That seems to be the terms for the personal edition of Microsoft 365 though? I’m pretty sure the enterprise edition that has the features like DLP and tagging content as confidential would have a separate agreement where they are not passing on the data.

That is like the main selling point of paying extra for enterprise AI services over the free publicly available ones.

Unless this boundary has actually been crossed in which case, yes. It’s very serious.

Don’t touch that, it’s a load bearing 100Mbit switch.

That is kind of assuming the worst case scenario though. You wouldn’t assume that QA can read every email you send through their mail servers ”just because ”

This article sounds a bit like engagement bait based on the idea that any use of LLMs is inherently a privacy violation. I don’t see how pushing the text through a specific class of software is worse than storing confidential data in the mailbox though.

That is assuming that they don’t leak data for training but the article doesn’t mention that.

Wait, are they saying that when hosting services based on open source you can just refer to the source to explain how data is processed? Or am I missing something?

Because realistically that is still a quite high bar for anyone who wants to understand how data is processed compared to requiring a privacy policy.

The question can go the other way as well; what proof does people have that Discord is outright lying in their communication? All the communication indicates that they have actually taken steps to minimize the privacy impact. Importantly using local processing and only storing if it’s successful or not, even if that means that it can likely be bypassed (important web dev rule, never trust the client side).

Now introducing the Persona system is very concerning, and also a reason I don’t think it’s an overreaction anymore. Even if they claim they only save the data for longer than 7 days, the connection to Palantir and Peter Thiel is extremely troubling and erodes the trust. I mean it comes down to me not trusting them as much as Discord.

To expand on your question on why they wouldn’t be as evil as possible, it comes down to whether or not you believe that all developers and product managers are evil or not. I have worked for a decade for a few IT heavy companies and yeah, there are shit going on, but it’s mostly due to laziness, or product managers wanting numbers and pretty graphs of user behaviors (when it comes to privacy and data sharing).

The leak of the 70k UK identities is an interesting case. It’s often framed as if the processor was hacked but it was actually the normal support system where they handled appeals. The real mistake was that Discord didn’t properly think through appeal handling and it is probably attributable to a mistake/laziness then intentional malice.

Of course a bit different for the macro social networks, whose primary income stream is selling ads and they want to build behavior profiles because that allows them to argue that advertisers get more value out of their platform. The point I want to make is that your real name and photo doesn’t actually have any value for the companies, because they already do have everything they need from your activity. It does have risks and liabilities though if nothing else due to GDPR.

This article feels a bit like ragebait.

Yes, this happened once with a company that went bankrupt 2 years after launching their product. They seem to have designed an exceptionally poor product. How does this mean that the enormous engineering failures of this small startup applies to all other car brands?

Most cars have a very clear separation between core driving software and the infotainment, and the vast majority will never have any software updates so what works, will continue to work (or the other way around). At worst you’ll loose stuff like remote commands, wheatear info, list of charging points/map updates… Things that are kind of dynamic and needs to be regularly updated.

The rules only matter if the admins adhere to them and enforces them consistently.

It sounds like you are assuming that the wallet needs to re-validate each session and I don’t see why this would be needed. Each user account would just need to validate their age once then the website operator could store this in their database. If you’ve validated once you can be sure the user keeps being old enough.

They’re probably not going to use it…

… but if they do it’s going to be a hell of a good starting point in motivating people to leave Facebook

I believe something like this is supposed to be a use-case of the digital EU Wallet. A website is supposed to be able to receive an attestation of a users age without nessecarily getting any other information about the person.

https://en.wikipedia.org/wiki/EU_Digital_Identity_Wallet

Apparently the relevant feature is Electronic attestations of attributes (EAAs). I’m not really familiar with how it will be implemented though and I am a bit afraid of beurocratic design is going to fuck this up…

Imo something like this would be magnitudes better than the current reliance of video identification. Not only is it much more reliable, it will also not feel nearly as invasive as having to scan your face and hope the provider doesn’t save it somewhere.

För Discord tror jag det beror väldigt mycket på hur aktivt chatten är. För större servrar så håller jag absolut med dig om att det blir för mycket och saker bara försvinner. Men för mindre instanser, typ där det bara är ens närmaste vänner så fungerar upplägget väldigt bra. I instanser med mindre aktivitet tror jag att någonting som är mer tvingande att skapa trådar mest skulle få diskussioner att kännas fragmenterade.

Samtidigt så är det nog många communities som använder Discord vara för att det är stort, även om det inte nödvändigtvis är det bästa alternativet.

A big thing is that all your voting activity, while we it appears private is actually"broadcast" to all the servers in the fediverse without any actual verification of who runs it. I learned this after setting up an instance and finding out that it’s possible to list all votes on any post, not just activity on my instance. So I’m not sure if privacy is actually a good selling point.

Is there really a lot of AI generated doorbell camera videos out there? I can’t remember anything posted but then again maybe that just proves the point.

Then again the low resolution does make it much easier to hide typical artefacts and issues so I don’t think it proves anything.

More relateable than I would like it to be…

That’s not all, though; some users are also unhappy not just with the age verification process itself and the security of their data, but also the people bankrolling Persona, which includes the investment fund of Palantir founder, Peter Thiel. Palantir is the data and surveillance company currently used by US federal agencies, including ICE, and Thiel’s name appears 2000+ times in the Epstein files.

I used to think that people were massively overreacting about all this, but this is some pretty fucking suspicious connections.

They can absolutely run the verification code client side, but they can’t really fully trust the data being provided from client side since the client might be manipulated or a 3rd party client may have reverse engineered the API to bypass the verification.

Probably they made the decision that it’s worth it to protect privacy (you know the thing people have been complaining about) weighed against that most teens probably won’t figure out how to bypass the system… which makes this sudden change (trial?) where it’s being sent to a 3rd party anyway kind of odd.

Vad jag har förstått så är det i princip bara att man inte kan se kanaler som är markerade som NSFW, eller om hela servern är det (kanske individuella posts går att markera som NSFW också?), samt att det ska vara begränsningar för DMs.

Står ingenting i deras information om att server ägare måste vara vuxna, men kan tänka mig att man kanske inte får ha “vuxenkanaler” i sin server om inte alla mods har verifierat sig.

Helt ärligt så tycker jag att reaktionen runt det här har varit väldigt överdriven, även om jag förstår och håller med om att video identifiering är väl typ det jobbigaste sättet att verifiera sig… men tror inte det är många som tycker att det är jobbigt nog att byta klient för att de behöver göra det en gång.

Många är snabba att peka på att de läckt all data en gång redan, men det är ju inte helt sant. Det de läckt var enbart från deras support system, när folk öppnade tickets och skickade med foto på sitt ID för att överklaga beslutet. Det säger inte riktigt någonting om det primära systemet och jag tror inte på riktigt att de skulle spara den datan speciellt länge. Låter också som att det är ett annat eller ändrat system nu när de säger att video datan bara behandlas lokalt (också intressant fråga, de litar helt på klienten? Borde göra det möjligt att helt gå runt)

Så även om jag är ett fan av konceptet av federerade nätverk, och är lite sugen på att sätta upp en egen Matrix/Synapse server för min vänkrets, så orkar jag inte riktigt driva på och övertala folk att flytta. Speciellt inte då det också verkar som att folk kan fortsätta använda de (relativt få) servrar jag är med på utan att verifiera sin ålder.

Eating Semla outside of Fettisdagen is highly unethical!

… and I’m the kind of sinner that will absolutely buy Kanelbullesemla as soon as it appears in the stores in the beginning of January.

Honestly you pretty much don’t. Llama are insanely expensive to run as most of the model improvements will come from simply growing the model. It’s not realistic to run LLMs locally and compete with the hosted ones, it pretty much requires the economics of scale. Even if you invest in a 5090 you’re going to be behind the purpose made GPUs with 80GB VRAM.

Maybe it could work for some use cases but I rather just don’t use AI.