The Weekend Briefing 30

Thomas Ott, MBA, PE -

Welcome to the last "unofficial" summer weekend, Labor Day! Enjoy this fast read of four curated links!

In this week’s issue 🗞️

  • .env Files Are Subject to Being Hacked
  • Running LLMs on Mobile Phones
  • Penny Wise, Pound Foolish: Good Engineering Practices
  • Telegram Becomes Free Speech Flashpoint After Founder’s Arrest

Was this email forwarded to you? Subscribe here!

.env Files Are Subject to Being Hacked

I would love this cat-and-mouse game between cybersecurity professionals and hackers if it weren't so damaging. It appears that .env files are vulnerable to hacking.

Attackers Exploit Public .env Files to Breach Cloud Accounts in Extortion Campaign
Massive extortion campaign exploits exposed .env files, compromising cloud and social media credentials. AWS environments used for large-scale scannin
The Hacker NewsThe Hacker News
With 110,000 domains targeted, the malicious activity is said to have netted over 90,000 unique variables in the .env files, out of which 7,000 belonged to organizations' cloud services and 1,500 variables are linked to social media accounts.

Running LLMs on Mobile Phones

On the heels of Danube3, there is more and more interest in running LLMs (or rather small language models) on edge devices.

Better Than GPT-4, the Stanford team’s large model that can be run on mobile phones became popular…
In the process of implementing large models, end-side AI is a very important direction.
Level Up CodingMachine Learning Quick Reads
The 2 billion-parameter Octopus v2 can run on smartphones, cars, PCs, etc., surpassing GPT-4 in terms of accuracy and latency, and reducing context length by 95%. In addition, Octopus v2 is 36 times faster than the Llama7B + RAG scheme

Penny Wise, Pound Foolish: Good Engineering Practices

With a focus on life-critical systems and how to program, this advice is relevant to any Engineering design: slow is fast, and cheap is expensive.

Why Cutting Costs is Expensive: How $9/Hour Software Engineers Cost Boeing Billions
On October 29, 2018 Lion Air Flight 610, a 737 MAX 8 flight from Jakarta, Indonesia to Pangkal Pinang, Indonesia, crashed into the sea 13…
JavaScript SceneEric Elliott
If I were in charge of a life-critical system, I would double down on quality and consider adding more thorough training, mentorship, requirements gathering, risk assessment, software inspection (e.g., employ a language-relevant and data-backed variation of NASA’s Power of 10 rules as a code inspection checklist), static analysis, and even formal methods for critical systems to mathematically prove that our algorithms are correctly specified.

Telegram Becomes Free Speech Flashpoint After Founder’s Arrest

Telegram, an open-source messaging app, came under fire this past weekend with the arrest of Founder and CEO Pavel Durov. The charge? The spread of illicit materials on Telegram.

Many were shocked when reports emerged on Saturday across French news media that Mr. Durov had been arrested in France on charges related to the spread of illicit material on the service. 

and,

The reaction over the news of the arrest showed how concerns about free expression, censorship and government oversight of online content are rising at a time when regulatory scrutiny of speech on the internet around the world has ramped up. National governments, especially those in the European Union, have intensified pressure on companies to address disinformation, online extremism, child safety and the spread of illicit material.

Of course, you want to limit the spread of conspiracy stories and illicit material. My guess is the national security concern. Could Telegram be a Trojan Horse of sorts for bad nation-state actors? What's the next move? Signal?