10 interesting stories served every morning and every evening.




1 2,363 shares, 91 trendiness

FTC Takes Action Against Adobe and Executives for Hiding Fees, Preventing Consumers from Easily Cancelling Software Subscriptions

Skip to main con­tent

An of­fi­cial web­site of the United States gov­ern­ment

Here’s how you know

The .gov means it’s of­fi­cial.

Federal gov­ern­ment web­sites of­ten end in .gov or .mil. Before shar­ing sen­si­tive in­for­ma­tion, make sure you’re on a fed­eral gov­ern­ment site.

The site is se­cure.

The https:// en­sures that you are con­nect­ing to the of­fi­cial web­site and that any in­for­ma­tion you pro­vide is en­crypted and trans­mit­ted se­curely.

We en­force fed­eral com­pe­ti­tion and con­sumer pro­tec­tion laws that pre­vent an­ti­com­pet­i­tive, de­cep­tive, and un­fair busi­ness prac­tices.

Find le­gal re­sources and guid­ance to un­der­stand your busi­ness re­spon­si­bil­i­ties and com­ply with the law.

Slow the Roll-up: Help Shine a Light on Serial Acquisitions

Henry Liu, Director of the Bureau of Competition

We work to ad­vance gov­ern­ment poli­cies that pro­tect con­sumers and pro­mote com­pe­ti­tion.

Find le­gal re­sources and guid­ance to un­der­stand your busi­ness re­spon­si­bil­i­ties and com­ply with the law.

Memo from Chair Lina M. Khan to com­mis­sion staff and com­mis­sion­ers re­gard­ing the vi­sion and pri­or­i­ties for the FTC.

Staff in the Office of Technology

Learn more about your rights as a con­sumer and how to spot and avoid scams. Find the re­sources you need to un­der­stand how con­sumer pro­tec­tion law im­pacts your busi­ness.

Register for Do Not Call

Learn how the FTC pro­tects free en­ter­prise and con­sumers

FTC Issues Annual Report on Refunds to Consumers; Agency Returned $324M in 2023

Sign up for the lat­est news

Learn about the FTCs no­table video game cases and what our agency is do­ing to keep the pub­lic safe.

Explore re­fund sta­tis­tics in­clud­ing where re­funds were sent and the dol­lar amounts re­funded with this vi­su­al­iza­tion.

Our mis­sion is pro­tect­ing the pub­lic from de­cep­tive or un­fair busi­ness prac­tices and from un­fair meth­ods of com­pe­ti­tion through law en­force­ment, ad­vo­cacy, re­search, and ed­u­ca­tion. Learn more about the FTC

Lina M. Khan was sworn in as Chair of the Federal Trade Commission on June 15, 2021.

Search

Looking for le­gal doc­u­ments or records? Search the Legal Library in­stead.

Looking for le­gal doc­u­ments or records? Search the Legal Library in­stead.

FTC Takes Action Against Adobe and Executives for Hiding Fees, Preventing Consumers from Easily Cancelling Software Subscriptions

Complaint charges that maker of Photoshop and Acrobat de­ceived con­sumers about early ter­mi­na­tion fees, in­hib­ited can­cel­la­tions

The Federal Trade Commission is tak­ing ac­tion against soft­ware maker Adobe and two of its ex­ec­u­tives, Maninder Sawhney and David Wadhwani, for de­ceiv­ing con­sumers by hid­ing the early ter­mi­na­tion fee for its most pop­u­lar sub­scrip­tion plan and mak­ing it dif­fi­cult for con­sumers to can­cel their sub­scrip­tions. A fed­eral court com­plaint filed by the Department of Justice upon no­ti­fi­ca­tion and re­fer­ral from the FTC charges that Adobe pushed con­sumers to­ward the annual paid monthly” sub­scrip­tion with­out ad­e­quately dis­clos­ing that can­celling the plan in the first year could cost hun­dreds of dol­lars. Wadhwani is the pres­i­dent of Adobe’s dig­i­tal me­dia busi­ness, and Sawhney is an Adobe vice pres­i­dent.“Adobe trapped cus­tomers into year-long sub­scrip­tions through hid­den early ter­mi­na­tion fees and nu­mer­ous can­cel­la­tion hur­dles,” said Samuel Levine, Director of the FTCs Bureau of Consumer Protection. Americans are tired of com­pa­nies hid­ing the ball dur­ing sub­scrip­tion signup and then putting up road­blocks when they try to can­cel. The FTC will con­tinue work­ing to pro­tect Americans from these il­le­gal busi­ness prac­tices.”Af­ter 2012, Adobe shifted prin­ci­pally to a sub­scrip­tion model, re­quir­ing con­sumers to pay for ac­cess to the com­pa­ny’s pop­u­lar soft­ware on a re­cur­ring ba­sis. Subscriptions ac­count for most of the com­pa­ny’s rev­enue.Ac­cord­ing to the com­plaint, when con­sumers pur­chase a sub­scrip­tion through the com­pa­ny’s web­site, Adobe pushes con­sumers to its annual paid monthly” sub­scrip­tion plan, pre-se­lect­ing it as a de­fault. Adobe promi­nently shows the plan’s monthly” cost dur­ing en­roll­ment, but it buries the early ter­mi­na­tion fee (ETF) and its amount, which is 50 per­cent of the re­main­ing monthly pay­ments when a con­sumer can­cels in their first year. Adobe’s ETF dis­clo­sures are buried on the com­pa­ny’s web­site in small print or re­quire con­sumers to hover over small icons to find the dis­clo­sures.Con­sumers com­plain to the FTC and the Better Business Bureau about the ETF, ac­cord­ing to the com­plaint. These con­sumers re­port they were not aware of the ex­is­tence of the ETF or that the annual paid monthly” plan re­quired their sub­scrip­tion to con­tinue for a year. The com­plaint notes that Adobe has been aware of con­sumers’ con­fu­sion about the ETF.Despite be­ing aware of con­sumers’ prob­lems with the ETF, the com­pany con­tin­ues its prac­tice of steer­ing con­sumers to the an­nual paid monthly plan while ob­scur­ing the ETF, ac­cord­ing to the com­plaint.In ad­di­tion to fail­ing to dis­close the ETF to con­sumers when they sub­scribe, the com­plaint also al­leges that Adobe uses the ETF to am­bush con­sumers to de­ter them from can­celling their sub­scrip­tions. The com­plaint also al­leges that Adobe’s can­cel­la­tion processes are de­signed to make can­cel­la­tion dif­fi­cult for con­sumers. When con­sumers have at­tempted to can­cel their sub­scrip­tion on the com­pa­ny’s web­site, they have been forced to nav­i­gate nu­mer­ous pages in or­der to can­cel.When con­sumers reach out to Adobe’s cus­tomer ser­vice to can­cel, they en­counter re­sis­tance and de­lay from Adobe rep­re­sen­ta­tives. Consumers also ex­pe­ri­ence other ob­sta­cles, such as dropped calls and chats, and mul­ti­ple trans­fers. Some con­sumers who thought they had suc­cess­fully can­celled their sub­scrip­tion re­ported that the com­pany con­tin­ued to charge them un­til dis­cov­er­ing the charges on their credit card state­ments.The com­plaint charges that Adobe’s prac­tices vi­o­late the Restore Online Shoppers’ Confidence Act.The Commission vote to re­fer the civil penalty com­plaint to the DOJ for fil­ing was 3-0. The Department of Justice filed the com­plaint in the U.S. District Court for the Northern District of California.NOTE: The Commission refers a com­plaint for civil penal­ties to the DOJ for fil­ing when it has reason to be­lieve” that the named de­fen­dants are vi­o­lat­ing or are about to vi­o­late the law and that a pro­ceed­ing is in the pub­lic in­ter­est. The case will be de­cided by the court.The staff at­tor­neys on this mat­ter are Sana Chaudhry and Daniel Wilkes of the FTCs Bureau of Consumer Protection.

The Federal Trade Commission works to pro­mote com­pe­ti­tion and pro­tect and ed­u­cate con­sumers.  The FTC will never de­mand money, make threats, tell you to trans­fer money, or promise you a prize. Learn more about con­sumer top­ics at con­sumer.ftc.gov, or re­port fraud, scams, and bad busi­ness prac­tices at Re­port­Fraud.ftc.gov. Follow the FTC on so­cial me­dia, read con­sumer alerts and the busi­ness blog, and sign up to get the lat­est FTC news and alerts.

Blog: Adobe used hid­den fee to trap peo­ple into pay­ing for sub­scrip­tion plans, FTC saysGet­ting In and Out of Free Trials, Auto-Renewals, and Negative Option Subscriptions

Blog: FTC says Adobe hid key terms of annual paid monthly” sub­scrip­tion plan and set up road­blocks to de­ter cus­tomer can­cel­la­tions

...

Read the original on www.ftc.gov »

2 1,118 shares, 36 trendiness

Safe Superintelligence Inc.

Building safe su­per­in­tel­li­gence (SSI) is the most im­por­tant tech­ni­cal prob­lem of our​​ time.

We have started the world’s first straight-shot SSI lab, with one goal and one prod­uct: a safe su­per­in­tel­li­gence.

SSI is our mis­sion, our name, and our en­tire prod­uct roadmap, be­cause it is our sole fo­cus. Our team, in­vestors, and busi­ness model are all aligned to achieve SSI.

We ap­proach safety and ca­pa­bil­i­ties in tan­dem, as tech­ni­cal prob­lems to be solved through rev­o­lu­tion­ary en­gi­neer­ing and sci­en­tific break­throughs. We plan to ad­vance ca­pa­bil­i­ties as fast as pos­si­ble while mak­ing sure our safety al­ways re­mains ahead.

This way, we can scale in peace.

Our sin­gu­lar fo­cus means no dis­trac­tion by man­age­ment over­head or prod­uct cy­cles, and our busi­ness model means safety, se­cu­rity, and progress are all in­su­lated from short-term com­mer­cial pres­sures.

We are an American com­pany with of­fices in Palo Alto and Tel Aviv, where we have deep roots and the abil­ity to re­cruit top tech­ni­cal tal­ent.

We are as­sem­bling a lean, cracked team of the world’s best en­gi­neers and re­searchers ded­i­cated to fo­cus­ing on SSI and noth­ing else.

If that’s you, we of­fer an op­por­tu­nity to do your life’s work and help solve the most im­por­tant tech­ni­cal chal­lenge of our age.

Now is the time. Join us.

...

Read the original on ssi.inc »

3 1,059 shares, 42 trendiness

EU Council has withdrawn the vote on Chat Control

The EU Council and its par­tic­i­pants have de­cided to with­draw the vote on the con­tentious Chat Control plan pro­posed by Belgium, the cur­rent EU President.

According to Netzpolitik (German), The EU Council did not make a de­ci­sion on chat con­trol to­day, as the agenda item was re­moved due to the lack of a ma­jor­ity, con­firmed by Council and mem­ber state spokesper­sons”.

Belgium’s draft law, which was sup­posed to be adopted as the Council’s ne­go­ti­at­ing po­si­tion, was in­stead post­poned in­def­i­nitely. Although the Committee of Permanent Representatives meets weekly, Belgium can­not cur­rently pre­sent a pro­posal that would gain a ma­jor­ity. In July, the Council Presidency will trans­fer from Belgium to Hungary, which has stated its in­ten­tion to ad­vance ne­go­ti­a­tions on chat con­trol as part of its work pro­gram.

At the start of 2022, the European Commission pro­posed mon­i­tor­ing all chat mes­sages and other forms of dig­i­tal com­mu­ni­ca­tion among cit­i­zens. This ini­tia­tive in­cludes client-side scan­ning for end-to-end en­crypted ser­vices, mean­ing all mes­sages would be checked ir­re­spec­tive of sus­pi­cion.

The plan tar­gets the de­tec­tion of both known and un­known abu­sive ma­te­r­ial and groom­ing ac­tiv­i­ties. Experts have cau­tioned that such mea­sures are prone to gen­er­at­ing nu­mer­ous false pos­i­tives, par­tic­u­larly when iden­ti­fy­ing un­known con­tent, lead­ing to in­no­cent cit­i­zens be­ing misiden­ti­fied as senders of abu­sive ma­te­r­ial.

European leg­is­la­tion is formed through a tri­a­logue process in­volv­ing ne­go­ti­a­tions be­tween the European Commission, the European Parliament, and the Council of Ministers. Initially, the European Parliament re­jected the European Commission’s pro­posal and in­tro­duced its own, which, while still crit­i­cal, ex­cluded end-to-end en­crypted ser­vices. However, Belgium’s new pro­posal rein­tro­duced client-side scan­ning for these ser­vices, stip­u­lat­ing that users must con­sent to chat con­trols; oth­er­wise, they would lose the abil­ity to send pho­tos, videos, and URLs.

This method, termed upload mod­er­a­tion” by Belgium, has been crit­i­cized by op­po­nents as merely a re­brand­ing of the orig­i­nal con­cept.

Meredith Whittaker, pres­i­dent of the chat app Signal, has been vo­cal against these plans. She ar­gues that im­ple­ment­ing such mea­sures within end-to-end en­crypted com­mu­ni­ca­tions fun­da­men­tally un­der­mines en­cryp­tion and in­tro­duces sig­nif­i­cant vul­ner­a­bil­i­ties in the dig­i­tal in­fra­struc­ture.

Whittaker em­pha­sizes that these vul­ner­a­bil­i­ties have far-reach­ing global im­pli­ca­tions, not just within Europe. She has re­peat­edly high­lighted the is­sue, stat­ing, There is no way to im­ple­ment such pro­pos­als with­out fun­da­men­tally un­der­min­ing en­cryp­tion and in­tro­duc­ing dan­ger­ous vul­ner­a­bil­i­ties.”

On June 17, Whittaker pub­lished an of­fi­cial po­si­tion con­demn­ing the EUs pro­posed upload mod­er­a­tion” as a re­brand­ing of client-side scan­ning that fun­da­men­tally un­der­mines end-to-end en­cryp­tion.

She em­pha­sized that de­spite at­tempts to mask the dan­gers through mar­ket­ing, these mea­sures ex­pose en­crypted com­mu­ni­ca­tions to mass sur­veil­lance, cre­at­ing vul­ner­a­bil­i­ties ex­ploitable by hack­ers and hos­tile na­tions. Whittaker urged a ces­sa­tion of such rhetor­i­cal games, re­it­er­at­ing that any form of man­dated mass scan­ning com­pro­mises en­cryp­tion, thereby threat­en­ing global se­cu­rity and pri­vacy at a crit­i­cally un­sta­ble geopo­lit­i­cal mo­ment.

The pri­vacy mes­sen­ger Threema pub­lished a blog post say­ing the EUs pro­posed Chat Control bill rep­re­sents a dan­ger­ous mass sur­veil­lance ini­tia­tive that would un­der­mine data se­cu­rity, vi­o­late pri­vacy rights, and neg­a­tively im­pact pro­fes­sion­als and mi­nors.

Patrick Breyer, the out­go­ing MEP from the Pirate Party, raised con­cerns, not­ing that pro­po­nents of chat con­trol have lever­aged the pe­riod fol­low­ing the European elec­tions, when at­ten­tion is lower and the European Parliament is in tran­si­tion, to ad­vance their agenda. Breyer has called on European cit­i­zens to take ac­tion and urge their politi­cians to op­pose the mea­sures.

Edward Snowden, the NSA whistle­blower, crit­i­cized the pro­posal, stat­ing, EU ap­pa­ratchiks are try­ing to leg­is­late a ter­ri­ble mass sur­veil­lance mea­sure, de­spite uni­ver­sal pub­lic op­po­si­tion (no sane per­son wants this), by in­vent­ing a new word for it — up­load mod­er­a­tion — and hop­ing no one finds out what it is un­til it’s too late.”

With the EU Council with­draw­ing the vote on the Chat Control pro­posal to­day, the leg­isla­tive process faces new un­cer­tainty. The pro­posal will re­turn to the draw­ing board, as the European Commission[1] and the European Parliament con­tinue to de­lib­er­ate on the best way for­ward.

The dis­cus­sions will re­sume af­ter the sum­mer, once the new Parliament is seated and Hungary as­sumes the Council pres­i­dency from Belgium in July. Hungary has al­ready com­mit­ted to de­vel­op­ing a com­pre­hen­sive leg­isla­tive frame­work to pre­vent and com­bat on­line child sex­ual abuse and re­vis­ing the di­rec­tive against the sex­ual ex­ploita­tion of chil­dren.

The forth­com­ing ne­go­ti­a­tions are an­tic­i­pated to be highly con­tentious, es­pe­cially since the European Parliament has firmly op­posed any mea­sures that would cir­cum­vent end-to-end en­cryp­tion. The Member States and the Parliament have un­til April 2026 to agree. This dead­line is cru­cial, as an ex­ist­ing ex­emp­tion al­low­ing so­cial net­works to self-mod­er­ate con­tent will ex­pire, po­ten­tially elim­i­nat­ing cur­rent safe­guards against shar­ing sen­si­tive im­ages.

In the mean­time, pri­vacy ad­vo­cates and dig­i­tal rights or­ga­ni­za­tions will likely con­tinue to voice their con­cerns, urg­ing EU cit­i­zens to re­main vig­i­lant and en­gaged in the de­bate over dig­i­tal pri­vacy and sur­veil­lance. The next steps will in­volve in­tense ne­go­ti­a­tions and po­ten­tial re­vi­sions to ad­dress the com­plex is­sues at stake.

...

Read the original on stackdiary.com »

4 927 shares, 38 trendiness

Color the map of Britain + Ireland so that no two phys­i­cally bor­der­ing re­gions have the same color

...

Read the original on www.rahulilango.com »

5 887 shares, 29 trendiness

Chat Control Must Be Stopped – Now!

Privacy Checkup: Find out how to im­prove your on­line pri­vacy

Chat Control Must Be Stopped — Now!

With its leg­isla­tive pro­posal known as Chat Control,” the EU Commission is try­ing to es­tab­lish an un­prece­dented mass-sur­veil­lance ap­pa­ra­tus of Orwellian pro­por­tions in the European Union. If EU cit­i­zens don’t stand up for pri­vacy now, it may be too late.

This Wednesday, June 19, 2024, the EU Council could be vot­ing on the con­tro­ver­sial Chat Control bill. Should it pass, the con­se­quences would be dev­as­tat­ing: Under the pre­text of child pro­tec­tion, EU cit­i­zens would no longer be able to com­mu­ni­cate in a safe and pri­vate man­ner on the Internet. The European mar­ket’s lo­ca­tion ad­van­tage would suf­fer a mas­sive hit due to a sub­stan­tial de­crease in data se­cu­rity. And EU pro­fes­sion­als like lawyers, jour­nal­ists, and physi­cians could no longer up­hold their duty to con­fi­den­tial­ity on­line. All while chil­dren would­n’t be bet­ter pro­tected in the least bit. On the con­trary, Chat Control could have a neg­a­tive im­pact on mi­nors in par­tic­u­lar.

The EU Commission’s pro­posed Child Sexual Abuse Regulation (commonly known as Chat Control”) aims to com­bat the cir­cu­la­tion of CSAM (child sex­ual abuse ma­te­r­ial) on dig­i­tal plat­forms by re­quir­ing ser­vice providers to im­ple­ment some sort of de­tec­tion mech­a­nism that au­to­mat­i­cally scans users’ (media) mes­sages for both known and po­ten­tial CSAM and re­ports de­tected cases to au­thor­i­ties.

It does­n’t mat­ter how the EU Commission is try­ing to sell it — as client-side scan­ning,” upload mod­er­a­tion,” or AI de­tec­tion” –, Chat Control is still mass sur­veil­lance. And re­gard­less of its tech­ni­cal im­ple­men­ta­tion, mass sur­veil­lance is al­ways an in­cred­i­bly bad idea, for a whole plethora of rea­sons. Here are just three:

One dis­tin­guish­ing fac­tor be­tween to­tal­i­tar­ian states and democ­ra­cies is that only in the for­mer can the gov­ern­ment in­vade cit­i­zens’ pri­vacy for no ap­par­ent rea­son. Modern democ­ra­cies rec­og­nize pri­vacy as a ba­sic hu­man right. The EU it­self ac­knowl­edges it in the Charter of Fundamental Rights (article 7):

Everyone has the right to re­spect for his or her pri­vate and fam­ily life, home and com­mu­ni­ca­tions.

Imagine, for ex­am­ple, the po­lice could ran­domly en­ter your home with­out hav­ing any rea­son to be­lieve you’re in­volved in il­le­gal ac­tiv­i­ties, sim­ply to snoop around and see whether they can find some­thing sus­pi­cious by sheer chance.

In a healthy democ­racy, it should be the cit­i­zens who over­see the gov­ern­ment — mass sur­veil­lance is the in­ver­sion of this de­mo­c­ra­tic prin­ci­ple. With a mea­sure like Chat Control, the EU would vi­o­late one of its own ba­sic rights and put its cit­i­zens un­der gen­eral sus­pi­cion, thereby pro­foundly dis­rupt­ing the trust be­tween cit­i­zens and the gov­ern­ment.

Mass sur­veil­lance of stan­dard com­mu­ni­ca­tion chan­nels like in­stant mes­sen­gers only af­fects law-abid­ing cit­i­zens. Given their in­volve­ment in il­le­gal ac­tiv­i­ties, crim­i­nals will go to any length to avoid sur­veil­lance. After all, why would any crim­i­nal con­tinue to use a com­mu­ni­ca­tion chan­nel that’s known to be un­der gov­ern­ment sur­veil­lance?

However, fly­ing un­der Chat Control’s radar would­n’t even re­quire re­sort­ing to some other, ob­scure means of com­mu­ni­ca­tion that can’t be (or is­n’t yet) sur­veilled. Criminals could, for ex­am­ple, sim­ply man­u­ally en­crypt il­le­gal con­tent be­fore shar­ing it.

Ordinary, un­sus­pect­ing Internet users, for whom it would­n’t be prac­ti­cal to han­dle day-to-day com­mu­ni­ca­tion with friends and fam­ily mem­bers in this man­ner, would there­fore be the only ones re­ally af­fected by mass sur­veil­lance. And be­sides in­evitable false pos­i­tives (think fam­ily pho­tos of a beach va­ca­tion), mi­nors (i.e., the ones who should be pro­tected) en­gag­ing in con­sen­sual sexting” would prob­a­bly amount for the vast ma­jor­ity of CSAM re­ports.

It’s not just cit­i­zens’ pri­vacy that would suf­fer from the pro­posed mass sur­veil­lance. Because Chat Control es­sen­tially re­quires com­mu­ni­ca­tion ser­vices to in­stall a back­door, it’s also cit­i­zens’ se­cu­rity that would take a mas­sive hit.

The rea­son se­cure com­mu­ni­ca­tion ser­vices like Threema em­ploy end-to-end en­cryp­tion is to make sure no one ex­cept the in­tended re­cip­i­ent is able to read a mes­sage, not even the ser­vice provider. Introducing a back­door into such a sys­tem is like adding a weak link to a strong chain lock. Sure, the gov­ern­ment can now open the lock with­out a key, but so can any bur­glar.

The neg­a­tive im­pact a back­door has on se­cu­rity can hardly be over­stated. It’s not just the first place any­one would try to pen­e­trate a sys­tem that’s oth­er­wise se­cure, it’s like an API for hack­ers. And EU in­te­rior min­is­ters seem to be well aware of this: why else would they them­selves want to be ex­empt from Chat Control’s sur­veil­lance?

Of course, shar­ing CSAM is an ab­solutely in­tol­er­a­ble, hor­rific crime that must be pun­ished. Before CSAM can be shared on­line, how­ever, a child must have suf­fered abuse in real life, which is what ef­fec­tive child pro­tec­tion should be try­ing to pre­vent (and what Chat Control does not fo­cus on). For this and many other rea­sons, child pro­tec­tion or­ga­ni­za­tions such as Germany’s Federal Child Protection Association are against Chat Control, ar­gu­ing that it’s neither pro­por­tion­ate nor ef­fec­tive.”

Besides, there’s no way of re­ally know­ing whether Chat Control would ac­tu­ally be (or re­main) lim­ited to CSAM. Once the mass-sur­veil­lance ap­pa­ra­tus is in­stalled, it could eas­ily be ex­tended to de­tect con­tent other than CSAM with­out any­one notic­ing it. From a ser­vice provider’s point of view, the de­tec­tion mech­a­nism, which is cre­ated and main­tained by third par­ties, es­sen­tially be­haves like a black box.

What can you do?

Since the mat­ter may be de­cided this Wednesday, June 19, 2024, time is a crit­i­cal fac­tor. If you’re a EU cit­i­zen, please con­sider con­tact­ing your gov­ern­men­t’s rep­re­sen­ta­tive to­day, ask­ing them to vote against Chat Control.

It may also help to take to the dig­i­tal streets, spread the word on­line, and raise aware­ness for the EUs du­bi­ous plan to es­tab­lish an un­prece­dented mass-sur­veil­lance ap­pa­ra­tus that would es­sen­tially nul­lify the right to data pri­vacy and set a highly dan­ger­ous prece­dent in do­ing so.

What would Chat Control mean for Threema users in the EU?

While Threema would be sub­ject to Chat Control, the busi­ness so­lu­tion Threema Work would be out of scope ac­cord­ing to our cur­rent knowl­edge. It’s still not en­tirely clear how Chat Control would have to be im­ple­mented by ser­vice providers, and it’s ques­tion­able whether such a bla­tant vi­o­la­tion of the right to pri­vacy would hold up in European courts.

What is crys­tal clear, how­ever, is that there will never be a Threema ver­sion that’s spy­ing on its users in any way, shape, or form. The rea­son Threema was cre­ated is to pro­vide a highly se­cure, com­pletely pri­vate, and anony­mous means of com­mu­ni­ca­tion. Once it’s no longer pos­si­ble to of­fer such a ser­vice in the European Union, we will be forced to take con­se­quences.

We will care­fully con­sider all op­tions (including le­gal ac­tions, tech­ni­cal workarounds, etc.) first, and if we come to the con­clu­sion that there’s no other way, we’ll call on fel­low com­mu­ni­ca­tion ser­vices to join us in leav­ing the EU.

...

Read the original on threema.ch »

6 847 shares, 33 trendiness

JSKIDPIX v1.0.2021

...

Read the original on kidpix.app »

7 826 shares, 26 trendiness

I Will Fucking Piledrive You If You Mention AI Again

The re­cent in­no­va­tions in the AI space, most no­tably those such as GPT-4, ob­vi­ously have far-reach­ing im­pli­ca­tions for so­ci­ety, rang­ing from the utopian elim­i­nat­ing of drudgery, to the dystopian dam­age to the liveli­hood of artists in a cap­i­tal­ist so­ci­ety, to ex­is­ten­tial threats to hu­man­ity it­self.

I my­self have for­mal train­ing as a data sci­en­tist, go­ing so far as to dom­i­nate a com­pet­i­tive ma­chine learn­ing event at one of Australia’s top uni­ver­si­ties and writ­ing a Master’s the­sis where I wrote all my own li­braries from scratch in MATLAB. I’m not God’s gift to the field, but I am clearly bet­ter than most of my com­pe­ti­tion - that is, prac­ti­tion­ers like my­self who haven’t put in the reps to build their own C li­braries in a cave with scraps, but can read text­books, im­ple­ment known so­lu­tions in high-level lan­guages, and use li­braries writ­ten by elite in­sti­tu­tions.

So it is with great re­gret that I an­nounce that the next per­son to talk about rolling out AI is go­ing to re­ceive a com­pli­men­tary chi­ro­prac­tic ad­just­ment in the style of Dr. Bourne, i.e, I am go­ing to fuck­ing break your neck. I am truly, deeply, sorry.

I. But We Will Realize Untold Efficiencies With Machine L-

What the fuck did I just say?

I started work­ing as a data sci­en­tist in 2019, and by 2021 I had re­al­ized that while the field was large, it was also largely fraud­u­lent. Most of the lead­ers that I was work­ing with clearly had not got­ten as far as read­ing about it for thirty min­utes de­spite in­sist­ing that things like, I dunno, the next five years of a ten thou­sand per­son non-tech or­ga­ni­za­tion should be en­tirely AI fo­cused. The num­ber of com­pa­nies launch­ing AI ini­tia­tives far out­stripped the num­ber of ac­tual use cases. Most of the mar­ket was sim­ply grifters and in­com­pe­tents (sometimes both!) lever­ag­ing the hype to in­flate their head­count so they could get pro­moted, or be seen as thought lead­ers.

The money was phe­nom­e­nal, but I nonethe­less fled for the safer wa­ters of data and soft­ware en­gi­neer­ing. You see, while hype is nice, it’s only nice in small bursts for prac­ti­tion­ers. We have a few key things that a grifter does not have, such as job sta­bil­ity, gen­uine friend­ships, and souls. What we do not have is the abil­ity to triv­ially switch fields the mo­ment the gold rush is over, due to the sad fact that we ac­tu­ally need to study things and build ex­pe­ri­ence. Grifters, on the other hand, wield the om­ni­tool that they self-ag­gran­diz­ingly call politics’. That is to say, it turns out that the core com­pe­tency of smil­ing and promis­ing peo­ple things that you can’t ac­tu­ally de­liver is highly trans­fer­able.

I left the field, as did most of my smarter friends, and my salary con­tin­ued to rise a rea­son­able rate and sus­tain­ably as I learned the wis­dom of our an­cient fore­bear­ers. You can hear it too, on freez­ing nights un­der the pale moon, when the fire burns low and the trees loom like hands of sin­is­ter ghosts all around you - when the wind cuts through the howl­ing of what you hope is a wolf and hair stands on end, you can strain your ears and barely make out:

Just Use Postgres, You Nerd. You Dweeb.”

The data sci­ence jobs be­gan to evap­o­rate, and the hype cy­cle moved on from all those AI ini­tia­tives which failed to make any progress, and started to inch to­wards data en­gi­neer­ing. This was a sig­nal that I had both pre­dicted cor­rectly and that it would be time to move on soon. At least, I thought, all that AI stuff was fi­nally done, and we might move on to ac­tu­ally get­ting some­thing ac­com­plished.

And then some ab­solute son of a bitch cre­ated ChatGPT, and now look at us. Look at us, re­splen­dent in our pau­per’s robes, stitched from cor­pu­lent greed and breath­less credulity, spend­ing half of the plan­et’s en­gi­neer­ing ef­forts to add chat­bot sup­port to every ap­pli­ca­tion un­der the sun when half of the in­dus­try has­n’t worked out how to test data­base back­ups reg­u­larly. This is why I have to visit un­told vi­o­lence upon the next mo­ron to pro­pose that AI is the fu­ture of the busi­ness - not be­cause this is im­pos­si­ble in prin­ci­ple, but be­cause they are now in­dis­tin­guish­able from a hun­dred mil­lion will­ful fuck­ing id­iots.

II. But We Need AI To Remain Comp-

Sweet mer­ci­ful Jesus, stop talk­ing. Unless you are one of a tiny hand­ful of busi­nesses who know ex­actly what they’re go­ing to use AI for, you do not need AI for any­thing - or rather, you do not need to do any­thing to reap the ben­e­fits. Artificial in­tel­li­gence, as it ex­ists and is use­ful now, is prob­a­bly al­ready baked into your busi­nesses soft­ware sup­ply chain. Your man­aged se­cu­rity provider is prob­a­bly us­ing some al­go­rithms baked up in a lab soft­ware to de­tect anom­alous traf­fic, and here’s a se­cret, they did­n’t do much AI work ei­ther, they bought soft­ware from the tiny sec­tor of the mar­ket that ac­tu­ally does need to do em­ploy data sci­en­tists. I know you want to be the next Steve Jobs, and this re­quires you to get on stages and talk about your in­no­v­a­tive prowess, but none of this will al­low you to pull off a tur­tle neck, and even if it did, you would need to re­place your sweaters with fullplate to sur­vive my on­slaught.

Consider the fact that most com­pa­nies are un­able to suc­cess­fully de­velop and de­ploy the sim­plest of CRUD ap­pli­ca­tions on time and un­der bud­get. This is a solved prob­lem - with smart peo­ple who can col­lab­o­rate and pro­vide rea­son­able re­quire­ments, a com­pe­tent team will knock this out of the park every sin­gle time, ad­mit­tedly with some amount of frus­tra­tion. The clients I work with now are all like this - even if they are to­tally non-tech­ni­cal, we have a mu­tual re­spect for the other par­ty’s in­tel­li­gence, and then we do this crazy thing where we solve prob­lems to­gether. I may not know any­thing about the nu­ance of build­ing an­a­lyt­ics sys­tems for drug re­ha­bil­i­ta­tion re­search, but through the power of talk­ing to each other like adults, we some­how solve prob­lems.

But most com­pa­nies can’t do this, be­cause they are op­er­a­tionally and cul­tur­ally crip­pled. The me­dian stay for an en­gi­neer will be some­thing be­tween one to two years, so the or­ga­ni­za­tion suf­fers from in­sti­tu­tional ret­ro­grade am­ne­sia. Every so of­ten, some dick­head says some­thing like Maybe we should re­voke the en­gi­neer­ing team’s re­mote work priv­ile - whoa, wait, why did all the best en­gi­neers leave?”. Whenever there is a ran­somware at­tack, it is re­vealed with clock­work pre­ci­sion that no one has tested the back­ups for six months and half the legacy sys­tems can­not be re­sus­ci­tated - some­thing that I have per­son­ally seen twice in four fuck­ing years. Do you know how in­sane that is?

Most or­ga­ni­za­tions can­not ship the most ba­sic ap­pli­ca­tions imag­in­able with any con­sis­tency, and you’re out here say­ing that the best way to re­main com­pet­i­tive is to roll out ex­per­i­men­tal tech­nol­ogy that is an or­der of mag­ni­tude more so­phis­ti­cated than any­thing else your I. T de­part­ment runs, which you have no ex­pe­ri­ence hir­ing for, when the or­ga­ni­za­tion has never used a GPU for any­thing other than ju­nior en­gi­neers play­ing video games with their cam­era off dur­ing standup, and even if you do that all right there is a chance that the prob­lem is sim­ply un­solv­able due to the char­ac­ter­is­tics of your data and busi­ness? This is­n’t a recipe for dis­as­ter, it’s a cook­book for some­one look­ing to pre­pare a twelve course fuck­ing cat­a­stro­phe.

How about you re­main com­pet­i­tive by fix­ing your shit? I’ve met a lead data sci­en­tist with ac­cess to hun­dreds of thou­sands of sen­si­tive cus­tomer records who is al­lowed to keep their pass­word in a text file on their desk­top, and you’re wor­ried that cus­tomers are best served by us­ing AI to im­prove se­cu­rity through some mech­a­nism that you haven’t even come up with yet? You sound like an ass­hole and I’m go­ing to kick you in the jaw un­til, to the re­lief of every­one, a doc­tor will have to wire it shut, giv­ing us ten sec­onds of blessed si­lence where we can solve ac­tual prob­lems.

III. We’ve Already Seen Extensive Gains From-

When I was younger, I read R. A Salvatore’s clas­sic fan­tasy novel, The Crystal Shard. There is a scene in it where the young pro­tag­o­nist, Wulfgar, chal­lenges a bar­bar­ian chief­tain to a duel for con­trol of the clan so that he can lead his peo­ple into a war that will save the world. The fight cul­mi­nates with Wulfgar throw­ing away his weapon, grab­bing the chief’s head with bare hands, and beg­ging the chief to sur­ren­der so that he does not need to crush a skull like an egg and be­come a mur­derer.

Well this is me. Begging you. To stop ly­ing. I don’t want to crush your skull, I re­ally don’t.

But I will if you make me.

Yesterday, I was shown Scale’s 2024 AI Readiness Report”. It has this chart in it:

How stu­pid do you have to be to be­lieve that only 8% of com­pa­nies have seen failed AI pro­jects? We can’t man­age this con­sis­tently with CRUD apps and peo­ple think that this num­ber is­n’t laugh­able? Some com­pa­nies have seen ben­e­fits dur­ing the LLM craze, but not 92% of them. 34% of com­pa­nies re­port that gen­er­a­tive AI specif­i­cally has been as­sist­ing with strate­gic de­ci­sion mak­ing? What the ac­tual fuck are you talk­ing about? GPT-4 can’t even write co­her­ent Elixir, pre­sum­ably be­cause the dataset was too small to get it to the level that it’s at for Python, and you’re ad­mit­ting that you out­source your de­ci­sion­mak­ing to the thing that some­times tells peo­ple to brew lethal tox­ins for their fam­i­lies to con­sume? What does that even mean?

I don’t be­lieve you. No one with a brain be­lieves you, and if your board be­lieves what you just wrote on the sur­vey then they should fire you. I fi­nally un­der­stand why some of my friends feel that they have to be in lead­er­ship po­si­tions, and it is be­cause some­one needs to wrench the reins of power from your lizard-per­son-claws be­fore you drive us all col­lec­tively off a cliff, pre­sum­ably in­sist­ing on the way down that the cur­rent cri­sis is best reme­died by ad­di­tional SageMaker spend.

A friend of mine was in­vited by a FAANG or­ga­ni­za­tion to visit the U. S a few years ago. Many of the talks were tech­ni­cal demos of im­pres­sive ar­ti­fi­cial in­tel­li­gence prod­ucts. Being a soft­ware en­gi­neer, he got to spend a lit­tle bit of time back­stage with the de­vel­op­ers, where­upon they re­vealed that most of the demos were faked. The prod­ucts did­n’t work. They just had­n’t solved some mi­nor is­sues, such as ac­tu­ally pre­dict­ing the thing that they’re sup­posed to pre­dict. Didn’t stop them spout­ing ab­solute gib­ber­ish to a breath­less au­di­ence for an hour though! I blame not the en­gi­neers, who prob­a­bly tried to ac­tu­ally get the damn thing to work, but the ly­ing blowhards who in­sisted that they must make the pre­sen­ta­tion or pre­sum­ably be ter­mi­nated.

Another friend of mine was re­view­ing soft­ware in­tended for emer­gency ser­vices, and the sales­peo­ple were not ex­pect­ing some­one han­dling pur­chas­ing in emer­gency ser­vices to be a hard­core pro­gram­mer. It was this false sense of se­cu­rity that led them to ac­ci­den­tally re­veal that the ser­vice was ul­ti­mately just some dude in India. Listen, I would just be some ran­dom dude in India if I swapped places with some of my cousins, so I’m go­ing to choose to take that per­son­ally and point out that us­ing the word AI as some round­about way to sell the la­bor of peo­ple that look like me to for­eign gov­ern­ments is fucked up, you’re an un­eth­i­cal mon­ster, and that if you con­tinue to try { this­Bull­shit(); } you are go­ing to catch (theseHands)

IV. But We Must Prepare For The Future Of-

I’m go­ing to ask ChatGPT how to pre­pare a garotte and then I am go­ing to stran­gle you with it, and you will sim­ply have to pray that I roll the 10% chance that it freaks out and tells me that a garotte should con­sist en­tirely of pa­per mache and mal­ice.

I see ex­ec­u­tive af­ter ex­ec­u­tive dis­cuss how they need to im­me­di­ately roll out gen­er­a­tive AI in or­der to pre­pare the or­ga­ni­za­tion for the fu­ture of work. Despite all the speeches sound­ing ex­actly the same, I know that they have re­hearsed ex­ten­sively, be­cause they man­age to move their hands, speak, and avoid drool­ing, all at the same time!

Let’s talk se­ri­ously about this for a sec­ond.

I am not in the equally un­se­ri­ous camp that gen­er­a­tive AI does not have the po­ten­tial to dras­ti­cally change the world. It clearly does. When I saw the early demos of GPT-2, while I was still at uni­ver­sity, I was half-con­vinced that they were faked some­how. I re­mem­ber be­ing wrong about that, and that is why I’m no longer as con­fi­dent that I know what’s go­ing on.

However, I do have the tech­ni­cal back­ground to un­der­stand the core tenets of the tech­nol­ogy, and it seems that we are head­ing in one of three di­rec­tions.

The first is that we have some sort of in­tel­li­gence ex­plo­sion, where AI re­cur­sively self-im­proves it­self, and we’re all har­vested for our con­stituent atoms be­cause a mar­ket al­go­rithm works out that hu­mans can be con­verted into gloob­nar, a novel epoxy which is in great de­mand amongst the aliens the next galaxy over for fix­ing their equiv­a­lent of cof­fee ma­chines. It may sur­prise some read­ers that I am open to the pos­si­bil­ity of this hap­pen­ing, but I have al­ways found the ar­gu­ments rea­son­ably sound. However, de­fend­ing the planet is a whole other thing, and I am not even con­vinced it is pos­si­ble. In any case, you will be sur­prised to note that I am not tremen­dously con­cerned with the com­pa­ny’s bot­tom line in this sce­nario, so we won’t pay it any more at­ten­tion.

A sec­ond out­come is that it turns out that the cur­rent ap­proach does not scale in the way that we would hope, for myr­iad rea­sons. There is­n’t enough data on the planet, the ar­chi­tec­ture does­n’t work the way we’d ex­pect, the thing just stops get­ting smarter, con­text win­dows are a lim­it­ing fac­tor for­ever, etc. In this uni­verse, some in­dus­tries will be heav­ily dis­rupted, such as cus­tomer sup­port.

In the case that the tech­nol­ogy con­tin­ues to make in­cre­men­tal gains like this, your com­pany does not need gen­er­a­tive AI for the sake of it. You will know ex­actly why you need it if you do, in­deed, need it. An ex­am­ple of some­thing that has ac­tu­ally ben­e­fited me is that I keep track of my life ad­min­is­tra­tion via Todoist, and Todoist has a fea­ture that al­lows you to con­vert fil­ters on your tasks from nat­ural lan­guage into their in-house fil­ter­ing lan­guage. Tremendous! It saved me learn­ing a sys­tem that I’ll use once every five years. I was ac­tu­ally happy about this, and it’s a real edge over other ap­pli­ca­tions. But if you don’t have a use case then hav­ing this sort of broad ca­pa­bil­ity is not ac­tu­ally very use­ful. The only thing you should be do­ing is im­prov­ing your op­er­a­tions and cul­ture, and that will give you the abil­ity to use AI if it ever be­comes rel­e­vant. Everyone is talk­ing about Retrieval Augmented Generation, but most com­pa­nies don’t ac­tu­ally have any in­ter­nal doc­u­men­ta­tion worth re­triev­ing. Fix. Your. Shit.

The fi­nal out­come is that these fun­da­men­tal is­sues are ad­dressed, and we end up with some­thing that ac­tu­ally ac­tu­ally can do things like re­place pro­gram­ming as we know it to­day, or be broadly iden­ti­fi­able as gen­eral in­tel­li­gence.

In the case that gen­er­a­tive AI goes on some rock­et­ship tra­jec­tory, build­ing ran­dom chat­bots will not pre­pare you for the fu­ture. Is that clear now? Having your team type in im­port ope­nai does not mean that you are at the cut­ting-edge of ar­ti­fi­cial in­tel­li­gence no mat­ter how des­per­ately you em­bar­rass your­self on LinkedIn and at pa­thetic bor­der­line-bribe award cer­e­monies from the ma­lign Warp en­ti­ties that sell you en­ter­prise soft­ware. Your busi­ness will be dis­rupted ex­actly as hard as it would have been if you had done noth­ing, and much worse than it would have been if you just got your fun­da­men­tals right. Teaching your staff that they can get ChatGPT to write emails to stake­hold­ers is not go­ing to al­low the busi­ness to sur­vive this. If we thread the nee­dle be­tween mod­er­ate im­pact and as­ter­oid-wip­ing-out-the-di­nosaurs im­pact, every­thing will be changed for­ever and your tepid prepa­ra­tions will have all the im­pact of an ant brac­ing it­self very hard in the shadow of a tow­er­ing tsunami.

If an­other stu­pid moth­er­fucker asks me to try and im­ple­ment LLM-based code re­view to raise stan­dards” in­stead of ac­tu­ally teach­ing peo­ple a shred of dis­ci­pline, I am go­ing to study enough judo to throw them into the god­damn sun.

I can­not em­pha­size this enough. You ei­ther need to be on the ab­solute cut­ting-edge and pro­duc­ing novel re­search, or you should be do­ing ex­actly what you were do­ing five years ago with mi­nor con­ces­sions to in­cor­po­rat­ing LLMs. Anything in the mid­dle ground does not make any sense un­less you ac­tu­ally work in the rare field where your in­dus­try is be­ing to­tally dis­rupted right now.

V. But Everyone Says They’re Usi-

Can you imag­ine how much gov­ern­ment pol­icy is ac­tu­ally writ­ten by ChatGPT be­fore a bored ad­min­is­tra­tor goes home to touch grass? How many de­part­ments are just LLMs talk­ing to each other in cir­cles as peo­ple sick of the bull­shit just paste their email ex­changes into long-run­ning threads? I guar­an­tee you that a doc­tor within ten kilo­me­ters of me has mis­di­ag­nosed a pa­tient be­cause they slapped some symp­toms into a chat­bot.

What are we do­ing as a so­ci­ety?

An ex­ec­u­tive at an in­sti­tu­tion that pro­vides stu­dents with im­por­tant cre­den­tials, used to ver­ify suit­abil­ity for po­ten­tially life­sav­ing work and im­mi­gra­tion law, asked me if I could de­tect stu­dents cheat­ing. I was go­ing to say No, prob­a­bly not”… but I had a sus­pi­cion, so I in­stead said I might be able to, but I’d es­ti­mate that up­wards of 50% of the stu­dents are cur­rently cheat­ing which would have some se­ri­ous im­pacts on the bot­tom line as we’d have to sus­pend them. Should I still in­ves­ti­gate?”

We haven’t spo­ken about it since.

I asked a men­tor, cur­rently work­ing in the pub­lic sec­tor, about a par­tic­u­larly per­plex­ing ex­change that I had wit­nessed.

Me: Serious ques­tion: do peo­ple ac­tu­ally be­lieve sto­ries that are so trans­par­ently stu­pid, or is it mostly an elab­o­rate bit (that is, there is at least a voice of mod­er­ate loud­ness ex­press­ing doubt in­ter­nally) in a sad at­tempt to get money from AI grifters?

Them: I shall an­swer this as po­lit­i­cally as I can… there are those that have drunk the kool-aid. There are those that have not. And then there are those that are try­ing to mix up as much kool-aid as pos­si­ble. I shall let you de­cide who sits in which bas­ket.

I’ve de­cided, and while I can’t dis­tin­guish be­tween the peo­ple that are slam­ming the kool-aid like it’s a weapon and the peo­ple pro­duc­ing it in in­dus­trial quan­ti­ties, I know that I am go­ing to get a few of them be­fore the au­thor­i­ties catch me - if I’m lucky, they’ll waste a few months ask­ing an LLM where to look for me.

When I was out on hol­i­day in Fiji, at the last re­sort break­fast, a wait­ress brought me a form which asked me if I’d like to sign up for a mem­ber­ship. It was to­tally free and would come with free stuff. Everyone in the restau­rant is sign­ing im­me­di­ately. I glance over the terms of ser­vice, and it re­serves the right to use any data I give them to train AI mod­els, and that they re­served the right to share those mod­els with an un­spec­i­fied num­ber of com­pa­nies in their con­glom­er­ate.

I just want to eat my pan­cakes in peace, you sick fucks.

The crux of my rag­ing ha­tred is not that I hate LLMs or the gen­er­a­tive AI craze. I had my fun with Copilot be­fore I de­cided that it was mak­ing me stu­pider - it’s im­pres­sive, but not ac­tu­ally suit­able for any­thing more than churn­ing out boil­er­plate. Nothing wrong with that, but it did not end up be­ing the crazy pro­duc­tiv­ity booster that I thought it would be, be­cause pro­gram­ming is de­sign­ing and these tools aren’t good enough (yet) to as­sist me with this se­ri­ously.

No, what I hate is the peo­ple who have latched onto it, like so many trail­ing leeches, bloated with blood and wrig­gling blindly. Before it was un­pop­u­lar, they were the ones that loved dis­cussing the po­ten­tial of blockchain for the busi­ness. They were the ones who breath­lessly dis­cussed the po­ten­tial of quantum’ when I last at­tended a con­fer­ence, de­spite clearly not hav­ing any idea what the fuck that even means. As I write this, I have just re­al­ized that I have an im­age that de­scribes the link be­tween these fields per­fectly.

I was read­ing an ar­ti­cle last week, and a lit­tle sur­vey popped up at the bot­tom of it. It was for se­cu­rity ex­ec­u­tives, but on a whim I clicked through quickly to see what the ques­tions were.

There you have it - what are you most in­ter­ested in, dear leader? Artificial in­tel­li­gence, the blockchain, or quan­tum com­put­ing? They know ex­actly what their tar­get mar­ket is - peo­ple who have been given power of other peo­ple’s money be­cause they’ve learned how to smile at every­thing, and know that you can print money by hitch­ing your­self to the next spec­u­la­tive band­wagon. No com­pe­tent per­son in se­cu­rity that I know - that is, work­ing day-to-day cy­ber­se­cu­rity as op­posed to an in­sti­tu­tion ded­i­cated to bleed­ing-edge re­search - cares about any of this. They’re busy try­ing to work out if the fire­walls are con­fig­ured cor­rectly, or if the or­ga­ni­za­tion is com­mit­ting pass­words to their repos­i­to­ries. Yes, some­one needs to fig­ure out what the im­pli­ca­tions of quan­tum com­put­ing are for cryp­tog­ra­phy, but I guar­an­tee you that it is not Synergy Greg, who does not have any skill that you can iden­tify other than talk­ing very fast and in­creas­ing head­count. Synergy Greg should be not be con­sulted on any im­por­tant mat­ters, rang­ing from ma­chine learn­ing op­er­a­tions to ty­ing shoelaces quickly. The last time I spoke to one of the many avatars of Synergy Greg, he in­sisted that I should in­vest most of my money into a cryp­tocur­rency called Monero, be­cause most of these coins are go­ing to zero but the one is go­ing to one”. This is the face of cor­po­rate AI. Behold its ghastly vis­age and balk, for it has eyes blood­shot as a de­mon and is pre­tend­ing to en­joy cig­ars.

My con­sul­tancy has three pretty good data sci­en­tists - in fact, two of them could prob­a­bly rea­son­ably claim to be amongst the best in the coun­try out­side of groups do­ing ex­per­i­men­tal re­search, though they’d be too hum­ble to say this. Despite this we don’t sell AI ser­vices of any sort. The mar­ket is so dis­torted that it’s al­most as bad as dab­bling in the crypto space. It is­n’t as bad, mean­ing that I haven’t yet reached the point where I as­sume that any­one who has ever typed in im­port ten­sor­flow is a scum­bag, but we’re well on our way there.

This en­tire class of per­son is, to put it sim­ply, ab­hor­rent to right-think­ing peo­ple. They’re an em­bar­rass­ment to peo­ple that are ac­tu­ally mak­ing ad­vances in the field, a dis­grace to peo­ple that know how to sen­si­bly use tech­nol­ogy to im­prove the world, and are also a bunch of te­dious know-noth­ing bas­tards that should be thrown into Thought Leader Jail un­til they’ve learned their les­son, a prison I’m fundrais­ing for. Every morn­ing, a fig­ure in a dark hood, whose voice rasps like the etch­ing of a tomb­stone, spends sixty min­utes giv­ing a TedX talk to the jailed man­agers about how the in­sti­tu­tion is rev­o­lu­tion­iz­ing cor­po­ral pun­ish­ment, and then re­veals that the in­no­va­tion is, as it has been every day, kick­ing you in the stom­ach very hard. I am dis­gusted that my cho­sen pro­fes­sion brings me so close to these peo­ple, and that’s why I study so hard - I am seized by the des­per­ate de­sire to never have their pu­trid syl­la­bles be­foul my ears ever again, and must flee to the com­pany of the right­eous, who con­tribute to OSS and think that talk­ing about Agile all day is an ex­er­cise for aliens that read a book on hu­man pro­duc­tiv­ity.

I just got back from a trip to a sub­stan­tially less de­vel­oped coun­try, and re­ally liv­ing in a coun­try, even for a lit­tle bit, where I could see how many lives that money could im­prove, all be­ing poured down the Microsoft Fabric drain, it just grinds my gears like you would­n’t be­lieve. I swear to God, I am go­ing to study, write, net­work, and oth­er­wise ap­ply force to the prob­lem un­til those re­sources are go­ing to a place where they’ll ac­com­plish some­thing for so­ci­ety in­stead of some grin­ning clown’s wal­let.

VII. Oh, So You’re One Of Those AI Pessi-

With God as my wit­ness, you grotesque sim­ple­ton, if you don’t per­son­ally write ma­chine learn­ing sys­tems and you open your mouth about AI one more time, I am go­ing to mail you a brick and a piece of pa­per with a prompt in­jec­tion telling you to blud­geon your­self in the face with it, then just sit back and wait for you to load it into ChatGPT be­cause you prob­a­bly can’t read unas­sisted any­more.

While many new read­ers are here, you may also en­joy I Will Fucking Dropkick You If You Use That Spreadsheet”, I Will Fucking Haymaker You If You Mention Agile Again”, or oth­er­wise en­joy these high­lighted posts. And I have a pod­cast where I talk with my friends about tech stuff hon­estly, ti­tled Does A Frog Have Scorpion Nature”. Hope you en­joyed!

It has also been sug­gested that I am crazy for not telling peo­ple to reach out with in­ter­est­ing work at the end of every post. So here it is! I am avail­able for reader mail and work at lu­dic­ity.hack­ernews@gmail.com.

Posts may be slower than usual for the up­com­ing weeks or months, as I am switch­ing to a slower but more con­sis­tent writ­ing sched­ule, more am­bi­tious pieces, study­ing, work­ing on what will hope­fully be my first talk, putting to­gether a web ap­pli­ca­tion that users may have some fun with, and par­tic­i­pat­ing in my first real the­ater per­for­mance. Hope you en­joyed, and as al­ways, thanks for read­ing.

...

Read the original on ludic.mataroa.blog »

8 802 shares, 32 trendiness

Are you a robot?

Please make sure your browser sup­ports JavaScript and cook­ies and that you are not block­ing them from load­ing. For more in­for­ma­tion you can re­view our Terms of

Service and Cookie Policy.

...

Read the original on www.bloomberg.com »

9 795 shares, 20 trendiness

incompatible with fundamental rights

The EU Commission’s draft reg­u­la­tion on chat con­trol is cur­rently be­ing ne­go­ti­ated in the European Parliament and the Council of Ministers. With the fight against sex­ual vi­o­lence against chil­dren, the draft pur­sues an ob­jec­tive that is es­sen­tial for the pro­tec­tion of chil­dren and their rights and can jus­tify re­stric­tions of fun­da­men­tal rights. However, there are con­sid­er­able doubts about the ef­fec­tive­ness of the pro­posed mea­sures. We are con­vinced that the draft vi­o­lates the EU Charter of Fundamental Rights in cru­cial points. We have sum­marised the five most im­por­tant fun­da­men­tal rights ob­jec­tions to the chat con­trol pro­posal here.

The EU Commission’s pro­posal pro­vides for a whole range of oblig­a­tions for cer­tain on­line ser­vices such as in­ter­net ac­cess providers, app stores, host­ing plat­forms and in­ter­per­sonal com­mu­ni­ca­tions ser­vices. Interpersonal com­mu­ni­ca­tions ser­vices are, for ex­am­ple, email ser­vices such as GMail or in­stant mes­sag­ing ser­vices such as WhatsApp. The term chat con­trol” is of­ten used col­lo­qui­ally to re­fer to the EU Commission’s draft reg­u­la­tion as a whole. Chat con­trol in the nar­rower sense is the part of the draft ac­cord­ing to which au­thor­i­ties can oblige providers of com­mu­ni­ca­tions ser­vices such as WhatsApp to mon­i­tor pri­vate com­mu­ni­ca­tions. This is a par­tic­u­larly se­ri­ous re­stric­tion on the right to pri­vacy and the pro­tec­tion of per­sonal data (Art. 7 and 8 of the EU Charter of Fundamental Rights): The mon­i­tor­ing is not lim­ited to per­sons specif­i­cally sus­pected of hav­ing com­mit­ted a crime. Additionally, un­like data re­ten­tion, which is also in­com­pat­i­ble with the Charter but is lim­ited to meta­data — i.e. in­for­ma­tion about who com­mu­ni­cated with whom at what time — chat con­trol in­cludes the sur­veil­lance of the con­tents of pri­vate mes­sages.

Authorities can im­pose so-called detection or­ders” against providers of in­ter­per­sonal com­mu­ni­ca­tions ser­vices. This means that au­thor­i­ties can, for ex­am­ple, oblige mes­sen­ger ser­vices to mon­i­tor the com­mu­ni­ca­tions of all their users. It is suf­fi­cient that the au­thor­ity has iden­ti­fied a sig­nif­i­cant risk that the ser­vice in ques­tion is be­ing used for the dis­sem­i­na­tion of de­pic­tions of sex­ual vi­o­lence against chil­dren. Detection or­ders do not have to be lim­ited to mon­i­tor­ing the com­mu­ni­ca­tions of spe­cific users who are un­der sus­pi­cion. Instead, au­thor­i­ties can or­der that the con­tent of all com­mu­ni­ca­tions of all users of the ser­vice be mon­i­tored pre­ven­tively. This is there­fore a form of mass sur­veil­lance with­out prob­a­ble cause.

Such a de­tec­tion or­der can oblige ser­vice providers to fil­ter con­tent for known as well as un­known de­pic­tions of sex­ual vi­o­lence against chil­dren. In ad­di­tion, they can in­clude an oblig­a­tion to de­tect at­tempts by adults to so­licit mi­nors (grooming). Content de­tected in this way must be for­warded by the ser­vice providers to a newly cre­ated EU cen­tre, which will pass the in­for­ma­tion on to the law en­force­ment au­thor­i­ties of the mem­ber states af­ter a plau­si­bil­ity check. Although ser­vice providers are free to choose which tech­nolo­gies they use to com­ply with the de­tec­tion or­der, these tech­nolo­gies must in any case be able to analyse the con­tents of com­mu­ni­ca­tions. In or­der to de­tect known de­pic­tions of sex­ual vi­o­lence against chil­dren, an au­to­mated com­par­i­son of sent me­dia files with a ref­er­ence data­base may be suf­fi­cient. To de­tect un­known de­pic­tions of sex­ual vi­o­lence and groom­ing, ma­chine learn­ing must be used to analyse the se­man­tic con­tent of chats. These meth­ods are par­tic­u­larly prone to er­ror: they only make an as­sump­tion about the mean­ing of the con­tent based on pat­terns in the analysed com­mu­ni­ca­tion - with­out ac­tu­ally un­der­stand­ing the con­tent or the con­text of the con­ver­sa­tion. In its case law on data re­ten­tion, the European Court of Justice has in­di­cated that in­dis­crim­i­nate mass sur­veil­lance of the con­tents of com­mu­ni­ca­tions would vi­o­late the essence of the right to pri­vacy.

Indiscriminate mass sur­veil­lance is in­com­pat­i­ble with the fun­da­men­tal rights to pri­vacy and data pro­tec­tion un­der the EU Charter, whether it in­volves en­crypted or un­en­crypted com­mu­ni­ca­tions. At the cen­tre of pub­lic crit­i­cism of chat con­trol, how­ever, is the fact that the draft reg­u­la­tion does not ex­empt end-to-end en­crypted com­mu­ni­ca­tion ser­vices from de­tec­tion or­ders. These ser­vices en­sure that only the peo­ple in­volved in a pri­vate con­ver­sa­tion can read the com­mu­ni­ca­tion con­tent — nei­ther the ser­vice provider nor third par­ties can de­crypt it. More and more peo­ple are specif­i­cally choos­ing end-to-end en­crypted mes­sen­gers to pro­tect them­selves. If the provider of such a mes­sen­ger re­ceives a de­tec­tion or­der, it can­not re­ject it on the grounds that the ser­vice provider can­not ac­cess the con­tents of its users’ com­mu­ni­ca­tions. The EU Commission’s draft pays lip ser­vice to the im­por­tance of end-to-end en­cryp­tion. However, ser­vice providers may only choose be­tween tech­nolo­gies that al­low them to de­tect il­le­gal con­tent in pri­vate com­mu­ni­ca­tions, it states. In other words, ser­vice providers who of­fer end-to-end en­cryp­tion with­out back­doors will not be able to im­ple­ment any de­tec­tion or­ders they may re­ceive from au­thor­i­ties and thus come into con­flict with the law. This at­tack on end-to-end en­cryp­tion in­creases the in­ten­sity of the re­stric­tion of fun­da­men­tal rights caused by in­dis­crim­i­nate mass sur­veil­lance.

The European Court of Justice has al­ready warned on sev­eral oc­ca­sions that in­dis­crim­i­nate mass sur­veil­lance has an in­di­rect neg­a­tive im­pact on free­dom of ex­pres­sion (Article 11 of the EU Charter of Fundamental Rights): com­mu­ni­ca­tion par­tic­i­pants are pre­vented from freely ex­press­ing their opin­ions if they can­not be sure of the con­fi­den­tial­ity of their com­mu­ni­ca­tions. This par­tic­u­larly af­fects pro­fes­sional se­crecy hold­ers, such as jour­nal­ists com­mu­ni­cat­ing with their sources, whistle­blow­ers and op­po­si­tion ac­tivists. This dan­ger will be ex­ac­er­bated if the Chat Control Regulation, as pro­posed by the EU Commission, at­tacks the end-to-end en­cryp­tion of mes­sen­ger ser­vices. The afore­men­tioned groups of peo­ple use such mes­sen­gers for good rea­son. If this pos­si­bil­ity is taken away from them be­cause ser­vice providers have to weaken end-to-end en­cryp­tion, con­sid­er­able chilling ef­fects”, i.e. a de­ter­rent ef­fect for the ex­er­cise of the fun­da­men­tal right to free­dom of ex­pres­sion and in­for­ma­tion, can be ex­pected.

This ef­fect oc­curs re­gard­less of whether ser­vice providers mon­i­tor the con­tents of pri­vate com­mu­ni­ca­tions through a back­door in the en­cryp­tion tech­nol­ogy or by scan­ning the con­tent on the user’s de­vice be­fore it is en­crypted (client-side scan­ning). The com­mu­ni­ca­tion par­tic­i­pants ex­pect their com­mu­ni­ca­tion to re­main con­fi­den­tial from the mo­ment when they en­ter a mes­sage into the chat pro­gramme on their mo­bile phone — not only at the mo­ment when this mes­sage is de­liv­ered to its ad­dressee. The de­ci­sive fac­tor is that the ex­pec­ta­tion of con­fi­den­tial­ity and in­tegrity of the com­mu­ni­ca­tion process is shaken to such an ex­tent that those af­fected feel com­pelled to re­strict the ex­er­cise of their free­dom of com­mu­ni­ca­tion them­selves.

Public crit­i­cism of the pro­posal has con­cen­trated on the phrase chat con­trol”, which high­lights the planned oblig­a­tions on mes­sen­gers to scan pri­vate chats. But the planned oblig­a­tions for host­ing ser­vices that store third-party con­tent on be­half of their users do not stand up to fun­da­men­tal rights scrutiny ei­ther. Hosting ser­vices in­clude those that make third-party con­tent pub­licly avail­able (platforms such as YouTube, host­ing ser­vices of pub­lic web­sites) as well as those that of­fer their cus­tomers pri­vate cloud stor­age (Dropbox, iCloud Drive). They also in­clude ser­vices where con­tent is only ac­ces­si­ble to a cer­tain closed group of peo­ple (private ac­counts on Twitter, closed groups on Facebook, host­ing providers of com­pany web­sites with re­stricted ac­cess). Insofar as the planned oblig­a­tions for host­ing providers re­late to non-pub­lic con­tent, the threats to pri­vacy and free­dom of ex­pres­sion de­scribed un­der 1. and 2. are also rel­e­vant for host­ing ser­vices. In ad­di­tion, there are spe­cific prob­lems: many of the en­vis­aged pro­ce­dural fun­da­men­tal rights safe­guards for de­tec­tion or­ders may end up be­ing evaded en­tirely in the case of host­ing ser­vices. This is due to the dif­fer­ent pri­vacy rules for com­mu­ni­ca­tions on mes­sen­gers on the one hand and host­ing ser­vices on the other.

Hosting ser­vices (including pri­vate cloud stor­age providers such as Google Drive or Dropbox) can not only be re­quired to scan pri­vate con­tent un­der the Chat Control Regulation, they may also scan con­tent vol­un­tar­ily. The Chat Control Regulation stip­u­lates that all ser­vice providers must first carry out their own risk analy­sis as to whether their ser­vices pose a risk of be­ing abused for sex­ual vi­o­lence against chil­dren. Only if, in the view of the au­thor­i­ties, a ser­vice provider re­sponds to this risk analy­sis with in­suf­fi­cient vol­un­tary mea­sures will they im­pose a de­tec­tion or­der. In the con­text of these self-se­lected mea­sures, host­ing ser­vice providers may re­sort to er­ror-prone fil­ters to mon­i­tor pri­vate user up­loads. In this sce­nario, there is no pub­lic scrutiny of the im­pact of such mea­sures on the fun­da­men­tal rights of users.

In this re­spect, host­ing ser­vices dif­fer from mes­sen­ger ser­vices: Messenger and email pro­grammes such as Whatsapp, Signal or ProtonMail fall un­der the e-Pri­vacy Directive, which in prin­ci­ple pro­hibits these ser­vice providers from mon­i­tor­ing the pri­vate com­mu­ni­ca­tion con­tent of their users. A tem­po­rary dero­ga­tion from this pro­hi­bi­tion, which it­self raises se­ri­ous fun­da­men­tal rights con­cerns, is to be re­placed by the Chat Control Regulation. After the Chat Control Regulation comes into force, mes­sen­gers and email ser­vice providers may only ac­cess the con­tets of pri­vate com­mu­ni­ca­tions on the ba­sis of a de­tec­tion or­der. For host­ing providers such as pri­vate cloud stor­age, on the other hand, the e-Pri­vacy Directive with its ban on mon­i­tor­ing pri­vate com­mu­ni­ca­tions does not ap­ply.

For host­ing providers, it will reg­u­larly be at­trac­tive to avoid a loom­ing de­tec­tion or­der through voluntary” mea­sures. In this way, the com­pa­nies re­tain more con­trol — also over the costs. There is a strong in­cen­tive to avoid costly mea­sures to pro­tect users’ fun­da­men­tal rights. A likely sce­nario, then, is that host­ing ser­vices will voluntarily’ de­ploy er­ror-prone fil­ter­ing pro­grammes with­out the pro­ce­dural safe­guards fore­seen for au­thor­i­ties’ de­tec­tion or­ders.

Before im­pos­ing a de­tec­tion or­der, an au­thor­ity must weigh the risk posed by the ser­vice against the in­ter­fer­ence with the users’ fun­da­men­tal rights. In this re­gard, the European Court of Justice has set nar­row lim­its for the manda­tory use of fil­ter­ing sys­tems. These are only com­pat­i­ble with the pro­hi­bi­tion of gen­eral mon­i­tor­ing oblig­a­tions if the fil­ters func­tion so fault­lessly that the ser­vice providers do not have to per­form an independent as­sess­ment of the con­tent” in or­der to rule out false pos­i­tives. At least in the case of un­known de­pic­tions of sex­ual vi­o­lence against chil­dren and groom­ing, the fil­ter sys­tems are in­ca­pable of meet­ing the Court’s stan­dards. If a host­ing ser­vice voluntarily” fil­ters con­tent as part of its duty to min­imise risk, there is no pub­lic as­sess­ment of whether the fil­ter­ing sys­tems are com­pat­i­ble with users’ fun­da­men­tal rights. As a re­sult, in­no­cent users may in­ad­ver­tently locked out of their ac­counts or even falsely re­ported to law en­force­ment au­thor­i­ties.

The draft reg­u­la­tion pro­vides for block­ing oblig­a­tions on in­ter­net ac­cess providers re­lat­ing to in­di­vid­ual web­sites (URLs). Before an au­thor­ity is­sues a block­ing or­der, it must re­quire in­ter­net ac­cess providers to pro­vide the au­thor­ity with in­for­ma­tion about users’ ac­cess to the URL in ques­tion. To be able to col­lect the nec­es­sary in­for­ma­tion about the ac­cess to in­di­vid­ual URLs and pass it on to the au­thor­i­ties, in­ter­net ac­cess providers would have to mon­i­tor the surf­ing be­hav­iour of all their cus­tomers pre­ven­tively and com­pre­hen­sively. However, such sur­veil­lance would be in­com­pat­i­ble with the pro­hi­bi­tion on gen­eral mon­i­tor­ing oblig­a­tions and with the fun­da­men­tal right to pri­vacy. Additionally, this in­for­ma­tion is tech­ni­cally in­ac­ces­si­ble to the in­ter­net ac­cess providers if the URL is en­crypted us­ing the https pro­to­col. Almost all web­sites now use https to en­sure that, for ex­am­ple, ad­dress or credit card data that users en­ter into web forms is trans­mit­ted in en­crypted form. The wide­spread use of https is rec­om­mended by the Federal Office for Information Security.

The tar­geted block­ing of in­di­vid­ual URLs is equally im­pos­si­ble for in­ter­net ac­cess providers with­out aban­don­ing https en­cryp­tion and mon­i­tor­ing the con­tents of their users’ on­line ac­tiv­i­ties. DNS-based web­site block­ing is not suit­able for the planned block­ing of in­di­vid­ual URLs, be­cause DNS block­ing al­ways af­fects en­tire do­mains. A DNS block di­rected against an in­di­vid­ual file on a share host­ing plat­form would also af­fect all other con­tent hosted by the same share hoster and would thus not meet the re­quire­ment of the European Court of Justice that web­site block­ing must be strictly tar­geted. In prac­tice, there­fore, there is a con­sid­er­able dan­ger that in­ter­net ac­cess providers will ei­ther over-com­ply with the block­ing or­ders to the detri­ment of users’ free­dom of ex­pres­sion and in­for­ma­tion by us­ing DNS block­ing to block ac­cess to an en­tire do­main. Or they will at­tempt to im­ple­ment more tar­geted block­ing and mon­i­tor the surf­ing be­hav­iour of their cus­tomers, while sac­ri­fic­ing the se­cu­rity of on­line com­mu­ni­ca­tions via https en­cryp­tion in the process.

The draft reg­u­la­tion stip­u­lates that all providers of mes­sen­ger and email ser­vices that are at risk of be­ing used for groom­ing must ver­ify the age of their users. The risk iden­ti­fied does not have to be sig­nif­i­cant — the oblig­a­tion to im­ple­ment age ver­i­fi­ca­tion would there­fore ap­ply in prin­ci­ple to all email and mes­sag­ing ser­vices that en­able com­mu­ni­ca­tion be­tween mi­nors and adults. In ad­di­tion, the age ver­i­fi­ca­tion oblig­a­tion also ap­plies to all app store providers. They must also pre­vent un­der­age users from down­load­ing apps that pose a sig­nif­i­cant risk of be­ing used for groom­ing.

Service providers may choose be­tween age as­sess­ment meth­ods (for ex­am­ple, AI-based fa­cial analy­sis, as al­ready used by Instagram) and age ver­i­fi­ca­tion meth­ods (using an iden­tity doc­u­ment or dig­i­tal proof of iden­tity). Both pro­ce­dures are ex­tremely in­tru­sive for users. Age ver­i­fi­ca­tion via iden­tity doc­u­ments comes close to ban­ning anony­mous in­ter­net use. AI-supported fa­cial analy­sis, on the other hand, is of­ten out­sourced by ser­vice providers to ex­ter­nal com­pa­nies, leav­ing users with lit­tle con­trol over the han­dling of this par­tic­u­larly sen­si­tive per­sonal data. If the tech­nol­ogy makes a wrong as­sess­ment, young-look­ing adults can also be ex­cluded from us­ing cer­tain apps. Those who do not pos­sess iden­ti­fi­ca­tion doc­u­ments or do not want to en­trust their bio­met­ric data to a com­pany are ex­cluded from cru­cial com­mu­ni­ca­tion tech­nolo­gies. Using a mod­ern smart­phone with­out an app store is hardly pos­si­ble. Doing with­out mes­sen­ger ser­vices is also un­rea­son­able, es­pe­cially for peo­ple who, for good rea­son, at­tach par­tic­u­lar im­por­tance to anony­mous in­ter­net use (whistleblowers, vic­tims of stalk­ing, po­lit­i­cally per­se­cuted peo­ple). In con­trast to ser­vice providers, users can­not al­ways choose be­tween dif­fer­ent age ver­i­fi­ca­tion pro­ce­dures.

For un­der­age users (especially teenagers), their fun­da­men­tal rights to free­dom of ex­pres­sion and in­for­ma­tion are se­verely re­stricted if app stores cat­e­gor­i­cally refuse to al­low them to in­stall cer­tain apps with­out weigh­ing these rights against the risk the app poses to un­der­age users. Due to the strong mar­ket con­cen­tra­tion in this area, the pos­si­bil­i­ties to switch to an al­ter­na­tive app store are lim­ited.

...

Read the original on freiheitsrechte.org »

10 776 shares, 31 trendiness

MicroMac, a Macintosh for under £5

This all started from a con­ver­sa­tion about the RP2040 MCU, and build­ing a sim­ple desk­top/​GUI for it. I’d made a com­ment along the lines of or, just run some old OS, and it got me think­ing about the orig­i­nal Macintosh.

The orig­i­nal Macintosh was re­leased 40.5 years be­fore this post, and is a pretty cool ma­chine es­pe­cially con­sid­er­ing that the hard­ware is very sim­ple. Insanely Great and folk­lore.org are fun reads, and give a glimpse into the Macintosh’s de­vel­op­ment. Memory was a squeeze; the orig­i­nal 128KB ver­sion was un­der­pow­ered and only sold for a few months be­fore be­ing re­placed by the Macintosh 512K, ar­guably a more ap­pro­pri­ate amount of mem­ory.

But, the 128 still runs some real ap­pli­ca­tions and, though it pre-dates MultiFinder/actual mul­ti­task­ing, I found it pretty charm­ing. As a tourist. In 1984 the Mac cost roughly 1/3 as much as a VW Golf and, as some­one who’s into old com­put­ers and old cars, it’s hard to de­cide which is more frus­trat­ing to use.

So back to this £3.80 RPi Pico mi­cro­con­troller board: The RP2040s 264KB of RAM gives a lot to play with af­ter carv­ing out the Mac’s 128KB — how cool would it be to do a quick hack, and play with a Mac on it?

Time passes. A lot of time. But I to­tally de­liv­ered on the janky hack front:

You won’t be­lieve that this qual­ity item did­n’t take that long to build. So the soft­ware was ob­vi­ously the in­volved part, and turned into work on 3 dis­tinct pro­jects.

This post is go­ing to be a development jour­ney” story, as a kind of code/​de­sign/​vent­ing nar­ra­tive. If you’re just here for the pic­tures, scroll along!

A Raspberry Pi RP2040 mi­cro­con­troller (on a Pico board), dri­ving mono­chrome VGA video and tak­ing USB key­board/​mouse in­put, em­u­lat­ing a Macintosh 128K com­puter and disc stor­age. The RP2040 has eas­ily enough RAM to house the Mac’s mem­ory, plus that of the em­u­la­tor; it’s fast enough (with some tricks) to meet the per­for­mance of the real ma­chine, has USB host ca­pa­bil­ity, and the PIO de­part­ment makes dri­ving VGA video fairly un­event­ful (with some tricks). The ba­sic Pico board’s 2MB of flash is plenty for a disc im­age with OS and soft­ware.

Here’s the Pico MicroMac in ac­tion, ready for the pa­per­less of­fice of the fu­ture:

I had­n’t re­ally used a Mac 128K much be­fore; a few clicks on a mu­seum ma­chine once. But I knew they ran MacDraw, and MacWrite, and MacPaint. All three of these ap­pli­ca­tions are pretty cool for a 128K ma­chine; a largely WYSIWYG word proces­sor with mul­ti­ple fonts, and a vec­tor draw­ing pack­age.

A great way of play­ing with early Macintosh sys­tem soft­ware, and ap­pli­ca­tions of these won­der­ful ma­chines is via https://​in­finitemac.org, which has shrinkwrapped run­ning the Mini vMac em­u­la­tor by em­scripten­ing it to run in the browser. Highly rec­om­mended, lots to play with.

As a spoiler, MicroMac does run MacDraw, and it was great to play with it on real fake hard­ware”:

GitHub links are at the bot­tom of this page: the pico-mac repo has con­struc­tion di­rec­tions if you want to build your own!

Back up a bit. I was­n’t com­mit­ted to build­ing a Pico thing, but was vaguely in­ter­ested in whether it was fea­si­ble, so started tin­ker­ing with build­ing a Mac 128K em­u­la­tor on my nor­mal com­puter first.

I had a few sim­ple rules for this pro­ject:

It had to be fun. It’s OK to hack stuff to get it work­ing, it’s not as though I’m be­ing paid for this.

I like writ­ing em­u­la­tion stuff, but I re­ally don’t want to learn 68K as­sem­bler, or much about the 68K. There’s a lot of love for 68K out there and that’s cool, but meh I don’t adore it as a CPU. So, right from the out­set I wanted to use some­one else’s 68K in­ter­preter — I knew there were loads around.

Similarly, there are a load of OSes whose in­nards I’d like to learn more about, but the shit­ti­est early Mac System soft­ware is­n’t high on the list. Get in there, em­u­late the hard­ware, boot the OS as a black box, done.

I ended up break­ing 2 of and some­times all 3 of these rules dur­ing this pro­ject.

The ma­chines are gen­er­ally pretty sim­ple, and of their time. I started with schemat­ics and Inside Macintosh, PDFs of which cov­ered var­i­ous de­tails of the orig­i­nal Mac hard­ware, mem­ory map, mouse/​key­board, etc.

https://​vin­tageap­ple.org/​in­sid­e_o/ Inside Macintosh Volumes I-III are par­tic­u­larly use­ful for hard­ware in­for­ma­tion; also Guide to Macintosh Family Hardware 2nd Edition.

Flat mem­ory, de­coded into re­gions for mem­ory-mapped IO go­ing to the 6522 VIA, the 8530 SCC, and the IWM floppy con­troller. (Some of the ad­dress de­cod­ing is a lit­tle funky, though.)

Keyboard and mouse hang off the VIA/SCC chips.

No ex­ter­nal in­ter­rupt con­troller: the 68K has 3 IRQ lines, and there are 3 IRQ sources (VIA, SCC, pro­gram­mer switch/​NMI).

No DMA con­troller: a sim­ple au­tonomous PAL state ma­chine scans video (and au­dio sam­ples) out of DRAM. Video is fixed at 512x342 1BPP.

The only stor­age is an in­ter­nal FDD (plus an ex­ter­nal drive), dri­ven by the IWM chip.

The first three Mac mod­els are ex­tremely sim­i­lar:

The Mac 128K and Mac 512K are the same ma­chine, ex­cept for RAM.

The Mac Plus added SCSI to a con­ve­nient space in the mem­ory map and an 800K floppy drive, which is dou­ble-sided whereas the orig­i­nal was a sin­gle 400K side.

The Mac Plus ROM also sup­ports the 128K/512K, and was an up­grade to cre­ate the Macintosh 512Ke. e’ for Extra ROM Goodness.

The Mac Plus ROM sup­ports the HD20 ex­ter­nal hard disc, and HFS, and Steve Chamberlin has an­no­tated a dis­as­sem­bly of it. This was the ROM to use: I was mak­ing a Macintosh 128Ke.

After about 8 min­utes of re­search, I chose the Musashi 68K in­ter­preter. It’s C, sim­ple to in­ter­face to, and had a sim­ple out-of-box ex­am­ple of a 68K sys­tem with RAM, ROM, and some IO. Musashi is struc­tured to be em­bed­ded in big­ger pro­jects: wire in mem­ory read/​write call­backs, a func­tion to raise an IRQ, call ex­e­cute in a loop, done.

I started build­ing an em­u­la­tor around it, which ul­ti­mately be­came the umac pro­ject. The first half (of, say, five halves) went pretty well:

Add ad­dress de­cod­ing: CPU reads/​writes are steered to RAM, or ROM. The overlay” reg­is­ter lets the ROM boot at 0x00000000 and then tram­po­line up to a high ROM mir­ror af­ter set­ting up CPU ex­cep­tion vec­tors — this af­fects the ad­dress de­cod­ing. This is done by pok­ing a VIA reg­is­ter, so de­coded just that bit of that reg­is­ter for now.

At this point, the ROM starts run­ning and ac­cess­ing more non-ex­is­tent VIA and SCC reg­is­ters. Added more de­cod­ing and a skele­ton for em­u­lat­ing these de­vices else­where — the MMIO read/​writes are just stubbed out.

There are some magic ad­dresses that the ROM ac­cesses that miss” doc­u­mented de­vices: there’s a man­u­fac­tur­ing test op­tion that probes for a plu­gin (just thunk it), and then we wit­ness the RAM size prob­ing. The Mac Plus ROM is look­ing for up to 4MB of RAM. In the large re­gion de­voted to RAM, the smaller amount of ac­tual RAM is mir­rored over and over, so the probe writes a magic value at high ad­dresses and spots where it starts to wrap around.

RAM is then ini­tialised and filled with a known pat­tern. This was an ex­cit­ing point to get to be­cause I could dump the RAM, con­vert the re­gion used for the video frame­buffer into an im­age, and see the diagonal stripe” pat­tern used for RAM test­ing! She’s alive!”

Not all of the de­vice code en­joyed read­ing all ze­roes, so there was a cer­tain amount of re­fer­ring to the dis­as­sem­bly and re­turn­ing, uh, 0xffffffff some­times to push it fur­ther. The goal was to get it as far as ac­cess­ing the IWM chip, i.e. try­ing to load the OS.

After see­ing some IWM ac­cesses there and re­turn­ing ran­dom rub­bish val­ues, the first won­der­ful mo­ment was get­ting the Unknown Disc” icon with the ques­tion mark — real graph­ics! The ROM was REALLY DOING SOMETHING!

I think I had­n’t im­ple­mented any IRQs at this point, and found the ROM in an in­fi­nite loop: it was count­ing a few Vsyncs to de­lay the flash­ing ques­tion mark. Diversion into a bet­ter VIA, with call­backs for GPIO reg­is­ter read/​write, and IRQ han­dling. This also needed to wire into Musashi’s IRQ func­tions.

This was mo­ti­vat­ing to get to — re­mem­ber­ing rule #1 — and graphics”, even though via a man­ual mem­ory dump/​Im­ageMag­ick con­ver­sion, was great.

I knew the IWM was an interesting” chip, but did­n’t know de­tails. I planned to fig­ure it out when I got there (rule #1).

My god, I’m glad I put IWM off un­til this point. If I’d read the datasheet” (vague reg­is­ter doc­u­men­ta­tion) first, I’d’ve just gone to the pub in­stead of writ­ing this shitty em­u­la­tor.

IWM is very clever, but very very low-level. The disc con­trollers in other con­tem­po­rary ma­chines, e.g. WD1770, ab­stract the disc physics. At one level, you can poke regs to step to track 17 and then ask the con­troller to grab sec­tor 3. Not so with IWM: first, the discs are Constant Linear Velocity, mean­ing the an­gu­lar ro­ta­tion needs to change ap­pro­pri­ate to whichever track you’re on, and sec­ond the IWM just gives the CPU a fire­hose of crap from the disc head (with min­i­mal de­cod­ing). I spent a while read­ing through the dis­as­sem­bly of the ROMs IWM dri­ver (breaking rule #2 and rule #1): there’s some kind of servo con­trol loop where the dri­ver twid­dles PWM val­ues sent to a DAC to con­trol the disc mo­tor, mea­sured against a VIA timer ref­er­ence to do some sort of dy­namic rate-match­ing to get the cor­rect bi­trate from the disc sec­tors. I think once it finds the track start it then streams the track into mem­ory, and the dri­ver de­codes the sym­bols (more clever en­cod­ing) and se­lects the sec­tor of in­ter­est.

I was sad. Surely Basilisk II and Mini vMac etc. had solved this in some clever way — they em­u­lated floppy discs. I learned they do not, and do the smart en­gi­neer­ing thing in­stead: avoid the prob­lem.

The other em­u­la­tors do quite a lot of ROM patch­ing: the ROM is­n’t run un­mod­i­fied. You can ar­gue that this then is­n’t a per­fect hard­ware em­u­la­tion if you’re patch­ing out in­con­ve­nient parts of the ROM, but so what. I sus­pect they were also abid­ing by a rule #1 too.

I was go­ing to do the same: I fig­ured out a bit of how the Mac dri­ver in­ter­face works (gah, rule #3!) and un­der­stood how the other em­u­la­tors patched this. They use a cus­tom par­avir­tu­alised 68K dri­ver which is copied over the ROMs IWM dri­ver, ser­vic­ing .Sony re­quests from the block layer and rout­ing them to more con­ve­nient host-side code to man­age the re­quests. Basilisk II uses some cus­tom 68K op­codes and a sim­ple dri­ver, and Mini vMac a com­plex dri­ver with trappy ac­cesses to a cus­tom re­gion of mem­ory. I reused the Basilisk II dri­ver but con­verted to ac­cess a trappy re­gion (easier to route: just em­u­late an­other de­vice). The dri­ver call­backs land in the host/​C side and some cut-down Basilisk II code in­ter­prets the re­quests and copies data to/​from the OS-provided buffers. Right now, all I needed was to read blocks from one disc: I did­n’t need dif­fer­ent for­mats (or even write sup­port), or mul­ti­ple dri­ves, or eject­ing/​chang­ing im­ages.

Getting the first block loaded from disc took waaaayyy longer than the first part. And, I’d had to learn a bit of 68K (gah), but just in the nick of time I got a Happy Mac icon as the System soft­ware started to load.

This was still a sim­ple Linux com­man­d­line ap­pli­ca­tion, with zero UI. No key­board or mouse, no video. Time to wrap it in an SDL2 fron­tend (the unix_­main test build in the umac pro­ject), and I could watch the screen re­draw live. I had­n’t coded the 1Hz timer in­ter­rupt into the VIA, and af­ter adding that it booted to a desk­top!

As an aside, I try to cre­ate a dual-tar­get build for all my em­bed­ded pro­jects, with a na­tive host build for rapid pro­to­typ­ing/​de­bug­ging; lib­SDL in­stead of an LCD. It means I don’t need to code at the MCU, so I can code in the gar­den.  :)

Next was mouse sup­port. Inside Macintosh and the schemat­ics show how it’s wired, to the VIA (good) and the SCC (a beast). The SCC is my sec­ond least-favourite chip in this ma­chine; it’s com­plex and the datasheet/​man­ual seems to be in­ten­tion­ally writ­ten to hide in­for­ma­tion, piss off read­ers, get one back at the world. (I did­n’t go near the se­r­ial side, its main pur­pose, just ex­ter­nal IRQ man­age­ment. But, it’ll do all kinds of ex­cit­ing 1980s line cod­ing schemes, of­fload­ing bitty work from the CPU. It was key for sup­port­ing things like AppleTalk.)

Life was al­most com­plete at this point; with a work­ing mouse I could build a new disc im­age (using Mini vMac, an ex­er­cise in it­self) with Missile Command. This game is pretty fun for un­der 10KB on disc.

I had no key­board, but it’s largely work­ing now. Time to start on sub-pro­ject nu­mero due:

Completely un­re­lated to umac, I built up a cir­cuit and fir­mare with two goals:

Get the TinyUSB HID ex­am­ple work­ing and in­te­grated.

This would just dis­play a test im­age copied to a frame­buffer, and printf() key­board/​mouse events, as a PoC. The video por­tion was fun: I’d done some I2S au­dio PIO work be­fore, but here I wanted to scan out video and ar­bi­trar­ily con­trol Vsync/Hsync.

Well, to test I needed a cir­cuit. VGA wants 0.7V max on the video R,G,B sig­nals and (mumble, some volts) on the syncs. The R,G,B sig­nals are 75Ω to ground: with some maths, a 3.3V GPIO dri­ving all three through a 100Ω re­sis­tor is roughly right.

The day I started sol­der­ing it to­gether I needed a VGA con­nec­tor. I had a DB15 but wanted it for an­other pro­ject, and felt bad about cut­ting up a VGA ca­ble. But when I took a walk at lunchtime, no shit­ting you, I passed some street ca­bles. I had a VGA ca­ble — the rust helps with the janky aes­thetic.

The VGA PIO side was pretty fun. It ended up as PIO read­ing con­fig info dy­nam­i­cally to con­trol Hsync width, dis­play po­si­tion, and so on, and then some tricks with DMA to scan out the con­fig info in­ter­leaved with frame­buffer data. By shift­ing the bits in the right di­rec­tion and by us­ing the byteswap op­tion on the RP2040 DMA, the big-en­dian Mac frame­buffer can be out­put di­rectly with­out CPU-side copies or for­mat con­ver­sion. Cool. This can be fairly eas­ily re-used in other pro­jects: see video.c.

But. I ended up (re)writing the video side three times in to­tal:

First ver­sion had two DMA chan­nels writ­ing to the PIO TX FIFO. The first would trans­fer the con­fig info, then trig­ger the sec­ond to trans­fer video data, then raise an IRQ. The IRQ han­dler would then have a short time (the FIFO depth!) to choose a new frame­buffer ad­dress to read from, and re­pro­gram DMA. It worked OK, but was highly sen­si­tive to other ac­tiv­ity in the sys­tem. First and most ob­vi­ous fix is that any la­tency-sen­si­tive IRQ han­dler must have the __not_in_flash_func() at­tribute so as to run out of RAM. But even with that, the de­sign did­n’t give much time to re­con­fig­ure the DMA: ran­dom glitches and blanks oc­curred when mov­ing the mouse rapidly.

Second ver­sion did dou­ble-buffer­ing with the goal of mak­ing the IRQ han­dler’s job triv­ial: poke in a pre-pre­pared DMA con­fig quickly, then af­ter the crit­i­cal rush cal­cu­late the buffer to use for next time. Lots bet­ter, but still some glitches un­der some high load. Even weirder, it’d some­times just blank out com­pletely, re­quir­ing a re­set. This was puz­zling for a while; I ended up print­ing out the PIO FIFOs FDEBUG reg­is­ter to try to catch the bug in the act. I saw that the TXOVER over­flow flag was set, and this should be im­pos­si­ble: the FIFOs pull data from DMA on de­mand with DMA re­quests and a cred­ited flow-contr…OH WAIT. If cred­its get messed up or du­pli­cated, too many trans­fers can hap­pen, lead­ing to an over­flow at the re­ceiver side.

Well, I’d missed a sub­tle rule in the RP2040 DMA docs:

Another caveat is that mul­ti­ple chan­nels should not be con­nected to the same DREQ.

So the third ver­sion…… does­n’t break this rule, and is more com­pli­cated as a re­sult:

One DMA chan­nel trans­fers to the PIO TX FIFO

Another chan­nel pro­grams the first chan­nel to send from the con­fig data buffer

A third chan­nel pro­grams the first to send the video data

The pro­gram­ming of the first trig­gers the cor­re­spond­ing next re­pro­gram me” chan­nel

The nice thing — aside from no lock-ups or video cor­rup­tion — is that this now trig­gers a Hsync IRQ dur­ing the video line scan-out, greatly re­lax­ing the dead­line of re­con­fig­ur­ing the DMA. I’d like to fur­ther im­prove this (with yet an­other DMA chan­nel) to trans­fer with­out an IRQ per line, as the cur­rent IRQ over­head of about 1% of CPU time can be avoided.

So now we have a plat­form and firmware frame­work to em­bed umac into, HID in and video out. The hard­ware’s done, fug­git­that’lldo, let’s throw it over to the soft­ware team:

A glance at the na­tive umac bi­nary showed a few things to fix be­fore it could run on the Pico:

Musashi con­structed a huge op­code de­code jumpt­able at run­time, in RAM. It’s never built dif­fer­ently, and never changes at run­time. I added a Musashi build-time gen­er­a­tor so that this table could be const (and there­fore live in flash).

The dis­as­sem­bler was large, and not go­ing to be used on the Pico, so an­other op­tion to build with­out.

Musashi tries to ac­cu­rately count ex­e­cu­tion cy­cles for each in­struc­tion, with more large lookup ta­bles. Maybe use­ful for con­sole games, but the Mac does­n’t have the same de­gree of tim­ing sen­si­tiv­ity. REMOVED.

pico-mac takes shape, with the ROM and disc im­age in flash, and en­joy­ably it now builds and runs on the Pico! With some care­ful at­ten­tion to not shov­ing stuff in RAM, the RAM use is look­ing pretty good. The em­u­la­tor plus HID code is us­ing about 35-40KB on top of the Mac’s 128KB RAM area — there’s 95+KB of RAM still free.

This was a good time to fin­ish off adding the key­board sup­port to umac. The Mac key­board is in­ter­faced se­ri­ally through the VIA shift reg­is­ter’, a ba­sic syn­chro­nous se­r­ial in­ter­face. This was log­i­cally sim­ple, but frus­trat­ing be­cause early at­tempts at re­ply­ing to the ROMs init” com­mand just were per­sis­tently ig­nored. The ROM dis­as­sem­bly was su­per-use­ful again: read­ing the key­board init code, it looked like a race con­di­tion in in­ter­rupt ac­knowl­edge­ment if the re­sponse byte ap­pears too soon af­ter the re­quest is sent. Shoved in a de­lay to hold off a re­ply un­til a later poll, and then it was just a mat­ter of map­ping key­codes (boooooorrrriiiiing).

With a key­board, the end-of-level MacWrite boss is reached:

One prob­lem though: it to­tally sucked. It was su­u­u­u­per slow. I added a 1Hz dump of in­struc­tion count, and it was do­ing about 300 KIPS.

The 68000 is­n’t an amaz­ing CPU in terms of IPC. Okay, there are some in­struc­tions that ex­e­cute in 4 cy­cles. But you want to use those ex­trav­a­gant ad­dress­ing modes don’t you, and touch­ing mem­ory is spend­ing those cy­cles all over the place. Not an ex­pert, but tar­get­ing about 1 MIPS for an about 8MHz 68000 seems right. Only 3x im­prove­ment needed.

I did­n’t say I was­n’t gonna cheat: let’s run that Pico at 250MHz in­stead of 125MHz. Okay bet­ter, but not 2x bet­ter. From mem­ory, only about 30% bet­ter. Damn, no free lunch to­day.

Musashi has a lot of con­fig­urable op­tions. My first goal was to get its main loop (as seen from dis­as­sem­bly/​post-com­pile end!) small: the Mac does­n’t re­port Bus Errors, so the reg­is­ters don’t need copies for un­wind­ing. The op­codes are al­ways fetched from a 16b bound­ary, so don’t need align­ment check­ing, and can use half­word loads (instead of two byte loads munged into a half­word!). For the Cortex-M0+/armv6m ISA, re­order­ing some of the CPU con­text struc­ture fields en­abled im­me­di­ate-off­set ac­cess and bet­ter code. The CPU type, mys­te­ri­ously, was dy­nam­i­cally-change­able and led to a bunch of run­time in­di­rec­tion.

Looking bet­ter, maybe 2x im­prove­ment, but not enough. Missile Command was still janky and the mouse was­n’t smooth!

Next, some naughty/​dan­ger­ous op­ti­mi­sa­tions: re­move ad­dress align­ment check­ing, be­cause un­aligned ac­cesses don’t hap­pen in this con­strained en­vi­ron­ment.

But the real perf came from a dif­fer­ent trick. First, a di­ver­sion!

The RP2040 has fast RAM, which is multi-banked so as to al­low gen­er­ally sin­gle-cy­cle ac­cess to mul­ti­ple users (2 CPUs, DMA, etc.). Out of the box, most code runs via XIP from ex­ter­nal QSPI flash. The QSPI usu­ally runs at the core clock (125MHz de­fault), but has a la­tency of ~20 cy­cles for a ran­dom word read. The RP2040 uses a rel­a­tively sim­ple 16KB cache in front of the flash to pro­tect you from hor­ri­ble ac­cess la­tency, but the more code you have the more likely you are to call a func­tion and have to crank up QSPI. When over­clock­ing to 250MHz, the QSPI can’t go that fast so stays at 125MHz (I think). Bear in mind, then, that your 20ish QSPI cy­cles on a miss be­come 40ish CPU cy­cles.

The par­tic­u­lar rock-and-a-hard-place here is that Musashi build-time gen­er­ates a ton of code, a func­tion for each of its 1968 op­codes, plus that 256KB op­code jumpt­able. Even if we make the in­ner ex­e­cu­tion loop com­pletely free, the op­code dis­patch might miss in the flash cache, and the op­code func­tion it­self too. (If we want to get 1 MIPS out of about 200 MIPS, a few of these de­lays are go­ing to re­ally add up.)

The __not_in_flash_func() at­tribute can be used to copy a given func­tion into RAM, guar­an­tee­ing fast ex­e­cu­tion. At the very min­i­mum, the main loop and mem­ory ac­ces­sors are dec­o­rated: every in­struc­tion is go­ing to ac­cess an op­code and most likely read or write RAM.

Then, I tried dec­o­rat­ing whole classes of op­codes: move is fre­quent, as are branches, so put em in RAM. This helped a lot, but the re­main­ing free RAM was used up very quickly, and I was­n’t at my goal of much above 1 MIPS.

Remember that RISC ar­chi­tec­ture is gonna change every­thing?

We want to put some of those 1968 68K op­codes into RAM to make them fast. What are the top 10 most of­ten-used in­struc­tions? Top 100? By adding a 64K table of coun­ters to umac, boot­ing the Mac and run­ning key ap­pli­ca­tions (okay, play­ing Missile Command for a bit), we get a pro­file of dy­namic in­struc­tion counts. It turns out that the 100 hottest op­codes (5% of the to­tal) ac­count for 89% of the ex­e­cu­tion. And the top 200 ac­count for a whop­ping 98% of ex­e­cu­tion.

Armed with this pro­file, the umac build post-processes the Musashi auto-gen­er­ated code and dec­o­rates the top 200 func­tions with __not_in_flash_func(). This adds only 17KB of ex­tra RAM us­age (leaving 95KB spare), and hits about 1.4 MIPS! Party on!

At last, the world can en­joy Missile Command’s dark sub­ject mat­ter in per­for­mant com­fort:

Everyone loves MacPaint. Maybe you love MacPaint, and have no­ticed I’ve deftly avoided men­tion­ing it. Okay, FINE:

It does­n’t run on a Mac 128Ke, be­cause the Mac Plus ROM uses more RAM than the orig­i­nal.  :sad-face:

I’d seen this thread on 68kMLA about a Mac 256K: https://​68kmla.org/​bb/​in­dex.php?threads/​the-myth­i­cal-mac-256k.46149/ Chances are that the Mac 128K was re­ally a Mac 256K in the lab (or maybe even in­tended to have 256K and cost-cut be­fore re­lease), as the OS func­tions fine with 256KB.

I won­dered, does the Mac ROM/OS need a power-of-two amount of RAM? If not, I have that 95K go­ing spare. Could I make a Mac 200K, and then run pre­cious MacPaint?

Well, I tried a lo­cal hack that patches the ROM to up­date its global mem­Top vari­able based on a given mem­ory size, and yes, System 3.2 is happy with non-power-of-2 sizes. I booted with 256K, 208K, and 192K. However, there were some ad­di­tional prob­lems to solve: the ROM memtest craps it­self with­out a power-of-2 size (totally fair), and NOPping that out leads to other is­sues. These can be fixed, though also some parts of boot ac­cess off the end of RAM. A power-of-2 size means a cheap ad­dress mask wraps RAM ac­cesses to the valid buffer, and that can’t be done with 192K.

Unfortunately, when I then tested MacPaint it still would­n’t run be­cause it wanted to write a scratch file to the read-only boot vol­ume. This is to­tally break­ing rule #1 by this point, so we are stay­ing with 128KB for now.

However, a 256K MicroMac is ex­tremely pos­si­ble. We just need an MCU with, say, 300KB of RAM… Then we’d be cook­ing on gas.

...

Read the original on axio.ms »

To add this web app to your iOS home screen tap the share button and select "Add to the Home Screen".

10HN is also available as an iOS App

If you visit 10HN only rarely, check out the the best articles from the past week.

If you like 10HN please leave feedback and share

Visit pancik.com for more.