今日已更新 129 条资讯 | 累计 21348 条内容
关于我们

标签:#us

找到 1061 篇相关文章

AI 资讯

How do you stop AI from missing the bias that's actually there?

A child laughs on a playground. Pure. Unbothered. The world owes him nothing yet and he owes it nothing back. Then he grows up. He does everything right. Studies. Works. Sends his resume. Waits. Rejected. Sends it again. Rejected. Again. Rejected. The smile disappears. Not slowly. Suddenly. The day you realize the system was never built for you. An empty stomach has no dignity. A person denied the right to work is not just unemployed, they are being told their existence has no value. That is not a glitch. That is a choice someone made. 72 million rejections per year in the US alone. The algorithm decides in 0.8 seconds. No human ever reads his name. AI did not build this system. Humans did. AI just made the discrimination invisible, scalable, and deniable. So I built BiasLens. Paste your rejection. 30 seconds. Scans for documented discrimination patterns under US employment law. Free. Anonymous. No account. The hardest part was not building the scanner. It was forcing the AI to say "no bias found" when there isn't any, instead of manufacturing injustice to seem useful. How do you stop AI from missing the bias that's actually there, without inventing bias that isn't? I am still solving that. For that child. For every human who deserves to keep smiling. https://biaslens-justice.vercel.app/

2026-05-30 原文 →
AI 资讯

I built a cryptographic audit receipt for Claude Mythos (and any AI model) — here's how it works

Anthropic's Mythos model can autonomously find zero-day vulnerabilities. Their CVD disclosure process uses manual SHA-3-512 hash commitments to prove findings existed. I built something that automates that in one line of Python. What AetherProof does One function call generates a 128-byte Ed25519-signed receipt that proves: What model ran — FNV-1a hash of provider/model ID What it produced — hash of the output When — cryptographic nanosecond timestamp Tamper-evident — flip any byte anywhere → INVALID python import aetherproof receipt = aetherproof.for_anthropic( "Find vulnerabilities in this binary.", finding_text, model="claude-mythos-preview" ) receipt.save("CVE-2026-001.receipt") print(receipt.verify()) # True Try it in 30 seconds pip install aetherproof python -c " import aetherproof r = aetherproof.for_anthropic('question', 'answer') print(r.verify()) # True print(r.pretty()) " The unusual part — invisible Unicode watermarking Receipts embed invisibly into any text using Unicode Private Use Area codepoints (U+E000–U+E0FF). AI output carries its own audit trail. Works in any language — Arabic, Chinese, Devanagari, Hebrew, Thai, Japanese all tested. signed_output = aetherproof.embed(ai_response, receipt.to_bytes()) # Text looks identical. Receipt is inside. aetherproof.verify_embedded(signed_output) # True Numbers 187 tests, 0 failures 128/128 byte flips all detected 1000/1000 tamper probes pass Cross-language: Python generates, Rust CLI verifies 15,446 receipts/sec (Python) · 5,472/sec (Rust) Why AGPL-3.0 Free for open source. Commercial use needs a license. This is the compliance layer under your AI stack — it should be open, auditable, and not vendor-locked. GitHub https://github.com/pulkit6732/aetherproof Built by Pulkit. Feedback welcome.

2026-05-29 原文 →
AI 资讯

Secure Your Microservices: Meet Halimun, the High-Performance Encrypted Proxy

Meet Halimun Proxy a high-performance, ultra-low latency proxy tunnel system built from the ground up in Rust. Why Rust? By leveraging Rust , Halimun achieves extreme efficiency. Using the Axum web framework and Tokio for non-blocking asynchronous I/O, it manages to maintain a tiny footprint—running on as little as ~15MB of RAM . It’s designed to be fast, memory-safe, and incredibly stable under load. Core Security Features Halimun isn't just a proxy; it’s a security layer. It enforces strict request validation to ensure your internal services are never exposed to malicious actors: AES-256-CBC Encryption: End-to-end payload masking. Even if your traffic is intercepted, the actual API endpoint and data remain indecipherable. HMAC-SHA256 Integrity: Validates that data hasn't been tampered with in transit. Replay Attack Prevention: Uses Nonce and timestamp verification in-memory (via DashMap ) to reject duplicate spoofed requests. SSRF Protection: Built-in mechanisms to prevent attackers from targeting your internal network infrastructure (e.g., 127.0.0.1 ). Camouflage Routing: It hides your actual API structure behind random, dummy URL segments, making traffic profiling by WAFs or human analysts nearly impossible. Quick Start (Docker) Halimun is "Docker-ready," making it easy to drop into any existing infrastructure. 1. Configuration First, generate your encryption keys using the built-in generator: # Generate keys and save to .env docker build -t halimun-proxy . docker run --rm halimun-proxy ./halimun-proxy --keygen --format = env > .env 2. Deployment Configure your config.yaml to map your backend services, then launch your cluster: docker-compose up -d Your production proxy is now live, listening securely on port 80 while your backend services remain completely secluded within a private Docker network. Under the Hood: Request Lifecycle Halimun uses an encrypted tunnel approach. A typical request follows this structure: POST /proxy/1/SEGMENT1/SEGMENT2/SEGMENT3/SEGMEN

2026-05-29 原文 →
AI 资讯

Fragments May 27: on-the-loop with Claude Code, 2h of endurance, and NHS closing repos

Martin Fowler's May 27 Fragments brings together four arguments with direct implications for teams working with AI agents. All four are worth covering. Ian Johnson: build quality gates before releasing the agent Ian Johnson published a series about restructuring a gnarly codebase: three months, 258 commits, moving from a Laravel monolith with no tests to an application with automated quality gates and an AI agent shipping production code with minimal supervision. The insight Fowler highlights is about the transition from in-the-loop to on-the-loop: "For the first two months of this project, I used Claude Code with auto-approve turned off. Every file edit, every terminal command, every change… I reviewed it before it executed. The results were good. The code was clean. But I was doing most of the thinking and half the typing. The agent was a fancy autocomplete with better suggestions." Ian Johnson Manual review of every change is not how you build trust in the agent. Trust comes from building the structure that ensures the agent will do the right thing, then stepping back. The sequence: characterization tests first, static analysis, architectural patterns that make things flow correctly. Fowler notes this is exactly the sequence he would use himself. Adam Tornhill: roughly 2 hours of cognitive endurance Adam Tornhill observes that agentic work has a decision density that is mentally more expensive than it appears. The estimate is roughly two hours as a sustainable limit, not a full day of work. The implication: adding more parallel agents does not solve the problem, because the bottleneck is the coordinating engineer's cognitive capacity, not available processing volume. The solutions are smaller tasks, automation, and verification mechanisms, not more parallelism. NHS: closing open source repositories NHS (UK National Health Service) closed open source repositories citing LLM threats to code security. The UK Government Data Services countered directly: making code p

2026-05-29 原文 →
AI 资讯

I Built a Neural Network from Scratch in Rust — Then Compiled It to WebAssembly

A complete ML pipeline: engine, backprop, binary format, and a live browser demo. Zero dependencies. Under 200 KB total. If you have built machine-learning projects before, you have probably done it by importing PyTorch, TensorFlow, or scikit-learn and calling .fit() . Those are excellent libraries. This article is about what happens when you deliberately do not use them — when you build every piece of the pipeline yourself, in a language that compiles to WebAssembly, and the result runs live in the browser with no server, no Python, and no cloud bill. Here is the live demo: move four sliders, watch the predicted Iris species update in real time. The model is running entirely inside your browser tab, loaded from a 1.1 KB binary file, powered by ~100 KB of WebAssembly compiled from pure Rust. This is the story of how I built it and why the engineering choices made it work. Why Rust? Why WebAssembly? Why zero dependencies? Three constraints drove every design decision. WASM requires no_std or a carefully limited std . The wasm32-unknown-unknown target has no operating system, no file system, and no libc. A crate that links against rand , ndarray , or any library that makes OS calls will not compile to it without significant plumbing. An engine built from nothing but the Rust standard library compiles cleanly to every target, including WASM. A zero-dependency std -only crate is uniquely auditable. There are no transitive dependency trees to vet, no supply-chain risks, no version conflicts. Every line of code that runs in the user's browser lives in this repository. The deployment story becomes the technical story. A 100 KB WASM blob that runs locally in the browser is not just a cost optimisation — it is a privacy guarantee (user inputs never leave the machine) and a latency guarantee (inference is microseconds, not a round trip to a cloud API). That story is only possible because the engine has no external dependencies that would bloat the binary. The architecture: ei

2026-05-29 原文 →
AI 资讯

Two survival systems, two empathy modes

Here are two scenes. They look unrelated. They're not. Scene 1 Two people at a café, talking about a restaurant they want to try. A stranger walking past stops: "That place closed six months ago. The one on the corner is better." A brief nod, and they walk on. The two people exchange a glance, taken aback. Why did that person stop? What did they want? A few steps away, the stranger is also confused. They had useful information. They shared it. Why did these people react so strangely? Scene 2 A colleague is visibly stressed, describing a difficult situation at work. One friend pulls their chair closer, puts a hand on their arm: "That sounds really hard." Another opens their laptop: "I found something that might help — HR has a process for exactly this, I'll send you the link." The colleague leans into the first. Glances uncertainly at the second. The second person doesn't understand why sitting close and saying "that sounds hard" counts as helping. You haven't solved anything. The first doesn't understand why anyone would respond to distress with links. Both scenes end the same way: people on both sides convinced they did the right thing, confused by the other's reaction. The mismatch is mutual and invisible from the inside. Two survival instincts, two empathy systems For many autistic people, information is a survival mechanism. Uncertainty is threat, missing information is a vulnerability, and the drive to correct and share runs below conscious awareness. Empathy, expressed through that system , looks like giving someone what keeps you safe: accurate information, solutions, resources. The social preamble before sharing — announcing yourself, softening the approach — doesn't arise as a concept. Why would useful information require an introduction? For many neurotypical people, social safety is a survival mechanism. Group cohesion and reading others accurately are what keep people safe. Empathy, expressed through that system , looks like presence: mirroring distress,

2026-05-29 原文 →