Although you can claw that precision back by enabling cross-origin isolation for your site, at least in Firefox and Chrome, which both quantize high res timers to 100μs in non-isolated contexts but only 5μs in isolated contexts. I'm not sure exactly what Safari does.
The requests are not made, because some operating systems prevent this.
If you're on OSX, the permission to "discover on the local network" prevents it from happening ( System Settings -> Privacy & Security -> Local Network -> yourbrowser )
Could also be 'network' permissions on firefox ( Go to Settings > Privacy & Security > Permissions ) which is on a per site level, but iirc that could be set site-wide at some point.
The other browsers likely have similar configs, but this is what I have found.
It seems like they only make the localhost requests on your first visit. If you open devtools in incognito mode (or just clear the cookies) before accessing https://ceac.state.gov/genniv/ you should see those 127.0.0.1 attempts as ERR_CONNECTION_REFUSED in the network tab.
Somewhat more worryingly, Little Snitch doesn't report them at all, though that might just be because they were already blocked at the browser.
But will they be good enough? That’s a question that can only be answered after many years in a project’s lifecycle.
Not sure about allowing for more control, what happens when a complex/exotic issue that an AI is not able to solve arises? The bosses will have to pay a premium to whatever expert is left to address the problem.
>Not sure about allowing for more control, what happens when a complex/exotic issue that an AI is not able to solve arises?
What happens when a complex piece of machinery breaks down at the factory? You call in an expensive mechanic to fix it. You also still have engineers overseeing the day to day operations and processes to make sure that doesn't happen, but the bulk of the work is carried out by semi-skilled labor. It's not hard to imagine software going this way, as it's inevitably what capital wants.
Right, this reminds me of the threads around here on teleworking vs working in-office.
Once someone points out that they like going to the office because they get to socialize with co-workers, the replies typically sound like ‘don’t care, I’m not paid to socialize but to do my job’
While I understand the context can vary, it always struck me as an anti-social behavior.
Some are more objectively real threats than others. Like that guy who claims to only want to be dictator for a day, who sent an armed mob to storm the Capital building, pardoned cronies and war criminals, and brags about walking in on women naked.
For "an armed mob to storming", it looked a hell of a lot like a bunch of stupid ass demonstrators getting inside a government building with no plans, no leadership, and no fucking clue what to do, and then getting summarily expelled. That is to a coup what The Muppet Show is to Saw.
As for the "pardoned cronies", isn't today a bad day to single one side out based on that?
(Not to mention the singling out for "war criminals", when the other side is warmongering hawks, bombing, openly pushing for war, sabotaging peace deals, and openly assisting a slow burning genocide).
174 people were injured in the 'riot'. People died. Trump had called for resistence, asked for metal detectors to be removed, physically attempted to rejoin the crowd by grabbing the wheel of the vehicle taking him home, stood silent for hours during the attack, and said "so what?" to the news his vice president was in grave danger. It was a failed coup and betrays the constitution he swore to protect and defend. Now he describes it as a "day of love" and the 'rioters' as hostages.
Biden pardoning his son is a black mark, especially for the tax evasion. (I think pardons should be abolished.) Yet an order of magnitude less worrisome than the scum Trump has pardoned and promises to pardon.
As to warmongers... which party voted almost unanimously to invade Iraq without hard evidence of WMDs? Who backed out of the Iranian nuclear deal? Who praises bullies and dictators? Who moved the embassy to Jerusalem? Who is so deluted they claim merely winning an election will bring peace to the Middle East and Europe? Who threatened to pull support from allies -- in the midst of a war -- because they want dirt on political rivals or to catch up on underpaid bills. (Trump knows a thing or two about not paying when he owes someone.)
Why the silence about my other remark? Does assaulting, denigrating, and stripping the rights of women not bother you?
Isn't this inference an LLM's job? The RAG component just needs to find the Sharon article among a large dataset and pass it (entirely) to the LLM as context.
Also why would anyone store and read data like { 'groups': [...] } on the client-side?
Session cookies are supposed to be identifiers only, with the data stored server-side.
By default sessions in Flask are stored in plaintext:
> This is implemented on top of cookies for you and signs the cookies cryptographically. What this means is that the user could look at the contents of your cookie but not modify it, unless they know the secret key used for signing.
That's precisely why the cookie should just be an identifier, that you look up group info from the database. Because you can guarantee the cookie contents will be modified by someone at some point. Make it useful to you, useless to them.
Or if you can bruteforce the secret, or if there's a vulnerability in the secret, or if... You're relying on the fact that the cryptography will be impregnable, rather than adopting an actual security posture.
Do not trust the data you send to a user, to remain secure.
No. It's relying on both cryptography, and the inaccessiblity of information. Which is a tried, practiced, and often federally mandated, method of security. Controlling who has access to information is sorta security 101. Don't dump your database to the Internet.
Security through obscurity is allowing REST commands to the /totallysecretaddress/neverleaked/ URI.
> While #GDP surprised to the upside in Q4, it wasn't a healthy expansion. To garner a $329 billion increase in economic growth it required a $834 billion increase in debt. Or rather $2.53 for each $1 of economic growth.
Possibly, but not as much as Bidenomics' trillions of investments into American jobs, infrastructure, and manufacturing through the Infrastructure Investment and Jobs Act, CHIPS and Science Act, and Inflation Reduction Act.
The Fed is also signaling very clearly to the market the cost of money. This, combined with frowing understanding of LLM-driven efficiencies, are letting businesses feel comfortable with investing in revenue returning initiatives.
Timer precision from performance.now and other sources is reduced to 1ms (r226495)
https://webkit.org/blog/8048/what-spectre-and-meltdown-mean-...
https://trac.webkit.org/changeset/226495/webkit