It’s like the map from an angle without a specific destination. Helpful for showing the surrounding map area.

If you’ve driven a car with a built in map display, it’s basically that but for your phone.

Robots.txt isn’t even a rule, it’s a request.

“Please do not ask for the following content if you are a robot”.

If you don’t want someone to look at your content, you ultimately have to not give it to them, not just ask them to not ask.

CEOs of companies that are adjacent to technology desperately want to ensure that their company isn’t seen as “outdated”, almost more than they want to actually not be outdated.

So when a technology comes that everyone in tech leadership is saying is the bestest, they want to make sure everyone knows they’re totally with it, whatever the cool kids are talking about.

Hype train goes chugga chugga.

As the hype train slows, they still need to be onboard, but they set expectations based on what their people are actually telling them.

So this is the CEO yelling to do something, and then the news slowly percolating back from the tech people that they can, but only a handful of projects can do so in a way that makes sense, has impact, and doesn’t disrupt a timeline or budget in a way that requires shareholder disclosure.

Everyone ate it too. The mockery was because

• they were messy to eat
• they were staples commonly eaten
• they were made and sold by black people early in their steps of economic independence following slavery.
• racism doesn’t have to make sense.

If you hate someone, anything they do can be something you use to express your hate, even if you do it to.

Oh, to me it just doesn’t remotely look like they’re interested in surveillance type stuff or significant analytics.

We’re already seeing growing commercial interest in using LLMs for stuff like replacing graphic designers, which is folly in my opinion, or for building better gateways and interpretive tools for existing knowledge based or complex UIs, which could potentially have some merit.

Chat gpt isn’t the type of model that’s helpful for surveillance because while it could tell you what’s happening in a picture, it can’t look at a billion sets of tagged gps coordinates and tell you which one is doing some shenanigans, or look at every bit of video footage from an area and tell you which times depict certain behaviors.

Looking to make OpenAI, who seem to me to be very clearly making a play for business to business knowledge management AI as a service, into a wannabe player for ominous government work seems like a stretch when we already have very clear cut cases of the AI companies that are doing exactly that and even more. Like, Palantirs advertisements openly boast about how they can help your drone kill people more accurately.

I just don’t think we need to make OpenAI into Palantir when we already have Palantir, and OpenAI has their own distinct brand of shit they’re trying to bring into the world.

Google doesn’t benefit by selling their data, they benefit by selling conclusions from their data, or by being able to use the data effectively. If they sell it, people can use the data as often as they want. If they sell the conclusions or impact, they can charge each time.
While the FBI does sometimes buy aggregated location data, they can more easily subpoena the data if they have a specific need, and the NSA can do that without it even being public, directly from the phone company.
The biggest customer doesn’t need to pay, so targeting them for sales doesn’t fit, whereas knowing where you are and where you go so they can charge Arby’s $2 to get you to buy some cheese beef is a solid, recurring revenue stream.

It’s a boring dystopia where the second largest surveillance system on the planet is largely focused on giving soap companies an incremental edge in targeted freshness.

Well, I’d contend that the same expertise isn’t just readily available. Yes, he’s uniquely positioned for connection to the surveillance apparatus, but the reputation of being the federal governments head security is also a unique credential.

Yes, neither of us is responsible for hiring someone for the OpenAI board of directors, making anything we think speculation.

I suppose you could dismiss any thought or reasoning behind an argument for a belief as “reasons” to try to minimize them, but it’s kind of a weak argument position. You might consider instead justifying your beliefs, or saying why you disagree instead of just “yeah, well, that’s just, like, your opinion, man”.

I just learned about some of the additional context from another comment, so it definitely might not be part of this branch in the narrative. Having spent at least a little time and energy developing the weapon, they’re not gonna just waste it, and having filled out the budget paperwork for a charity donation, it’s was also going to happen one way or another.

It’s not bad or anything, it’s just how you tell a story involving unpredictable interactions, “being a business that has a budget and employee salaries”, and also the PR 101 lesson of “never withhold charity”.

Those aren’t contradictory. The Feds have an enormous budget for security, even just “traditional” security like everyone else uses for their systems, and not the “offensive security” we think of when we think “Federal security agencies”. Companies like Amazon, Microsoft, and Cisco will change products, build out large infrastructure, or even share the source code for their systems to persuade the feds to spend their money. They’ll do this because they have products that are valuable to the Feds in general, like AWS, or because they already have security products and services that are demonstrably valuable to the civil security sector.

OpenAI does not have a security product, they have a security problem. The same security problem as everyone else, that the NSA is in large part responsible for managing for significant parts of the government.
The government certainly has interest in AI technology, but OpenAI has productized their solutions with a different focus. They’ve already bought what everyone thinks OpenAI wants to build from Palantir.

So while it’s entirely possible that they are making a play to try to get those lines of communication to government decision makers for sales purposes, it seems more likely that they’re aiming to leverage “the guy who oversaw implementation of security protocol for military and key government services is now overseeing implementation of our security protocols, aren’t we secure and able to be trusted with your sensitive corporate data”.
If they were aiming for security productization and getting ties for that side of things, someone like Krebs would be more suitable, since CISA is a bit more well positioned for those ties to turn into early information about product recommendations and such.

So yeah, both of those statements are true. This is a non-event with bad optics if you’re looking for it to be bad.

Yeah, there are a ton of security experts. But none of them are the former head of the NSA.

Snowden is not exactly a font of expertise in this area, so I’m not sure that his opinion is particularly relevant. His only actual relevance is that he had access to classified data. He had no role in policy, and never had anything to do with business hiring practices.

My bet, given how you budget for this type of PR stuff, is that it was basically the players picking the story that got told while they got a new weapon and a charity donation happened. Like if the players hadn’t chosen to do so, there would have been some contrivance for someone certainly has to save the children. Since they saved them, now the children will get together and give you this thank you gift, or something.

Illusion of choice, but not in a bad way.

“in exchange for this code all you must do is know, deep in your heart, that none of this is my fault as the person in charge of talking to the code distributor. I checked that form at least three times and I’ll be damned if I let a few thousand people think I messed up” – A paragraph that was definitely present in the first draft of the message.

That’s not the case, you just need to be able to make an outbound connection.

The minutiae of how certbot works or if that specific person actually did it right or wrong is kind of aside the point of my “intended to be funny but seemingly was not” comment about how sometimes the easiest solution to implement is the one you remember, even if it’s overkill for the immediate problem.

It’s a bit of a non-story, beyond basic press release fodder.

In addition to it’s role as “digital panopticon”, they also have a legitimate role in cyber security assurance, and they’re perfectly good at it. The guy in question was the head of both the worlds largest surveillance entity, but also the world’s largest cyber security entity.
Opinions on the organization aside, that’s solid experience managing a security organization.
If open AI wants to make the case that they take security seriously, former head of the NSA, Cyber command and central security service as well as department director at a university and trustee at another university who has a couple masters degrees isn’t a bad way to try to send that message.

Other comments said open AI is the biggest scraping entity on the planet, but that pretty handily goes to Google, or more likely to the actual NSA, given the whole “digital panopticon” thing and “Google can’t fisa warrant the phone company”.

Joining boards so they can write memos to the CEO/dean/regent/chancellor is just what former high ranking government people do. The job aggressively selects for overactive Leslie Knope types who can’t sit still and feel the need to keep contributing, for good or bad, in whatever way they think is important.

If the US wanted to influence open AI in some way, they’d just pay them. The Feds budget is big enough that bigger companies will absolutely prostrate themselves for a sample of it. Or if they just wanted influence, they’d… pay them.
They wouldn’t do anything weird with retired or “retired” officers when a pile of money is much easier and less ambiguous.

At worst it’s open AI trying to buy some access to the security apparatus to get contracts. Seems less likely to me, since I don’t actually think they have anything valuable for that sector.

I think they generated real certs, rather than self signed.

This is confusing to me, because the point of the request seems to be “get a certificate”, not “get a self signed certificate generated by running the openssl command”. If you know how to get the result, it doesn’t really matter if you remembered offhand the shitty way or the overkill way.

Is it really more helpful to say “I remember how to do this, but let me lookup a different way that doesn’t use the tools I’m familiar with”?

Do you think that, in this example, using certbot is fucking shit up, or breaking something?

The thing about overkill is that it does work. If you’re accustomed to using a solution in a professional setting, it’s probably both overkill and also vastly more familiar than the bare minimum required for a class project that would be entirely unacceptable in a professional setting.

In OPs anecdote, they did get their certificates, so I don’t quite see your “intentionally fucking things up” claim as what’s happening.

I’ll be honest, I’ve had times where there’s the “simple” solution, and “the solution I remember off the top of my head”, and 10/10 the one that’s happening is the one that I remember because I just did it last week.

I have no desire to google the arguments for self signing a cert with openssl, and I cannot remember which webserver wants the cabundle and the public cert in the same file. If I had done it even kinda recently I’d still remember what to poke in the certbot config.

They know what they’re trying to do, which is to bait people into spending money on their platform so they can have revenue numbers to show developers to get them to release on their platform to get people to want to spend money with them without bait.

Taking the bait but not getting caught in the trap isn’t quite pulling one over on them, but it’s also not what they were hoping for, so it’s not not taking advantage.

I don’t know what to tell you beyond “in the US, not all licenses are transferable”. Different countries have different laws.

It’s a pretty well trod area of law, so it’s not really contentious that it’s a legal license term in the US.
https://www.shadesofgraylaw.com/2009/12/14/cant-transfer-this/ is an example. It’s less tested for consumers.

The lawyers are definitely there to protect the company. No lawyer is ever there to follow the intent of the law, because it’s the letter that matters in almost every circumstance.
Knowingly adding an illegal term to the terms of the agreement is a great way to not only fail to protect the company, because the entire thing might get tossed out, but to risk professional consequences.

Even the Microsoft terms of service say “non-transferable unless you’re in Germany or other EU jurisdiction where such clauses are unenforceable”.