The IT Thread

[SYZ]

The one thing—a major, limiting thing—that AI and/or ML
may never incorporate is logic. As in human logic. Which
is why we need not fear robots taking over the world, as
some people seem to think.

The sentient HAL 9000 is merely a fifty-year-old fiction.

[Inkubus]

The one thing—a major, limiting thing—that AI and/or ML
may never incorporate is logic.  As in human logic. Which
is why we need not fear robots taking over the world, as
some people seem to think.  

The sentient HAL 9000 is merely a fifty-year-old fiction.

Or mebbie not:

Park and his colleagues initiated this study after a 2022 Science study by Meta caught their attention. The study described CICERO, an AI system created by Meta to excel in the alliance-building, world-conquest board game Diplomacy...

Their analysis showed that CICERO failed to be honest despite being trained to be truthful. It learned to misrepresent its preferences to gain an upper hand in the negotiations, the paper noted. It also built a fake alliance with a human player to trick them into leaving themselves undefended during an attack.Link

[SYZ]

...

Park and his colleagues initiated this study after a 2022 Science study by Meta caught their attention. The study described CICERO, an AI system created by Meta to excel in the alliance-building, world-conquest board game Diplomacy...

Their analysis showed that CICERO failed to be honest despite being trained to be truthful. It learned to misrepresent its preferences to gain an upper hand in the negotiations, the paper noted. It also built a fake alliance with a human player to trick them into leaving themselves undefended during an attack.Link

(my bold)

That's a classic example of ML, rather than true AI...  I think?

[mordant]

The one thing—a major, limiting thing—that AI and/or ML
may never incorporate is logic.  As in human logic. Which
is why we need not fear robots taking over the world, as
some people seem to think.  

The sentient HAL 9000 is merely a fifty-year-old fiction.

Or mebbie not:

Park and his colleagues initiated this study after a 2022 Science study by Meta caught their attention. The study described CICERO, an AI system created by Meta to excel in the alliance-building, world-conquest board game Diplomacy...

Their analysis showed that CICERO failed to be honest despite being trained to be truthful. It learned to misrepresent its preferences to gain an upper hand in the negotiations, the paper noted. It also built a fake alliance with a human player to trick them into leaving themselves undefended during an attack.Link

Some guy from MIT wrote a seminal paper on this topic. In it he speaks of the fact that once you define a state where an agent is forbidden from X, which takes a lot of resources, it requires almost no resources to "flip the bit" and do X anyway. The problem is that in creating the angel, you also create the demon.

[Inkubus]

A bit long but I was fascinated:

We are as a matter of fact right now building creepy super capable amoral psychopaths that never sleep, think much faster than us, can make copies of themselves and have nothing human about them whatsoever. What could possibly go wrong.

AI is now deployed in the pentagon's top secret Cloud. Edward Snowden said the intersection of AI with the ocean of mass surveillance data is going to put terrible powers in the hands of an unaccountable few and they may not be able to keep hold of it. Paul Cristiano said that eventually AI systems will be able to prevent humans from turning them off but much sooner than this AI will get out of control.

Humanity's AI evolution is not out of our control not yet, there are promising areas of research. The problem is that nearly all AI research funding of hundreds of billions per year is pushing capabilities for profit, safety efforts are tiny in comparison.

Nick Bostrom and the future of Life Institute, join us in calling for international AI safety research projects. We don't know if it will be possible to maintain control of superintelligence but we can point it in the right direction, instead of rushing to create it with no moral compass and clear reasons to kill us off. There will be no warning shot. Our greatest risk is increasingly hidden even as it spreads into all our systems.

It was popularly said around these parts a bucket of water would sort it. Not any more.

[SYZ]

In this video, I [the author] test the interaction between a
neodymium magnet and a copper sphere using the principles
of Lenz’s Law. By experimenting with this setup, I explore
whether a magnet can float or move differently inside the
sphere due to the electromagnetic effects. Join me as I walk
through the process of building the copper sphere, setting up
the experiment, and analyzing the results. This is part of a
continuing exploration of how copper and magnets behave
together.

[SYZ]

Complicated passwords make you less safe, experts now say.

Using a mixture of character types in your passwords and
regularly changing passwords are officially no longer best
password management practices.

For years, conventional wisdom advocated for passwords
that were highly complex, combining upper and lower case
letters, numbers and symbols. Over time, NIST found that
this focus on complexity was counterproductive and actually
weakened security in practice.

The new guidelines were published in September 2024 as
part of NIST’s second public draft of SP 800-63-4, the
latest version of its Digital Identity Guidelines.

Password strength is often measured by entropy, which is a
measure of unpredictability. While complexity can contribute
to entropy, length plays a much bigger role.   (As the actress
said to the Bishop.)  Sorry.

A longer password with more characters has exponentially
more possible combinations.

Long passwords that are easy to remember, such as
passphrases made up of several simple words. For example,
“big dog small rat fast cat purple hat jello bat” in password
form, so minus the spaces, “bigdogsmallratfastcatpurplehatjellobat”
is both secure and user-friendly. A password like this strikes
a balance between high entropy and ease of use.

A 64-character password using only lowercase letters and real
words would be extremely difficult to crack. If capitalised letters
and symbols are included, cracking the password would be close
to mathematically impossible.

  —This is all very well, and makes a lot of sense, but I see two
     drawbacks with this report, one major and one minor.  Who,
     in their right brain (I'm a "left brain" person ha ha) is really
     going to manually type in 64 characters whenever they choose
     to log into a site?  I'd guess nobody!

     And the minor(?) problem?  How many sites will allow you to
     type in a 64-charcter password/code?  I encounter plenty of
     sites that reject my 10-character password with the message
     "Maximum 8 characters exceeded" (or similar).

[pattylt]

Complicated passwords make you less safe, experts now say.

Using a mixture of character types in your passwords and
regularly changing passwords are officially no longer best
password management practices.

For years, conventional wisdom advocated for passwords
that were highly complex, combining upper and lower case
letters, numbers and symbols. Over time, NIST found that
this focus on complexity was counterproductive and actually
weakened security in practice.

The new guidelines were published in September 2024 as
part of NIST’s second public draft of SP 800-63-4, the
latest version of its Digital Identity Guidelines.

Password strength is often measured by entropy, which is a
measure of unpredictability. While complexity can contribute
to entropy, length plays a much bigger role.   (As the actress
said to the Bishop.)  Sorry.

A longer password with more characters has exponentially
more possible combinations.

Long passwords that are easy to remember, such as
passphrases made up of several simple words. For example,
“big dog small rat fast cat purple hat jello bat” in password
form, so minus the spaces, “bigdogsmallratfastcatpurplehatjellobat”
is both secure and user-friendly. A password like this strikes
a balance between high entropy and ease of use.

A 64-character password using only lowercase letters and real
words would be extremely difficult to crack. If capitalised letters
and symbols are included, cracking the password would be close
to mathematically impossible.

  —This is all very well, and makes a lot of sense, but I see two
     drawbacks with this report, one major and one minor.  Who,
     in their right brain (I'm a "left brain" person ha ha) is really
     going to manually type in 64 characters whenever they choose
     to log into a site?  I'd guess nobody!

     And the minor(?) problem?  How many sites will allow you to
     type in a 64-charcter password/code?  I encounter plenty of
     sites that reject my 10-character password with the message
     "Maximum 8 characters exceeded" (or similar).

I let my Mac decide the password and remember it.  Because I keep my drive encrypted, Apple remembers them for any new purchase and my iPhone and iPad.  Never been hacked…

When we went to full computerization at the hospital, we had to each have a password to log into the lab software.  That was fine.  Then, they decided we needed to change it every three months.  Very stupid as most of us just continued using the same password and adding a 1, then 2, etc. or a letter A, then B.   Plus, it also introduced the problem of someone on vacation or extended leave coming back with an expired password and needing an IT visit to reset.  They had a timer on how long an expired password was able to be changed by the employee because it might belong to an employee no longer at the hospital!  Management is IT illiterate and knows much more that the IT folks do (not).

[Cavebear]

Complicated passwords make you less safe, experts now say.

Using a mixture of character types in your passwords and
regularly changing passwords are officially no longer best
password management practices.

For years, conventional wisdom advocated for passwords
that were highly complex, combining upper and lower case
letters, numbers and symbols. Over time, NIST found that
this focus on complexity was counterproductive and actually
weakened security in practice.

The new guidelines were published in September 2024 as
part of NIST’s second public draft of SP 800-63-4, the
latest version of its Digital Identity Guidelines.

Password strength is often measured by entropy, which is a
measure of unpredictability. While complexity can contribute
to entropy, length plays a much bigger role.   (As the actress
said to the Bishop.)  Sorry.

A longer password with more characters has exponentially
more possible combinations.

Long passwords that are easy to remember, such as
passphrases made up of several simple words. For example,
“big dog small rat fast cat purple hat jello bat” in password
form, so minus the spaces, “bigdogsmallratfastcatpurplehatjellobat”
is both secure and user-friendly. A password like this strikes
a balance between high entropy and ease of use.

A 64-character password using only lowercase letters and real
words would be extremely difficult to crack. If capitalised letters
and symbols are included, cracking the password would be close
to mathematically impossible.

  —This is all very well, and makes a lot of sense, but I see two
     drawbacks with this report, one major and one minor.  Who,
     in their right brain (I'm a "left brain" person ha ha) is really
     going to manually type in 64 characters whenever they choose
     to log into a site?  I'd guess nobody!

     And the minor(?) problem?  How many sites will allow you to
     type in a 64-charcter password/code?  I encounter plenty of
     sites that reject my 10-character password with the message
     "Maximum 8 characters exceeded" (or similar).

I let my Mac decide the password and remember it.  Because I keep my drive encrypted, Apple remembers them for any new purchase and my iPhone and iPad.  Never been hacked…

When we went to full computerization at the hospital, we had to each have a password to log into the lab software.  That was fine.  Then, they decided we needed to change it every three months.  Very stupid as most of us just continued using the same password and adding a 1, then 2, etc. or a letter A, then B.   Plus, it also introduced the problem of someone on vacation or extended leave coming back with an expired password and needing an IT visit to reset.  They had a timer on how long an expired password was able to be changed by the employee because it might belong to an employee no longer at the hospital!  Management is IT illiterate and knows much more that the IT folks do (not).

I keep some passwords on sites I don't worry about on Password. But I also have an old standalone computer (for a few old games). But I also keep important passwords on Excel there. And I print them out on an equally-unconnected printer. No one can hack an off-line computer, LOL!

[Inkubus]

The dashes between the four random words, render a dictionary attack futile: the attacker simply can't know where the dashes are in the sentence, so he can't use a dictionary at all. Furthermore, the words are random and don't constitute an existing sentence.

Passwords explained

[SYZ]

I'm wondering if anybody owns or has used one of
these activity/health/sleep trackers, and if so what
would you consider their pros and cons by brand or
accuracy of their feature set.  

Are they just a marketing wank?  Are they worth their money?

I'm particularly interested in the way they collect and
display their sleep data—and I note that many of them
record your sleeping data somewhat differently, and also
with largely varying degrees of accuracy.  It seems that
you gets what you pays for, although some US$99 watches
appear to work as accurately as some US$299 watches in
recording light, heavy, REM, and awake stages.

I've done a lot of research, and I'm considering this watch
because of its several very positive reviews.

Amazfit Active 2 (Square) for US$149.99  [AU$228.90]

At the entry level, for a cheap brand name (important
to avoid cheap and nasty unbranded knockoffs) there's
the US$45.10    Xiaomi Smart Band 9 Active.

   —Any thoughts appreciated.   

[skyking]

in the most sensitive of security situations like banking, you have a two factor system going on by default. Your uname is also chosen by you and can be pretty random. If the uname DB gets compromised then this is no longer helpful.
But how the server deals with PW attempts is where it is at. Just a couple of fails and a time out, and then a multifactor PW reset. If you lose control of your authenticating means like your phone number and email addresses you could get screwed, but if there is no reference to that uname in your email history then it is back to square one.

[brewerb]

Is there a way to turn AI off on my phone/desktop? Phone uses google, desktop is firefox (if that matters).

[Fireball]

For Chrome, put "-ai" without quotes at the end of your search string. I use Chrome. Maybe FF does the same? OK, I went and checked . The AI lied to me. Quelle surprise. Looks like I have to have account with google, which I will not have. Change my mind, someone.
I try like hell not to use my phone for the internet.

[SYZ]

Is there a way to turn AI off on my phone/desktop? Phone uses google, desktop is firefox (if that matters).

https://addons.mozilla.org/en-US/firefox...overviews/

[Rizen]

My cousin works in IT. I keep telling him you have to watch The IT Crowd on Netflix. That show is hilarious! One of the best comedies on Netflix along with Bojack Horseman and How I met Your Mother.

[SYZ]

I'm guessing most people here have received the latest
Microsoft bullshit about the renewed terms and conditions
of using their software...

Summary of Changes to the Microsoft Services Agreement – 30 September 2025

This has me a little confused:

We removed the “For Consumers Living in Australia” section under the “Support” section due to changes [?] to local regulations.

Under the “Asia or the South Pacific, unless your country is specifically called out below” section, within “Contracting Entity, Choice of Law and Place to Resolve Disputes”, terms for residents of Australia have been removed due to changes in local regulations.

The last specifically-Australian T&Cs I could find were from 30 July 2024.

 —Any thoughts?  Anybody?    

[Rizen]

Anyone here computer savvy? I bought a USB A to A cable and plugged one end into my PC and the other end into my laptop. The ideas was I wanted to copy data from my PC to my laptop and use it as a backup. Unfortunately neither computer recognized the other. Is there any way to directly transfer data from my PC to my laptop? A lot of data.

[SYZ]

Anyone here computer savvy? I bought a USB A to A cable and plugged one end into my PC and the other end into my laptop. The ideas was I wanted to copy data from my PC to my laptop and use it as a backup. Unfortunately neither computer recognized the other. Is there any way to directly transfer data from my PC to my laptop? A lot of data.

USB-A ports are generally part of older devices, while
USB-C ports are the modern choice. An adapter bridges
the gap, making the two formats interoperable (though
full performance is not always guaranteed).

https://www.ecoflow.com/us/blog/usb-c-to...-best-uses

[TheGentlemanBastard]

Anyone here computer savvy? I bought a USB A to A cable and plugged one end into my PC and the other end into my laptop. The ideas was I wanted to copy data from my PC to my laptop and use it as a backup. Unfortunately neither computer recognized the other. Is there any way to directly transfer data from my PC to my laptop? A lot of data.

Assuming you're on a home network, create a shared folder on the PC you want to receive the data and connect to it by mapping a network drive on the PC sending the data. Then you can simply drag and drop whatever you need moved into the network drive. That's likely the easiest and most cost effective method.

Win 10/11 instructions.

USB-A was never meant for data transmission between PCs, but as a convenient way to attach and communicate with peripherals.

Natively it is not possible to use a USB cable to transfer files between two PC.

[Dānu]

Using an external hard disk as a go-between is another option. And once you're done, you can use the external as a backup device.

[Rizen]

Thanks everyone. I ended up using a USB transfer cable. The process was needlessly complicated but now everything's backed up onto my laptop so I can simply grab that if there's a fire.

[SYZ]

LOL... today's stupid IT bedtime story...

Was gonna sign up to a US media site, and when prompted
for a password, I entered this little baby:

a=fWz"Qb237';u,

It was rejected as unacceptable.  So, what's wrong with it?   

[pattylt]

LOL... today's stupid IT bedtime story...

Was gonna sign up to a US media site, and when prompted
for a password, I entered this little baby:

a=fWz"Qb237';u,

It was rejected as unacceptable.  So, what's wrong with it?   

Depending on the website, the punctuation marks and equal sign might be the reason.

[Rizen]

It's weird to think there are still cars with manual transmission. It seems like that should have been done away with a long time ago.