To be fair, he was pointing out that the invisible "credentials in cookies" issue was much harder to get fixed:
The turnstiles were visible. They were expensive. They disrupted everyone's day and made headlines in company-wide emails. Management could point to them and say that we're taking security seriously. Meanwhile, thousands of employees had their Jira credentials stored in cookies. A vulnerability that could expose our entire project management system. But that fix required documentation, vendor approval, a month of convincing people it mattered. A whole lot of begging.
Again, not security theater. Signs of general dysfunction yes. Embarrassing. Fun to tease about for sure.
Aside: the more times I re-read the article the more annoyed I am with the self-righteous tone. It feels like the author is mimicking the style of legendary Usenet posts, but the story just isn’t that interesting and the writing not that witty, it falls flat.
I’ll take your word for that. I don’t know how to tell. But I did notice that the writing was conspicuously terrible throughout. Entire sentences make no sense, such as “I'd slip in suspiciously while they contemplated the email that clearly said not to let anyone in with your own card.”
The last two paragraphs are mainly what stood out. I've spent hours trying to get LLMs to stop writing like that. It's hard because you can't just say things like "don't write lists of three items" because sometimes you want a list of three items. The rest of the text could be written by a person as it's kind of disjointed, but that could also be the result of trying to prompt out the AI-isms.
> The reasoning, I think, was that humans can drive using sight and a little bit of sound, so an AI should be able to do this too.
If memory serves, a few years ago the official position, on a Karpathy presentation, was that if radar contradicted vision they would have to discard one, so they would stick to vision only.
I could never swallow that argument - seems obvious that a radar failsafe would keep you from making bad vision errors ...
>> we need more fiction examples of positive AI superintelligence
Neal Asher did pretty well with his Polity universe. Besides AIs with some capacity for playful violence (Agent Cormac thread, but always there), we also get crablike aliens (the Prador war) and very weird biology (in particular the Spatterjay water world).
I got curious what Trey Harris (the original 500 mile story teller) was up to these days, but Google mostly finds me a football player born around that time (2002).
> Why would a network operator allow caller ID to be so easily spoofed?
Our protocols are descended from the postal system - the sender is a bit of text written on the wrapper.
Certifying that is out of the scope of delivering to the addressee. It would involve back and forth with an authority - e.g. showing someone your id before being allowed to post a letter.
Spy Magazine in its time (mid 80s to mid 90s) had an amusing section titled "Logrolling in our time". Usually featuring mutually favorable blurbs by pairs of writers.
And a lot of those are not "tea" (with theine/caffeine), they're herb infusions such as mint, hibiscus, chamomile, etc. You can drink as much as you want without getting the typical caffeine buzz.
I particularly like the Morocco Mint & Spices that Lipton sells.
The turnstiles were visible. They were expensive. They disrupted everyone's day and made headlines in company-wide emails. Management could point to them and say that we're taking security seriously. Meanwhile, thousands of employees had their Jira credentials stored in cookies. A vulnerability that could expose our entire project management system. But that fix required documentation, vendor approval, a month of convincing people it mattered. A whole lot of begging.