Nice write-up. Thanks for also including all the numbers. If I might ask: What is the thermal/throttling behaviour you mention? Is it still within the laptop’s thermal budget? Or does it reach throttling territory when doing inference on a long context window?

I feel the majority of it isn’t really Android, but some Google Apps… Google Camera, Instagram, FindMy hub… RCS messages aren’t in AOSP either… The threat detection will be inside of the Google services… So I won’t get most of this on my phone. And I wonder if OS verification and hardware isolation are features to protect my security, or whether that’s to safeguard some DRM stuff and whatever the app developers don’t want me to touch.

… don’t forget about the backups.

And if your major issue is putting things in wrong locations… Maybe learn about some abstraction layers, so next time you’re able to just move it, instead of tearing it down?

Maybe don’t learn all of it at the same time, or you’re bound to get confused and mix up whether some concept was from Dart, Python or one of the several frameworks.

I usually start with the Wikipedia Article when I’m interested in new things. It’ll have many references at the bottom to read more about a concept.

Interestingly enough, there’s zero mention of Claude in there. And when I google it, there’s many very convoluted blog posts. And I can’t tell whether it’s above my head or hallucinated stories. They go on for like 20 pages but don’t really explain anything with all those words. Or what they actually found in Claude’s code.

Symbolic-AI in itself isn’t too hard. That’s stuff from the 1980s and in every computer science textbook. Just no clue how something like an expert system is supposed to be connected to a Chatbot or programming agent.

Totally agree. First of all with the Linux vs Meme… Yeah, we’re all living in more than one dimension. Guess I more or less wanted to say, most helpful advice I got on what non-spec combinations of RAM and computers work etc… I got from Reddit. I think it’s a bit an amount of users thing.

I’m also for human connection. I’m also here to talk to people. Especially in the comments. Also why I sometimes disagree with people on what the Threadiverse needs more of.

With the pamphlet bombings… Well, the internet changed a lot in my lifetime. We had times we thought it was a bit unethical to do statistics on what software you install, hence what packages in Debian are installed how many times. As a more privacy-oriented person you were told to just put it out there and not worry about collecting that kind of data… Or just write your Blog mainly for yourself and maybe some people will like it as well. I think as of today, that’s very niche way of thinking. Thanks to the advertising industry, we need exact page impressions. And everyone expects social media to come with all these engagement metrics, how many people saw the post… Not only professional “influencers”. I’ve heard random people will also have a look at the numbers. And your local youth organization also wants to know about the propagation of their invitation to the summer party. What the algorithm does to their posts, etc… Just counting how many people showed up isn’t how communication works any more. At least in my experience.

I’ve upheld the opinion, the change in the MAU is probably a rough indicator on our attractiveness. If a place is nice, people will come and want to join the party. But it’s a bit of a diffuse metric and doesn’t tell anything in specific. Plus it’s not the only factor.

I guess with statistics, you’d always better ask a very specific question. I mean, these are just numbers, I guess? And if you’re fixing an old Linux computer, there is no point in lots of people commenting on meme posts. You want the one person who’s done this before to be part of the network, read your post and then reply… Or if you want to discuss politics, all the people re-posting the news articles on geopolitics don’t really count, you’ve already read the newspaper, now you’d like nuanced opinions in the comments. I’m a bit unsure whether a single abstract number means anything.

For the health of the overall network, I think MAU isn’t even all that bad. There’s probably a strong connection between “health” of a place, and how many people think it’s worth subscribing and then coming back on a regular basis.

Nice work! I’ve been looking for something like this as well. I’ve been using Speech-to-Phrase for a while. And it is a bit similar in that regard. It also tries to match the speech to something in its vicabulary… But from my experience, false-positives are a bit annoying. I had the TV trigger the satellite’s wake word detection several times. And sometimes it’s above whatever threshold and the Home will do random things. Wonder how this performs. But I guess if I can tune the parameters, I might as well try.

Uh. I don’t know the exact mechanisms behind Google Analytics. But if I had to take a guess, I’d say installing an Addon to tell the JavaScript not to report anything, doesn’t sound like the most clever solution?! I’d rather block that entire tracking library, and prevent it from running in the first place. Any AdBlocker should be able to accomplish that.

Kind of questionable IMO why this Addon even exists… Maybe they’re forced by law (somewhere) to offer a general opt-out like this. Or it makes sense to offer some minimal solution so users might use this rather than something more effective, developed by a third party?!

Just read the robots.txt and obey the rules. Also set your user agent string properly. We’ve had crawlers forever on the internet and that’s the long accepted way to give consent or revoke consent, for website owners. Either you match a disallow directive and need to stop. Or you’re completely fine to scrape it.

Thanks for the link! But I’m afraid it doesn’t tell me much. a) FreeBSD isn’t even on the list, so I don’t know the numbers to compare it to. and b) there’s things like survivorship bias. Looking at numbers like this is literally the textbook example of how to do it the wrong way. You have to do statistics the proper way around. For all we know by those numbers, Linux could be the best battle-tested OS in the world. I mean they fixed 3 times as many vulnerabilities as Microsoft did for any of their products?!

Sometimes I wish people would back up their factual claims with numbers and studies.

Also: FreeBSD phone, when??

Thanks. Sadly I can’t even get the latest version to work. It does find the other peer and loads the chat interface, but doesn’t open a data channel, so it’ll say “not connected” and do an error popup everytime I try to send a message. And I’ve spend enough time debugging it for now.

Just some general words of my wisdom: I think software projects are first and foremost about focus. I don’t really know what you’re trying to do here. If that’s writing a cryptography library, I think focus is about right. You first need to lay down the design properly. Make sure you factor in advanced tech like formal proofs from the start. After that you need to write the actual code. And then also make sure it aligns with your testing. I mean it’s fairly common to make mistakes while writing computer code, or have bugs… And any of those could render your more formal methods useless. For example like that one time when some Debian package always sent the same random number as a seed… That meant the algorithms were 100% correct. Just used in a wrong way so most of the encryption was futile. Things like that require an equal amount of focus. If not more, since we already know how Double ratchet works, the important part is to implement it correctly and use it correctly. That deserves a massive amount of focus (and effort). It’s also the major part of a security audit of a software project as a whole.

We also have things like sidechannel-attacks, which aren’t covered. But I think that’s a minor thing with what we’re looking at.

And if you’re trying to develop a chat app, Your focus probably needs to be somewhere aimed to make it work, first. Make it connect reliably and across a multitude of devices. Cryptography is pretty much dispensable at that step. Then focus on the UX. Make sure it’s not vulnerable to just bypass any subsequent encryption because for example you don’t have script nonces and everyone in the chat can inject JavaScript and just bypass your entire encryption.
Think about metadata and if your software product wants to address that. You could be doing encrypted messages but all kinds of third parties know who is talking to whom… Make sure you do what your users expect!

And I think that’s also the reason for some of the downvotes here. You have a narrow focus on the formal proof of your encryption algorithm. While your audience probably expects a working Chat app. For all they care it could be entirely unencrypted in the alpha version, and encryption comes in a later version. We as users need something that works in the first place. We want to know what happens to our metadata. If there’s security vulnerabilities in the software. And once all of that is in place, then we start to worry about the specifics of the end-to-end-encryption.

Probably also related to the AI-slop argument. I don’t really know what shaped your focus. But it must look to your audience like you’re deep in some singular rabbit hole, because you write about formal proofs a lot. But then there’s this huge disparity with what your audience assumes you’re doing, or what you have to show off. Just my opinion. But it’s kinda like that for me. You write about how great AI assisted coding is, and where it led you. But then I try to use your software. And it doesn’t even connect. And that really shapes my first impression of it all, in a very negative way. I mean… If we hadn’t talked, I would have just assumed your cryptography is on the same level as your code to do the peer connections. And that wasn’t a good first impression.

I don’t think a multi billion parameter LLM counts as proper machine translation… That’d be something like Argos Translate or the models from Mozilla’s Bergamot Project. Seems they’re the ones used in the open source Android App linked by TheLeadenSea.

Sorry, I just saw the recommendations. I’m using a Matrix server myself. And it’s connected to the internet, since I use it 24/7 and on my phone, etc.

I guess technically, most protocols can be used in an internal network. But maybe you’ll need to put in some extra effort, for example if a platform requires SSL certificates or something like that.

I mean you could try… If it asks for a hostname, just put a local hostname in. Or the IP address. Or set up a DNS entry on the router. And see if it works.

Or try something like RocketChat, or depending how your team’s workflow is, maybe you don’t want a messenger. But some (online) collaboration platform more focused on documents, like Nextcloud.

I think the added benefit of an OpenWRT router is, you get 3 more ports (for your TV, Playstation and PC), plus a Wifi network. And it’s really hard to break it. But a MiniPC with OPNsense, of course will be more powerful. And some more advanced things have been notoriously difficult to set up in OpenWRT, maybe OPNsense does it a bit better.

I think some people here recommended Snikket. It’s supposed to be easy to install and modern. I don’t know what components it’s made up of. It’s a dockerized XMPP server + Apps.

I dislike it. Usually I’d use packages from my Linux distribution. Or package it myself and maybe upstream the effort if my distro has a user repository. Now (this way) it’s down to everybody download random files from the internet and execute them. Specifically what every Linux tutorial instructs you not to do. Plus there’s no updates, no security, no version control or transparency. It’s not licensed in any free way, so I can’t fix it or adapt it to my liking, I can’t help you write better Python code…

But it’s your software project. You’re perfectly fine to do whatever you want with it. And it’s certainly commendable to write software, whether you do it for yourself, or put it out there in some way.

To give some perspective: BitTorrent was released in 2001. So in the 90s, you’d be looking at some precursor to that. And the first CD recorder to cost less than $1000 was sold in 1995. Before that, they’d cost something like a car.

We definitely shared and copied a lot of floppy disks back then. And music on tapes.

Yeah, It’s a weak point anyway. While the graphs aren’t detailed research. There’s also no reason to believe dbzer0’s perspective on the same network includes 8 times as many new users as LW for some reason. Or all the users in their communities have 8x worse karma for some external reasons. So we probably need further research.