Exactly. ChatGPT is ubiquitous for the new generation of AI (LLMs) for everyone outside our of bubble. I've spoken to dozens of friends and non-techncial folks about this topic over the last year and not a single one has ever said they use Gemini, Grok or Claude.
OpenAI has by far the strongest brand and user base. It's not even close.
And, when it comes to the product they've been locked in the last few months it seems. The coding models are no longer behind Anthropic's and their general-use chat offering has always been up there at the top.
I think if we're to move to away from these US products to open source ones, then governments should also provide resources or funding to develop them using the licensing fees they save. Is the Danish government contributing back to libreoffice?
There's a lot more than just one municipality. The French government uses a lot of open source and is actively working on la suite.. The gendarmerie has been on Linux for years. Nato is using matrix (noteworthy especially because America is of course part of that)
Agreed. There should be some structure setup for open source projects to request contribution fees. Having stuff like this in plain sight might help orgs play nice.
There's an enormous amount of technical detail in this video, and VTT is a reputable organisation. I'm still unsure what to make of this. The video shows them testing a cell, not in an actual battery pack.
Just a friendly reminder also to anyone outside the US that these subscriptions cannot be used for commercial work. Check the consumer ToS when you sign up. It’s quite clear.
Non-commercial use only. You agree not to use our Services for any commercial or business purposes and we (and our Providers) have no liability to you for any loss of profit, loss of business, business interruption, or loss of business opportunity.
Lots of apps like slack and discord will show you an opengraph preview of a website if you post a link. I could of course be wrong but expect you could craft an exploit that just required you to be able to post the link - then it it would render the preview and trigger the problem.
Secondly as a sibling pointed out lots of apps have html ads so if you show a malicious ad it could also trigger. I’m old enough to remember the early google ads which which google made text-only specifically because google said that ads were a possible vector for malware. Oh how the turns have tabled.
Open Graph is a standard for HTML meta tags. Apps like Slack and Discord just make a request to the given URL (locally or in their servers) and read those tags. Then they choose how that information should be displayed. No HTML injection occurs.
Except: Spotify (through ads), Microsoft Teams (through teams apps), Notion (through user embedded iframes), Obsidian (through user embedded iframes), VSCode (through extensions), etc...
I really don't get these companies posting disingenuous benchmarks. Every time, they pick and choose who to compare against. Not comparing to the latest 5.3-codex is absurd when it's been out a couple of weeks now. Who are they trying to kid?
If you were writing a promotional post for your new model, would you include benchmarks of a competitor that's spanking you across the board? This is marketing.
What vision? Everyone and their mother has been trying to build useful AI assistants and personal CRMs since computers were invented - way before LLMs. He glued it together, and he succeeded because he executed before anyone else.
I applaud what he's done, and wish him luck trying to get this working safely at scale, but the idea that he's some visionary that has seen something the rest of the world hasn't is ludicrous.
I think that's partly the point. This is the tool that everyone wanted but couldn't quite describe. Not saying he's a genius, but he was the first to will it into existence.
For the same reason that married couples enjoy privileges that dating couples do not. The long term commitment and investment in a partner indicate and confer interest in long term stability and development.
So a permanent resident who has lived in a country, for say, 10 years? You don't think they're committed at that point and should have a right to vote on the society they are contributing to?
I agree with your point - but to answer your question, none that take _more_ than 10 years but quite a few that take 10 years. Austria had particularly tough requirements - 10 years, language competency _and_ no dual citizenship
To throw it back at you- should a couple who have been together for 10 years be afforded the same rights as a married couple?
> you don’t think they’re committed at that point and should have a right to vote in the society they are contributing to
Honestly - no, I don’t. I think that voting in a GE is a huge privilege, and it should require an explicit declaration and an acceptance from the country they are part of.
I think you should look into common-law marriage. At least in Canada, living together for 2 years, means you are much closer to being married than not.
The article you are linking to specifically says that Canada doesn't have common law marriage only that “informal cohabitation relationships are recognised for certain purposes in Canada, creating legal rights and obligations”
Then apply for citizenship, take language and, usually, constitution exam and get the citizenship.
If somebody doesn’t care enough to prove they know the basics of the language and legal system in the country… Maybe they shouldn’t have voting privilege either?
This really resonates with me. I have lived in Finland for 16 years and struggled with work-life balance whilst trying to learn one of the most difficult languages in the world. Unless you pass the language exam you can't apply for citizenship - no matter how long you've been here for.
And yet, the right-wing-ish coalition government is making hostile anti-immigration policies and increasing citizenship requirements - which I can't vote against.
This is exactly the kind of thing I'm talking about in https://news.ycombinator.com/item?id=47007145 - someone who doesn't speak the language of a country immigrates there, and then demands political rights grounded in "how long you've been here for", specifically in order to oppose attempts to limit immigration.
> trying to learn one of the most difficult languages in the world.
There's no real principled, objective way to rank languages by how difficult they are to learn, except in terms of similarity to languages the learner already knows. Finnish isn't any more difficult than English in an objective sense, you just learned one as a small child from your native community rather than as an adult foreigner.
I think you’re very unlikely to garner any sympathy here for living somewhere for 16 years without learning the language.
I also think it’s perfectly reasonable for a country to not allow someone who refuses to prioritise integration with the country to vote on loosening those restrictions. It seems the requirement is roughly equivalent to a B2 level.
I’m a bleeding heart leftie, pro migration, pro EU, and honestly I think visa renewals should come with language requirements. An initial visa sure, but after 2 years an a2 in the language should be achievable. There are definitely edge cases (do you require Spanish or Catalan in Catalonia), but if you can’t speak enough of the local
Language after 2 years to be able to get around, you’re not really trying.
I wrote a little about this here [1]. To summarise, the reality of language learning here is that unless you give up your work it's almost impossible to learn - your only opportunities to learn are evening classes which come at a cost of no social life and are completely impossible if you have kids.
It's easy for people to judge, but move here and try it yourself. It's completely different to e.g. France or Spain.
I also don't agree with one of the other commenters. Finnish is objectively more difficult for most people to learn and has its own origins - entirely different from most languages spoken in Europe. The materials are poorly developed due to the population size and lack of people teaching, and the grammar is absolutely insane.
I think I was pretty polite about but I just think you’re looking for excuses. There’s a wild wild difference between being fluent and being able to hold a conversation and go about your day. Nobody is quitting job to learn how to read a menu, or to ask where the batteries are in the supermarket.
> your only opportunities to learn are evening classes which come at a cost of no social life and are completely impossible if you have kids.
One 60 minute class a week is not “no social life”. Having kids is a fair point but at the same time, you’re making time for other things (e.g. blogging) - learning the language of the country you live in should be one of those things. Again, we’re not talking fluency.
I think there’s some good points in your blog post, and your title is catchy - integration isn’t an evening class but the evening class is a prerequisite for integration. If you don’t have one time for one class a week as a prerequisite you don’t have time for any other activities you’d consider “integration” instead
Asking your host country to provide you a four-day working week with a fully funded fifth day just for language study is nuts, especially for a highly-paid engineer.
>This would not be charity. It would be an investment.
Why are you unwilling to make that investment? Is your money situation so tight that you can't work a reduced week without the state paying for it?
I only wish other countries would implement the same policies. It seems wrong to me that someone should be able to influence the politics of a country they can't speak the language of.
The requirement to getting a Finnish citizenship is knowing an official language, and one of them is Swedish. As far as I know, it's not one of the most difficult languages in the world.
Over 15 years ago now, I had a popular chrome extension that did a very specific thing. I sold it for a few thousand bucks and moved on. It seemed a bit strange at the time, and I was very cautious in the sale, but sold it and moved on.
It's abundantly obvious to me now that bad actors are purchasing legitimate chrome extensions to add this functionality and earn money off the user's data (or even worse). I have seen multiple reports of this pattern.
For over 10 years that I maintain a reasonably popular cross-browser extension, I've been collecting various monetization offers. They simply don't stop coming: https://github.com/extesy/hoverzoom/discussions/670
It's worth reminding people that Firefox extensions that are part of Mozilla's "recommended extensions" program have been manually vetted.
> Firefox is committed to helping protect you against third-party software that may inadvertently compromise your data – or worse – breach your privacy with malicious intent. Before an extension receives Recommended status, it undergoes rigorous technical review by staff security experts.
It is a classic supply-chain attack. The same modality is used by gamers to sell off their high-level characters, and social media accounts do "switcheroos" on posts, Pages, and Groups all the time.
You know, a lot of consumer cybersecurity focuses on malware, browser security, LAN services, but I propose that the new frontier of breaches involves browser extensions, "cloud integrations", and "app access" granted from accounts.
If I gave permission for Joe Random Developer's app to read, write, and delete everything in Gmail and Google Drive, that just set me up for ransomware or worse. Without a trace on any local OS. A virus scanner will never catch such attacks. The "Security Checkup" processes are slow and arduous. I often find myself laboriously revoking access and signing out obsolete sessions, one by one by one. There has got to be a better way.
If you buy someone's old gaming account (Steam for example) with many years of activity, you can appear more legitimate when trading, therefore making it easier for people to trust you and fall victim to your scam(s)
I think he was just saying that it is similar business to that. Just drawing comparison that there are a market like selling video games accounts. Also usually people who cheats in games will buy high level accounts because they will be banned much faster if they start playing with new accounts for cheats. This happens in some of the games I play all the time.
Companies spend a fortune on endpoint security and then let employees install random Chrome extensions with full page access. I've seen AWS console sessions running in browsers with a dozen extensions nobody's ever audited. The extension store is basically a supply chain attack marketplace at this point
15 years ago was probably this type of business in its very early stage. There is little that can be done about "selling" extensions. Chrome Web Store should have tighter checks and scans to minimize this type of data exfiltration.
It's a moronic industry, waiting for the catastrophic data-theft disaster to happen before they do anything... Google is doing it, Apple did it, Zuck did it (the only hindrance Cambridge Analytica had to go over seemed to be the apps developer agreement that devs had to click to promise you won't do anything bad with the personal information of all those Facebook users...).
Which is all the more incredible, considering Blackberry (the phone company that was big before the age of iPhones or YouTube) had a permission model that allowed users to deny 3rd-party apps access to contacts, calendar, etc, etc. The app would get a PermissionDeniedException if it can't access something. I remember the Google Maps app for Blackberry, which solution to that was "Please give this app all permissions or you can't use it"...
How were they supposed to know that was going to happen? You think they walked up and said, “Hi. I’m here to buy your software and hurt people with it”?
If a stranger walks up to the chef in a restaurant and offers to pay them to put some mystery stuff in the food, or someone walks up in during a surgery and asks if they can make some incisions and inject some mystery stuff, would you (as a customer of the restaurant or hospital) expect this to be allowed?
That isn’t remotely comparable. You’re asking someone to quietly alter someone else’s product, not selling the product to them. They didn’t pay him to change the extension, they bought it.
They bought the permission to make changes to customer machines that had been granted to the seller by the customer. If it's just a sale of the source code, there's no problem. But what is bought is usually the pre-existing update channel (the installed base), precisely to be able to alter the product for existing users without explicitly informing them or asking for consent.
While assuming absolutely zero bad will on your part, I would nevertheless find it fair if you were legally on the hook for whatever happened after the sale, unless you could prove that you provided reasonable means for the users of your extension to perform their due diligence on the new owner of the extension.
This is of course easy to say in hindsight, and is absolutely a requirement that should be enforced by the extension appstore, not by individual contributors such as yourself.
I wouldn't find that fair at all. Bad actors should be legally responsible for their bad action. If I sell you a taxi business, and then all of a sudden you decide to start robbing the customers - it's not my fault is it? And just to be clear, I had no idea if my extension was used for nefarious purposes, but in hindsight it probably was.
Customers were sold[1] a lifetime subscription to Honest Guy's taxis, and then Honest Guy does a secret deed to sell his taxi joint to Bad Guy[2] without telling any customer about it. Then customers start getting ripped of in all manner of ways, that some of them would have known to avoid if they knew their taxis were being run by Bad Guy.
[1] Of course, the issue here is that no contracts were signed.
[2] In the specific case I was replying to, there was no malice or intent to hide from you as seller. Yet, a better outcome could have been achieved by advertising the sale to those impacted.
I don't think there is any legal support for what I describe above, but in principle whenever a user signs up for Good Thing, and then gets baitswitched to Evil Thing, the main victim is the user, and it is fair to hold responsible everyone involved in the bait-and-switch maneuver.
Replace Honest Guy with local hospital or care home and bad guy with vulture capital, and you will find that this happens all too often; any time there's an established and captive audience, you will find vultures circling all around it.
What is fair and what is legal are very different concepts. I agree in principle with what you're saying but there is no legal basis for it - as you recognise.
No, how it should work is each extension is associated with a private key that is registered with a specific individual or legal entity and implies some kind of liability for anything signed with that key - and if/when the key changes (or the associated credentials), users will be explicitely alerted and need to re-authenticate the plugin.
If the old owner gives their key to the new owner, then they should be on the hook for it.
I was thinking of this yesterday, as I think this is also how domains should work.
How does this safe guards against having the extension under a company and selling that company off. Still the same entity, different owners, different "incentives".
OpenAI has by far the strongest brand and user base. It's not even close.
And, when it comes to the product they've been locked in the last few months it seems. The coding models are no longer behind Anthropic's and their general-use chat offering has always been up there at the top.
reply