This is literally better in every way.

This being said, better in every way does not mean good. It’s just hard to be worse than a crypto bro run, literal ad company, who’s browser is a reskin of chrome.

Hot off the presses, in addition to the CEO being queer-phobic, he literally is now ranting about how George Soros, and leftists are treating him unfairly.

https://lemmy.world/post/26379948

Probably not. Anthropic is a direct competitor.

I mean if you are already ok with using a Chrome reskin from a crypto ad company your standards are already set too low.

People who use Firefox are concerned that Firefox is slowly shifting into what Brave is now. Aka an ad company.

I swear to god Brave browser is a cult. People who are into it a really into pushing it. No, I don’t want your crypto-bro, ad company run, chrome reskin.

It’s government reporting data. If you find a better source I say go for it. But I used that data for salary negotiations in the past successfully.

I’m not talking about take home. I’m talking about total annual compensation including things like RSU payouts etc.

Even if we throw out the ones you doubt there are many 300k to 400k entries with the AI researcher title. If we add annualized RSU payouts we easily hit over €500k.

At this point t though you are free to doubt me.

Maybe not with just if statements. But with a heuristic system I bet any site that runs a tar pit will be caught out very quickly.

When I worked in the U.S. I was well above $160k.

When you look at leaks you can see $500k or more for principal engineers. Look at valves lawsuit information. https://www.theverge.com/2024/7/13/24197477/valve-employs-few-hundred-people-payroll-redacted

Meta is paying $400k BASE for AI Reserch engineers with stock options on top which in my experience is an additional 300% - 600%. Vesting over 2 to 4 years. This is to H1B workers who traditionally are paid less.

Once you get to principal and staff level engineering positions compensation opens up a lot.

https://h1bdata.info/index.php?em=meta+platforms+inc&job=&city=&year=all+years

ROI does not matter when companies are telling investors that they might be first to AGI. Investors go crazy over this. At least they will until the AI bubble pops.

I support people resisting if they want by setting up tar pits. But it’s a hobby and isn’t really doing much.

The sheer amount of resources going into this is beyond what people think.

That and a competent engineer can probably write something on the BEAM VM that can handle a crap ton of parallel connections. 6 figure maybe? Being slow walked means low CPU use which means more green threads.

I see your point but like I think you underestimate the skill of coders. You make sure your timeout is inclusive of JavaScript run times. Maybe set a memory limit too. Like imagine you wanted to scrape the internet. You could solve all these tarpits. Any capable coder could. Now imagine a team of 20 of the best coders money can buy each paid 500.000€. They can certainly do the same.

Like I see the appeal of running a tar pit. But like I don’t see how they can “trap” anyone but script kiddies.

Fair. But I haven’t seen any anti-ai-scraper tarpits that do that. The ones I’ve seen mostly just pipe 10MB of /dev/urandom out there.

Also I assume that the programmers working at ai companies are not literally mentally deficient. They certainly would add .timeout(10) or whatever to their scrapers. They probably have something more dynamic than that.

They want to reduce the bandwidth usage. Not increase it!

To be fair this is the opposite of rolling over. Rolling over would be adding the back door.

TIL. Very cool.

Solaris was beautiful. But it could have been more secure if it had Mandatory Access Controls. One compromised app running as root, or one privilege elevation exploit and without mandatory access controls you’re done.

Even with user contained exploits without MAC you expose way too much.

Edit: Turns out Solaris had a MAC enabled variant called Trusted Solaris! I could have seen myself using this if Sun was still around and OpenSolaris had panned out.

https://en.m.wikipedia.org/wiki/Trusted_Solaris

In conclusion Solaris was not junk.

I like the fact that it is a solid mandatory access control system. With SELinux you are substantially more safe than without.

For example. Let’s say you are running a compromised version of OpenSSH. Threw a XZ style back door a hacker gets in as OpenSSH (which runs as root).

Without SELinux the system is fully owned. With SELinux the attacker can only access what OpenSSH needs to access even if they have root. They can’t just chmod files and folders wherever. That means your photos and application data are still secure. With the pre written SELinux policies this applies not just for OpenSSH but for every piece of software installed on your system. Everything is limited to the exact folders, ports, and system capabilities that it needs and no more. Even stuff like seperate websites being served under Nginx. You can have Nginx-subgroup-1 and Nginx-subgroup-2 where the applications can’t see each other even though they are being run as the Nginx user.

I don’t trust any Linux distro without this security layer.

It’s a little difficult to learn and master, but it’s totally worth it if you care about security.

Redhat put out a comic about it a few years ago explaining the basics. https://people.redhat.com/duffy/selinux/selinux-coloring-book_A4-Stapled.pdf

Thank goodness for selinux. Without it Linux would not be a secure OS.

And no AppArmor does not do the same thing. You need the mandatory part for mandatory access controls to work.

Kind of the opposite actually. PTX is in essence nvidia specific assembly. Just like how arm or x86_64 assembly are tied to arm and x86_64.

At least with cuda there are efforts like zluda. Cuda is more like objective-c was on the mac. Basicly tied to platform but at least you could write a compiler for another target in theory.

I mean they’re synced super fast to every file system. It works really well. Wayyy wayyy faster than nextcloud too. You can access them on that file system. If you want to “directly” access them you can always use the fuse driver. This being said there isn’t really a need to because all the files just are synced to your file system.

https://manual.seafile.com/latest/extension/fuse/

I mean Americans do a lot of dumb stuff. And I don’t think we need to make every thread American centric.

True if all of your knowledge of religion comes from pop culture I can see how someone might see it that way.

Like in Family Guy or other Seth Rogan shows Satan, Jesus and “God” are all depicted as equals bickering.

Thanks for your thoughts here. They’re interesting.

I’m guessing you don’t come from a region that has been historically Abrahamic. I’m secular myself but it’s interesting that you would throw Satan in there with the rest.

Talk about living in your head rent free.

But for the record I feel the same way. If it was a for profit company I would think there is a problem. But a non profit in a reputable legal system doing a donation drive for a good cause isn’t really “sus” at all.