MoreRSS

site iconEST修改

EST = Extrospect, Sein & Tao ,后端工程师。
请复制 RSS 到你的阅读器,或快速订阅到 :

Inoreader Feedly Follow Feedbin Local Reader

EST的 RSS 预览

Hinton 一句话总结了教育的本质

2025-10-15 21:25:00

回家路上听了个 1小时30分的 podcast ,采访 Hinton 的:

Godfather of AI: They Keep Silencing Me But I’m Trying to Warn Them!

有些亮点,通过这个该死的 transcript API www.youtube.com/youtubei/v1/get_transcript 把JSON搞了下来,然后通过这个恶心的脚本解析成 全文 文本:

with open('stdin-10-01.txt','w') as f: f.write('\n'.join([t['text'] for x in a['actions'][0]['updateEngagementPanelAction']['content']['transcriptRenderer']['content']['transcriptSearchPanelRenderer']['body']['transcriptSegmentListRenderer']['initialSegments'] if (v := x.get('transcriptSegmentRenderer')) for t in v['snippet']['runs']]))

他提到 “AI的危险” 分为两个层面

  • 有人拿AI来干坏事,比如诈骗,做武器,做病毒等
  • AI本身作为 superintelligence 把人类比下去了

他说这个 超级智能 是他在Google工作10年间发现的,Google曾经一度尝试制造“模拟电路”代替数字电路来更加逼真拟合人脑,但是他发现 数字 AI更具有竞争力。因为同样的算法和权重,你换一套硬件,也能复现它的能力。你换一个时间、换一个国家,也能差不多复制这个能力。数字化带来一个很恐怖的能力就是低成本迁移学习。一个模型吃掉另一个模型,近乎等于把权重拷贝过来然后求平均一下。要强化某一方面能力,就针对那部分权重做SFT。

数字模型的这一特点直接秒杀了人类。人类就算科技再发达,你能不能把另一个脑袋劈开,看看它神经元怎么连接的,然后复制到自己的大脑里呢?

When you and I transfer information, we're limited to the amount of information in a sentence. And the amount of information in a sentence is maybe a 100 bits. It's very little information. We're lucky if we're transferring like 10 bits a second.
These things are transferring trillions of bits a second. So, they're billions of times better than us at sharing information. And that's because they're digital. And you can have two bits of hardware using the connection strengths in exactly the same way.
We're analog and you can't do that. Your brain's different from my brain. And if I could see the connection strengths between all your neurons, it wouldn't do me any good because my neurons work slightly differently and they're connected up slightly differently. So when you die, all your knowledge dies with you.

他进而得到一个推论,因为模型和模型之间相互学习,相互蒸馏没,那就是数字AI几乎是永生的。。。。

我尼玛。。。这。。。洞大开啊。

他接着又说,为啥 superintelligence 肯定比人类更聪明,他举的例子是,在 gpt4 不能联网的时候,他问, 增肥堆(compost heap)和原子弹有啥相似之处?

答案我就不贴了。有兴趣的可以看原视频 59:00 或者 Ctr+F 我摘的原文。但是注意力结构天生就可以把各种事物的相似之处,转换成类似的 analogy,这样才能压缩信息,才能计算。AI 学习的材料比人类多得多,肯定懂得更多,交叉学科最能创新,所以AI肯定特别能创新

这个访谈又说到 Ilya 在做的 super alignment ,超级对齐,我倒是觉得吧,做模型安全只是一个幌子,Ilya 多半是发现了 AI很容易胡诌“you are absolutely right”,但是如果人类知识本来就是自相矛盾的怎么办?它这个 align 的恐怕不是AI,而是从 metaphysics 对全人类智慧进行归一、一致性的梳理。类似集合论,公理系统和希尔伯特那种地基类的工作。这样的AI训练出来恐怕非常无敌。如果拿来反人类岂不是更可怕?从法统和道统上碳基已死,硅基当立了。。人类怕不是减碳把自己给减没了。2333

回到标题,教育的本质是什么?

教育可以从很多人文,历史,社会等太多方面分析,甚至我见过最天方夜谭的理由是,孩子接受教育是因为工业革命之后,双亲被迫投入全职劳动,不得不设立k12公共教育来集体训练孩子。哈哈哈

Hinton 自称唯物主义(materialism)者,给了我一个晴天霹雳,所谓的教育,就是属于不同肉体长得完全不同的大脑,通过10bit/s 的带宽同步数据 😂

一切都豁然开朗了。那种 “醍醐灌顶” 是不是就是高压缩 .7z 给你当头棒喝?

从唯物的角度来说,谁能高带宽不丢包把数据同步好,谁就是最好的教育。

gzip 炸弹检测

2025-10-11 15:23:00

国内很多人说两句话就能检测 gzip 炸弹,我翻了一下大概是这样

import gzip
import io
import requests
resp = requests.get(url, stream=True)

decompressed = resp.raw.read()
with gzip.open(io.BytesIO(decompressed), 'rb') as g:
    g.seek(0, 2)
    origin_size = g.tell()
    print(origin_size)

gzip -l xxx.gz 类似,原理是gzip格式在尾部8字节保存了 [CRC32][ISIZE],其中 ISIZE = uncompressed_length % 2³²

要反制这个检测很easy嘛,直接返回 Content-Encoding: deflate 不就行了?

况且,我搜了下,ISIZE是可以改的。。。所以更好的办法是:

import zlib

MAX_OUTPUT = 50 * 1024 * 1024  # 50 MB cap

def safe_decompress_gzip_stream(compressed_iterable):
    # compressed_iterable yields bytes chunks from incoming request body
    d = zlib.decompressobj(16 + zlib.MAX_WBITS)  # 16+ for gzip wrapper
    total_out = 0
    for chunk in compressed_iterable:
        out = d.decompress(chunk, 64*1024)  # limit per-call output
        total_out += len(out)
        if total_out > MAX_OUTPUT:
            raise ValueError("Exceeded decompression limit")
        yield out
    # flush remaining
    out = d.flush()
    total_out += len(out)
    if total_out > MAX_OUTPUT:
        raise ValueError("Exceeded decompression limit")
    if out:
        yield out

终归来说,gzip炸的都是内存。我在想,能不能利用LZ77反复横跳,做一个CPU炸弹呢?

比如解压个半天,发现结果是个 1KB 的小文件?压缩率高达 114514% ?

ChatGPT 居然拒绝回答了。但是指了个路:

Many tiny dynamic-Huffman blocks so the decoder rebuilds trees repeatedly (parsing overhead per block).
Constructing distance/length sequences that cause a lot of back-reference copying (expensive repeated copies, especially with overlapping distances).
Interleaving short literal runs with copies to create branch-heavy decode work.
Using many concatenated members/streams (or nested archives) to multiply cost.

OpenAI 真猥琐啊。

OKR 🔪 了 Google Reader

2025-10-09 14:49:00

最近又刷到 RSS的一些讨论,然后又说起 Google Reader 这个陈年往事。

Google Reader是谁杀死的呢?准确的说是个三哥 Vic Gundotra。默许这件事的是女高管 Marissa Mayer。(Mayer 后来去 Yahoo 当了CEO,干得最牛逼的事儿就是收购了 Tumblr,后来还有更抽象的从 teen 手上买了一套 Summly)

Mayer这名字让我想起之前看有本讲netflix的书提到过,是OKR推崇者。所以杀死Google Reader的凶器是 不是OKR或者launch culture呢?

我决定探究一下 OKR 的由来。这玩意的鼓吹群体,最后都指向 Intel出身的风投 John Doerr,他写了一本书叫 《Measure What Matters》,书其实不用看了,直接去他家官网,3分钟就能了解OKR的核心理念:

https://www.whatmatters.com/resources/a-typical-okr-cycle

A Typical OKR Cycle

我之前也经历过OKR,再次看这个东西有一些不同的感触:

  • 管理层是不会全体公开自己的OKR的。因为管理层不用担责,也不想担责,也不敢担责。有一些 DAU 之类的指标能公开说吗?所以图里的第二步就是没有的,全靠下属去猜,猜错了才好挨板子嘛。
  • 部门OKR或许可以公开,但是跨部门呢?保护得更严实了。子部门和小组之间就有样学样,最后OKR成了村骗乡,乡骗县,一级一级往上骗,一直骗到国务院。OKR里强调的跨部门整合,冲突协调,我没太见着,可能是level太低了。但是人性者东西嘛,既然都分部门了,井水不犯河水,为啥我部门有牺牲收益顺着你部门的指标走?有啥好处啊?你几个人几条枪,凭啥我就不能更少的人更小的代价完成同样的事?
  • key result 强调客观指标,但是可观测性很多时候就是个取悦上级的play。记得有一次帮别的团队算“周均”指标,感觉基础数据查起来很麻烦,结果对方团队说,直接把日均加起来除以七就好了。而且必须得这么做,因为都是这么算的。后来咨询了下做SaaS的师兄,结果业界大概三七分,一大半都是拿日均直接套。给我吓尿了。
  • Google的OKR实践开头就说一句话,不能直接套用,要按实际情况调整,你能套上去说明你做错了
  • OKR里很强调 contributor 这个概念。啥意思?牛马就是执行者,不要多想。不要把自己当公司 partner 了
  • committed 类型的OKR得分为1,必须达到1。aspirational的平均分应该是 0.7。但是实践中这挂靠很多待遇福利,使得如何设 OKR 成了一门花活儿
  • Doerr 这名字起的好啊,行者。哈哈。
  • 反对 Business-as-usual OKRs。万事万物都必须从用户需求侧推导。我觉得这一点很好
  • 胆小aspirational OKR问题:愿景性OKR会倾向保守,出发点是,如果尚有余力,加一点运气,完成blah。实际有一个简单衡量标准(The litmus test),如果你完成这项OKR,会不会大幅度超出用户预期?多年以后用户会不会因为这项OKR受益?
  • Sandbagging。正如前面提到的和薪资福利挂钩,很多人会消减 committed OKR 目标。按照 Doerr 的说法,承诺性OKR是需要几乎耗光团队所有人力财力时间的目标才对。承诺+愿景 加起来应该超过团队能支配的资源。OKR这一工具是用来摸索团队执行力边界的。Doerr甚至说到如果每次OKR都能漂亮完成那说明团队在 hoarding resources or not pushing。我寻思,这也太资本主义了。哈哈哈。
  • Low Value Objectives (LVOs) 不要追求“把CPU尖峰降低3%”。而是要反推,如果你这指标 1.0 完成,对 enduser 或公司效益有什么直接的促进作用吗
  • 所有的KR合起来,需要构成对O的充分条件。如果所有 KR 都 1.0 分完成,那么 O 必将实现。这一点很要害啊,实践中很多KR也就是一些对自己有利的必要条件而已。估计很多团队也是对 硬骨头 避而不谈。OKR 这一工具的目的就是发现公司层面缺乏对“房间里的大象”的关注和投入的
  • committed OKR以达到1.0为宗旨。如果团队达不到,那么需要尽早升级。升级不仅是常见的,还是必须的。无论是你对OKR不认同,优先级问题,还是有冲突,还是资源不够,管理层的义务是尽可能在OKR周期内发现问题并投入解决。
  • 达不到 1.0 的committed OKR需要postmortem。Doerr说这样做不是为了惩罚团队,而是看到底是计划环节,还是执行过程中出了问题。但往往OKR更多的被用成敲打的工具?哈哈
  • Aspirational OKR 可以长期保留,成为下一个周期的基础。如果没有进展就丢弃,说明要么你这目标设定有问题,要么优先级设定有问题,要么资源调度有问题,要么对事物的认知出了根本问题。
  • Aspirational OKR在团队之间平移是OK的。manager不应该假设它们得到的支持永远是非常充足的。
  • 简单衡量(The litmus test):如果每个KR都是季度末最后一天完成,那么说明压根没计划。
  • 如果重要团队职能没能在OKR里体现,就添加更多的OKR

OKR这一套的的祖师爷 是Intel 老总,匈牙利Holocaust难民 Andy Grove 。我看了下其实老爷子没把这一套说得那么玄乎,就是 8085 处理器当年需要每个季度出货,就搞了一套分摊生产的机制。这也解释了为啥OKR往往都是年度、季度为单位的。因为财报也是这个节奏嘛。他举例说,O是Intel芯片占领中端市场,那么KR就是8085 处理器 10个 新设计。我寻思这也不能必然支撑“占领”这一目标啊?万一市场不认帐怎么办?老爷子又说了,KR可以是 milestone,这一波不行下一波继续加码不就行了🤣 主要是“占领”这一说法是可以argue的,但是10个就是10个,结果只会是达成是否yes/no,可以 measure 的。

这篇讲OKR渊源的文章里,有一句话说得特别好

OKRs overturned the top-down management system. Suddenly, workers were valued by what they accomplished, not by their background, degree, or title. With OKRs, execution is more important than mere ideas,
OKR改变了人们马首是瞻的管理模式。员工的价值衡量以完成目标为准,而不再是背景、学历、职衔。OKR体系下,执行比畅想更重要。

那么话说回来,为啥OKR 杀死了 Google Reader?

因为 Larry Page 给全公司定的 O 是:亿级用户用户,越多越好。要做 google-scale 的产品

Google Reader受众是一小撮核心用户,虽然 engage 很高频,但是小众爱好的增长就是慢。当年 Google+ 势头被三哥吹上天,显然更有前途。Marissa Mayer是G家老人了(工号#20) 做 OKR 有一手,Google Reader显然是一个 business-as-usual 成熟产品了,所以开发团队都被挪用了,人都跑光了,据说它代码还不能跑在新款Google软件架构上(borg之类的),所以越来越没人关心。因为没人能靠Google Reader升职加薪,所以成了弃子。

说 OKR 🔪 了 Google Reader ,不是说 OKR不好,而是OKR作为一个框架,一套工具,它是中立的。

OKRs help you hit every target — except the one that matters.
OKR确保你命中目标,至于是不是重要目标就不得而知了

或许Google Reader真的对于Google不重要。但是反过来,没有 Google Reader 真的对Google那么重要吗?G家还做了那么多 arts project 怎么就不砍掉呢?

所以我琢磨下来,OKR这套工具,在蓝海市场,销售向的行业里是非常有用的。它能聚焦业务,保持各团队对齐,排查执行环节问题是非常有效的

但前提是,你只缺执行吗?

另一个方面,对于 SRE 安全这类部门来说,它们的成功不在于本部门 执行有多好,而是在于其他部门的「下限」有多烂。有哪个敢给自己定一个全年100%不出漏洞不出问题的O?

这类 support, maintanence 和 backoffice 部门,本来就就是降低负收益,处理烂摊子的,它们存在的意义,就是把公司的潜在损失尽可能降低到最小

这个出发点来说,是不是应该把OKR设置成默认 -1.0 分,然后擦屁股得越干净越好?

胡思乱想又水了一篇,大家别当真

Fix WestData SN550/SN570 SSD slow read problem

2025-10-09 10:30:00

I had a painful slow game load experience during the past few days. In the beginning, I tried everything I can to tweak the Win10 system, cleanup the PC box, but the disk IO was always pegging at 2MB/s to 5MB/s at taskmgr.exe.

The real culprit? The WD ssd I bought some years ago. Turns out if the data was old enough, the firmware had real trouble recognizing the volatile bits and throttles the throughput.

The fix? read the file again and write them back. Since my disk is almost full (another reason here), a inline replace would be prefered.

I spent next few hours vibe coding an HTML5 utility

https://lab.est.im/ssd-warmup/

The code works as intended, however the File System API in Javascript writes a .crswap file instead of the original.
It's a Chromium thing thus makes the JS method completely useless.

I wrote a Python version instead.

https://github.com/est/snippets/blob/master/ssd-warmup/ssd_warmup.py

The AI wrote code using os.path.walk and I changed it with pathlib.Path, which was more pleasant with its rglob method.

You can try it:

python ssd_warmup.py /path/to/fix/

The lesson learned: Don't buy Sandick or WestData. At least the low-end ones.

CBOR 和 MsgPack 是一回事

2025-09-27 20:01:00

翻旧账的时候无意中发现的。MessagePack的实现者 mdhb 说:

Disclaimer: I wrote and maintain a MessagePack implementation.
CBOR is MessagePack. The story is that Carsten Bormann wanted to create an IETF standardized MP version, the creators asked him not to (after he acted in pretty bad faith), he forked off a version, added some very ill-advised tweaks, named it after himself, and submitted it anyway.
I wrote this up years ago (https://news.ycombinator.com/item?id=14072598), and since then the only thing they've addressed is undefined behavior when a decoder encounters an unknown simple value.

以及

There's no reason an MP implementation has to be slower than a CBOR implementation. If a given library wanted to be very fast it could be. If anything, the fact that CBOR more or less requires you to allocate should put a ceiling on how fast it can really be. Or, put another way, benchmarks of dynamic language implementations of a serialization format aren't a high signal indication of its speed ceiling. If you use a dynamic language and speed is a concern to this degree, you'd write an adapter yourself, probably building on one of the low level implementations.
That said, people are usually disappointed by MP's speed over JSON. A lot of engineering hours have gone into making JSON fast, to the point where I don't think it ever made sense to choose MP over it for speed reasons (there are other good reasons). Other posters here have pointed out that your metrics are usually dominated by something else.
But finally, CBOR is fine! The implementations are good and it's widely used. Users of CBOR and MP alike will probably have very similar experiences unless you have a niche use case (on an embedded device that can't allocate, you really need bignums, etc).

看它又翻了一堆旧帐。。hmmmm。。。好吧。

最近在看 ATProto 发现它既可以 CBOR 也可以 JSON

大集团,小组织和原子个体

2025-09-25 10:27:00

来自 Terence TaoHN上讨论很热烈

Some loosely organized thoughts on the current Zeitgeist. They were inspired by the response to my recent meta-project mentioned in my previous post https://mathstodon.xyz/@tao/115254145226514817, where within 24 hours I became aware of a large number of ongoing small-scale collaborative math projects with their own modest but active community (now listed at https://mathoverflow.net/questions/500720/list-of-crowdsourced-math-projects-actively-seeking-participants ); but they are from the perspective of a human rather than a mathematician.

As a crude first approximation, one can think of human society as the interaction between entities at four different scales:

  1. Individual humans

  2. Small organized groups of humans (e.g., close or extended family; friends; local social or religious organizations; informal sports clubs; small businesses and non-profits; ad hoc collaborations on small projects; small online communities)

  3. Large organized groups of humans (e.g., large companies; governments; global institutions; professional sports clubs; large political parties or movements; large social media sites)

  4. Large complex systems (e.g., the global economy; the environment; the geopolitical climate; popular culture and "viral" topics; the collective state of science and technology).

An individual human without any of the support provided by larger organized groups is only able to exist at quite primitive levels, as any number of pieces of post-apocalyptic fiction can portray. Both small and large organized groups offer significant economies of scale and division of labor that provide most of the material conveniences that we take for granted in the modern world: abundant food, access to power, clean water, internet; cheap, safe and affordable long distance travel; and so forth. It is also only through such groups that one can meaningfully interact with (and even influence) the largest scale systems that humans are part of.

But the benefits and dynamics of small and large groups are quite different. Small organized groups offer some economy of scale, but - being essentially below Dunbar's number https://en.wikipedia.org/wiki/Dunbar%27s_number in size - also fill social and emotional needs, and the average participant in such groups can feel connected to such groups and able to have real influence on their direction. Their dynamics can range anywhere from extremely healthy to extremely dysfunctional and toxic, or anything in between; but in the latter cases there is real possibility of individuals able to effect change in the organization (or at least to escape it and leave it to fail on its own).

Large organized groups can offer substantially more economies of scale, and so can outcompete small organizations based on the economic goods they offer. They also have more significant impact on global systems than either average individuals or small organizations. But the social and emotional services they provide are significantly less satisfying and authentic. And unless an individual is extremely wealthy, well-connected, or popular, they are unlikely to have any influence on the direction of such a large organization, except possibly through small organizations acting as intermediaries. In particular, when a large organization becomes dysfunctional, it can be an extremely frustrating task to try to correct its course (and if it is extremely large, other options such as escaping it or leaving it to fail are also highly problematic).

My tentative theory is that the systems, incentives, and technologies in modern world have managed to slightly empower the individual, and massively empower large organizations, but at the significant expense of small organizations, whose role in the human societal ecosystem has thus shrunk significantly, with many small organizations either weakening in influence or transitioning to (or absorbed by) large organizations. While this imbalanced system does provide significant material comforts (albeit distributed rather unequally) and some limited feeling of agency, it has led at the level of the individual to feelings of disconnection, alienation, loneliness, and cynicism or pessimism about the ability to influence future events or meet major challenges, except perhaps through the often ruthless competition to become wealthy or influential enough to gain, as an individual, a status comparable to a small or even large organization. And larger organizations have begun to imperfectly step in the void formed by the absence of small communities, providing synthetic social or emotional goods that are, roughly speaking, to more authentic such products as highly processed "junk" food is to more nutritious fare, due to the inherently impersonal nature of such organizations (particularly in the modern era of advanced algorithms and AI, which when left to their own devices tend to exacerbate the trends listed above).

Much of the current debate on societal issues is then framed as conflicts between large organizations (e.g., opposing political parties, or extremely powerful or wealthy individuals with a status comparable to such organizations), conflicts between large organizations and average individuals, or a yearning for a return to a more traditional era where legacy small organizations recovered their former role. While these are valid framings, I think one aspect we could highlight more is the valuable (though usually non-economic) roles played by emerging grassroots organizations, both in providing "softer" benefits to individuals (such as a sense of purpose, and belonging) and as a way to meaningfully connect with larger organizations and systems; and be more aware of what the tradeoffs are when converting such an organization to a larger one (or component of a larger organization).

读完之后很惆怅。双亲+子女组成核心家庭 里Michelle Obama说的那句话犹在耳畔。

人存在的意义和价值是什么?大多数时候,是由TA所在社会群体里的(某种形式的)地位决定的。

大集团往往是纯粹的经济价值来源和利益机器

小组织给人归属感

个体的结局只有一个——孤单

想到这里,突然又手痒想键政了。秦汉公民兵的崩坏,被世家大族吸收消化;六镇府兵制的隋唐,不过是回光返照,最后不得不换成雇佣兵和藩镇。到了大怂国感觉汉人是完全不会打仗了,这也跟山河四省彻底原子化,科举这个上升通道沦为「个体」刷分机器有莫大的干系。小组织(户)和大集团(族)都完蛋,加上打压工商业,无法形成新的行会 - 商团 乃至财富汇集托举的 文艺 - 科学 团体,整个社会结构要么是男耕女织的这种极端原子化的小农家庭,要么是皇权这种巨无霸;文官集团彻底被以个体利益出发的党争玩坏。整体民心是个什么状态呢?一个民族,一个国家里的每个个体,既无法从组织里得到利益,也无法得到归属感,反正生活都是苦和累,今朝有酒今朝醉,天子换谁来当都一个屌样,那么结论很容易得出:整个汉地的「自然组织度」约等于0 。朱88的军户制度,也是行政和官僚手段强行拉高组织度一种无奈,但是最后还是被更高组织度的八旗吊打。

不得不说老外的 civil society 这一套说法 还是很有道理的

要说这一切的罪恶之源是什么呢?先来想去,铁犁+纺车,从井田制崩坏就开始了?

为啥孔老二崇周礼?因为当年的农业生产是纯纯人力,得分工和群体劳动才能生存,国君祭天是一件严肃的生产分配大会,而不是后来流于礼节形式。为啥游牧部落总是能找到机会在某一个点突破防线?因为轮牧制度是根本,只要部落之间平息仇杀一致对外,就可以凭借天生的高组织度完成更复杂的战术和战略目标。

所以21世纪的铁犁是什么呢?AI?

不敢想不敢想。看着孩子现在 pad 上安装了豆包、千问、deepseek等众多app,我寻思,可能人类社会连父母和后代的养育联系,可能在未来某一个时刻都要断掉了吧。

呃,网上其实现在已经是这个风气了,原生家庭的“罪”罄竹难书,老登只有爆金币一个用途了。