Working at front lines of the IT and having fun there. Been around the Internet since 1992 and still in awe what has become of that little baby. Currently wanted for repeated "Nerd Sniping" on all continents.
Personal interests:
- IT Security - Computer Games & TTRPGs - Cycling - Cooking & Baking - Books, Movies, TV-Series (mostly F&SF) - Everything that blinks, has buttons to press and looks remotely gadgetoid
Everything i write, post, tweet, blog or blurp is just my personal opinion and is not the opinion or policy of my employer, my cat or my goldfish.
I post in English and German. Will try to mark each post correctly, but errors happen. Sorry for that.
I appologize if I am not following you back. This happens as my stream is already getting more posts than I can read.
Every day I scroll through my feed and I see proud announcements like:
“First Alpha Relase of HyperTurboWidget available"
or
“Version 2.7.1 now with improved glorb handlers!”
or
“Flux Capacitor version 4.5 is out”
… and I sit there wondering if I should be excited, terrified, or calling a licensed electrician.
Don’t get me wrong, I love open source. I just have no idea what three quarters of these projects actually do. Are we talking about a web server? A file system? A middleware thingy that keeps the flux from overflowing into the space–time continuum?
So, dear OSS developers of the world: When you announce a new release, please give us (your adoring but slightly confused audience) just a tiny bit of context. Tell us what your software does. Tell us why this release is cool. Tell us what it requires to work.
Example:
We are proud to announce Flux Capacitor version 4.5 is now avalaible. While it creates a nice wormhole to 1955, it requires an underlying gigawatt stack 1.21 to work reliably.
Because nobody wants to cheer enthusiastically for “v2.7.1” while secretly Googling “what is a glorb and why does it need handling”.
I notice in a lot of discussions that I need to write down how I proceed when something new or revolutionary is announced in the press or the internet. So here it comes....
I regularly use AI to discuss the texts I’m writing. For example, I want to see whether the AI understands what I was trying to say and how I played with certain ideas. If it doesn’t get it, maybe I should adapt my phrasing.
Sadly, the AI is often better at recognizing allusions than the average reader.
Sometimes I know an exact quote, but only in a different language from the one I’m writing in. That’s something I can verify with AI far more easily than with a search engine.
I don’t always have the right people around to discuss an idea with. An AI is no substitute for a competent expert on the topic, but it’s still far more useful than just letting the idea bounce around in my head for hours. It’s too crowded in there anyway.
My biggest issue when working with AI is that I’d prefer a grumpy professor over a cheerleader. AI feedback tends to be far too positive, and it doesn’t clearly separate important criticism from minor stylistic notes.
In my experience, AI works best on small text segments and when given plenty of context. Asking it to write long pieces is just asking for it to go off the rails. So I try to discuss it in small pieces.
But most important of all: I take full responsibility for everything that comes out at the end. This goes far beyond avoiding hallucinations, it has to say exactly what I intended to say.
That’s also what I expect from others who use AI. I don’t mind AI artifacts like the “rule of three.”
I’d rather see a mediocre AI-generated picture at the top of a post than an advertisement with 397 tracking cookies attached. But be aware: it still reduces the quality of your statement.
What I can’t stand is text being inflated by AI from a half-statement just to fill a page. And if you use AI, you’re responsible for keeping it on the rails. If the AI spews nonsense under your name, I’ll treat it as if you had written it yourself.
So, in summary: I judge any text primarily by its intrinsic value. Does it provide new information, and is it dense enough? Do I like the style? Is it consistent and coherent?
If yes, I don’t care whether you used a pen or ChatGPT.
If not, any use of an AI was simply a waste of resources.
【How to handle a responsible disclosure you get from me?】
Let’s assume you run an IT service or deliver some kind of device to customers, and you receive a report from me informing you about a security problem in your service or device. This can —and has—happened to some of the best in the industry. So, you're not alone.
Now you're wondering: What should you do with this disclosure?
Rejoice: This post is here to guide you through the process.
Vielleicht mag sich der eine oder andere Wundern, warum ich via Mastodon so viele Sachen verschenke.
Ich versuche damit eine Schwäche von mir zu kompensieren, den schnellen Zeigefinger. Immer wieder sehe ich Geräte und denke, das könnte ich doch gebrauchen. Und schwups habe ich die hier liegen.
Am Ende liegen dann die Dinge bei mir 1, 2 oder auch 10 Jahre rum und werden nicht gebraucht. Wegschmeissen will ich es nicht, weil die Geräte sind in der Regel noch gut brauchbar.
Daher freue ich mich ehrlich, wenn das jemand anders noch gebrauchen kann.
Ich will nix in Retour, noch nicht einmal die Portokosten. Das ist mir ernst.
Wenn Ihr mir danken wollt: dann schmeißt das nächste Mal brauchbare Sache nicht weg, sondern sucht selber nach einem Weg, die an jemanden zu geben, der damit noch was anfangen kann. Auch wenn es ab und zu etwas mehr Mühe kostet...
Danke, Martin
P.S. Ich verwende das Hashtag #martinverschenkt um die Posts zu markieren, wo noch Sachen zu haben sind.
Every day I scroll through my feed and I see proud announcements like:
“First Alpha Relase of HyperTurboWidget available"
or
“Version 2.7.1 now with improved glorb handlers!”
or
“Flux Capacitor version 4.5 is out”
… and I sit there wondering if I should be excited, terrified, or calling a licensed electrician.
Don’t get me wrong, I love open source. I just have no idea what three quarters of these projects actually do. Are we talking about a web server? A file system? A middleware thingy that keeps the flux from overflowing into the space–time continuum?
So, dear OSS developers of the world: When you announce a new release, please give us (your adoring but slightly confused audience) just a tiny bit of context. Tell us what your software does. Tell us why this release is cool. Tell us what it requires to work.
Example:
We are proud to announce Flux Capacitor version 4.5 is now avalaible. While it creates a nice wormhole to 1955, it requires an underlying gigawatt stack 1.21 to work reliably.
Because nobody wants to cheer enthusiastically for “v2.7.1” while secretly Googling “what is a glorb and why does it need handling”.
I notice in a lot of discussions that I need to write down how I proceed when something new or revolutionary is announced in the press or the internet. So here it comes....
I regularly use AI to discuss the texts I’m writing. For example, I want to see whether the AI understands what I was trying to say and how I played with certain ideas. If it doesn’t get it, maybe I should adapt my phrasing.
Sadly, the AI is often better at recognizing allusions than the average reader.
Sometimes I know an exact quote, but only in a different language from the one I’m writing in. That’s something I can verify with AI far more easily than with a search engine.
I don’t always have the right people around to discuss an idea with. An AI is no substitute for a competent expert on the topic, but it’s still far more useful than just letting the idea bounce around in my head for hours. It’s too crowded in there anyway.
My biggest issue when working with AI is that I’d prefer a grumpy professor over a cheerleader. AI feedback tends to be far too positive, and it doesn’t clearly separate important criticism from minor stylistic notes.
In my experience, AI works best on small text segments and when given plenty of context. Asking it to write long pieces is just asking for it to go off the rails. So I try to discuss it in small pieces.
But most important of all: I take full responsibility for everything that comes out at the end. This goes far beyond avoiding hallucinations, it has to say exactly what I intended to say.
That’s also what I expect from others who use AI. I don’t mind AI artifacts like the “rule of three.”
I’d rather see a mediocre AI-generated picture at the top of a post than an advertisement with 397 tracking cookies attached. But be aware: it still reduces the quality of your statement.
What I can’t stand is text being inflated by AI from a half-statement just to fill a page. And if you use AI, you’re responsible for keeping it on the rails. If the AI spews nonsense under your name, I’ll treat it as if you had written it yourself.
So, in summary: I judge any text primarily by its intrinsic value. Does it provide new information, and is it dense enough? Do I like the style? Is it consistent and coherent?
If yes, I don’t care whether you used a pen or ChatGPT.
If not, any use of an AI was simply a waste of resources.
This is a valuable lesson for any manufacturer: never awaken the nerd sleeping inside your customer, because his wrath shall be terrible.
In this case the warning was quite literal.
The company annoyed a buyer enough to push him into full blown nerd mode. He tore the product apart, reverse engineered every part, and then published a step by step guide showing exactly how to disable "kill switch" that prevented the use of the product without the vendor spying on the user.
What started as a minor grievance became a public, technical exposé that left the maker exposed and embarrassed.
Moral of the story: underestimate your users at your own peril.
Update: This post seems to have struck a nerve and went very wide. As I will not be able to answer every comment, I want to add a few points: The linked article was not written by me. It came to me on a different channel (Discord). I only wrote the post on Mastodon. The top image in the article looks AI generated. It is no a good image, but in my view less irritating than an advertisement (which is far more common). Some people suggest the article itself is AI generated. I don't think this is the case. I wouldn't rule out he author wrote the text in a different language and used AI for translation assistance. The claims in the article are not fully backed by the linked repo, but the general statement is correct and IMHO important.
Wenn Euer Windows die nächsten Tage einen Bluescreen schmeißt und es danach den Bitlocker-Wiederherstellungsschlüssell will: das sind die Updates von Microsoft.
Das Angebot übersteigt zwar den Börsenwert Perplexitys deutlich […]
Ich habe solche Deals schon einmal gesehen und das war während der Endphase des DotCom-Booms um 2000 herum. Ich muss mal meine eigenen Innenansichten aus der Zeit mal aufschreiben.
Martin Seeger