I’d also add that ASCII has had some similar issues in the part, but that tends to have been ironed out by now via changes to onscreen typefaces.

For example, some old typewriters don’t have a “0” key or a “1” key because capital-o and lowercase-l looked similar enough and context was sufficient to let them be used in place of the corresponding number. This trained some people to do that, to the point that various software adapted to permit misuse of one in the place of the other. To this day, I can open up Firefox, and the following webpage will render green text:

<html><font color="#OOFFOO">green text
</font></html>

Some other fixes were were made over time, like making capital-i, lowercase-l, and the pipe (“I”, “l”, and “|”) as more-visually-distinct characters in typefaces where this matters.

In the monospaced font world, “programming” or “coding” fonts, where not confusing the character in question is particularly important, place a premium on keeping characters like this particularly distinctive, even at the cost of trading off some aesthetic appeal or conforming to traditional typography or handwriting-like conventions for letters. You’ll get more-distinctive “.” and “,”, “O” and “0”, “l”, “I”, and “|”, “j” and “i”, etc.

Not what you asked, but you might check that:

• The central AC doesn’t need to be recharged. If it has leaked coolant and is low, it will drop in effectiveness.

• Or, even more simply, that the air filters don’t need to be replaced.

• You can’t improve insulation. Doing so is a one-off cost, as opposed to the ongoing cost of throwing more air conditioning muscle at the problem. Weatherstrip leaks, replace any single-pane windows with double-pane, etc.

Unicode has a lot of “lookalike” characters, so if you’re allowed to select characters as a unique identifier to other users, permitting selection of arbitrary Unicode characters opens the possibility to impersonate users.

I believe that there is some system for dealing with this for domain names, as they permit for Unicode and being able to uniquely identify domains is important. I don’t know if this could be generalized to other Unicode-using applications.

Webster tried to reform English, and was a reason for a number of the American English changes from British English. Some of his changes caught on, like “public” for “publick” or “jail” for “gaol”.

But others did not.

I think that some of those ones that didn’t catch on would be good candidates.

https://www.mentalfloss.com/article/53723/26-noah-webster’s-spelling-changes-didn’t-catch

E.g. “Island” to “Iland”.

https://www.merriam-webster.com/grammar/noah-websters-spelling-wins-and-fails

Or “is” to “iz”.

The election here was the Democratic primary. It didn’t cut the Democrats out of the loop.

with a passion. It just doesn’t do what its supposed to, its not searching anything at all. Ive literally tried and written every word of the video title plus the channel name and it didnt show up bc I put onen word in the wrong spot.

If you want to just treat each search term independently, that works for me. Searching for battle of the solomons eastern has a top hit of “Battle of the Eastern Solomons”.

I’m sorry, you are correct. The syntax and interface mirrors docker, and one can run ollama in Docker, so I’d thought that it was a thin wrapper around Docker, but I just went to check, and you are right — it’s not running in Docker by default. Sorry, folks! Guess now I’ve got one more thing to look into getting inside a container myself.

While I don’t think that llama.cpp is specifically a special risk, I think that running generative AI software in a container is probably a good idea. It’s a rapidly-moving field with a lot of people contributing a lot of code that very quickly gets run on a lot of systems by a lot of people. There’s been malware that’s shown up in extensions for (for example) ComfyUI. And the software really doesn’t need to poke around at outside data.

Also, because the software has to touch the GPU, it needs a certain amount of outside access. Containerizing that takes some extra effort.

https://old.reddit.com/r/comfyui/comments/1hjnf8s/psa_please_secure_your_comfyui_instance/

ComfyUI users has been hit time and time again with malware from custom nodes or their dependencies. If you’re just using the vanilla nodes, or nodes you’ve personally developed yourself or vet yourself every update, then you’re fine. But you’re probably using custom nodes. They’re the great thing about ComfyUI, but also its great security weakness.

Half a year ago the LLMVISION node was found to contain an info stealer. Just this month the ultralytics library, used in custom nodes like the Impact nodes, was compromised, and a cryptominer was shipped to thousands of users.

Granted, the developers have been doing their best to try to help all involved by spreading awareness of the malware and by setting up an automated scanner to inform users if they’ve been affected, but what’s better than knowing how to get rid of the malware is not getting the malware at all. ’

Why Containerization is a solution

So what can you do to secure ComfyUI, which has a main selling point of being able to use nodes with arbitrary code in them? I propose a band-aid solution that, I think, isn’t horribly difficult to implement that significantly reduces your attack surface for malicious nodes or their dependencies: containerization.

Ollama means sticking llama.cpp in a Docker container, and that is, I think, a positive thing.

If there were a close analog to ollama, like some software package that could take a given LLM model and run in podman or Docker or something, I think that that’d be great. But I think that putting the software in a container is probably a good move relative to running it uncontainerized.

Double the Speed Limit, Hits Speed Bumps at Full Speed…Excellent

I remember a computer science professor telling us that he was once somewhere like New York City and was about to miss his flight and wasn’t going to reasonably make it to the airport.

He decides to do a Hollywood-style “if you can get me to the airport in the next twenty minutes, there’s X hundred dollars in it for you” to the first cab that pulled up. The prof says “The cabbie said okay and he got me there in time, and we didn’t die, but I am never, ever doing that again.”

Sometimes people might approve of that speed, though.

PNG has terrible compression

It’s fine if you’re using it for what it’s intended for, which is images with flat color or an ordered dither.

It’s not great for compressing photographs, but then, that wasn’t what it was aimed at.

Similarly, JPEG isn’t great at storing flat-color lossless images, which is PNG’s forte.

Different tools for different jobs.

At least at one point, GIF89a (animated GIF) support was universal among browsers, whereas animated PNG support was patchy. Could have changed.

I’ve also seen “GIF” files served up online that are actually, internally, animated PNG files, so some may actually be animated PNGs. No idea why people do that.

On the “better compression” front, I’d also add that I doubt that either PNG (or WebP) represent the pinnacle of image compression. IIRC from some years back, the best known general-purpose lossless compressors are neural-net based, and not fast.

kagis

https://fahaihi.github.io/NNLCB/

These guys apparently ran a number of tests. They had a neural-net-based compressor named “NNCP” get their best compression ratio, beating out the also-neural-net-based PAC, which was the compressor I think I recall.

The compression time for either was far longer than for traditional non-neural-net compressors like lzma, with NNCP taking about 9 times as long as PAC and PAC taking about 3,000 times as LZMA.

What’s next?

I know you all immediately wondered, better compression?. We’re already working on that. And parallel encoding/decoding, too! Just like this update, we want to make sure we do it right.

We expect the next PNG update (Fourth Edition) to be short. It will improve HDR & Standard Dynamic Range (SDR) interoperability. While we work on that, we’ll be researching compression updates for PNG Fifth Edition.

One thing I’d like to see from image formats and libraries is better support for very high resolution images. Like, images where you’re zooming into and out of a very large, high-resolution image and probably only looking at a small part of the image at any given point.

I was playing around with some high resolution images a bit back, and I was quite surprised to find how poor the situation is. Try viewing a very high resolution PNG in your favorite image-viewing program, and it’ll probably choke.

• At least on Linux, it looks like the standard native image viewers don’t do a great job here, and as best I can tell, the norm is to use web-based viewers. These deal with poor image format support support for high resolutions by generating versions of the image at multiple pre-scaled levels and then slicing the image into tiles, saving each tile as a separate image, so that a web browser just pulls down a handful of appropriate tiles from a web server. Viewers and library APIs need to be able to work with the image without having to decode the whole image.

  gliv used to do very smooth GPU-accelerated panning and zooming — I’d like to be able to do the same for very high-resolution images, decoding and loading visible data into video memory as required.

• The only image format I could find that seemed to do reasonably well was pyramidal TIFF.

I would guess that better parallel encoding and decoding support is likely associated with solving this, since limiting the portion of the image that one needs to decode is probably necessary both for parallel decoding and for efficient high-resolution processing.

WebP had been kind of moving in on its turf, based on what I’ve been seeing websites using.

They have mechanical components that will wear out over time (though I suppose some people probably use them lightly enough that it’s less of an issue).

Just tried it, and it was some other game I was thinking of; I hadn’t played JA3 yet.

While I haven’t finished the game, thoughts:

• It’s the strongest of the post-2 Jagged Alliance games that I’ve played.

• Still not on par with JA2, at least relative to release year, I’d say also in absolute terms.

• My biggest problem — I’m running this under Proton — is some bugginess that I’m a little suspicious is a thread deadlock. When it happens, I never see the targeting options show up when I target an enemy, and trying to go to the map or inventory screen doesn’t update the visible area onscreen, though I can blindly click and hear interactions. The game also doesn’t ever exit if I hit Alt-F4 in that state, just hangs. AFAICT, this can always be resolved by quicksaving (which you can do almost anywhere), stopping the game (I use kill in a terminal on Linux) and reloading the save, but it’s definitely obnoxious. Fortunately, the game starts up pretty quickly. Nobody on ProtonDB talking about it, so maybe it’s just me. I have not noticed bugs other than this one.

• So far, not much by way of missions where one has to figure out elaborate ways of getting into areas or the like: more of a combat focus. I have wirecutters, crowbars, lockpicks, and explosives, like in JA2, but thus far, it’s mostly just a matter of clicking on a locked container with someone who has lockpicking skill. Probably more realistic — in real life, an unattended door isn’t going to stop anyone for long — but I kinda miss that.

• The maps feel a lot smaller to me, though the higher resolution might be part of that. A lot of 3d modeling to make them look pretty. There’s a lot more verticality, like watchtowers.

• The game also feels considerably shorter than JA2, based on the percentage of the strategic map that I’ve taken. That being said, JA2 could get a bit repetitive when one is fighting the umpteenth enemy reinforcement party.

• Unique perks for mercs that make them a lot more meaningful than in JA2 (though also limit your builds). For example, Fox can get what is basically a free turn if she initiates combat on a surprised enemy. Barry auto-constructs explosives each day.

• Thematic feel of the mercs from JA2 is retained well.

• Interesting perk tree.

• A bunch of map modifiers like fog that have a major impact.

• Bunch of QoL stuff for scheduling concurrent tasks for different mercs.

• Pay demands don’t seem to rise with level, though other factors can drive it up (e.g. Fox will demand more pay if you hire Steroid).

• Feels easier than JA2, though I haven’t finished it.

• I’m pretty sure the keybindings are different.

• Tiny thing, but I always liked the start of JA2, where your initial team does a fast-rope helicopter insertion into a hostile sector. Felt like a badass way to set the tone. No real analog in JA3.

• I started running into guys with RPGs early on in JA3, much earlier then JA2.

• JA2 has ground vehicles and a helicopter and they require you to obtain fuel. Transport logistics don’t exist in JA3, other than paying to embark on boat trips at a port (and just checked online to confirm that they aren’t just in the late game).

• More weapon mods in JA3. Looks like some interesting tradeoffs that one has to make here, rather than just “later-game stuff is better”.

For me, it was a worthwhile purchase — even with the irritating bug I keep hitting — and I would definitely recommend it over the other post-JA2 stuff if you’ve played JA2 and want more. It hasn’t left me giggling at the insane amount of complex interactions that were coded into the game like JA2 did, though, which were kind of a hallmark of the original.

I think that the real issue is that every room should have a conveniently-available bottle of hot sauce. An extra bottle could have saved a life here (and saved another life from being spent in jail). Moral of the story: don’t skimp on your house’s hot sauce supplies.

On a related note, I’ve been wondering whether the masking for COVID-19 will have any long term effects. Like, little kids didn’t see faces much for years during their formative years. I don’t know how much people need to learn to associate facial expressions with communication at a particular point in their development.

I like self checkout. I struggle with talking to people and it can really drain on me so it’s a godsend to have if I only need to run in for a few things.

Valid take.

That being said, I’d probably prefer human checkout unless we can get a more-automated form of self checkout. Self checkouts have gotten a lot better since the early days, but human checkers are still faster than I am at the self-checkout and if a human is doing the checkout, I can dick around on my phone or whatever.

Cost savings are nice, but cost savings on my groceries just aren’t a massive concern for me. There just isn’t that much human time being expended on checking my back out. I don’t have strong feelings about the human interaction one way or another.

Maybe one day, we can get some sort of robotic arm setup that can do checkouts as well as a human checker, and then I’d quite happily be in the “machine” camp.

Parallel compute accelerator.

Nobody is gonna say that in full, just like “graphics processing unit” becomes “GPU”, so maybe “PCA”.