There’s a difference between a wake word and general purpose speech recognition. A simple wake word can be done in simple hardware on the device, while general purpose speech processing either requires heavy, relatively constant CPU usage, or heavy network traffic to pipe the audio to a server for processing.

Yes, that’s how I use it. It has access to a read only bind mount of my photo directory. The ML doesn’t write exif data to the images, just keeps that in its database.

Because the workflow for a lot of people is to have projects in folders which are synced to Onedrive. That allows for collaboration with colleagues that are not using git, as well as backup/archival of files and access from different computers or online sharing. My workflow of using rsync to periodically copy the files (–exclude .git) works, but isn’t ideal. If I forget or someone else edits something, I have to manually deal with conflicts. I guess the real answer is just “not everyone is a software dev.”

I ran into this as my IDE is also constantly touching temporary files to maintain its state. It wasn’t copilot though, it was one drive. So I moved my work files into a local-only location, and then periodically rsync to the synced folder, excluding .git and other folders that have no business on a synced folder.

When I originally switched, I kept an ultra clean windows 2000 VM going for a solid decade. Any time I needed it, I could install stuff, do the work, and then blow away the crud that always builds up with Windows. I would suggest using the oldest version of Windows you can practically use, de-bloating it, and taking vm snapshots.

You could even firewall it using another VM or the host if you wanted. Put windows in jail, erase its memory, and cut it off from the outside world so it behaves, lol.

Data scientist here; there simply are not enough murders to model this, so they will need to use proxies for “likely” murderers (like any sort of violent crime). That means the model will very strongly target people who are over-policed (minorities) and those more likely to actually get caught and charged for things, and thus be in the training data set (poor people). It will also fail spectacularly for this purpose because even a highly accurate model will produce almost 100% false positives -again, because actual murders are so vanishingly rare. The math just doesn’t work.

These politicians need a lesson in civics. You are not building safeguards that stop nazis, you are building the nazi “person finding” infrastructure for them before they even get in power.

Phone number and trust-on-first-use for most people, with out-of-band fingerprint verification for the paranoid. It really depends on the threat model and the security practices/awareness of your colleagues, but a link shared on some social media or lower-security chat network is more vulnerable to a man-in-the-middle attack than a phone number for your average Joe. There are a lot of ways a person could get a manipulated invite link.

Either he was arrested with no record of the arrest (i.e “disappeared”) which is a new line for the administration to cross, or he disappeared for another reason (by himself, or with help or coercion by a foreign entity like the CCP), and the FBI is investigating.

I hope journalists keep on this because the first option would be a huge problem that everyone needs to know about, but without more information, the second is also a possibility. The CCP is known to have agents in western countries that manipulate and pressure ex-pats to return to China. Keeping an open mind now will also strengthen the argument if evidence for the former comes to light.

Might be easiest to just drill out the mic and camera, and use a usb headset for calls. I also suggest specific threat modelling and learning about opsec as that may help you feel more in control. After that, please look after your mental well-being. We all should.

Out of band key exchange is great -as long as people can physically meet and exchange QR codes. In reality, they are often sent via less secure means. As always, the humans are the weakest security link.

It does, I tried it. Though, that may have been an addition since the attacks started.

Though, in that specific case - Russian agents conducting espionage via targeted individuals - it’s very likely they surveil their targets long enough to catch their device PIN before they nab the phone and return it. In the end, there is very little recourse to defend against this type of Evil Maid attack. Signal is really better at protecting against mass surveillance, but for individuals directly targeted by state espionage? You would need serious opsec, using air-gapped computers kept in safes or guarded by humans 24x7 and other crazy stuff. They have rules about what can be physically done with devices containing top secret information for a good reason.

The exact reason why it’s bad for top secret communications is why individuals should use it or something like it. That is government auditability.