@dustyweb
Co-author/co-editor of ActivityPub (what connects together the fediverse, including Mastodon, etc). Executive Director of the Spritely Institute. Lisp/scheme enthusiast, chaos transfem, sketcher of tiny creature drawings. https://dustycloud.org
Our intuitions for ocap (or ANY) security come APIs that we are able to make sense of, with each object performing a limited role.
Not to mention that users *want* to be able to say a thing to an agent with broad ambient authority...
Ocap security will help us, but will not save us, with LLMs.
If an agent can do TWO of these three things:
- Access the network
- Access the filesystem
- Talk to another agent
Then you are toast.
Mark Miller describes conspiring processes as "prisoners tapping on the pipes". Even with ocap containment, we risk an LLM prison riot. :P
Yes!
Yeah. I think the neighbour part of those stories rests heavily on social norms. Neighbours are confusable deputies but confusable within the bounds of social norms.
Our intuitions for ocap (or ANY) security come APIs that we are able to make sense of, with each object performing a limited role.
Not to mention that users *want* to be able to say a thing to an agent with broad ambient authority...
Ocap security will help us, but will not save us, with LLMs.
If an agent can do TWO of these three things:
- Access the network
- Access the filesystem
- Talk to another agent
Then you are toast.
Mark Miller describes conspiring processes as "prisoners tapping on the pipes". Even with ocap containment, we risk an LLM prison riot. :P
Ocaps are thus necessary, but insufficient. The pattern of use also needs to change.
Yep. Ocaps for these things is 1000% necessary.
The problem is... they won't be enough, not for the way people use agents the way they want to right now, where you are speaking to a god-process that can do your things for you.
And LLMs are inherently confused deputies, so...
Ocaps are thus necessary, but insufficient. The pattern of use also needs to change.
Yep. Ocaps for these things is 1000% necessary.
The problem is... they won't be enough, not for the way people use agents the way they want to right now, where you are speaking to a god-process that can do your things for you.
And LLMs are inherently confused deputies, so...
Text with two indented, italicized paragraphs both starting with "In an emergency" in between three other paragraphs: Marc Stiegler has identified the root cause of the problem; our devices do not support aspects of sharing that we rely on in the physical world. These aspects can be illustrated with two stories. In an emergency, Marc asked me to park his car in my garage. I couldnβt do it, so I asked my neighbor to do it for me and told her to get the garage key from my son. I doubt that anyone would think twice about this story. The second story is in the computer domain. In an emergency, Marc asked me to copy a file from his computer to mine. I couldnβt do it, so I asked my neighbor to do it for me and told her to get access to my computer from my son. People often find this second story so preposterous that they laugh.
The Six Aspect of Sharing Figure 1 illustrates the six aspects of sharing that we rely on in the physical world. That text is around diagram with six images, text labels and arrows. Light blue arrows connect each of four in a right to left chain, and black arrows from the bottom left "Cross domain", extend to those. Another light blue arrow goes from an accountant, labeled "Accountable" to the right of the top four. The top four are, from right to left (in order of the arrows): - Recomposable. A hand giving keys to another waiting hand with a shadowy third hand perhaps giving the keys earlier. - Chained. The same image of two hands but without the third. - Attenuated. The same image of two hands. - Dynamic. A man in a suit and holding a briefcase running. The Cross domain image in the bottom left is an open gate in a possibly electrified fence like you might find around a farm field. Dynamic above a man in a suit running.
Relevant to agentic access control.
I was reminded of Alan Karp's & Marc Stiegler's litmus test for usable access control, and Marc's six aspects of sharing.
alanhkarp.com/publications...
Costco is now demanding that Trump pay them back for his tariffs so they can refund all of their customers.
I don't understand how people can't see it. The holocaust isn't the only genocide from history, but it's the one genocide everyone was taught in school, and it's the one they're *intentionally* cosplaying into reality.
The signs could hardly be louder, the signs hardly brighter. And yet...
Thanks for sharing this. It feels so obvious: the long, thin banners hung from buildings, the 88 foot high flagpoles, the concentration camps, the secret bunkers to shelter families from being stolen away...
"Don't let people know we're at this stage of the holocaust because the good people are doing the things that good people do at this stage of the holocaust" is just... quite the take
We are at this stage of the Holocaust β in Ohio, which hasnβt gotten much attention recently.
βIn Springfield, Ohio, some Americans have converted their basements and spare bedrooms into shelters for immigrant families who could be targeted in raids.β
#GiftLink courtesy of my library:
discord clicker notification sound would be a wild nitro feature
A one month chart of oil prices
Oil prices are going parabolic. This is insane.
Sometimes I write something on here worth capturing dustycloud.org/blog/reflect...
Source: I ran the grant program, and in fact refused to do it *unless* it was "no strings attached" and the money went specifically to open source and research projects.
@dustyweb.bsky.social can of course set me straight on if at any point they exerted any pressure on grantees.
Yeah @ricardo.bsky.social has it right! Samsung Stack Zero was also the first funder of @spritelyinst.bsky.social, back when it was a one-person project in its very early days.
I nearly didn't apply, but @ricardo.bsky.social encouraged me directly. Really grateful to have gotten the support.
Well I guess the accelerationists have won insofar as I can't keep up with this velocity anymore
sigh
It's a really good thing OpenAI was founded as a 501c3 nonprofit!
I am not in charge of Bluesky's comms, but if I were, I would set down the following rule:
You can't broadly make fun of your users, meaning:
- You can't call them "conspiracists"
- You can't dismiss them for being upset about transphobia
- You have to understand the power dynamics of your snark
Real talk, come on Bluesky team, you're running a social media site. This place is basically Twitter 2.0, and was intentionally designed that way.
Play Twitter games, win Twitter prizes.
But we know what Twitter is like by now, and disparaging your users is a 100% guaranteed losing game.
The team's propensity for airing their frustrations to the public is a big problem even when their actual decisionmaking is sound, yeah. Like, everyone working on a UGC site has a lot of these frustrations with their users probably, but they don't say it out loud!
Sad to say but I think there is a near 0% chance of that happening.
Name a VC backed company that you had excited hopes and dreams about 10 or more years ago that hasn't disappointed you today. Name one.
If Jay leaves the position, or is forced out of it, the situation will probably be that the VCs appoint a replacement. And that will be a much worse situation for Bluesky, because it is unlikely that anyone they appoint will respect the ecosystem's goals and values.