I buy 50 billion of hardware. Make 45 billion back in year 1. My losses are 5 billion. I Pay of all my creditors by year two. Then spend another 55 billion on hardware in the second half of year two. My profit is at this point zero.
In year three your competitors invest in making a better model and crush your business because you have no moat at all.
The entire business requires massive ongoing investment because getting massive investments is the only thing resembling a competitive advantage that you can get.
The equivalent to anything you can do will be available as an open weight set in six months to a year. Sink or swim.
It's not basic math when the numbers are this big. There's not going to be $50 billion coming in Year 3 if there's a market correction and lenders scale back financing. Borrowed money is how companies are paying for AI, and that's the first thing that disappears in a recession.
You're not wrong, but also how "ready" is "ready enough"? What about things the US doesn't generally have access to? Rare earth minerals? Helium? Cobalt? Coffee?
It also costs money to build the infra for storage and more money to maintain. There's always a trade-off. I think governments have done an acceptable job of being ready, but they are predicated on the assumption that the global order that the developed world has largely enjoyed for several decades remains largely intact.
It's a bad assumption in hindsight because some folks chose to go over a cliff over fixing deep-seated problems. You can't really control for chaos.
Moving to green and nuclear energy, pressing hard to upgrade the national grid would be the obvious things to reduce our short-term dependence on fossil fuels.
Energy independence is not a pipe dream, and it isn't ever going to be 100%. We should be working toward it.
We may be somewhat dependent on China or other sources for solar panels, for example, but once we have the product, it has a multi-decade lifetime compared to an instantly-consumed fuel.
Even if you're a fossil fuel fanatic, one should be advocating for more of our refineries to be tooled for processing our own crude oil. But that isn't as profitable in the short term, so we don't do it.
P.S. politically, we've seen our system does not have the capacity to deal with a malicious executive taking total control of the government. We need a complete rebuild of our legislative and executive branches.
As a Russian emigrant, I feel this whole war is a severe case of déjà vu. It's as if the US government is going through a stolen Russian playbook, appropriating everything.
"Special operation"? Check. "$EnemyCapital in 3 days"? Check. "We haven't even started yet"? Check. "Goodwill gestures"? Check.
(It's actually a common joke on the Russian Internet. So common, in fact, that it has already stopped being funny.)
All the time? This morning when I dreaded getting up so early for work. Last night when I showered. The day before after playing some board games with friends. Normal people do introspect, despite the current fad among a few oddball elites in Silicon Valley [0].
Wait, where is there a 'beta' tag to something that they are charging real money for? Why is this software any different than any other software and we should completely give away our rights as a consumer to ensure what we pay for is delivered?
I think the parent is saying that one should be aware that the whole LLM industry is still in an experimental stage and far from mature. What you want isn’t what’s being offered. I agree that there should be higher standards, but what we currently have is an arms race. The consequence is to factor that into the value proposition and maybe not rely too much on it.
SLAs should be standard for any paid service, especially on the enterprise side, but also on the consumer side. Being immature as a company does not excuse a lack of service delivery.
Not every customer, even a paying customer, demands reliability at a particular level. Market segmentation tends to address those situations: pay more, get more.
Users on $200 plan complaining, already at max level of subscription, I don't think a $200 subscription should make you feel like you are getting unfair advantage. Like restricting claude -p to API ... after I paid so much? Moderate use should not do that. I am not running it batch mode on a million inputs.
They can be held to account when they fail to deliver what they promise! But what is promised for delivery is what's in the Terms of Service (i.e. the agreement). Nothing more. If it's not in there, you can't hold them to account for it.
> It's too easy for companies to fail to provide their service as long as they never promise to provide their service.
I don't even know what this means. You can't make anyone work for free, nor dictate the terms of what kind of work someone will do without their consent. I assume you are not pro-slavery.
You didn't merely call out their failure. You said it was "too easy," implying something more, like they owe you something. It's a pretty entitled point of view.
"[W]ant[ing] companies to put some effort into avoiding ... failures" is not the same as "hold[ing] them to account". The former is "this sucks and I don't like it." The latter is "punish them or force them to do what I want!"--i.e., some sort of legal remedy.
What right as a consumer do you have that is pertinent here, other than to have the vendor adhere to the terms of the agreement you have with them?
Anthropic has many customers despite the fact that they have occasional problems. They’re not suing Anthropic because Anthropic isn’t promising in its agreement something they can’t deliver.
I think you’re reading into the agreement something that isn’t there, and that’s the cause of your confusion.
I am not reading into an agreement, I am saying there is no agreement to be found to ensure service delivery and the associated liability that would come for any SLA. Also, where is the Anthorpic SLA for Enterprise?
Does it exist?
Just because people pay for things doesn't mean they know or understand what they are paying for. Nor is there the legal precedence to actually understand where the rub lies or how that impacts business.
> Just because people pay for things doesn't mean they know or understand what they are paying for.
I believe, respectfully, that’s precisely what is happening in this thread because you keep complaining about the absence of an SLA that was never in the agreement, as though it is—or is supposed to be—there, and therefore the existence of some “rights” that would flow from that.
I'm pretty sure this is an attempt by both companies to shape a reasonable finance story for their eventual IPO. They need to make this look a lot better than a pump and dump (raising on wild valuations then offloading onto public investors).
How is that a direct comparison? The link you gave has a quote that says it’s not:
> Scoped context: Our tests gave models the vulnerable function directly, often with contextual hints (e.g., "consider wraparound behavior"). A real autonomous discovery pipeline starts from a full codebase with no hints
They pointed the models at the known vulnerable functions and gave them a hint. The hint part is what really breaks this comparison because they were basically giving the model the answer.
No one is saying your nested for loop idea because it won't actually work in practice. In short, the signal to noise ratio will be too high - you will need to comb through a ton of false positives in order to find anything valuable, at which point it stops looking like "automated security research" and it starts looking like "normal security research".
If you don't believe me, you should try it yourself, it's only a couple of dollars. Hey, maybe you're right, and you can prove us all wrong. But I'd bet you on great odds that you're not.
Aisle said they pointed it at the function, not the file. So, the nr of LLM turns would be something like nr of functions * nr of possible hints * nr of repos.
Could indeed be a useful exercise to benchmark the cost.
This would still be more limied, since many vulnerabilities are apparent only when you consider more context than one function to discover the vulnerability. I think there were those kinds of vulnerabilities in the published materials. So maybe the Aisle case is also picking the low hanging fruit in this respect.
If we start from the position of the marketing hype and even Sam Altman's statements, these tools will "solve all of physics". To me it's laughable, but that's also what's driven their outsized valuations. Using the output to drive product decisions and development, it's not hard to imagine a scenario where a resulting product isn't fully vetted because of the constant corporate pressure to "move faster" and the unrealistic hype of "solve all of physics". This is similar to Tesla's situation of selling "Full Self-Driving" but it actually isn't in the way most people would understand that term and so they lost in court on how they market their autonomous driving features.
> You're perfectly free to scrape the web yourself and train your own model.
Actually, not anymore as a result of OpenAI and Anthropic's scraping. For example, Reddit came down hard on access to their APIs as a response to ChatGPT's release and the news that LLMs were built atop of scraping the open web. Most of the web today is not as open as before as a result of scraping for LLM data. So, no, no one is perfectly free to scrape the web anymore because open access is dying.
You're talking about the metadata of the files, which can always be edited and someone will inevitably try to make software to do exactly that. Also, Adobe's proposal for handling generated content is exactly this and they're not able to get buy-in from other companies.
Edit the metadata in what way? It's a cryptographic hash.
If the bits that make up the video as was recorded by the camera don't match the hash anymore, then you know it was modified. That doesn't mean it's fake, it just means use skepticism when viewing. On the other hand the ones that have not been modified and still match can be trusted.
Essentially 0% of professional photography or videography uses "straight out of the camera" (SOOC) JPEGs or video. It's always raw photos or "log" video, then edited to look like what the photographer actually saw. The signal would be so noisy as to be useless.
Sure they could, but then you trim the video by 2 seconds, tweak the colors, or just send it over WhatsApp, which recompresses the file with its own encoder. The hash breaks instantly. Cryptography protects bits, but video is about visual meaning. The slightest pixel modification kills the hardware signature. Plus, it does absolutely nothing to fix the "analog hole" problem - a scammer can just point that cryptographically signed iphone camera at a high-quality deepfake playing on a monitor
I would assume whatsapp would read the hash and verify it when the video is chosen to be sent to someone, so the reciever would see that the video that was selected by the sender was indeed authentic. Assuming you trust meta to re-encode it and not mess with it.
As far as recording a monitor, I guess, but I feel like you can tell that someone is recording a monitor.
As far as editing, no it wont work in those cases, but the point here is not to verify ALL videos, but to have an easy way for people to verify important videos. People will learn that if you edit it, it won't be verified, so they will be less inclined to edit it if they want to make it clear it's an authentic video. Think like people recording some event going down on the streets etc or recording a video message for family and friends.
If AI video generation is going to get that good, don't you think it would be a good idea to have a way to record provably authentic videos if we need? Like a police interaction or something. There is no real reason to need to edit that.
Also, could a video hash just be computed every X seconds, and give the user the choice to trim the video at each of those intervals?
Hashing every X seconds is just a Merkle tree, the tech for that has been around forever. But cryptography only protects the container, not the semantic meaning inside it. If verifying a video requires spinning up this massive crypto infrastructure that can just be trivially bypassed with a hardware camera spoofer anyway, that defense is completely worthless for the mass market. Scammers would bypass it in their sleep.
I hate these flippant comments. Similarly, from where I'm sitting it seems you're struggling to disentangle revenue from profit.
reply