Friday Squid Blogging: Balloon Squid

Masayoshi Matsumoto is a “master balloon artist,” and he made a squid (and other animals).

As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.

Read my blog posting guidelines here.

Posted on July 14, 2023 at 5:00 PM104 Comments


Mr. Peed Off July 14, 2023 6:06 PM

AI image generators are now requiring an invisible watermark which was previously optional. Originally designed for copyright purposes, it is now being used to identify generated pictures and possibly trace their source.

modem phonemes July 14, 2023 6:42 PM

@ Mr. Peed Off

identify generated

This should be done with all AI generated content image or text. Include the source and the name rank and serial no. of the particular AI. Then AI training poisoning by AI output could be avoided. Also, distribute an app that reads this sigil so the internetz user can automatically skip that machine trash, and look at only human trash. … But wait …

SpaceLifeForm July 14, 2023 7:07 PM


It may be Silicon Turtles



name.withheld.for.obvious.reasons July 14, 2023 7:16 PM

Maybe Microsoft’s certificate(s) weren’t stolen, maybe they were sold without MS’s knowledge. Shouldn’t issuing CA’s have limited storage and retention of key mat?

SpaceLifeForm July 14, 2023 8:07 PM

At this point in time, it appears that something has changed.


I pay attention and connect dots.

Clive Robinson July 14, 2023 8:32 PM

@ SpaceLifeForm, name.withheld…, ALL,

Re : With the key to the Kingdom…

“Storm-0558 It may be Silicon Turtles”

The joys of highly hierarchical power structures when “a root of trust” walks out the door. From that point down if it’s in your pocket, you are the one eyed man in the Kingdom of the blind.

The real question about the alledged attackers, is,

“If they knew the attack would be short lived, what did they do with the time they had?”

Microsoft appears to be either unknowing, or keeping it very quiet for some reason not yet known.

I suspect it could be both, as they keep looking to prevent it being a “Foot hold situation”… Microsoft likewise don’t want others who could have been effected taking flight or pushing for pecuniary award.

As you know I’ve maintained my “cloud is a bad idea for most reasons” stance for many years now… likewise my view on crypto-signing not just of code etc but trust in both the specific and general. This event just shows my reasoning valid on both views yet again for the umpteenth time…

Only this time is it the forth or eighth circle those who pushed have entered? Having passed unheaded the warning,

“Lasciate ogne speranza, voi ch’intrate”

For those so blighted this is not a “Devine Comedy”, but a “hellish inferno”, that could seem eternal.

lurker July 14, 2023 10:36 PM

Historically, this threat actor has displayed an interest in targeting (blah) …
to obtain unauthorized access to email accounts …
through credential harvesting, phishing campaigns, and OAuth token attacks …
since at least August 2021

So these guys have been in action for two years in some way or another and MS just sat there watching?

As we continue our investigation into this incident and deploy defense in depth measures to harden all systems involved …

After the turtle has bolted is a dandy time to think about buzzwords or defense. A hardened cynic would know that MS cannot be allowed to crash and burn, it would take the whole nation with it …

Phillip July 15, 2023 12:28 AM

Do they teach this is in B-school?

You may delete any payment method, unless: one payment method remaining.

SpaceLifeForm July 15, 2023 2:13 AM

@ name.withheld.for.obvious.reasons

MS is their own CA.

Maybe they just really screwed up their process.

Maybe there is/was an insider that has/had access.

Suspect still existing insider.

Wesley Parish July 15, 2023 6:11 AM

I’ve been wondering over the past few months if it’s possible to have too much security.

To wit, I’ve got a gmail account, as will a lot of others, and Google got heavy on me a short while back, asking me to set up a 2FA system. Which I didn’t; I figure my passwords are generally not the “password123” sort and at times even I have had difficulty following my logic in constructing them. And besides, I’ve at times had to change my landline phone number’ I don’t expect much constancy in that department. And doing a man-in-the-middle on an insecure landline or badly-secured cellphone connection is as much a possibility as having my home PC comprehensively hacked: I prefer doing my webmail via the private window for much the same reason as doing my banking via the same method.

At any rate, using my current password, I found gmail wouldn’t let me onto the webmail interface, telling me I hadn’t proved I was who I claimed to be, while at the same time, my email client was happily connecting. And the FAQs/Help/Howto pages were of course no good, because amongst other things, they said that I’d be allowed back after seven days without the extra identity tests. Except that seven days came and went and no, I was not allowed back.

So if some lout with a trifle more than the average patience, were to reconstruct the (il)logic of my password creation and hack into my account, I would have no recourse, being barred for no good reason from accessing the webmail interface, which is the only one that allows me to change the password.

From my point of view, this is a trifle self-defeating. I can’t answer for the gmail branch of the Google corporation.

What do people think?

GratefulReader July 15, 2023 9:30 AM

This week, my favorite nugget of information via Bruce is the following…

From this:

“… What this means is that text from before last year — text that is known human-generated — will become increasingly valuable. …”

If accurate, we only have one “chance” (a time period) to extract healthy unpolluted citizen data… and that time may already have passed us… I would not have considered AI feedback loop pollution offhand… super great info to be aware of as things progress. Knowing of this potential, and relative degradation over time of publicly available data (at least), will certainly help political discourse with representatives/others as AI-related legislation or related constructs are considered. The effects of AI on data health and related value… fascinating!

Also… tangential, not directly related to above…

I never say the following because I figure I’ll see Bruce at some conference some day but, as happens, life goes by, day by day… so forget waiting, let me just say…

Dear Bruce, You awesome security professional, inventor, patriot, evangelist for reasonable security and security awareness for the citizen… I’ve been learning from you since decades past, including from your very generous technical books, CDs, blogs… I have described you as the “Citizen’s NSA”… what I’ve taken in from you has translated to good consideration and information I’ve been able to pass on both in conversation and on the job, in the work. I could go on for reams… let me just say… Thank You for making our world better/safer place by distilling many important if not critical security and other nuances that affect all of us daily. Your contributions challenge ignorance, enlighten citizens… and inspire others to carry something forward… I’m super inspired by, grateful to you… thank you!

SpaceLifeForm July 15, 2023 2:42 PM

This was a big catch

Note that they back-patched old stuff.


Rockwell strongly advises applying the security patches it released for all affected products (including those out of support).

vas pup July 15, 2023 5:40 PM

Israel earmarks NIS 113 million to build R&D center for chip-based biodevices

“Israel is allocating NIS 113 million ($31 million) in funds for a new research and
development center to boost the nation’s edge in the intersection of biology with other sciences for medical tech purposes.

The Israel Innovation Authority, in charge of the nation’s technology policies, on Wednesday announced the tender for the establishment of the center that will provide R&D infrastructure needed by startups ==>to build biodevices based on biochips. The tender is part of Israel’s national bio-convergence program.

Bio-convergence is a growing industry that integrates biology with additional disciplines from engineering such as electronics, artificial intelligence, physics, computer science, nanotechnology, material science and advanced genetic engineering, in a bid to meet global health challenges.
==>Biochips are advanced microdevices that combine biology, engineering and

The miniature chips integrate multiple laboratory functions onto a single platform and are capable of analyzing biological samples, including cells, proteins, or DNA, as well as perform biological reactions such as decoding genes, similar to a computer chip
performing a multitude of mathematical tasks. They are used in fields such as
healthcare, diagnostics and pharmaceutical research for DNA sequencing, drug
development, diagnosis and monitoring of biological processes, and more.”

vas pup July 15, 2023 5:49 PM

India launches rocket carrying rover to the moon htpps://

“India’s space agency has launched a rocket that will attempt to land a robotic rover on the moon. The Chandrayaan-3 mission aims to touch down on the moon’s largely unexplored south pole. One objective is to explore the region for ice.”

vas pup July 15, 2023 6:01 PM

Why your favourite brand may be taking a social media break ++++

“We are a social brand, and community has been key for us,” says Annabelle Baker,
Lush’s global brand director. “When we joined social media, Facebook and those
platforms were everything we were looking for initially: they were direct links to the communities.”

But Baker says they withdrew when ==>social media changed to being inherently less social and user-centric, mediated instead by algorithms controlled by companies.

Although Lush re-emerged on the platforms during Covid-19 in order to reach customers during lockdowns, the beauty brand has now gone dark again. They’ve been off social media for almost two years – and don’t have current plans to come back.

But some brands have also been feeling a distinct sense of unease about social media in general. First, like Lush, some companies are unhappy about the way the platforms operate and their management.

But perhaps more pressing is the risk of followers turning on brands amid the !!!
volatility and !!! toxicity of some social media user bases. As social media has polarised society in unexpected ways, brands have found many users quick to criticise an account they believe has mis-stepped.

“At this point, it’s hard to imagine a future where brands start pulling out of social media platforms en masse,” he says. Yet he adds it’s possible we’ll see more brands pulling back, especially
==>if “they can’t quantify the value or start believing the risks outweigh the

Clive Robinson July 15, 2023 7:52 PM

@ SpaceLifeForm, Bruce, ALL,

Re : Yet another “Industrial Control system”(ICS) SNAFU…

“Rockwell strongly advises applying the security patches it released for all affected products (including those out of support).”

I’m interested about the “released for all affected products (including those out of support” aspect.

Outside of the niche ICS world it’s generally not known just how long equipment can stay “in the field”. Lets put it this way I personally know of kit that is well into five decades, and some real “Ladder Logic” into atleast six decades[1]…

The only other stuff you generally find that old is in “services and sanitation” where electricity meters used to spend 50years in peoples homes. Ladder logic in lift controlers in multistory buildings. Power substations half a century or more. As for gas just don’t even try to guess, some of it is in cast iron boxes half an inch thick that uses bolts in a standard that nolonger gets used… As for water and sewerage, well in some places they still use “pulse dialing” to remote control, just as some railway signalling still works on century old systems…

So “including those out of support” could be a bit longer than the 18-36months most in mainstream ICTsec might assume…

[1] I’m still supporting stuff I did in the 1970’s using 1802 processors… And I’m to quote the words of a film “a god-damn retiree”, though not a “grandpa” (as far as I know 😉 So I’ll just dig out the REO Speed Wagon vinyl and a glass of the highland spirit sip and reminisce.

Clive Robinson July 15, 2023 9:17 PM

@ vas pup, SpaceLifeForm, ALL,

Re : It’s not as Lush as it once was, and ICTsec will be worse.

I’ve kind of been dropping the hint that the “Social Media” bubble was on it’s way down. Meta loosing 3/4 of it’s share value, Twitter was on a near straight line descent from well before Hellon Rusk “did a Dixie” on it. Likewise others. As it became clear that what advertisers were being told about “eyes on ads” was at best baloney (Google especially).

So to read the Lush representative saying,

“When we joined social media, Facebook and those
platforms were everything we were looking for…”

Even though rationaly expected… Seeing the past tense “were” was still “an ouch moment”… Like hearing the tinkle on concrete of the pin from a hand-grenade you kind have a foreboading of what’s going to happen next…

We know the US Recession is in all probability going to get a lot worse. As “On-Line” advertising has been shown to be quite a con, and the marketing side less and less effective, I would expect a further withdrawal of scarce resources from what is increasingly looking like a “Lame Duck”.

Throw in Web3, NFT’s, and similar faux-investments that have deflated like a “whoopee cushion” under the rump of the elephant in the room… And in all likelihood AI LLM’s not hanging in long enough for Venture Capitalists to skin/con corporate investors profitably…

But also all the “re-structures” with tens of thousands of ICTsector lay-offs, (250,000 and rising). There is a chance the ICTsector may become a downward preasure on the whole US Economy…

Which is where ICTsec is going to become a nightmare as foreign government sponsored APT and Faux-News is going to see way less opposition, thus we will probably see an up-tic in their activities…

ResearcherZero July 15, 2023 11:50 PM

“For a shop as large as Microsoft, with that many customers impacted—or who could have been impacted by this—it’s unprecedented.”

…“It’s very likely there was either a flaw in the infrastructure or configuration of Microsoft’s certificate authority that led an existing certificate to be compromised or a new certificate to be created,”


ResearcherZero July 16, 2023 1:54 AM


“If you’re not an E5-paying customer, you lose the ability to see that you were compromised.”


“Hikvision has published various fixes but, as this shows, has not done enough in publicizing or contacting impacted users to stop these types of attacks.”

“The hacked video feeds are from many different countries, reflecting the fact that Hikvision cameras are used around the world.”

“Because the Hik-Connect app does not use the cloud for generating the QR code, this makes it more difficult to effectively track QR code sharing. The Hik-Connect app itself is cloud controlled. While many cloud video surveillance providers force firmware updates on devices, Hikvision generally does not.”


“You cannot create a back door that only the good guys can go through.”


Clive Robinson July 16, 2023 7:32 AM

@ ResearcherZero, Bruce, ALL,

Re: Get your feet on the ground and head out of Microsoft’s Azure…

With regards,

“For a shop as large as Microsoft, with that many customers impacted—or who could have been impacted by this—it’s unprecedented.”

Is it realy unprecedented?

Of course not. Evere heard the old truism of,

“All your eggs in one basket”

Well Microsoft, AWS and all other clouds are “baskets” and not just “basket cases”. Our host @Bruce has pointed out years ago what a very bad idea “centralized” security was with the likes of ID theft, because attackers only had to attack one system instead of dozens of systems.

I remember back then instantlt remembering the famous quote attributed to “Willie Sutton” in 1951 that became “Sutton’s Law”,

Q : Why did you rob banks?
A : “I rob banks because that’s where the money is”

But long before that father’s used to advise sons,

“If you want to be rich go where the money is”

So the modern equivalent for APT types would obviously be,

“If you want lots of inteligence go where the data is.”

Trite but true, and should be obvious… but apparently a journalist thinks not, as apparently does a large chunk of ICTsec people.

But do they actually?

I suspect some see it another way. Businesses want “Cost Cuts Now” irrespective of vastly ramped up future costs. But… They will also pay big to get “Cost Cuts”. This oddity can be seen especially clearly in Government spending where the only way you can get money to do anything is to “fake up a cost saving justification”…

So you get this interesting idea of,

“If we spend big and get into some other organisations cloud, we will save money. But that other organisation is a business so they too will cut costs and up fees when they’ve achieved lock-in.”

And as we know Microsoft has been accused of bad practice by regulators to achive lock-in, introducing all sorts of fees and we are now they are into “shedding work force” big style round two…

Does this really sound like a recipe for cost savings?

Nope. Does it sound like a recipe for security?

Nope. Does it sound like a recipe for flexibility?

Nope. How about agility?

Again nope. I could go on with a lot more similar question but how about the obvious one as a closer,

Does it sound like a recipe for success?

Longterm… “Not a snowball’s chance in hell”, but then “the long run” is not what modern capitalism is about.

Speaking of snow, perhaps a new meme, to update the “Fight Club” short monologue[1] from the last century. How about,

“Clouds are where snowflakes fall to their demise.”

Just a thought to remember.

[1] Writen by American novelist Chuck Palahniuk back in 1996 and much memed,

“You are not special. You are not a beautiful and unique snowflake. You are the same organic and decaying matter as everyone else.”

Twenty one years after writing, when it had effectively “come of age”, Chuck said of it,

“I coined ‘snowflake’ and I stand by it”.

Phillip July 16, 2023 11:57 AM

Microsoft’s online presence is really bloated, in general. Not terrible, just places where one notices how they have made their own bed.

And if one might see how they can never finish organizing something they created? I start to question it. In all fairness, it does seem as though some of the employees are present with the problem.

On the flip side, when I look for an answer for something Microsoft, do use Bing, not Google. Say, an example PowerShell script to do X.

This might seem obvious to me, though it is curious how Google might supply one with the most obtuse answer. Like, really???

Clive Robinson July 16, 2023 2:54 PM

@ ResearcherZero, Bruce, ALL,

As I noted in my above with,

“Well Microsoft, AWS and all other clouds are “baskets” and not just “basket cases”.”

It’s not just Microsoft, but also it’s not just Governmrnt sponsored APT, criminals of a more common kind are at it as well. Which is why we get recent stories like,

There are ways you can have security, they take some thought and care and sensible alocation of resources.

But one thing is certain, just giving it to others who you have no actual control over, in the vague hope they will do a better job then you could for less, and on openly / publically accessable systems is not exactly a recipe for assured success…

vas pup July 16, 2023 6:25 PM

The US military revives an idea for stealthy sea power

“”If you think I’m doing The Hunt for Red October, the answer is yes,” says Susan
Swithenbank of the US Defense Advanced Research Projects Agency (Darpa).

The 1990 film, starring Sean Connery, featured a Soviet submarine – Red October – which had a near-silent propulsion system, making it very difficult to detect.

Now, 30 years after the movie, Darpa is working on a marine propulsion system similar to the “caterpillar drive” described in the movie.

Called a magnetohydrodynamic (MHD) drive, the system has no moving parts at all – just magnets and an electric current.

It works by generating a magnetic field at a right angle to an electric current. That
creates a force – called the Lorentz force – which acts on the sea water and propels
the craft along.

The Yamato project showed that much more powerful magnets would be needed, plus more robust electrodes – the parts of the drive which make contact with the water.

According to Ms Swithenbank, the first of these problems may well be easily solvable
now, with a new generation of magnets, developed by the nuclear fusion industry.

Fusion is the reaction which powers stars. But to make it happen here on earth often
requires extremely powerful magnets to contain swirling clouds of burning hot plasma.

The force generated by these new magnets has been likened to double the pressure at the bottom of the deepest ocean trench.

While more powerful magnets are now available, the second problem, how to protect the electrodes, still needs work.

Metal corrodes when placed in seawater and an electrical current accelerates that
process. Some types of magnetic field have the same corrosive effect.

On the Yamato-1 it was found that electrodes were losing around 3% of their mass per year.

Jeffrey Long, a research chemist at the US Naval Research Laboratory (NRL), is a
battery specialist, and is expecting to take part in the Darpa programme, along with colleague Zachary Neale.

“Essentially, we want electrodes that don’t corrode, while still supporting the high electrical current density required for effective operation.”

However, improvements in coatings by the fuel cell and battery industries in recent
years mean this problem may well now be solvable.

Passing a current across seawater breaks the hydrogen-oxygen bond, creating gas bubbles on the electrodes which creates resistance and reduces the efficiency of the MHD.

Potential solutions will have to be tested, including gas-diffusing electrodes created by the fuel cell industry. Other techniques sweep away the bubbles before they build up.

Finally, there’s the issue of erosion, with collapsing bubbles creating pitting. “It’s like having sandpaper on your electrode,” says Ms Swithenbank. Here too, though, work in other industries is showing promise.”

Without moving parts, MHD drives should need much less maintenance than existing propulsion systems.

“But the real reason everybody’s interested in it is that, because there’s no moving parts, it’s also much quieter,” says Ms Swithenbank. “There’s no question that for national defence, that’s a huge advantage.”

A quiet system, without dangerous propellers thrashing around, could be better for wildlife as well.”

Clive Robinson July 16, 2023 9:25 PM

@ ALL,

Re : @vas pup – AI regulation & Paywall.

I browse with javascript and cookies “off” and appart from an anoying message the page appears to load up well enough to read.

Clive Robinson July 16, 2023 9:49 PM

@ vas pup, ALL,

Re : magnetohydrodynamic (MHD) drive

It’s one of a couple of ways to make “water jets” without moving parts.

However a couple of things,

1, It’s not silent.
2, It drives some fish nuts.

The reason it’s not silent is actually it has a moving part, the water in the drive pipe. Which as it moves at different velocities produces vortex effects which gove rise to noise.

As for the fish going nuts… Some are extrodinarily sensitive to electricity, they actually hunt by sensing the voltage caused by organisms muscles working… The MHD produces millions of times this voltage.

There is another issue, one way to reduce corrosion is to use an alternating voltage, but that requires an alternating magnetic field as well. A downside of this is “magneto-constriction” basically metal twitches which makes noise as the field reverses. It also has high hysteresis loss thus reducing efficiency. The device used in, echo depth gauges and to find submerged objects uses magneto constriction to generate the pulse at tiny fractions of a horse-power… So you can see that trying to fix one problem can make new ones or existing problems worse

But also magnetic fields can be pesky in that they can attract all sorts of junk that can quickly become fouling which results in other sources of noise…

Oh and magnetic fields are difficult to contain and even during WWII the natural magnetic field of a ship could be detected by a mechanical device that would “fire the pistol” charge in a mine… Which is why regular degausing of ships had to be done.

Yes these are all “technical problems” that have solutions but at what price?

I guess we won’t find out any time soon if at all 😉

SpaceLifeForm July 17, 2023 3:06 AM

Oops. Looks like Kerch strait has gained some riffraff for the fish.


ResearcherZero July 17, 2023 4:01 AM

interesting paper regarding exposed keys…

Secrets Revealed in Container Images: An Internet-wide Study on Occurrence and Impact


“The breach has thrown Microsoft’s security practices under scrutiny, with officials and lawmakers calling on the Redmond, Washington-based company to make its top level of digital auditing, also called logging, available to all its customers free of charge.”


ResearcherZero July 17, 2023 4:25 AM

Workplace Culture

“These high priests of capitalism have been carrying on the dual role of auditing and consulting for years and have largely been left to their own devices to manage the conflicts.”


bullying, harassment and misconduct, six cases of sexual harassment and four data breaches


Deloitte disclosed the breach as part of an ongoing Senate inquiry, but has so far refused to provide any more details about the incident due to client confidentiality.

The firm has also detailed how it was dumped by the Home Affairs department after it failed to disclose a conflict of interest. A similar breach was also identified while working with the Australian National Audit Office (ANAO).


“Each level punishes the next level down. They see it as: ‘If I had to do it, then you have to do it’ and it propagates the same kind of bad behaviour.”


“The reviewer found despite the seriousness of some complaints, there appeared to be a lack of response to these concerns, a lack of record keeping and a lack of capacity to respond to complaints.”

Pointing to the dysfunctional culture of the agency’s workplace, the report identified that a formal staff complaint was made, on average, every four to six weeks over a period of five years. …a senior manager resigned after urinating on a co-worker.

The review said the agency did not enforce chemical regulations effectively and was at high risk of bending to the will of the industry it is charged with regulating.


‘The Hapless Victims of Circumstance’

“Politicians on all sides, public servants and even the press gallery would be making a grievous mistake if they expect that the system will be cleansed by the disgracing of Morrison, and his eventual departure from parliament.”

Morrison’s conduct in office, and his subsequent refusal to accept the conclusions of a library shelf of damning reports into his misuse of power, is an extreme example of a political culture that created and enabled him…


Winter July 17, 2023 4:28 AM


Oops. Looks like Kerch strait has gained some riffraff for the fish.

I suspect your image is an exaggeration of the damage to the bridge.

Clive Robinson July 17, 2023 5:54 AM

@ SpaceLifeForm, Winter,

Re : Artificial reef making.

Like @Winter I’m suspicious, the shimmer on the water looks wrong, and I would expect damaged pieces to still be sticking up.

If you look at the ships wake it just disapears at what looks like an image manipulation terminator line. Where the shimmer starts to look wrong.

Now the fun bit,

“If the image has been manipulated, was it by the touch of man or AI?”


Answers on a postcard to “Walk on water Competition” C/O Waggoner Gon HQ, Myronivska Street, Popasna, Donblast.

Clive Robinson July 17, 2023 6:48 AM

@ ResearcherZero, ALL,

Re : Paper on exposed keys in Docker containers.

The RWTH Aechen University paper is interesting to read (for those looking for a short cut read Intro, §5.2 §6 §8)

The reality is this problem goes back a long long way to the days when a “container” was a tar image for a chroot() jail…

So after more than five decades… again we appear not to be learning from our “living memory” history in ICTsec.

But it may soon get worse.

A closer look at the figures of 9% in Docker Hub and only 6.3% in other more private repositories, suggests that it may be part of a “learning curve”. With entries in Docker Hub “showing what people can do” in addition to their CVs etc, with increasing lay-offs happening, we can expect more containers to appear at the Docker hub rate… So this may get worse as an issue.

However the paper mentions an important point In §8 –Conclusion– but then does not follow up on it, so it’s security implications may go missing on many. It is,

“Notably, many private keys automatically generate when installing packages during image creation.”

This can create a problem which not as many people are aware of as they should be.

It’s known that many “Random Number Generators” are not as good as they could be especially when they “start up” and in the past it’s been found that embedded systems certificates can suffer from,

1, Shared Primes.
2, Short walk appart Primes.

And unfortunately there are fast ways to find these.

I suspect it might make another interesting paper if somebody want’s to research it…

Winter July 17, 2023 8:30 AM

@Clive Robinson, SpaceLifeForm

Re: Broken Bridge

The movie suggests the trains are still rolling.


Winter July 17, 2023 8:32 AM

@Clive, SpaceLifeForm

Re: Broken Bridge

And another one:

fib July 17, 2023 11:56 AM

I hope you’re all well.

It’s been really nice to see the blog discussing AI from so many diffrenrt angles, in various threads [thank you]. So I dare to offer yet another one.

You’ve probably noticed by now that it’s not possible to build a complete AI stack with free software. You can start building your dataset with free tools, in house, but soon you will run into difficulties with dataset annotation and model training. If your work is in CV area you can choose manual labeling with Open Source [not Free] tools, or use a backend to automate the task [Tensorflow, PyTorch, JAX, etc., all proprietary]. Image annotation tools love [often require] working by pulling images from the cloud rather than your workstation, so you soon find yourself signing up for a MS/GGL/AMAZON cloud account.

Have you time [and know-how] to do the entire workflow on your premises? Fine, but you won’t escape Nvidia’s [GeForce] or Intel’s [Arc] tentacles.

Then you go back to Tensorflow/PyTorch/OpenCV/Nvidia/Intel to train and put your model into production… You get the idea.

It looks like it is impossible to setup an AI stack [or environment, or pipeline] worthy of an orthodox fellow like FSF[0] Richard Stallman. Any thoughts?


Clive Robinson July 17, 2023 1:22 PM

@ FIB,

I hope you are well, and the weather where you are is temperate[1].

With regards,

“but you won’t escape Nvidia’s [GeForce] or Intel’s [Arc] tentacles.”

Actually you can with FPGA’s but the work involved is quite heavy but will be proprietary to you[2]. Get it right and moving to “Application Specific Integrated Circuits”(ASIC) as “bitcoin miners” did will give both speed and bang/watt advantages. But… By then chances are the graphics chip developers would have “nipped and tucked” their beasts into better shape… (remember it’s OK for them to steal your work, but not the other way around and they have ranks of robot lawyers to fight you if you try).

And that’s the real problem LLMs are realy just another Crypto-Coin faux-market as “intelligent” artificial or otherwise they are not.

The reason Alphabet, Meta and Microsoft are so interested in them is like those earlier “personal assistants” Siri & Alexa, and even Tay they will encorage you to give up more and more Personal and Private Information, and give the companies a “Ring Side Seat” on your research / thinking, thus enabling them to get market value before you can protect either your privacy or “Intellectual Property”(IP). We have seen this with Amazon, where if a new product sells, Amazon used to develop it’s own compeating product, and if it could not do that then in effect buy the company (have a look at “Ring” and similar).

But I suspect the AI LLM bubble is going to burst before the “Venture Capitalists”(VCs) can create a sufficient inflated faux-market and profit from it.

They VCs kind of got to milk the faux-market for crypto-coin with syart-ups doing blockchain plus work factor and some smart contracts. But that’s kind of died and Web3 and NFTs don’t look they are going to bubble-up now…

And as you’ve noticed LLMs are hobbled in various ways. So may not bubble at all beyond what they’ve sofar done.

So what will be the next bubble to inflate the US economy and as some analysts have indicated “get it out of ‘flat line'”? I don’t know… Normally I get a feeling for such bubble markets, long enough before they happen to get well out of the way, but at the moment “I’m just not feeling it”.

[1] Apparently South Europe has temps heading for the highest on record in that region at just over 48.8C (119.8F) expected next week. A temp which I know from having been “fighting” in the Desert at a little above those temps is not fun.

[2] “Field Programmable Gate Arrays”(FPGAs) potentially could be faster than Graphics Chip Sets for LLMs by around five to ten times. Which although not that much faster could potentially be “better tailored” thus use less power. There are a lot of trades to be made in the various parts of the LLM network, but currently we don’t realy know which ones,would be best (though I suspect we will have a better, but by no means best idea within the year).

lurker July 17, 2023 4:19 PM

@SpaceLifeForm, All

re, smoke on the water

BBC radio has been reporting a notification from Moscow that the bridge was closed to all traffic due to “an emergency situation at one of the bridge piers.” Two deaths were reported. Shortly after Moscow announced that rail traffic had resumed. BBC has diligently reported its inability to verify video of “damage”. 19.00 UTC report observed that UKR had claimed responsibility using 2 unmanned surface vessels.

Clive Robinson July 17, 2023 6:57 PM

@ Bruce, ALL,

Back over a decade ago not long before the NSA storage fascility in Utah became fodder for MSM, you asked about what was possible in terms not just of data collection and storage.

At the time you were surprised at some of the answers…

Well how does getting towards,

“215 million GB of data into a single gram”



“under the right conditions it can last millennia or maybe even longer”

Yup it’s a surprise to me as well 😉


“lasers of red and blue light are used to trigger gene expression in specially engineered bacteria, which encodes the data in their DNA. Existing barcoding techniques are used to label data with unique ID tags, which can then be organized and retrieved using machine-learning algorithms.”

Not sure I like the “machine-learning algorithms” as it implies the “labels” are not so much labeling the “data stored” but “the device storing the data”. Look at it as more like a hard drive serial number rather than as an index entry in a book.

The work is from, the “National University of Singapore”(NUS) under principal investigator Professor Poh Chueh Loo[1], who said of the bacterial DNA storage,

“Imagine the DNA within a cell as an undeveloped photographic film. Using optogenetics – a technique that controls the activity of cells with light akin to the shutter mechanism of a camera, we managed to capture ‘images’ by imprinting light signals onto the DNA ‘film’.

By harnessing the power of DNA and optogenetic circuits, we have created the first ‘living digital camera,’ which offers a cost-effective and efficient approach to DNA data storage.

Our work not only explores further applications of DNA data storage but also re-engineers existing data-capture technologies into a biological framework. We hope this will lay the groundwork for continued innovation in recording and storing information.”

You can read more from the NUS,

Or if you want all the nitty-gritty details then,

However I would recommend a very large strong cup of “Devil’s Brew” because it gets interesting when they talk about convolving and deconvolving multiple overlaid images.

For a less grey cell taxing 5min read

[1] Professor Poh Chueh Loo is a Principal Investigator in the Bioengineering Division at Nanyang Technological University (NTU) which is part of the National University of Singapore”(NUS),

vas pup July 17, 2023 7:56 PM

AI reveals chemicals that could stop aging in its tracks

“The world’s getting a face-lift, and it’s not from a swanky Beverly Hills plastic surgeon. Nope, instead, it’s from the magic of artificial intelligence (AI) and machine learning. Not only is this emerging tech shaking up industries across the board, it’s also stirring up a storm in the quest for youth.

Scientists are working round the clock, using AI as their magic wand in their relentless search for natural compounds that can slow down the aging process. Mother Nature, being the generous lady she is, has filled her pantry to the brim with potential compounds. However, identifying these compounds manually? We might as well try to catch a cellphone signal in the middle of the Sahara.

Scientists used a machine learning model trained on mountains of data about known chemicals and their effects, along with so much more, to predict whether a compound could extend the life of a translucent worm that shares a similar metabolism to humans. Thanks to this information, this whiz kid machine learning model could eventually help predict which compounds might keep us looking like we’ve just taken a dip in the fountain of youth.

===>The AI rose to the challenge, unearthing three compounds with potential anti-aging properties. The scientists developed a model trained to recognize chemical features that have senolytic properties. Senolytics are a class of small molecules under intense study for their ability to suppress age-related processes such as fibrosis, inflammation and cancer by eliminating aged, dysfunctional cells without harming healthy cells.

After screening over 4,000 chemicals, the model identified 21 potential candidates, three of which – ginkgetin, periplocin and oleandrin – demonstrated the ability to remove deteriorating cells effectively. Among the three, oleandrin was found to be the most potent. These compounds are both from natural products found in traditional herbal medicines.

The promising marriage of AI and anti-aging research offers a tantalizing glimpse into a future where the secrets of youth could be revealed at the click of a button. Imagine a world where we can age gracefully, backed by AI’s tireless pursuit of natural anti-aging solutions. I can hardly wait.”

vas pup July 17, 2023 8:01 PM

More on the subject

Harvard researchers identify six ‘chemical cocktails’ to reverse aging: ‘This is

“Scientists have reportedly discovered the key to the foundation of youth, identifying a combination of drugs that can help reverse the aging process.

Harvard researcher and professor Dr. David Sinclair shared that a team at the Harvard Medical School searched for three years to find molecules that “reverse cellular aging and rejuvenate senescent human cells.”

!!!!!!!!The team identified six chemical cocktails and potentially more that helped return people to more “youthful states” in less than a week.”

lurker July 17, 2023 8:20 PM


Not a typo-squat, the .ml domain belongs to the nation of Mali. Its increasing cosying up to Russia is of concern to the operators of the .mil domain, because the .ml domain management contract is about to be taken over by the Mali military.


modem phonemes July 17, 2023 9:08 PM

@ vas pup

AI’s tireless pursuit of natural anti-aging solutions

Sounds like the prelude to any movie where a “medical breakthrough” turns most of the population into undying cannibalistic zombies chasing the handful of individuals who missed the update.

SpaceLifeForm July 17, 2023 9:53 PM

@ Clive

re: Big Bang is Illusion


Clive Robinson July 17, 2023 10:29 PM

@ vas pup,

A couple of things, check the age of the FOX network owner… Also the average age of it’s audiance where “racing grannies” is not a game.

Secondly anti-aging is tied up with ICTsec in a number of ways…

Lets just say it’s very popular with Silicon Valley Corp Execs some of whom are reputed to have tried being vampires… Paying late teenagers for their blood to transfuse (for those thinking of trying it apparently it has no effect of note in winding back the body clock).

What apparently does work the most is proper sleep and eating timing as it significantly reduces inflamation in your dietary system. Also eating a lot of certain vegtables… Though eating two pounds of vegtables –where many of those chemicals are found naturally– every morning might just be way to much for most people…

There is one guy that’s spending around 2million USD/year on having every aspect of his diet and excercise controled. Most of the spend is on medical tests etc which he makes available,

Clive Robinson July 18, 2023 12:27 AM

@ SpaceLifeForm,

I must have missed your post for some reason…

Blaim it on seasonally odd weather, we are sure getting some of that recently. With the East End of the Med hotter than the Devil’s country and still warming up faster than a Texas barbeque pit directly on a nodding donkey…

Robin July 18, 2023 3:15 AM

@vas pup, all:

“the model identified 21 potential candidates, three of which – ginkgetin, periplocin and oleandrin – demonstrated the ability to remove deteriorating cells effectively. Among the three, oleandrin was found to be the most potent. These compounds are both from natural products found in traditional herbal medicines.”

Fox News, the authority of AI and use in folk medicine are not reliable sources or indicators. To take just oleandrin:

“Apart from being a potent toxic compound, there are no results on oleandrin from human clinical research that support its use as a treatment for cancer or any disease
… Due to its considerable toxicity, use of oleander or its constituents, such as oleandrin, is regarded as unsafe and potentially lethal.[1] Use of oleander may cause contact dermatitis, headache, nausea, lethargy, and high blood levels of potassium, with symptoms appearing within a few hours of ingestion.[1] In one fatality, the blood concentration of oleandrin and a related cardiac glycoside from the oleander plant was estimated at 20 ng/ml”

(Wikipedia entry for Oleandrin)

Was the AI trained to avoid toxic formulations, or just to find potent ones?

Clive Robinson July 18, 2023 6:03 AM

@ Robin, vas pup,

“Was the AI trained to avoid toxic formulations, or just to find potent ones?”

I suspect we know the answer, it’s probably the latter and the reason might surprise many.

I’ve tried to give a sensible answer but due to auto-mod even substituting words has failed…

I was once told by a researcher at a university, almost the definition of a natural formulation was,

“A DuG is a PoSn used in small quantities.”

And certainly considered that way for well over four thousand years, and quite a few of such acient formulations are still in use.

So yes as a first stage selection process being toxic does not rule a chemical out as a consideration for a new research candidate, in fact almost the opposite.

Winter July 18, 2023 2:53 PM


What apparently does work the most is proper sleep and eating timing as it significantly reduces inflamation in your dietary system.

In the end we all grow old and die [1].

You should make the most of it by keeping healthy as long as possible. The evidence based advice is simple

  • Do not smoke, if you smoke you can forget the rest
  • Less alcohol is better, and still less is better
  • Be active, walk, ride a bicycle, do some sport
  • Eat vegetables
  • Reduce meat, especially cow. Reduce all animal products
  • Sleep

This is most of what has actually been proven for everyone. Much of the rest holds only for some people or is just anecdotal.

[1] I read a truism somewhere that has burned itself into my memory:
There’s only one thing worse than getting old and that’s not getting old

JG4 July 18, 2023 4:08 PM

Winter’s advice is spot on. Putting a finer point on it, Move often and vigorously, and eat a Mediterranean diet. Alcohol, tobacco, sugar, slavery, soybean oil, nanoplastics, combustion products, and many other “modern” inventions are mitochondrial toxins. Sleep is for repairing double-stranded breaks and taking out the garbage.

In engineering, “Time will find a point of failure.” May our failures define trajectories of graceful degradation.

The Judeo-Christian version:

To every thing there is a season, and a time to every purpose under the heaven:
A time to be born, and a time to die; a time to plant, and a time to pluck up that which is planted;

The Buddhist version in Thai, now with handy translation guide. A comment on the nature of reality.

Kerd Born
Kae Old
Jeb Sick
Tai Die

The Darwinist version was covered fairly well by Richard Dawkins. Don’t have the right quote handy, but the concept is easy. It is an essential feature of evolution that the old replicators make way for the new. The shrewder new replicators get advice from the older and hopefully wiser replicators. It should not be surprising that humans build self-optimizing resource-extraction asset-stripping engines.

modem phonemes July 18, 2023 5:37 PM

@ JG4

Darwinist version

Dawin is explains things going forward from an accepted starting point, and assumes there always will be some starting point at each stage as we reach back and back. That is, it appears to be the only place where “Turtles all the way down” is considered a virtue. Bertrand Russell, eat your heart out. 😉

SpaceLifeForm July 19, 2023 12:31 AM

Kerch bridge pic was photoshopped.

I asked someone who is really good at this. They found the receipts.


Photoshopped version


lurker July 19, 2023 1:36 AM


I’m too simple minded, I don’t get why it’s neccesary for such gross over-egging when real photos of real damage rapidly became available. If AdobePS had really done the deed we might expect more than the two passersby collaterals.

Clive Robinson July 19, 2023 1:57 AM

@ SpaceLifeForm, lurker, Winter, ALL,

“Kerch bridge pic was photoshopped.”

Are you sure it’s “Photoshopped”?

The fact it was faked was obvious by all the little alarm bells it set off.

But I was hoping it had been done by AI and would be an example of what we can expect in the near future as AI algorothms improve.

Winter July 19, 2023 2:30 AM


I’m too simple minded, I don’t get why it’s neccesary for such gross over-egging when real photos of real damage rapidly became available.

Read: This is why we can’t have nice things: Mapping the relationship between online trolling and mainstream culture by Whitney Phillips [1]


But I was hoping it had been done by AI

AI: Used when “It Will Work Soon”™

Machine Learning: Used when we can buy it OTS.

Compare: AI vs LLM


[1] ‘

Clive Robinson July 19, 2023 3:17 AM

@ Winter,

Not sure what the “” links are supposed to show, the both instantly crap-out with a “429” “to many requests” error.

@ Winter, lurker,

As for,

Whitney Phillips’ book, ” This Is Why We Can’t Have Nice Things”

Yup it reflects a certain mentality of people that “tear the heads of flowers in the park”, “legs off of spiders” etc.

At the final analysis they are of the very selfish form,

“My entitlement, above others rights”.


“My personal whims, over my responsabilities to society”

In short they have no ability to understand why they are seen as bad. There are words for this inability but if you use them then comments disappear…

Winter July 19, 2023 3:30 AM

Re: Google Trends

The links illustrate a rather constant base level of use of “Artificial Intelligence” and the sudden rise of terminology about technology that actually works. I made some error while pasting the links. Here they are again.

Artificial Intelligence (2004 – now)

Deep Learning (2004 – now)

Large Language Models (last 5 years)

Winter July 19, 2023 3:35 AM


Dawin is explains things going forward from an accepted starting point, and assumes there always will be some starting point at each stage as we reach back and back.

Like, say, when people are born out of other people, all the way back? Mothers all the way down to the dawn of life on earth?

It works in the universe too. Stars are made of the dust of older stars made out of dust from older stars all the way down to the dawn of creation.

modem phonemes July 19, 2023 7:42 AM

@ Winter

all the way back

Wouldn’t it be a cop-out for evolution to acknowledge a starting point – a dawn – that wasn’t also obtained by an essentially evolutionary processes ?

Winter July 19, 2023 7:53 AM


Wouldn’t it be a cop-out for evolution to acknowledge a starting point – a dawn – that wasn’t also obtained by an essentially evolutionary processes ?

Only if that starting point was a human being itself.

Like with computers, the evolutionary “starting point” of any program was an on-off switch.

If you go down from any AI program, any program at all, the end point are transistors and capacitors who move and store charge inside a slice of silicon. And the whole machinery traces its history back to a bunch of mechanical on/off switches operated by punch cards.

Likewise, all humans can be traces back to polymerized nucleic acids in a solution. And these chemicals can be traced back to petrochemistry in watery solutions. And if you want, you can then trace them back to super-nova’s (star dust) and older super-novas and stars etc.

Clive Robinson July 19, 2023 8:21 AM

@ Winter, modem phonems,

Re : Big squeezes abound, and entropy is changing where ever you look.

“Stars are made of the dust of older stars made out of dust from older stars all the way down to the dawn of creation.”

Well Fred Hoyle did not like that idea very much and proved some of his idea. But that “creation” bit is still contentious and nobody has actually proved it (in fact we now appear even further away than we were).

Technically whilst stars can be formed from other stars it’s problematic.

When the earliest stars were formed the available “dust” was very simple matter and contained –as far as we can guess– only a tiny fraction of the elements that you find on the periodic table. Each time a star goes nova, and throws it’s dust out, it is much less simple and contains a bigger chunck of heavier elements, because it’s squashed some of the simpler ones together.

The idea Fred had and demonstrated to the point of general acceptence was this “squeeze them up” of the elements had a logical consistancy.

However most of the elements formed from random behaviour you would expect, could not be stable. Thus would decay down over predictable times to stable elements.

But apparently the maths goes wrong for the “Big Bang” –as Fred sarcastically named it– theory.

Since then people have been trying to save “Big Bang” in numerous ways, none of which simply and logically alow for a big bang at the time and place etc…

Evolution has a hidden side that few talk about, but should more. Whilst it alows for the creation of great complexity, it requires in prefrence for it to be inversely related to time. That is evolution demands only simple or logically simple steps in prefrence to all others on a quite significant probability curve.

So the odds of a complex step are both low in,

1, probability of happening.
2, probability of surviving.

So “so one small step each time, one giant leap each stellar generation”. All random but nailed on the “half life curve”.

But that’s not what we think we see on many evolutionary paths (hence “anti-monkey typist” arguments)…

Anyway right or wrong it keeps people gainfully employed.

But the big “Don’t go there Betty” question is of course,

“What came first?”

That is steping on diety ground, where faith transends all proof yardy yardy and it all happened the tuseday beyond last in cosmological time (Hence Dawkins arguments).

Evolution just says “Work with me baby!” but the implicit assumption is it has an “abundance to work on” from somewhere, that simply is…

All of our theories including evolution work on the “ought f’ nought”[1] principle or that our Universe is closed and bounded[2] that is that in principle it starts at a point of everything and ends at an infinity of average, and it’s a one way trip we call entropy.

The problem, our observations don’t fit the neat model so we keep inventing “road bumps” (constants) along the way to account for what our latest observations reveal dimly.

So instead of the flared trumpet cone you would expect we have, what looks like a knocked over drinking tumbler with a nasty mess dried in at the bottom some call the “impossible early galaxy problem”,

And what do they call the particularly nasty bit of that mess? Yup the old historical stand by of “The dark ages”…

Which might as well be called “Dragon-land” from the old sea chart notion of “Here be dragons” in reality meaning “Don’t go there Betty”…

The reality is “Dark” means “unknown” so we have three unknowns most will have heard of,

1, Dark ages
2, Dark Energy
3, Dark Matter

All acting as nebulous concepts to cover up the increasingly,

“What we don’t know, that arises in conflict to what we said we knew” and road bumps abound.

With the latest “cough cough” being the argument the journal Monthly Notices of the “Royal Astronomical Society”(RAS) published that say’s “Hey guys, you know we said nearly 14 billion well… We might have to say nearly 27 billion”,

But wait, what about,

The James Webb and it’s new observations is causing a lot of chalk-board squeaking…

Did I see someone trying to slip another “constant” in on the QT?

Just pass me the pop-corn whist we try and guess who’ll get a Nobel…

[1] One of the more fun British expressions, it means so many things and has a different meaning in one place to another… Most commonly it means “You don’t get something for nothing” but also as commonly with say a pie, “you get what you get”[2] That is a 1lb pie is maybe a pound give or take, and is part of the reason behind “the bakers dozen” which is 13 buns/rolls etc. Rather than go into it in depth, “I’ll pass the buck” with,

[2] So yes the one expression covers both aspects of being bounded and inefficiency of work… So which way is your head spining 😉

Winter July 19, 2023 8:36 AM


When the earliest stars were formed the available “dust” was very simple matter and contained –as far as we can guess– only a tiny fraction of the elements that you find on the periodic table.

That is called “metallicity”, the quantity of matter that is not hydrogen. The older a star is, in life and generation, the lower the metallicity. The oldest, furthest, stars are almost pure hydrogen and helium with little or no heavier elements.

Just as the big bang predicted.

Complaints about “dark” things are beside the point. Dark energy and dark matter are “observed” to exist from the dynamics of the universe and its contents. That we do not know what is behind it does not matter that much. The observations still stand. If you can explain these observations in a definite way, feel free to grab the Nobel price.

Winter July 19, 2023 8:39 AM


That is to say, turtles …

Yep. I assume I have ancestors going back all the way to the first people we would like to call humans. And these had ancestors too.

If you believe you do not have ancestors all the way back to the first humans, please elaborate where your blood-line started?

If you do not believe the first humans had ancestors, I would be obliged if you would present the evidence that makes you believe they had not.

modem phonemes July 19, 2023 9:09 AM

@ Winter @ Clive Robinson

ancestors going back all the way to

Evolution is saying all the way back to not just people but that star dust etc.

In a sense, steady state or unsteady state – Big Bang – are just arguments hashing out the details of the process. But the overall process is the same, i.e., before this, there was that, rinse repeat, backwards never stopping. Everything has something before it, and that something wasn’t nothing, inchoate and formless, but has form or structure. Time dependent turtles all the way down.

Clive Robinson July 19, 2023 9:14 AM

@ Winter,

“That is called “metallicity”, the quantity of matter that is not hydrogen. The older a star is, in life and generation, the lower the metallicity. The oldest, furthest, stars are almost pure hydrogen and helium with little or no heavier elements.”

Which means a curious thing…

Iron, is needed for life as we know it. But we also know it kills stars that are also needed for life as we know it.

Thus we know there was a time before turtles and there will be a time after turtles. Thus they can not go all the way down (back in time) nor all the way up (forward in time).

And nor can we in our current form.

But also we can draw a line that says there was not a sufficient diversity of elements to support life as the majority currently think of it…

Ignoring the “theology, philosophy” and similar we have the curious realisation that “life” is “a product of the evolution of the universe”

A necessary part of life is “competition” that occures on the flip side of “choice”. From competition we can show a natural progression to “privacy” or as others prefer security and secrecy (within the general meaning of the words).

From this we can show a logical transition from the physical to informational.

Thus a question arises as to will physical life cease in our universe or will it progress beyond the physical and if so will it be informational or something else?

Winter July 19, 2023 9:28 AM


But also we can draw a line that says there was not a sufficient diversity of elements to support life as the majority currently think of it…

There was enough iron etc when the earth was formed some 5B years ago. There is no evidence of life from the time before the earth was formed.

Clive Robinson July 19, 2023 9:38 AM

@ modem phonems, Winter,

“Everything has something before it, and that something wasn’t nothing, inchoate and formless, but has form or structure.”

But from what did that not “nothing” come from? and what will it become?

Do you believe in the imutability of entropy and evolution or that there are “road bumps” that change the pace if not the direction of the journy.

The logical implication of what you’ve said is either their was,

1, No origin.
2, There are infinate successive origins.

Either way you end up with a “string of pearls” or Mobious loop type scenario, that are effectively the same…

But still no answer to,

“From whence did it all come?”

“To where is it destined?”

Robin July 19, 2023 9:53 AM


“A DuG is a PoSn used in small quantities”

Good point. You’re right, of course: such a sword will inevitably be double-edged.

Winter July 19, 2023 9:54 AM

@Clive, modem

But from what did that not “nothing” come from? and what will it become?

There is an old philosophical position that nothing can not be the cause or source of anything.

But this leads us to the real question: What is nothing?

Can nothing exist in space and time? What is space and what is time?

In General Relativity, both space and time are dynamic entities. And “empty” space is far from empty in the current standard model.

Current cosmology and physics are based on theories that break down at scales of the Planck length. The current standard model describes an expanding universe that started in a point. Current physics cannot describe the universe when it was smaller than the Planck length.

So when asked what happened when the universe was smaller than the Planck length, the answer is “We do not know”.

fib July 19, 2023 12:28 PM

@ Clive Robinson

Hi Clive, thanks for the reply with your knowledgeable insight. I speak as an entrepreneur in the digital services market. I have to have answers to all the waves and hypes and I couldn’t escape this current hype. I was brought into the fray while investigating the process of labeling objects in computer vision and becoming interested in the automation of the process [incredibly laborious, still done manually around the world, often in conditions analogous to slave labor]. When delving into the whole process, from building the dataset to training/using the models, you soon notice the dominance of large technology companies, as I mentioned in my post above.

[2] “Field Programmable Gate Arrays”(FPGAs) potentially could be faster than Graphics Chip Sets for LLMs by around five to ten times. Which although not that much faster could potentially be “better tailored” thus use less power. There are a lot of trades to be made in the various parts of the LLM network, but currently we don’t realy know which ones,would be best (though I suspect we will have a better, but by no means best idea within the year).

It would be absolutely fantastic to have a generic FGPA platform based on open specifications [something like free CUDA]. It seems to me that neural networks will not go away and will be increasingly present in general computing – I already see movement in the processor market for the production of chips dedicated to these architectures. GPU’s are the ‘dernier cri’ in a wide range of generic use cases. It would seem natural to me that there would be a push for something like Free AI [something Richard Stallman would use]. But I don’t see that happening [which motivated my original post]

I hope you are well, and the weather where you are is temperate[1]. Apparently South Europe has temps heading for the highest on record in that region at just over 48.8C (119.8F) expected next week. A temp which I know from having been “fighting” in the Desert at a little above those temps is not fun.

We’re having an exceedingly pleasant winter [should have said ‘dry season’ but the weather is strangely humid] down here [SE SA]. I hear news of the Northen Hemisphere heat and I tell you: I’ve never witnessed temperatures that high in these tropics. Something is obviously wrong. I worry El Nino won’t spare us at the end of the year. I wish your ordeal ends soon.

All the best

Clive Robinson July 19, 2023 1:30 PM

@ Winter,

“There is no evidence of life from the time before the earth was formed.”

Not realy relevant.

The question relates to the universe as a whole, with regards where it might be worth or not worth looking for signs of life.

There is that dred formular for the estimate of how much life there should be in the narrow “Goldilocks Zone” we live in. And it on effect says we should be tripping over it only we are not.

Whilst I have my own views[1] as to why we are not seeing signals, it would help if we can reduce the search space to look.

[1] Nothing sinister about it. The syrongest signals EM Power wise we transmit are 50Hz and 60Hz or the mains distribution frequencies. All other frequencies are very rapidly going down in power and up in modulation complexity. Back in the 1950-80’s we had high power AM, VHF, and UHF transmitters run by entertainment broadcasters. The AM frequencies are nearly all gone, and in many places VHF broadcast is going down in power or off altogether.

In Europe Analog modulation of Audio is being replaced by DAB and Television by DTV systems that have high complexity that about twice the range gives,a sufficiently complex signal that it looks like shaped noise and quickly becomes unrecoverable. They are also lower power stations so significantly more signals can be transmitted. So signals are not realy making it out from Earth though thay once did so. It’s reasonable to assume simillar levels or above in alien tech have done broadly the same.

fib July 19, 2023 2:23 PM

Since it is being discussed, a quick question regarding the [updated] age of the universe:

If the the universe is older the big bang must have been much hotter [CMB], right –a an even more brutal phenomenon? Does it make any difference at all?

lurker July 19, 2023 2:34 PM


There is no evidence of life from the time before the earth was formed.

Nitpick: We have only just started the search for organic moolecules on exoplanets. Few of these are believed to be older than Earth. Finding exoplanets beyond our galaxy exceeds the ability of our current technology. IOW there may be evidence we haven’t yet found.

lurker July 19, 2023 2:44 PM

@Clive Robinson

There’s more to EMR than entertainment, comms and power line hum. Space telescopes now are analysing stellar spectra for lines from organic molecules in the atmosphere of exoplanets. It’s still a watch this space exercise.

SpaceLifeForm July 19, 2023 4:31 PM

Re: Covid early 2020

I concluded there were many silent spreaders.

I posited a couple of questions back then.

Is the immune system response dependent upon how long it had been since the person last had a common cold?

How long do memory-T cells remember?

It seems there is a connection.


Fever, shortness of breath and cough are all key COVID-19 symptoms we’ve been told to look out for throughout the pandemic. However, at least 1 in 5 people who test positive for the virus don’t develop any symptoms, and the reason why has remained a mystery — until now.

vas pup July 19, 2023 6:23 PM


“Say goodbye to cumbersome hand remotes. With Level’s FLY-BY-WIRE control system, you can intuitively use your body weight to tell your e-Foil the direction you want to go, and how fast you want to get there.
Now you can focus on the things that matter.”

Good short video inside as well. Enjoy!
The security angle is clear – no comment needed.
I just curious could it be scalable, e.g. for small rescue boat/life guard?

lurker July 19, 2023 9:52 PM

From the morning headlines,

Stanford head to resign after data manipulation probe

“I am gratified that the Panel concluded I did not engage in any fraud or falsification of scientific data,” Dr Tessier-Lavigne said in a statement.

“Although I was unaware of these [data manipulation] issues, I want to be clear that I take responsibility for the work of my lab members.”

The 95 page report is linked in the beeb story.


lurker July 19, 2023 9:54 PM

Nick Clegg: AI language systems are ‘quite stupid’

The former UK deputy prime minister said the “hype has somewhat run ahead of the technology”.


SpaceLifeForm July 20, 2023 12:19 AM

I assume you heard the news, but if not


Eriadilos July 20, 2023 3:39 AM

OpenSSH vulnerability :

ht tps://

I do not understand all the implications of this vuln but maybe someone more knowledgable than me on this blog could explain it ?

It would seem that ssh-agent forwarding opens the client to a full compromise if an attacker can control closing and opening of libraries on the forwarding server

Clive Robinson July 20, 2023 4:19 AM

@ lurker, Bruce and the usual suspects,

AI LLM’s way to flaky to use.

Stanford University’s Prof James Zou in Computer Science, Electrical Engineering, and Biomedical Data Science, ran a series of tests on ChatGPT and friends.

And found that the performance of thrse LLM’s went up and down unexpctedly and for commercial applications were sufficiently unreliable to be unacceptable in use for quite a number of applications especially where consistancy would be important.

Prof Zou said,

“We evaluated ChatGPT’s behavior over time and found substantial differences in its responses to the same questions between the June version of GPT-4 and GPT-3.5 and the March versions”

These changes were in things that should not realy change, such as indicatingvis if a number is prime or not. That is you would expect any change to be an improvment not a significant degradation.

The tests in March, and repeated in June were carried out on GPT-4 and GPT-3.5

GPT-4 apparently identified 97.6% of integers correctly when asked if they were prime in March but only 2.4% in June, a significant degredation.

GPT-3.5 however on the same test was 7.4% in March but 86.8% in June.

The question arising of course is,

“Why the change?”

Whilst we can make a generalised guess at “training data”, or “neural network” changes, only ChatGPT’s operators can detail the specifics to a useful level for diagnosis.

As Prof Zou noted,

“It is possible that tuning the model to improve its performance in some domains can have unexpected side effects of making it worse on other tasks”

If that is true… The implication against expectation is that,

“With LLMs their abilities can get worse with time”

Which is going to raise jokes along the lines of,

“AI means Aging Inbuilt.”

Or similar. But such a level of performance change, is going to appear to many as “Significant ‘bit rot'” thus make LLM’s inappropriate for use. After all as a business you do not want to pay eye wateringly sums of money and get a substantially less capable product for each iteration.

As Prof Zou notes,

“It’s important to continuously model LLM drift, because when the model’s response changes this can break downstream pipelines and decisions.”

Could be seen as a mild understatment, as others would view it as catastrophic.

He went on to say,

“We plan to continue to evaluate ChatGPT and other LLMs regularly over time. We are also adding other assessment tasks”

So as the old sayings have it,

“Watch this space with interest.”


“May you live in interesting times.”

modem phonemes July 20, 2023 6:20 AM

@ Clive Robinson

performance of thrse LLM’s went up and down unexpctedly

Is this the phenomenon described in Ross Anderson’s paper ?

There is also Stephen Grossberg’s observation in [1] based on long experience

“When using Deep Learning to categorize a huge database, its susceptibility to catastrophic forgetting is an acknowledged problem, since memories of what has already been learned can suddenly and unexpectedly collapse. ”

  1. Grossberg, Stephen. Conscious Mind, Resonant Brain

Clive Robinson July 20, 2023 7:15 AM

@ SpaceLifeForm, ALL,

Kevin is sadly gone at too earlier an age.

It was not that long ago that he married Kimberly who he woked with.

It is to her, that taking forward Kevin’s memory and legacy falls to.

Clive Robinson July 20, 2023 7:23 AM

@ fib,

“I worry El Nino won’t spare us at the end of the year.”

Having seen what it can do in the past, I’d say stock up on a few things whilst you can.

I’ve tried saying a few other things but the auto-mod appears to want to object to everything…

So I’ll just say a little planning can make a lot of difference.

So take care and hopefully it won’t be any thing other than a minor issue.

lurker July 20, 2023 11:38 AM

@Clive Robinson

Caffeine is a known cardiac stimulant, so this novel treatment may be contraindicated in patients with hypertension. That elderly patients may present with both hypertension and neurodegenerative disorder is another challenge for the researchers.l

Clive Robinson July 20, 2023 1:12 PM

@ lurker,

It’s not just your heart, it’s your sleep and digestive cycles as well.

Hence my “Keep below” warning 😉

But evidence suggests that it only takes about three days for your body to come to terms with Caffeines effects as far as feeling alert. So you are then drinking coffee just to stay as alert as if you’d not started drinking it…

Lets just say I’m a little sensitive to it, and made the mistake of drinking way to many cans of a well known brand of energy drink mixed with a well known type of clear spirit… To about the equivalent of a couple of quarts or so. Let’s just say I was wide awake to the point of being “bug-eyed and hyper-alert” for oh four days… It was a weird experience, I would not encourage.

So keep below the minimum…

Clive Robinson July 20, 2023 1:32 PM

@ modem phonems, ALL,

Re : AI syaring in dumber and dumber.

“Is this the phenomenon described in Ross Anderson’s paper”

It might be, but we don’t know, as the people behind those LLM’s are known to be doing things but not talking…

You might remember I compared the making of a usefull LLM as being like the three stages of the making of a usefull landscape.

It gets thrown up initially by major geological activity taking lots of energy and you end up with a very rough layout. Then the likes of rain and snow etc weather it down and takes the edges off and creates valleys and rivers using less energy and over a longer period. The third stage man comes along with jack-hammers and the like and puts roads and cities on it in selective ways.

Well the rumour is that the organisation behind the ChatGPT’s has decided cost savings are in order and the power bill per use needs to come down a lot as it’s not that far away from the equivalent of a crypto-coin eco system…

So it’s been alleged they are making the resources into multiple inferior LLMs that give a better financial model.

I can not say if it’s true or not, but generally that’s the way of the world with new systems. You design an all in system, build it, then streamline it and then optomize for income/profit. Because if you don’t a competitor will come in and steal your business away in some way.

Petre Peter July 20, 2023 2:26 PM

“For every problem there is an answer that is simple, clear, and wrong.”
from the help of vim

modem phonemes July 20, 2023 2:56 PM

@ Clive Robinson

making of a usefull LLM

Perhaps it is so that the owners are experimenting dumbing down the models preparatory to a tiered pricing scheme.

But there are other issues with the widely used approach.

The “universal basic architecture + brute force statistics” approach of LLM, and many other AI, seems to invite these problems.

David Freedman in his books on statistical modeling suggests that fitting a general many variable model to data will not produce reliable results unless the model is derived from an understanding of the real nature of the data. The form of the model has to reflect the ”real” function that produces the data.

This would apply even more so for nonlinear model situations like LLMs etc Relying on massive statistics to determine and tune the parameter values of a general purpose model, one can expect limited validity.

A classic example is trying to learn a periodic function from sample data. If the model does not include in its form parameters and calculations that intrinsically describe periodicity, the statistically derived model may work well as an interpolator inside the “hull” of the training data, but will be a very bad extrapolator.

If the model form was exceptionally badly chosen, even inside the training hull there might be unstable behavior.

The correct model representation for periodic functions is easy to find, but for the much higher dimensional general LLM problem it seems to be elusive. Grossberg’s school seems to be the only one that seriously tries to find the parameteric model forms that “match” the real world processes.

Petre Peter July 20, 2023 3:43 PM

Overwhelming a person with text so that they just agree with it is a form of buffer overflow attack.

SpaceLifeForm July 20, 2023 4:26 PM

Silicon Turtles

You can not control your kit in the cloud because most people do not have physical access control. But, someone may have access without being in the data centre.

(Looks at AWS)


The vulnerabilities are:

  • CVE-2023-34329, an authentication bypass via HTTP headers that has a severity rating of 9.9 out of 10, and
  • CVE-2023-34330, Code injection via Dynamic Redfish Extension. Its severity rating is 8.2.

Clive Robinson July 20, 2023 4:35 PM

@ modem phonems, lurker, ALL,

Re : It’s all we’ve got fundementaly and it’s near usless.

“David Freedman in his books on statistical modeling suggests that fitting a general many variable model to data will not produce reliable results unless the model is derived from an understanding of the real nature of the data. The form of the model has to reflect the ”real” function that produces the data.”

First thing to note is how do you work with a “real function” that is in practice a poorly filtered random noise source?..

But to go back a few steps, when we are young and staring out the maths room window, we tend not to learn something important.

Which is what piecewise approximation is and what it can be used for and importantly it’s limitations and why realistically it should be treated like unexploded ordinance in a hole in the ground.

The important part of the lesson that goes woosh over many heads if even mentioned by the teacher –who’s head it may have gone woosh over as well– is that curve-fitting sits on a spectrum from unique curves to very general curves, and you realy need to know where your curve sits as that tells you just how big a bang it’s going to make when it blows up in your face (note I say “when” not “if”).

Almost as importantly is when you talk about real world curves, is that they suffer from a signal to noise issue no matter how you measure them. Thus you have to take care you are curve fitting to real signal rather than random noise that looks like a valid signal.

The way most remove noise is by “averaging it out”, but… to get an average you need a way to align the signal. So as a rough rule of thumb you look for a base signal and use that as a distinquisher and synchronizer. Which is fine if the entire signal aligns with it… Which mostly it does not in the real world…

To see why consider two signals that are synchronised “pulse trains” one of low frequency and moderate amplitude, the other of a higher frequency of small amplitude about the same as that of the noise.

If you use the base or first to synchronize, then the second will even if harmonically related to the base will tend to “average out” even if synchronized but not aligned on a cycle by cycle basis (which it won’t be if it carries information). To see this draw two narrow width pulses one of say 10 graph points appart, the second of say 9 graph points apart.

Over nine of the base cycles the second will walk back appearing at 9 the 8 then 7 then 6 and so on with respect to the base signal. So if you average to your base, it will get nine times it’s base pulse in hight but the second will average out to an offset or bias of an amplitude of one across the nine cycles…

So simple averaging does not always work, nor for that matter do all sampling systems, which nearly all measurments in the real world are.

The way you have to find the second signal is to remove the base signal then look for a distinguisher synchroniser for the second signal. But that assumes the second distinquisher is recognisable by the method you use to look for it. For instance if the second signal is “phase modulated” and effectively the pulse moves in time to a third signal… Yup you are back where you started.

It becomes clear after a little thought that a signal can only be found in noise if it is sufficiently extream and thus well distinquished against the noise. That is you know exactly what you are looking for and can accurately synchronize to all it’s parts (which as a consequence means no information is conveyed).

As I’ve indicated previously LLM’s are like having lots of filters that pick out parts of signals. The problem is there can never realy be enough filters for real world input of the type used.

Thus what you do is cheat. You accept the fact that the number of filters you can have is considerably less than the number you need. So you make the filter selectivity proportional to the number of times you find it in your training data.

That is the more a signal appears the wider the filter gets in it’s coverage spectrun. So when you hit it with a random noise signal it responds. But that wide filter will respond to more of the random noise spectrum than the other narrower filters.

Obviously as the number of filters you have is limited, some signals never get filters as they don’t cross the threshold to get into the limited set available.

Now this is where the fun happens. If your training data has the signals non uniformly distributed in the input (and it will). Then a filter can be built up quickly initially and remain even though it is considerably smaller in total than a signal that is uniformly distributed or is mainly at the tail end of the input training data.

Thus it’s not just averages that count in training data it’s the individual signal distributions as well… And as those signals are in no way synchronised or can be in a “general population” of data…

We’ve already seen this not only blight LLMs but also be used to deliberately distort their filter patterns that get called it’s weighted network or neural network etc etc etc.

The result is you can make what looks like “average data” decidedly malicious to say a “political mantra”. As the results of the now malicious filter become new training data the malicious bias becomes “baked in”.

The fact is LLMs are a bad idea, especially when the number of nodes or filters is small or worse small in range…

And guess what everyone is doing to save costs?

Yup they are reducing not just the number of nodes, but the range –bit width– of the weights… That is how they are “squeasing them down” to fit on a laptop or small number of servers with limited connectivity.

As @lurker mentioned above the Ex UK Deputy Prime Minister Nick Clegg has made comment,

What @lurker did not mention is who Nick Clegg now works for (meta) and what stake they have in LLM’s (Lalama) and who they are trying to pass it off too (Microsoft) as well as kicking it out into the Open Source movment, where it is almost certainly going to work as the proverbial “P0is0n Pi11”.

As they say “Just saying” where this is likely to go, before it gets flushed.

SpaceLifeForm July 21, 2023 12:10 AM

@ Clive, modem phonems, lurker, ALL

Re: Signal, noise, curve fitting

Newtons square root approximation method has corner cases.

Depending upon precision, it can loop.

So, you have to detect the loop, and average the two values that it loops on.

Clive Robinson July 21, 2023 9:07 AM

@ SpaceLifeForm,

Re : The problem with storing numbers.

“Depending upon precision, it can loop.”

Or oscillate indefinately depending on your view point’s chosen terminology. But mostly only in digital systems (not analog or mechanical).

But why does it happen? Is a question worth looking into even superficially as it has significant but mostly hidden away relevance to both Security via cryptography and fraud detection and more recently in “Digital Signal Processing”(DSP) and it’s related “Artificial Inteligence”(AI) especially in the weights of “Large Language Model”(LLM) “Artificial Neural Networks”(ANN), and can cause “horror of horrors” apparently unpredictable results especially if the summing/accumulating node and it’s non linear “compression / normalisation” functions if they are not correctly chosen and mapped will drop you in a whole world of hurt[1]…

So to kind of start at the begining,

One of the pieces of advice you hear early on in “maths” is,

“Use fractions not decimals they are more accurate”

Or when prefaced with “We” by an authorative figure –teacher– making it appear a fundemental rule, which, it is most certainly not. Whilst as an “approximate truism” it is true to a certain extent, it can get you unexpectedly into a whole world of hurt[1].

The usuall “explanation” is,

“Compare 1/3 to 0.333.. or “root 3″ to 1.732.. etc.”

Yes the decimal goes on for as long as you have space for, with each digit adding less than a tenth of the previous digit to the accuracy but always not hitting the target precisely. But change the representation base to one that is a multiple of three…

So it’s not an issue to do with the number, but how we represent it and thus the prime factors of the chosen representation base and number and those they have in common or don’t which can give rise to certain short cut “tricks”.

But the real issue with electronic devices is how much information can you actually store in it’s internal memory that is usually a string of bits representing a binary number. Well the number of different values are 2^N where N is the number of available bits gives an upper limit. (importantly note the representational base has only one prime factor “2” which makes the issue more obvious, and alows an automated trick that saves a “bit”).

But we should also ask,

“Do we use them all?” that is the full integer range?

To which the answer is “mostly no”.

To get a feeling as to why just multiply all the one digit decimals in the range 0..9 with each other and see how many unique results you get in the range 0..99. Obviously only the primes below 9 will be in there, but then when you consider prime factors of the digits you realise that you will not get numbers above 9 that do not have 2,3,5,7 as a factor.

But do you intuitavely expect it to be only 35 of the available hundred?

So nearly two thirds are unused, which is a lot of redundancy.

Further if you plot out the distribution you get an approximation to a well known curve. Do the same with multiplying two digit decimal numbers and the curve becomes more obvious…

Normallize against the first digit value and you can see why “Benford’s Law” –also called “first digit law”– happens. Not just for decimals but all number bases (and gets realy interesting for binary numbers). Just remember that it’s across the base range and effected by the primes and prime factors in that range.

As I’ve indicated before nature mostly works on “fractions of fractions” or “percentage growth” which is in part why the “use fractions…” is one of those “apparant truisms” that can lead to superficial thinking.

So just storing integers on average wastes a significent percentage of the available storage capability. Which is why “floating point numbers” are often used. In effect it “codes” the numbers to try and bring the distributions closer into agreement.

But even then numbers are still missing and the smaller the range the larger the percentage of missing numbers that can not be stored.

At some point you will need a number that can not be accurately stored, so all you can do is appoximate between two values.

The “Newton method to approxomate the root of a function” seeks an ever smaller difference –ie it’s “hunting in on zero”–, if the actual difference value can not be stored in memory it will fail. By in effect just cycling between close values that can be stored, without ever stopping…

To get around this the domain experts of an implementations cheat by replacing “test” with “mitigation”[2] (that can look the same)…

So in a computer or calculator that uses the Newton method, to do say square roots, the system designer needs to be aware that the least significant digits are probably “trash”… Which in turn has knock on effects quite rapidly, something the programmer implementing the system is probably unaware of…

[1] Last century and before this “world of hurt” was just in the information domain not the physical domain as maths did not have “physical agency” it only got it through “human agents” who contrary to what most think, are generally not a bunch of people looking to create hurt/harm (though “there are exceptions that prove the rule”). The issues first started showing up in “calculators” for navigation or firing solutions that were digital not analog / mechanical (and became of considerable concern when the pay-loads in autonomous delivery systems started to become “Physics Packages”). Now however we are in a world of “knock it out quick” digital electronics in all sorts of products with “physical agency” such as IoT and drones none of which get sufficiently tested[2] so the “World of hurt” is now very much in the physical domain.

[2] Why do we not see this issue with analog / mechanical calculators. Well simply unlike digital systems they are continuous and thus do not have the holes in the range digital systems have thus implicitly mitigate it. But secondly they are not very precice either, due to factors that “add noise, distortion, and bias” which the system implementers will easily see during protyping. But also analog and mechanical systems show “trends” predictably that can be easily tracked in each degree of freedom thus spotting it heading for the end stops or changing direction unexpectedly whilst not always trivial is relatively easy to do. In effect all you have to do is keep the previous value, and compare it to the current value and a direction / sign flag as well as compare the current value to values inside of the end stop values to ensure it’s “in range”. The same mitigations can be done in software, but is oh so often not in the likes of libraries and reusable code, because of the “perceived need for speed” and the assumption of “programer omnipotence” or just “knows what they are doing” which mostly they don’t. Why they don’t is obvious if you think about it… Mostly programmers are experts in the “software domain” but rarely are they experts in the “problem domain” they are writing the software for… And almost never are they experts in the “system domain” as it applies to software design of the code libraries they use…

Leave a comment


Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via

Sidebar photo of Bruce Schneier by Joe MacInnis.