Imaginary_Knowledge
No bio...
User ID: 1255
Imaginary_Knowledge
2d ago
Agreed. I'm not convinced the space of exploits reachable via ASI is meaningfully bigger than the space already reachable by fuzzers, code analysis, and blackhat brains. ASI hacking is a fantasy.
That said, AI tools have, are, and will "democratize" access to exploits we already have. A lot of incompetent enterprise IT deployment people are going to have to get fired and replaced with people or agents that can keep up with patches.
Imaginary_Knowledge
2d ago
"Tech talent" isn't just one thing. There's the ability to glue together lego blocks on one hand, and there's the ability to make new blocks on the other. West coast tech has tipped decisively to the former.
Over the past 15 years in the bay area tech universe, we've seen a hollowing out of hard technical skill. The slop-shipping proudly-know-nothing React SaaS archetype has become predominant.
Even at the frontier labs, the talent pool is such that Chinese model architectural improvements often arrive as surprises and force rapid catch-up. The labs aren't interested in actual innovation: when they're not up their asses in "AI safety" power fantasies or practically orgasming on Slack about how they will allocate scarcity in the coming AI command economy, frontier lab people are mostly just scaling up what they know works and putting down weird ideas that they claim won't scale.
This is the part of the country that spawned Esalan. The grift has always been strong here. But lately, it's become next level and eroded meaningful expertise. When some TypeScript weenie who has no idea for a CPU cache works overrules the guy who does on the basis of some quoted Twitter pablum about software engineering being obsolete in six months, the industry is in trouble.
Imaginary_Knowledge
10d ago
God damned it. Something about this forum curses me with typos.
Imaginary_Knowledge
11d ago
I wonder what fraction of The Motte is software people.
Imaginary_Knowledge
11d ago
Java does have a trust-me-bro mode. See https://developer.android.com/reference/sun/misc/Unsafe
That's Android documentation, but regular Java has the same facility.
Granted, Unsafe is being deprecated, but we'll have equivalently powerful FFI stuff.
Imaginary_Knowledge
11d ago
Obsolete take.
Have you looked at a modern GC like ZGC? We're talking sub-millisecond pause times now. GC performance isn't a practical problem anymore. You're repeating obsolete 20 year old memes.
Ever use an Android phone? Plenty fast UI. Android is built on Java, and it has a GC. Works fine, even at pretty low levels of the framework stack.
I'm convinced we could push a modern GC to the kernel and it would work fine there too. (RCU is already a beast of complexity and nondeterministic timing and nobody complains about that.)
Please update your prejudices to reject the current state of technology.
Imaginary_Knowledge
29d ago
Uh, yeah? Have you benchmarked?
There is a perfect defense. We're just not yet willing to pay for it.
You can write probably correct programs. Properly structure them and incorporate all the necessary invariants into their proofs, and you're immune to "cyber" attacks from humans, ASI, and God himself.
The "just ship B2B SaaS lol" crowd doesn't understand math, much less proofs. You need a combination of economic and legal incentives to see shift software methodology away from React slop and towards rigorous, robust, engineering that comes with proofs of security properties you want to enforce. It won't be easy, but it can be done.
Or you can just throw your hands up in the air and claim the problem can't be solved.
More options
Context Copy link