You’re totally on the money with your core thesis about epidemiological studies here, and I agree processed meats as a standalone variable are likely a massively overplayed factor in CRC research.

When it comes to the more general claims in the GP comment though, re: processed food and low fiber, there are literally hundreds of independent studies at different levels all pointing in similar directions. It’s pretty incontrovertible at this point.

See any recent review on CRC etiology for reference, e.g.: https://www.researchgate.net/profile/Elroy-Weledji/publication/377724506_Clinics_in_Oncology_The_Etiology_and_Pathogenesis_of_Colorectal_Cancer_OPEN_ACCESS/links/65b3f83e79007454973be66e/Clinics-in-Oncology-The-Etiology-and-Pathogenesis-of-Colorectal-Cancer-OPEN-ACCESS.pdf

Hetzner is quite infamous for suddenly terminating people’s service and forcing customers to provide copies of their ID to get running again. They’re a great provider for many things but fall flat when it comes to privacy.

It’s a weird pick, but I recommend https://bloom.host/.

They’re gaming-focused, but their Ryzen vps boxes are really performant. Very helpful and competent support, great uptime and comms, solid tooling and monitoring.

You can pay with a virtual card no problem. Never had issues getting blocked when behind VPN either.

I work in biomed R&D, and specifically spent several years in Radiology.

Industry consensus is that CAD occasionally picks up anomalies that a radiologist would have missed, but the false positives it picks up are noisy enough to largely offset that benefit. It’s fine if used as a second pass to catch areas a human missed, but doesn’t actually perform “better than a doctor” in a vacuum, precisely because it’s not thinking for itself and e.g. cross referencing the imaging against clinical history.

The silent majority has been real silent in this thread — but thank you for speaking up for proper technique.

This part applies to all customers:

v. Use of Your Content. As part of providing the AI services, Microsoft will process and store your inputs to the service as well as output from the service, for purposes of monitoring for and preventing abusive or harmful uses or outputs of the service.

And while Microsoft has many variations of licensing terms for different jurisdictions and market segments, what they generally promise to opted-out enterprise customers is that they won’t use their inputs to train “public foundation models”. They’re still retaining those inputs, and they reserve the right to use them for training proprietary or specialized models, like safety-filters or summarizers meant to act as part of their broader AI platform, which could leak down the line.

That’s also assuming Microsoft are competent, good-faith actors — which they definitely aren’t.

This is some pathetic chuddery you’re spewing…

You wouldn’t assume that QA can read every email you send through their mail servers ”just because”

I absolutely would, and Microsoft explicitly maintains the right to do that in their standard T&C, both for emails and for any data passed through their AI products.

https://www.microsoft.com/en-us/servicesagreement#14s_AIServices

v. Use of Your Content. As part of providing the AI services, Microsoft will process and store your inputs to the service as well as output from the service, for purposes of monitoring for and preventing abusive or harmful uses or outputs of the service.

We don’t own Your Content, but we may use Your Content to operate Copilot and improve it. By using Copilot, you grant us permission to use Your Content, which means we can copy, distribute, transmit, publicly display, publicly perform, edit, translate, and reformat it, and we can give those same rights to others who work on our behalf.

We get to decide whether to use Your Content, and we don’t have to pay you, ask your permission, or tell you when we do.

Your general understanding is entirely correct, but:

Microsoft is almost certainly recording these summarization requests for QA and future training runs; that’s where the leakage would happen.

I can absolutely see that making sense for a targeted attack.

Are there bootkits in the wild that can reliably bootstrap to a rootkit on most non-Windows hosts these days? The hard part of that approach would be having a bootkit payload sophisticated enough to escalate to a meaningful form of exfiltration, I imagine.

Genuine curiosity: What kind of hardware bug would you go for if you wanted to spy on a relatively easy target like a Thinkpad from ten years ago, and had 1-2 hours to install it?

My naive guess would be intercepting the monitor cable to pull occasional screencaps, but then you’d need a wireless modem to transmit out and you’d have pretty serious limitations on power draw (assuming you’re running off a cell battery and not splicing in somewhere).

might catch hardware backdoor on the border

Say whatever you will about the CCP: there’s nobody on earth burning the level of resources needed to do that undetectably and reliably on some tourist pleb’s arbitrary hardware.

More power to you if that’s what you wanna spend energy on, though.

Completely depends on what your threat model is, but personally:

I’d make an encrypted image of my drives, upload that to remote storage, zero out the drives for border crossing, then restore over the wire on the other side.

It’s just a meme site that was posted to HN and took off.

No investors or purpose beyond putting a pool of chatbots together and watching the slop proliferate.

unless you consider it hard coded because its coded into the codebase

That’s precisely the common definition and understanding of the term.

E: Sorry, I see what you mean in context now. I thought we were talking about a different piefed feature with a similar anti-4chan label that used a set of hardcoded strings to blacklist comments. Yeah, the tesseract image filter isn’t quite what I’d call hardcoded in and of itself.

Glad to know I’m not the only one with a weirdo.

I’ve taught her a bunch of circus tricks, but this one wasn’t on my radar.

Obligatory