Achually. If you have L.M.Ericsson 8x8 latching crossbar switch, 64-bit memory needs only 6 relays. Yes SIX.
The Fuji relay-computer has lots of those crossbar switches.
However. The rope-memory in this scene is read-only-storage containing vast amount of data. Rope memory is economical to use but labor-intensive to produce.
The company doesn't get the choice. If they fire you or cut your pay over jury service, or even just threaten to to do so, and you can prove it, they can be arrested immediately. I have personally witnessed a judge issue a bench warrant for the arrest of a retail manager who told an employee that if she failed to get out of jury duty before her shift started that she would be fired. When the manager was brought in and questioned by the judge he tried to argue that it was his right to deny jury service by his employees. He was given 90 days in jail for contempt of court.
I don’t know. Maybe I could worked with HR for more but our employee manual said they would pay for two weeks and this was a company that was generally pretty understanding about personal matters. Certainly an hourly employee or someone self employed is probably not getting any sort of a deal.
I wouldn’t have been fired (which seems a different case) but being largely unable to, say, make sales calls or other external activities for 6 months I would expect to have consequences even if just as simple as underforming my peers. Maybe a manager would understand and take it into account but I wouldn’t count on it. It doesn’t have to be blatant as in your example.
If you perform nearly any work at all in a given week you're entitled to your salary, and they can't fire you. They might be able to take away the $15/day stipend from your pay, and there are obvious additional negatives (6 months with limited context and practice of your craft will reduce your performance when you get back too), but that 2-week cap is a lawsuit waiting to happen unless they also forbid you from doing any work while on jury duty.
As I say grand jury duty is often not every day, you can always take your PTO, and there are always nights and weekends. A company can always keep paying your base salary but, as you say, there could be longer term consequences.
And the case upthread is obviously a retail manager being stupid but I also assume there is no obligation to pay hourly employees for hours they don’t work or for tips they didn’t collect.
You can, but if salaried you usually shouldn't, ignoring any particularly malicious employers and social contracts around the outskirts of the law.
> No obligation to pay hourly employees, tips, etc
Yeah, if you're not salaried you're screwed. PTO might cover a few days, but if you have a month-long trial and need money for rent then my understanding of the law is that serving as a juror will make you homeless unless the courtroom is willing to extend some compassion for your hardship.
The problem is punishing the uploader doesn't remove the upload. Once the public has it, it has it forever. It doesn't un-contaminate a jury pool, and there's no later retraction if whatever that was uploaded is found to be lacking context, false, or outright fabricated. Once that kind of damage is done, it can't be un-done.
Yeah, that's unfortunate. But the same is true of lots of other crimes. No way to unstab someone. Usually we account for that by setting a higher punishment
Using HTTP does not guarantee your content can be read, since it can be modified in transit. Your content could be replaced entirely and you would never know unless someone reported it to you.
But, as we learned with the telnet filter going into place, we exist on the network at the pleasure of everyone else. Their concerns must come before ours. The needs of the many outweigh the needs of the few.
It is my understanding that DNS challenges are discouraged and/or being deprecated due to the challenge results being less trustworthy than more stringent verification methods. There is also the operational overhead that arises as SSL certificate lifetimes shorten; It is my understanding that there is now a case being made for SSL certificate lifetimes shorter than 24 hours.
I don’t know about the DNS challenge being discouraged, do you have something to read up on that? As far as I know it’s the only common way to get a wildcard cert.
And also the lifetime isn’t a problem in the setup I described, the internal server that uses the cert can do the dns challenge so it can get a new cert whenever it wants. It only needs to be able to access the DNS api.
I must correct myself; The DNS challenge is indeed being discouraged in the future, but it is because the DNS-01 challenge is being replaced by the DNS-PERSIST-01 challenge which addresses deficiencies in DNS-01.
The trust and security issues associated with maintaining intranet resources vs. outsourcing to a dedicated professional cloud service provider remain, but are not related to whether any SSL certificates used are issued through DNS-based verification or not.
DNS challenges are a massive PITA, too. I used them for wildcard certificates but gave up after a couple years because manually renewing them every three months was super annoying.
Unfortunately it is not easy to automate either especially if you use multiple domain providers. Not every hosting has an API and Namecheap wanted $50 for enabling it if I remember correctly.
I run a PDP-10 during the colder parts of the year. It's for historical preservation reasons. There are others doing the same thing. We still offer telnet access because that's how it worked back then. I guess we aren't going to be doing that anymore.
If you can get it on IPv6, maybe via a gateway, port 23 filtering doesn't seem to be applied to IPv6 yet! (I assume because the v6 address space is too large to mass scan?)
If moving it to another port from the OS is beyond the pale for you, your router should implement PAT (port translation) or forwarding, so that from the outside, users could connect on, say, 443 or 2323, and the router rewrites the segments to connect to your immutable port 23/tcp.
It makes no sense that IPv6 is treated differently than IPv4. If GNU telnetd is vulnerable and it's running on port 23/tcp, it will be found on IPv6. I would definitely not bind anything to listen on port 23 on any protocol, because I would expect it to become filtered shortly. Port 23 is permanently burned everywhere.
Conversely, a vintage PDP-10 telnetd is not affected by the CVE for GNU.
It is a classic rookie mistake to treat the two protocols differently, so if Tier-1 providers have done this, they must be overly optimistic, or foolish, or met with some technical obstacles, or perhaps OSI Layer 8?
My boss says it's because they are backed by trillion dollar companies and the companies would face dire legal threats if they did not ensure the correctness of AI output.
Point out to your boss that trillion dollar companies have million dollar lawyers making sure their terms of service put all responsibility on the user, and if someone still tries to sue them they hire $2000/hour litigators from top law firms to deal with it.
In a lot of ways he is, despite witnessing a lot of how the sausage is made directly. Honestly, I think at at least half of it is wanting to convince himself that the world still functions in ways that make sense to him rather than admit that it's mostly grifters grifting all the way down.
The Gervais Principle framework calls this type of person a Clueless. They sit in middle management as a buffer between the Sociopaths who run the world, and the Losers who know the world sucks but would just like to get their paycheck and go home. I'm surprised to hear this actually play out — the Gervais Principle doesn't seem very empirical.
I don't agree with this blanket statement. The internet is low trust for lots of reasons, but regular (read small, proximal/spatiotemporally constrained) communities still exist and are not grifters all the way down. Acknowledging that distant strangers are not trustworthy in the traditional sense seems reasonable, but is categorically different than addressing natural social groups (small and local).
Yes, and most young Americans are locked out of those small, high-trust suburbs due to high housing prices. So instead they get to experience the magic of low-trust America first-hand, hence the disconnect between the young and the boomers.
Exactly. Sadly, low-trust America has become the default where most people live. There are still nice, small-town, local shopping, suburban high-trust enclaves here and there, but as soon as you go online or deal with a business with more than a handful of locations, you're back in the low-trust grifting zone.
This is a good heuristic, and it's how most things in life operate. It's the reason you can just buy food in stores without any worry that it might hurt you[0] - there's potential for million ${local currency} fines, lawsuits, customer loss and jail time serving as strong incentive for food manufacturers and vendors to not fuck this up. The same is the case with drugs, utilities, car safety and other important aspects of life.
So their boss may be naive, but not hilariously so - because that is, in fact, how the world works[1]! And as a boss, they probably have some understanding of it.
The thing they miss is that AI fundamentally[2] cannot provide this kind of "correct" output, and more importantly, that the "trillion dollar companies" not only don't guarantee that, they actually explicitly inform everyone everywhere, including in the UI, that the output may be incorrect.
So it's mostly failure to pay attention and realize they're dealing with an exception to the rule.
--
[0] - Actually hurt you, I'm ignoring all the fitness/healthy eating fads and "ultraprocessed food" bullshit.
[1] - On a related note, it's also something security people often don't get: real world security relies on being connected - via contracts and laws and institutions - to "men with guns". It's not perfect, but scales better.
[2] - Because LLMs are not databases, but - to a first-order approximation - little people on a chip!
> It's the reason you can just buy food in stores without any worry that it might hurt you[0] - there's potential for million ${local currency} fines, lawsuits, customer loss [...]
We are currently facing a political climate trying to tear many of these safeguards down. Some people really think "caveat emptor" is some kind of natural, efficient, ideal way of life.
"men with guns" only work for cases where the criminal must be in the jurisdiction of the crime for the crime to have occurred.
If you rob a bank in London, you must be in London, and the British police can catch you. If you rob a bank somebody else, the British police doesn't care. If you hack a bank in London though, you may very well be in North Korea.
That's a fair point, and I suppose it is a major reason cybersecurity looks the way it does. The Internet as it is ignores the jurisdictional borders. But I still think cybersec is going overboard with controls, constraining use cases where international cybercrime is not a major factor in the threat model.
For this logic I like to point out that every AI service has text that says, essentially "AI can be wrong, double check your answers". If you had the same disclaimer on your food "This food's quality is not assured" would you feel comfortable buying it or would you take pause until you've built up trust with the seller and manufacturer.
There's so much CYA because there is an A that needs C'ing
Maybe a million dollar company needs to be compliant. A billion dollar company can start to ward off any loopholes with lawsuits instead of compliance.
A trillion dollar company will simply change the law and fight governments over the law to begin with, rather than worrying about compliance.
If only every LLM-shop out there would put disclaimers on their page that they hope absolve them of the responsibility of correctness, so that your boss could make up his own mind... Oh wait.
reply