>> most people in the world don’t and have never lived like Europeans
> Yeah, but, as it turns out with modern migration trends, the revealed preference is that they would want to, given an opportunity. Being European, I would also prefer to live like a European.
The revealed preference is that they want to continue to live the same way, but to do it in European countries as they are nicer places to live.
The problem is that they are nicer places to live because "living like a European" is what produces these nicer places to live.
I do use Bitwarden everywhere but a couple of times the passkey prompt doesn't show it. I think that's how I got the webview for one of my google accounts stored in iOS keychain.
Passkeys are an antipattern in UX design. You want to make it simple for the users? Great! But stop treating them as too stupid to decide anything on their own. Stop locking them out of the decision loop and doing things behind their back. This is practically the corporate design philosophy of the past two decades. You can see this a lot in smartphone design.
I keep asking what advantages passkeys offer over TLS self-signed client certificates. I haven't got any answers so far. Perhaps increase the security by encrypting the private key with a password or an external token. This is safe, like SSH and unlike regular passwords, because no secrets are sent to the server. TLS certs and (encrypted) keys are more tangible and easier to manage.
Perhaps passkeys do offer some advantages over TLS certs. But can't those be added to TLS, rather than rollout an entirely new system? The infuriating part is that this facility exists in browsers. They just let it rot to an extend that it's practically unusable. Meanwhile, Gemini browsers are using it quite successfully (for those who use Gemini).
You can't be seriously claiming that self-signed PEM certificates were working well. I've been using them for years in various contexts, and they're an absolute nightmare.
Despite all their faults, for the average user, Passkeys are still miles ahead of GnuPG card, PIV, PKCS#15 etc.
Please check how the client certificate interface of Lagrange, the Gemini browser, works. It's nowhere as complicated as you make it out to be. No passkey interfaces I've seen is as clear as this one. It automatically provisions the certificate (optional. You can share certs among services if you prefer) and associates it with the correct service. So no complicated stuff. It prompts you at the correct time for permission in the clearest way possible. It's like an integrated password manager where your credentials are just files - sort of. That's all that a regular user needs to know about them. It can be exported, imported, backed up, synced, and what not.
Gemini strives to finish an entire request in a single transaction. So TLS certs are really the only option for authentication. That's how I learned the elegance of TLS client authentication workflow and started asking why this is so neglected in web browsers.
TLS based authentication is even worse. It’s the wrong layer in today’s Internet, given Cloudflare, load balancers etc.
Not everybody trusts whatever first hop terminates TLS to also do authentication, and it completely falls flat at non-repudiation for transaction approval.
You can't be seriously claiming that self-signed PEM certificates were working well. I've been using them for years in various contexts, and they're an absolute nightmare.
Despite all their faults, for the average user, Passkeys are still leagues ahead of GnuPG card, PIV, PKCS#15 etc.
Self-signed certificates are in the 'barely working' state. They operate on a wrong protocol level, and they can't be provisioned by the website itself.
If you try to describe how you _want_ the TLS client certificate UI to work, you'll end up with passkeys.
Okay. So they took a solution that was in a barely-working state due to their deliberate neglect, and still managed to give a bad new UX when they got the opportunity to rework it?
“All of the place” meaning where? There’s only a few places you can put them and they’re all more secure than passwords so it sounds like not a huge issue.
This is just marketing. It doesn't even say if you will get any money back or how much. There is a form asking you how much you overpaid, and stating maybe you will get something back. Surely they could come out and say how much they raised prices due to tariffs and promise a refund with proof of purchase? Maybe they felt that number was too small to make for a good marketing stunt?
Mostly this is just an attempt at raising their brand's profile by printing insults (demented, pedophile, etc), and obscenities (fucking, dumbass, etc) directed at Trump (a popular thing to do).
They are wrong in their initial assumption as well. CAH has done several high profile stunts like this that essentially always benefit the past and future consumers of their products.
One shouldn't forget the phrases on the cards were released under a CC license. People buy the cards because it's convenient, but one could instead print their own. And sell them, but they surely wouldn't get away with using the trademarks, which I'm realizing is actually pretty genius for CAH's public image.
The Epstein Files are revealing, not just for the crimes against humanity contained therein, but also the conversations amongst the Epstein Class about their strategy for domination and the plain text corruption.
It's time for the Epstein Trials to begin. More and more people will continue to speak up. Which side of history do you want to be on?
I thought this video was a lot better than the Veritasium video. The Veritasium video was awkward. I think they tried to follow the formula from the (excellent) blue led video that performed so well, but it just didn't work.
Disagree, I thought the Veritasium video was fantastic. You understand how the machine works in depth, the history of its development and challenges it encountered, and hear from people actively working on it. It’s a science lesson and history lesson. Like usual, they keep the video engaging and focused on the story, while still keeping a lot of depth with the science. It’s a great format
They wont take a lead becuase the ai companies have a lot more data for continual learning for their RL systems to work. I would not be untrusting of the chinese. They are way ahead of us in fusion technology and they regularly keep sharing that knowledge with us
> And yet nearly every machine learning engineer would disagree with you, which is a given away that your argument is rooted in ideology.
That's a bold statement! Of course I know the difference, in one case you are learning from correct/wrong answers, and in the other from a probability distribution. But in both cases you are using some X to move the weights. We can get down and gritty on KL divergence vs cross-entropy, but the whole topic is about "theft", which is perhaps in the eye of the beholder.
Yeah, there is a lot of advantage to having this machine because the CUDA stack is still king. My Two AMD GPUs are suffering when it comes to working with ROCm stack. I have forks of Ollama and VLLM that took many weekends to figure out.
It takes all the work out of it, you just start llama-server in the container context and you're off doing inference without having to figure out dependencies.
Oh, well awesome. Glad to see you are getting so much out of the Strix line. I am eagerly awaiting the next gen. I think that will be a tipping point in AMD’s favor. I am a bit of an AMD nerd, even though they don’t seem to love their developers as much as Nvidia.
Before anyone gives me grief my company has a strategic partnership with Nvidia, I do AMD under the cover of darkness. So I live in both worlds. I’m a bleeding heart for the under dog…if being a 360B market cap company makes you the “under dog”.
Are you basing that on your informed first hand experience, or based on your assumptions backed by no actual experience using the hardware?
I don't know what you want me to tell you, you're welcome to believe whatever you want but that doesn't change the reality I experience actually using the thing.
Benchmark numbers and first hand reviews are readily available if you bothered to look.
> According to Karpathy, vibe coding typically involves accepting AI-generated code without closely reviewing its internal structure, instead relying on results and follow-up prompts to guide changes.
What you are doing is by definition not vibe coding.
> Yeah, but, as it turns out with modern migration trends, the revealed preference is that they would want to, given an opportunity. Being European, I would also prefer to live like a European.
The revealed preference is that they want to continue to live the same way, but to do it in European countries as they are nicer places to live.
The problem is that they are nicer places to live because "living like a European" is what produces these nicer places to live.
reply