I have deniability with the phone. I can also just leave it at home if I want or turn it off entirely. That access should also be illegal without a warrant; however, this is far worse than cellular "metadata" tracking.
I don't understand why you assume that the government is following all the laws when it comes to cell phones and cloud data but won't when it comes to ring data?
What laws do you suppose they have to follow, exactly?
Cops need a warrant to track your phone, check which tower it connected to or tail your car for extended period of time.
Cops do not need a warrant to use Flock system. They have an app where they can simply put your license plate and they will get a path showing every move of your car as tracked by the flock cameras, and there are a looot of them (e.g. near San Jose: https://deflock.me/map#map=16/37.335318/-121.881316). And thats without the integration of ring.
This essentially allows them to GPS tag anyone, with no warrant, while "following the laws". So no, it's not all the same.
They definitely need to follow the law when they get it from the Telco, but Cops can use their CSS/IMSI catcher all they want, theres almost no way to tell. But they can not then go to court and say "Yeah—we listened to their phone call and searched the car."
With this its no problem. No Hailstorm to buy for the entire force and there isn't any federal oversight on this sort of thing as near as I can tell. If you think police don't do crimes I've got a bridge to sell you.
They can do it right up until the battery truly discharges. You can’t turn off WiFi/BT for real either. Icons will go dark and your WiFi and devices won’t work, but underneath the radios are still plenty active and powered on.
Waymo cannot scale. So for most people it's irrelevant.
Tesla FSD makes driving 90% less taxing mentally. It does 99.9% of the driving perfectly. And its getting better. We are quickly approaching a situation where people who don't drive Teslas are like people who cut their grass with Sickle as compared to people who have driving lawn mowers
LOL, the BTC people who thought "Digital Gold" was a good slogan are going to learn what happened to self custody of gold and the gold standard.
BTC is in a much worse situation than gold was in 1970. The government has the technology to follow transactions and require BTC transactions to be done on their chain with their BTC equivalent GBTCs. That is until the government decides to issue print more BTC equivalents
This is such an interesting time because the percentage of people who are making predictions about AGI happening on the future are going to drop off and the number of people completely ignoring the term AGI will increase.
That doesn't seem likely because the LLMs haven't really delivered any great products that can cover the money spent and so AGI hype is essentially to keep the money flowing.
The counterintuitive part of automation is that it removes parts of the economy rather than making the economy bigger. You end up with more goods but the value people assign to them goes down as they don't provide additional social advantage.
For example at one point nails were 0.5% of the economy and today owning a nail factory is a low margin business that has no social status.
Similarly the percentage of the economy and social status associated with frontend software dev will get automated and become a smaller percentage of the economy.
Since social status is a zero sum game people increase spending in other areas where social status can be helped.
> The counterintuitive part of automation is that it removes parts of the economy rather than making the economy bigger
So you believe in zero sum economy? I think new capabilities lead to demand expansion, they mobilize latent demand that was sleeping. There is no limit to desires, not even AI automation could outrun them.
Front-end software dev, call centers, HR, administration like health insurance and eventually some government bureaucracy, law, education, marketing, mass-market entertainment, banking and other financial services, business consulting, financial advice and accounting services, journalism, and probably other smaller employers.
Potentially all of those, and more, become smaller employers in relative terms.
A better nail-making machine is a single-purpose technology. It's not going to affect productivity much in unrelated industries such as healthcare, for example.
AI is a general-purpose technology like electric light or electric motors. It has the potential to improve productivity in a great many productive activities.
As another person said here, even if progress in AI stopped now, we have twenty years' sustained productivity growth ahead of us in adapting processes to use AI more effectively across the whole economy.
Whether the economy as a whole grows or shrinks depends mainly on whether households will buy more entertainment, legal services, financial services, or all the rest because they are now cheaper, and to a lesser extent on whether we can discover new things that households want to buy.
Submodules can be any URL (and recursive), so for GitHub to block this totally would require them to crawl other forges (and some URLs could be private URLs, but GitHub likely can't tell that apart from an attacker who is just blocking GitHub). So the risk is GitHub could say they are blocking this and give a false sense of security.
Some previous bugs have resulted in validation added to git fsck, but because clone URLs can't change after the submodules are initialised that's not going to have any benefit here. (There were some defence-in-depth measures discussed, there's definitely a few things that can be improved here.)
You can always find edge cases in security. Someone somewhere is running Internet Explorer 10 but that doesn't mean Chrome fixing bugs doesn't dramatically reduce effectiveness of attacks
Describing people using Git without GitHub as an "edge case" is arrant nonsense. Git was developed for the Linux kernel, which isn't hosted on GitHub, though it has mirrors. Most corporate intranets, SourceForge, GitLab, Sourcehut, and probably most programmers' laptops have Git repositories that do not push to GitHub.
Those people won't be vulnerable to this attack, since this attack is only useful in supply chain attacks. The people vulnerable to this would be maintainers of open source repos who could end up approving a malicious PR.
You can certainly launch supply-chain attacks via SourceForge or GitLab; indeed, probably the most famous open-source supply-chain attack in history was carried out by SourceForge's former owners.
Just using git isn't the vulnerability. The vulnerability is that you clone a repo that an attacker was able to put this in. 90% of the time this would happen it would be due to an attacker creating a PR on a public repo.
