• In the comments yesterday, Seth asked:

  Regarding Anthropic and their IPO.  Why the statement as to it crashing?

  Which is a fair question because Anthropic's Claude Code is actually a useful product and well worth the $20 per month.
  
  And the answer is that Anthropic (and likewise OpenAI) spend a lot more than $1 to make $1 in revenue.  Subscription plans in particularly are wildly unprofitable;  it's the much more expensive per-token charges on their API services that make the balance sheets look less insane.
  
  And if they hiked their subscription fees by around 1000% to reflect the real cost of the services, they'd lose the bulk of their customers, which would just make things worse because the training costs for new AI models are fixed regardless of how many people are using them.
  
  That's why both companies are rushing for an IPO.
  
  
  
• Microsoft is under fire for threatening a "security researcher" with criminal investigation.  (Tech Crunch)
  
  The "security researcher" in question is anonymous and definitely no White Hat.  The moment "Nightmare Eclipse" finds a security flaw, he goes public with it, regardless of the chaos that might ensue.
  
  On the other hand, Microsoft could do well to put fewer security flaws in their code in the first place.

• ChatGPT blindly trusts browser content, turning the page into a payload.  (The Register)
  
  This is a bigger problem than ChatGPT, and a bigger problem than most people realise.
  
  Traditional computer programs have code and data.  The code tells the computer what to do; the data tells it what to do it to.  And you never mix the two up.  When you do - because of course that happens - your get a security problem and you fix it.  Languages like Rust, Ada, and Java are designed to prevent that happening in the first place.
  
  LLMs have a training set, and then after that everything is data.  There's no fundamental distinction between the system prompt which tells the LLM how to deal with your prompt, or the skill file attached to application you're trying to work with, or the data in the application itself.  There's just a sea of tokens.
  
  And if you use an LLM to try to sniff out problems with prompts or skill files or datasets, a malicious actor can use any of those to infect your AI security system.
  
  This comes back to the problem I mentioned with ClawHub, a repository for sharing open-source skill files for AI agents.  They were using a security scanner, but it only checked the first 10,000 characters of each file to avoid blowing the its context window - the amount of data it can consider in one place.  (LLMs are bad at chunking.)
  
  So all a hacker needed to do was put their malware anywhere after the first 10,000 characters.
  
  But worse than that: They could put malicious code in the file crafted not to infect users but to infect the security scanner itself, and from there they could slip anything in.
  
  There's no known solution to the problem; it's like trying to teach people not to do stupid shit.  The workaround is to limit the damage the agents can do, like not giving a toddler your car keys.
  
  
  
• Linux is planning to retire the x32 ABI (application binary interface) next year.  (Tom's Hardware)
  
  x32 lets developers work with 64-bit data but only use 32-bit addresses, the idea being that this uses less memory while providing the same performance as full 64-bit mode.
  
  Only problem is, nobody uses it.  And it's Linux-only; neither Windows nor MacOS provides an equivalent mode of operation.
  
  
  
• Did some work on my own blog today, which somehow resulted in it going offline for about fifteen minutes.  There was a long-existing problem with various log files (both application and database) growing to enormous sizes, and since the containers and since the containers are snapshotted and backed up daily, it was a lot of work to clean up afterwards.
  
  That's now automated, with proper log rotation.
  
  And then I cleared out a terabyte of backups and snapshots which pretty much froze ZFS for the entire server for a good ten minutes.
  
  
  

Musical Interlude