Even before the advent of AI the quality of most reports was depressingly low. Most of your reports will quite simply come from folks in lower-wage countries that broadly don't speak English well and that use a shotgun approach to bug bounties. That means you are receiving a lot of them, they will be hard to read (assuming the information you need is in there at all) and if they get one success out of fifty then for them it is a really good return.
The advent of LLMs has made this a hundred times worse. Both because it makes it easier for most people to create reports that sound good (and so are more effort to dissect) and because people who didn't have to work hard to get any amount of competence are usually more entitled and more rude (the stakes are even lower for them).
It is economically no longer a good idea to run a bug bounty program at all. I honestly question whether or not even having a direct input for such things makes any sense anymore. The volume is becoming so great you need a classical spam filter to plow through it. But that won't work, because they all sound reasonable.
I've run a bug bounty program for a relatively large corporation and you are exactly right. It's worse in open source, because none of the developers owe a researcher their time. At least in a bug bounty program you've communicated willingness both ways already
The coreutils rewrite was shit because of the license change. Most of the other founding ideas were also bad as you say, but the license change was absolutely a much worse signal. Just a bunch of people rolling over and showing big corps their belly. And for what? So they can be more exploited by people that treat them like cattle.
It's a common llm-ism. It makes clear this person is capable of speaking english without chatgpt and makes a case that the chatgpt voice patterns are in fact as claimed by GP evidence of a lack of original thought.
The third party is never trustworthy. Such a system is the death of all things good in effect - it makes a single party very attractive to compromise. Compromise is so easy in practice that imagining a group of people is preventing it at any kind of scale is purely magical thinking.
It's kind of hilarious that saying "maybe he wasn't capable of reading comprehension" is supposed to be some sort of reasonable basis to have taken another unforgivable action on.
I think the fact that you can claim this without any apparent sarcasm means you operate in a very specific part of society most people aren't a part of.
While what GP said was not worded how the site rules say it should be, your original point is very tedious and can only be read charitably if we assume you never read any news or barely retain anything. We are currently on a news website. I think if you want non-commenting readers to see your point and have charitable thoughts of you it would help to explain why you're ignoring reality for whatever it is you are positing (consumer protections because of subscriptions? really? for this corporation?).
What you're saying in this post essentially just underlines GPs point, which I imagine isn't what you're trying to communicate. You have to help a reader understand your point of view, especially if it's far removed from objective reality (which is that a corporate entity will betray you for money, regardless of whether that makes sense long-term).
Nope, when corporate overlords sell your data they say it in their terms of use and privacy policies because no one is that stupid. If Discord says they're not selling that data, they're not selling that data. The day they'll start doing it, they'll put it in their policy.
You're making up a reality that doesn't exist in your head and claiming it's the truth.
You have in your head examples like facebook or spotify. Spoiler: They tell you exactly with what sauce you're gonna be eaten
Discord had a scandal not too long ago where pictures of people/passports were stolen. There they said that they delete those files immediately after processing them. This proves your statement as false.
Are you saying that corporations respect the letter of the law when it comes to privacy? They don't, they can just drop some lunch money when caught red-handed [0]
Even when they write in their privacy policy that they collect private data and sell them to third parties, unlawfully, that does not make it any better. Cambridge Analytica was operating with respect to Facebook policies. Would you say that people that took an IQ test and were manipulated into voting pro-Brexit were well-aware of the sauce they were eaten with?
Discord is unfortunately no different, they're profit-driven and likely to sell user data already or in the future, because it's incredibly easy and profitable to do so. Why would a chat app try and predict its users' gender? [1]
Even Anthropic consistently says their own AI can't help with meaningful work in their own corporation. Any person that tells you it can is overhyping it. Probably to sell you something.
Your mind and health are impacted by your physical body. If eating a certain way impacts your physical performance then it might also have effects on your health (and mind) in unexpected ways.
I'm not saying that ketosis has this kind of an effect, but rather that eating or not eating some other things might. Eg vitamin K2. The body is be able to make vitamin K2, but we might have stronger bones and teeth, and a healthier cardiovascular system, if we get extra K2 from an external source.
The advent of LLMs has made this a hundred times worse. Both because it makes it easier for most people to create reports that sound good (and so are more effort to dissect) and because people who didn't have to work hard to get any amount of competence are usually more entitled and more rude (the stakes are even lower for them).
It is economically no longer a good idea to run a bug bounty program at all. I honestly question whether or not even having a direct input for such things makes any sense anymore. The volume is becoming so great you need a classical spam filter to plow through it. But that won't work, because they all sound reasonable.
reply