Notices by Coyote (coyote@social.singing.dog), page 3

@Moon @kaia The base stable diffusion model has some semblance of that with it’s natural language approach to prompts (e.g. “a dog wearing a hat riding on a motorcycle”), but basically everything people have trained on top of it uses booru tags. You’d think someone would start an incentive to write descriptive texts so there’d be training data beyond those.

SoFurry fell to the AI scare and placed a total ban on AI art, and here I thought they were playing it smart by just not addressing it. Of course, the only visible change was that a dude had to strip out all the illustrations from his story and a popular AI account that posted like once a week is going away.

@alex @e9b30713f9c2cd216e96b392ca191f2024f2928d15e6bc6c8fa065aa76bfedf4 @graf Do relays have a max post length? Could someone, for example, post the whole Bee Movie as a data URL ??

It’s weird how some mod makers are compelled to implement crude DRM into games.

@arcanicanis @silverpill My example’s a humorous schizo exaggeration, but one could do it with a cellular modem or some passive antenna that only transmits when energized by a specific frequency, akin to the Great Seal bug.

I’m somewhat interested in this stuff as means to proliferate public/private key authentication. I see the utility of bespoke hardware, but I’m not too interested in using it.

I would’ve liked for the FIDO standard to have included a way for the authenticator to interrogate an RP server in someway. It’d be better to have the ability to use alternative sources of trust than to relay on a FIDO server existing in perpetuity.

@arcanicanis @silverpill There is the possibility of a MITM attack on the initial public key exchange appearing more “authentic,” but device attestation does seem pretty mundane in what it adds or loses in terms of security.

The article you shared talks a whole lot about using it as a source of metadata, but the possibility of dumping keys points to it only really being useful to alert users that their hardware has insecurities: “hey, your authenticator’s know to phone the FBI whenever you login; you should probably get a new one.”

I just can’t shake the feeling that Microsoft, Apple, Google, etc. will someday use it to force hardware onto people. “Sorry your token is too insecure for <service>. Please use a token with DNA authentication to continue.” Again, software solves it, as it did with TOTP, but it’s still annoying having to have password managers act as USB devices.

@arcanicanis @silverpill I’m getting a feeling that device attestation is going to be used incorrectly to whitelist specific hardware (force some hardware feature like bio-metrics) and someone’s going to get burned by a software implementation and dumped keys.

@volpeon

@alex @graf @Moon @zero The post from the image isn’t real (the front end won’t accept it, and I’m too lazy to specially craft it), but it’s based off of this one https://bae.st/notice/AQ0i0s5q5tL4xLzW40 that does have a div on its local instance and my own.

@alex @graf @Moon @zero Disabling inline images is likely not a complete fix for this by the way. At least with Pleroma, the main problem is that somehow a div isn’t getting scrubbed out, so just removing imgs isn’t going to stop someone from doing pic related.

@arcanicanis I don’t know if it’s still the case, but be careful with Iron Wolf 8TB drives. I got 8 of them last year to replace some SMR ones, and they run really hot. The old ones peaked around 40 degrees whereas the Iron Wolves have hit 60 degrees under the same conditions. I’ve had the airflow temperature S.M.A.R.T. attribute go off a couple times already. They already get the freshest air being right behind three fans, so I’m honestly considering getting so small heatsinks to epoxy onto them to try and help.

@shadowferret @arcanicanis It could be people parking usernames or the 80/20 rule rearing its head again.

@sjw Connect through Tor to waste the FBI’s time.

@KingDeadWolf Join an instance that has a PleromaFE.

@arcanicanis

…despite how time-consuming and monumental that objective sounded in the beginning. And I got there. It was very rewarding to me…

I’ve been curious about this; many of times I’ve seen people describe overcoming a challenge in a video game as rewarding or satisfying, and I’m not sure I understand what they’re saying. Does the feeling come from some epiphany in understanding of game-play mechanics? Maybe I’m broken, but the only times I’ve felt satisfied, beyond filling a base need, was having a hypothesis turn out to be true: annoying a chess player by blocking his strategy 5 moves out, fixing a double click issue on an old mouse by bending its spring into shape, etc. Granted, it can happen in a videogame, but never from getting the feel for something.

@freemo @Romaq Where did you learn the phrase “Free Speech” from? Truthfully, what did you think it meant? It’s not just you, but I’ve been seeing people over and over again singing its praise, yet when it comes to actually demonstrate the principle where it’s needed most, it gets abandoned.

@arcanicanis @PhenomX6 @ryo

if server implementations don’t explicitly filter it, it can be done.

I guess that’s a better question: are there any ActivityPub clients that tolerate bare IPs? IIRC email also supports bare IPs, but no one is willing to take mail without a domain, so the ability is moot. I would have expected to find someone posting from an IP, but I haven’t seen it yet. I might have to try it myself.

As for having the ID tied to a specific IP, I’ve seen enough dirty migrations that I think a sizable amount of people just don’t care. It’s sad that ActivityPub chose URIs as a means of identification instead of something more location agnostic like public/private key signing.