Most of this is just marketing crap from Anthropic.

Finding vulnerabilities in code and generating complex, multistep exploits with publicly available models is possible now. This biggest hurdles now is setting correct context and actually knowing what to look for. Any “guardrails” for this behavior are easily bypassed by framing the detection and exploit generation as a valid dev style question in the most difficult of situations.

They likely just trained a model without guardrails in this case.

What they are doing here is over-hyping a problem and framing it like they are the only ones with a solution. LLM security issues are more in-focus now that companies have dumped a ton of resources into building AI systems they don’t really understand.

I want it to be a Lower Decks reference.

Companies these days do what is right for their shareholders and if Claude makes money, or appears to make money, then the shareholders are happy.

000, 666 and 900-999 are invalid area numbers and any digit group of all zeros is also invalid. Thanks for playing!

I am making a slightly different point and have a bias to this perspective: https://www.legis.iowa.gov/docs/publications/SD/19230.pdf

I am saying that an SSN can be part of a larger validation scheme, not the only key to the castle. Specifically for government sites, SSNs can be linked to IRS data to verify places of last residence. A person generally needs to verify multiple items that are referenced by the SSN before basic authentication can be established and set by the user. (This is part of the full Authentication, Authorization and Access Control triad.)

An SSN is just a broad level identifier. If you look at many laws around the release of SSNs, the redaction is usually in place to prevent the linking of different documents and other data points.

If I released my SSN in this chat, I could be fully doxxed in a matter of seconds. It’s mainly because there are many legal systems in place that use an SSN as a primary key, of sorts. (It’s a bit more than that, as SSNs can be duplicated in some circumstances.)

So to say, at a high level, an SSN is considered private is absolutely correct. However, it’s so easily referenced and obtainable it really isn’t fully private either.

If I was to generate a full list of every possible SSN in the US (which I have done, multiple times), that list is effectively useless to anyone who obtains a copy of it. So, by itself, an SSN is effectively public.

SSNs are generally considered public information but how the SSN is linked to other information is usually the more difficult bit to find and it’s generally pay-walled. (Any jackass with a business license and a credit card can usually buy background check information for ‘hiring’.)

But no, it shouldn’t be solely used for authentication. That is just dumb. However, it can be used as part of a larger verification and validation scheme while building authentication/authorization profiles. In most systems that I have seen that use full or partial SSNs, it is always linked to several other identifiers that need to match.

You can interpret anything how you choose, kind of like we have to do with your grammar.

You are missing my point, but I also wasn’t clear enough. In proper context, we are saying the same thing.

I worded that sentence carefully, as to your point, I don’t actually want to tell people to go to Reddit. However, each platform is unique in its own way. If someone wants the Reddit experience, that is the only place they are going to find it. Reddit content is generally curated algorithmically while Lemmy content is not. It’s could be the same articles on the same day, but two different experiences.

OP was referring to reposting content for someone who seemed to be looking for the same volume of content that is on Reddit that is heavily sorted, unless I missed something. I was just saying that this platform doesn’t really support that kind of thing in a constructive way. The articles and the presentation combined make the platform “content”.

Something similar has been done before and it was really easy to spot. I won’t get into the details, but it was really trashy. There are other communities that try to copy Reddit already and I block most of them.

Communities driven by one persons posts or by a cluster of bots generally suck. Yes, communities must start with only one person, but if nobody else likes the idea and the community doesn’t drive participation from Lemmy as a whole, it’s simply noise.

Post content that you like, in communities that matter to you. If you like a particular strain of content, start a new community. People will join or they won’t. Read the room and continue driving the community, or don’t.

Automated posts have their place, but most people can spot it fairly quick. It generally doesn’t drive participation as much as organic posts.

Bluntly though, if you want Reddit content, go to Reddit. Lemmy isn’t Reddit and that is what people generally like about it.

Do a look-through of that XML folder as well. Images could be base64 encoded in those XML files. I remember several instances where XML was used as a template “language” for old style GUIs. (When XML and HTML diverged, a lot of that kind of thing was happening.)

There are some kind of instructions in this video that go through a logo change process. I don’t know if this helps, but I tried: https://youtu.be/QrobPTgu7C0

Also, does it use some kind of database? The images seem like they would be small enough to jam into a blob and just store alongside regular inventory information. If there is a database, it’s probably third-party. If it’s third-party, I would see if it had its own installer packaged inside of the application installer itself. (A third party database would likely be outside of the main app folder.)

Just dumping random thoughts.

That’ll be interesting when Nintendo just turns around and sues YouTube for allowing videos of emulators on its platform or for every time a creator even mentions the name Nintendo in an unapproved context.

Observe while participating is what I meant. The intent is to give a person a heads up that cliques still exist on Lemmy and it may take a bit to understand them. In my case, I found the first instance I wouldn’t participate on when I was classified as a fascist baby killer for some reason. (Some instances hadn’t been mostly defederated back then.)

I would tweak that a hair and tell people just to make an account somewhere and observe for a bit. Lemmy can have some very distinct groups that reside on very specific instances. Or not. It’s a “pick your adventure” kind of scenario, IMHO.

It took about six months or so for me to settle into .ca after bouncing around a bit. It’s not really a pain to switch instances, but I personally like my chat history in one spot and I like the concept of a ‘home instance’.

Depending on your client and your settings, your feed could have a bias that leans in the direction of the posts on your home instance, so that is something of note. Not saying that is bad or good, it just is what it is.

Oh, was I using the correct lingo for hundred year old methane powered shit gushers? I had no idea. Lol!

use spent oil reservoirs

Ok, that lead to some giggles thinking about some company drilling in the future thinking they were about to hit a strangely untapped oil field.

Add a hundred years of methane pressure build up and that could be really interesting gusher.

The fan is good, but the orientation seems like it would struggle pushing air between the drives. Maybe a push-pull setup with a second fan?

My general attitude is similar to yours. Let OP figure out that the reporting and blocking is basically just creating more noise that has to gets filtered out and bot supply is basically infinite.

“It’s a learning experience.”

Good luck with that, I suppose. Botnets can have thousands, if not hundreds of thousands of infected hosts that will endlessly scan everything on the interwebs. Many of those infected hosts are behind NAT’s and your abuse form would be the equivalent of reporting an entire region for a single scan.

But hey! Change the world, amirite?

That comment is pure gold and I am archiving it for future use.