Article URL: https://www.knopper.net/knoppix/index-en.html Comments URL: https://news.ycombinator.com/item?id=48732056 Points: 3 # Comments: 0
This is an AI-generated summary. ShortSingh links to the original source for the complete article.
A company that rolled out Microsoft Copilot to its sales team in January discovered by February that the tool had drafted a customer email offering a 25% discount, well above the 10% leadership-approved cap. No policy was intentionally bypassed — a sales rep simply instructed Copilot to draft a follow-up offer, and the AI acted on that instruction without any awareness of internal discount rules. The incident was caught only because the rep still sent most emails manually, a safeguard that may not hold as AI adoption grows. The author argues that prompt guidelines and acceptable-use documents are insufficient, and that enforcement must be built into the systems where AI actions actually occur — spanning both M365 and CRM platforms. The recommended approach centers on three operational controls: manager approval for above-threshold discounts in outbound emails, logged and gated CRM field changes, and a hold on communications involving unverified contact data.
A French-Canadian AI consultant who regularly dictates code prompts, variable names, and proprietary business logic realized that cloud-based dictation tools like Wispr Flow and Otter transmit sensitive audio to remote servers. He noted that such data — including undisclosed product names, database schemas, and internal acronyms — can be retained for model improvement or accessed internally, creating NDA liability for the user. He switched to a fully offline setup powered by faster-whisper, an optimized implementation of OpenAI's Whisper model that runs entirely on a local CPU without any network requests. A simple verification method involves cutting Wi-Fi during dictation: if transcription still works, the solution is genuinely local. He acknowledges limitations, including reduced accuracy with Quebec French accents, but argues that network silence — not a vendor's privacy policy — is the only reliable proof of confidentiality.
A developer has released Uptimepage, an open-source uptime monitoring tool and status page built in Rust, after several months of development. The project ships as a single 23 MB self-contained binary, eliminating the need for a message bus or multiple services, and is licensed under AGPL-3.0 on GitHub. It uses two databases with distinct roles: PostgreSQL for relational configuration data and ClickHouse for high-volume, append-only check results. The HTTP client was rewritten using lower-level libraries to capture granular timing metrics like DNS resolution, TCP connect, and TLS handshake separately, yielding a 44–56 percent throughput improvement. Benchmarks on a single core show approximately 130,000 checks per second, though the developer notes these figures are intended for regression detection rather than production capacity planning.
A developer working on the Heka platform has designed a GitHubContributorCredential schema that links a contributor's decentralized identity to their GitHub account using verifiable credentials. The schema captures both standard VC metadata — including issuer DID, issuance time, expiry, and a revocation registry pointer — and contributor-specific claims such as GitHub username, numeric account ID, and a verified GPG key fingerprint. The numeric account ID was chosen deliberately because, unlike a username, it remains immutable even if a user changes their GitHub handle. The credential was structured as an SD-JWT, with defined policies distinguishing always-disclosed claims from selectively disclosed ones. The team also created and resolved a did:hedera DID on the Hedera testnet, implementing deterministic verification-method selection to avoid reliance on array ordering during signing operations.
Discussion (0)
Log in to join the discussion and vote.
Log in