest deployments worldwide, but it comes with a price tag.
Especially for smaller teams, it can be time-consuming to maintain and has a steep learning curve. For what our team of four wanted to achieve at trivago, it added too much overhead. So we looked into alternatives — and fell in love with Nomad.
We use Kubernetes at work. We’re a decently-sized engineering organization with several teams each supporting two or more applications. The complexities are worthwhile for us since our infrastructure team has a common framework for supporting applications deployed with Kubernetes.
For side projects, or a small shop, I would not start with Kubernetes.
David Bryant Copeland:
I take GitHub’s new security vulnerability notifications seriously, and try to patch my apps whenever something comes up. I recently had trouble doing so for a JavaScript dependency, and uncovered just how utterly complex management of NPM modules is, and how difficult it must be to manage vulnerable packages. And I’m left wanting. I’m also left more concerned than ever that the excessive use of the NPM ecosystem is risky and dangerous.
The problem stems from three issues, each compounding the other:
- NPM’s management of transitive dependencies that allows many versions of the same module to be active in one app.
- Core tooling lacking support to identify and remediate the inclusion if insecure modules.
- Common use of the same package.json for client and server side bundles.
This is an article from 2019, focused on NPM and JavaScript. More broadly, it’s a reminder to truly own your software dependencies. GitHub’s Dependabot is really helpful for getting automated updates, where they’re possible. It is insufficient to rely on it alone and so, the responsibility remains with project maintainers to stay aware and on top of security updates. Choose the your dependencies conservatively and wisely.
Bruce Schneier:
The US prioritizes and spends many times more on offense than on defensive cybersecurity. In recent years, the NSA has adopted a strategy of “persistent engagement,” sometimes called “defending forward.” The idea is that instead of passively waiting for the enemy to attack our networks and infrastructure, we go on the offensive and disrupt attacks before they get to us. This strategy was credited with foiling a plot by the Russian Internet Research Agency to disrupt the 2018 elections.
But if persistent engagement is so effective, how could it have missed this massive SVR operation? It seems that pretty much the entire US government was unknowingly sending information back to Moscow. If we had been watching everything the Russians were doing, we would have seen some evidence of this. The Russians’ success under the watchful eye of the NSA and US Cyber Command shows that this is a failed approach.
And how did US defensive capability miss this? The only reason we know about this breach is because, earlier this month, the security company FireEye discovered that it had been hacked. During its own audit of its network, it uncovered the Orion vulnerability and alerted the US government. Why don’t organizations like the Departments of State, Treasury and Homeland Wecurity regularly conduct that level of audit on their own systems? The government’s intrusion detection system, Einstein 3, failed here because it doesn’t detect new sophisticated attacks — a deficiency pointed out in 2018 but never fixed. We shouldn’t have to rely on a private cybersecurity company to alert us of a major nation-state attack.
Schneier has the most level-headed, thorough, and considered write-up of the SolarWinds incident that I’ve seen so far.
Saturday, 24 August, 2019 —
links
technological-failure
From The Independent:
A video appearing to show a Tesla driver asleep while his vehicle drove on auto-pilot has prompted criticism online.
The footage, posted on Twitter by US journalist Clint Olivier and filmed by his wife Alisha, was filmed on Los Angeles‘ busy interstate 5 last Saturday morning.
As Mr Olivier drives past the car, which is travelling steadily along the middle lane, Ms Olivier can be heard saying: “He’s totally asleep. This is crazy.”
There’s a broader post to write about the specific nomenclature of Tesla’s semi-autonomous driving tech being named Autopilot, and how drivers interpret the word. Until I write it, it will have to suffice to say that this incident isn’t the first such incident and will not be the last.
The driver is lucky this wasn’t fatal.
Saturday, 1 December, 2018 —
links
Katharine Q. Seelye writes in “Harry Leslie Smith, ‘World’s Oldest Rebel,’ Is Dead at 95” - The New York Times:
His son’s death finally tipped him over the edge to start writing his memoirs, at 87. His first was a book called “1923,” the year of his birth, published in 2010. Other books and essays spilled forth. An Englishman who lived part time in Canada, he wanted to shake the world into appreciating what had been won in World War II.
He went on to write four more books and was working on a sixth, about the refugee crisis, when he died on Wednesday at 95 in a hospital in Ontario.
Remarkable. I’d like to be that productive that late in life. Heck, I’d love to be that productive now.