gbl08ma
@gbl08ma.com
Software developer. Most comfortable with Go, can do frontend too. I built jungletv.live, underlx.com, tny.im and more. I know more about the internals of GTA V and Watch Dogs than their average players. Sometimes I make music and high effort shitposts.
on responding to security/compliance concerns more so than any technology- or implementation-specific concerns.
November 10, 2025 at 11:22 AM
on responding to security/compliance concerns more so than any technology- or implementation-specific concerns.
Because if it were something more fundamental about how LLMs work, the isolation would not be at the organization level but at a smaller level, as users probably wouldn't want "crosstalk" between unrelated requests within each organization, either. That passage in the docs seems especially focused
November 10, 2025 at 11:22 AM
Because if it were something more fundamental about how LLMs work, the isolation would not be at the organization level but at a smaller level, as users probably wouldn't want "crosstalk" between unrelated requests within each organization, either. That passage in the docs seems especially focused
dealing with keys and/or values that could contain sensitive information or which could help disclose sensitive information when coupled with one or two other side-channels.
November 10, 2025 at 11:15 AM
dealing with keys and/or values that could contain sensitive information or which could help disclose sensitive information when coupled with one or two other side-channels.
It probably isn't "bad," beyond protecting against the more "in general" bugs and side-channels. It makes it easier to reason about security and data privacy compliance. What I mean is that the reason they're doing that is probably not LLM specific, just something one would do in general when
November 10, 2025 at 11:15 AM
It probably isn't "bad," beyond protecting against the more "in general" bugs and side-channels. It makes it easier to reason about security and data privacy compliance. What I mean is that the reason they're doing that is probably not LLM specific, just something one would do in general when
Then you're relying on specifics of how the keys and values are used to trust that nothing will go wrong, assuming that their use case will remain constant forever, and that there is no hidden detail that could "get you", and that's not how defense in depth works...
November 10, 2025 at 11:07 AM
Then you're relying on specifics of how the keys and values are used to trust that nothing will go wrong, assuming that their use case will remain constant forever, and that there is no hidden detail that could "get you", and that's not how defense in depth works...
it's easier to ensure nothing weird like that ever happens by simply not sharing the cache across tenants.
November 10, 2025 at 11:02 AM
it's easier to ensure nothing weird like that ever happens by simply not sharing the cache across tenants.
But if you have a bug in that derivation process that caused the wrong values to be pulled every now and then, that will surely influence the response in an incorrect way, and in a way which could directly or indirectly leak information about other requests being made. So to be on the safe side,
November 10, 2025 at 11:02 AM
But if you have a bug in that derivation process that caused the wrong values to be pulled every now and then, that will surely influence the response in an incorrect way, and in a way which could directly or indirectly leak information about other requests being made. So to be on the safe side,
tenant, or make it so that the tenant ID is always part of the cache key no matter what, you prevent not just the timing attacks but also information leaking due to the cache being accessed with keys that don't encapsulate all of the information they should have.
November 10, 2025 at 10:56 AM
tenant, or make it so that the tenant ID is always part of the cache key no matter what, you prevent not just the timing attacks but also information leaking due to the cache being accessed with keys that don't encapsulate all of the information they should have.
process to derive a key from the prompt is bugged, e.g. someone forgot to take into account some setting like the system prompt or the temperature, and now the keys being used to access the cache are the same even though the requests are different. If you use an actually separate cache structure per
November 10, 2025 at 10:56 AM
process to derive a key from the prompt is bugged, e.g. someone forgot to take into account some setting like the system prompt or the temperature, and now the keys being used to access the cache are the same even though the requests are different. If you use an actually separate cache structure per
additional data that influences the value and which you forgot to take into account as part of the key, and now the cache is responding with values that aren't actually the correct ones for the request being made, and which could be polluted with sensitive data from other tenants. Or maybe that
November 10, 2025 at 10:56 AM
additional data that influences the value and which you forgot to take into account as part of the key, and now the cache is responding with values that aren't actually the correct ones for the request being made, and which could be polluted with sensitive data from other tenants. Or maybe that
Consider a cache that's implemented with a dictionary/map. To retrieve a value from a cache you usually need a key, which in this case would be the prompt (or something derived from it), to identify the value to retrieve (the value would be the response to the prompt). But there could be some
November 10, 2025 at 10:56 AM
Consider a cache that's implemented with a dictionary/map. To retrieve a value from a cache you usually need a key, which in this case would be the prompt (or something derived from it), to identify the value to retrieve (the value would be the response to the prompt). But there could be some
That's usually the main reason to isolate caches per tenant. It also makes it more difficult for data to accidentally leak between tenants (e.g. because cache keys could turn out not to be as unique as the developer assumed...). It could also naturally arise as a side-effect of sharding.
November 10, 2025 at 10:35 AM
That's usually the main reason to isolate caches per tenant. It also makes it more difficult for data to accidentally leak between tenants (e.g. because cache keys could turn out not to be as unique as the developer assumed...). It could also naturally arise as a side-effect of sharding.
Reposted by gbl08ma
need a gta style game where the plot is keeping gta6 from being finished and released by any means necessary
May 3, 2025 at 5:42 PM
need a gta style game where the plot is keeping gta6 from being finished and released by any means necessary
And, once again, a good time to bring this back from the archive:
(via www.gq-magazine.co.uk/article/red-... - dated October 2018. Dan Houser left Rockstar in 2020)
(via www.gq-magazine.co.uk/article/red-... - dated October 2018. Dan Houser left Rockstar in 2020)
November 6, 2025 at 9:51 PM
And, once again, a good time to bring this back from the archive:
(via www.gq-magazine.co.uk/article/red-... - dated October 2018. Dan Houser left Rockstar in 2020)
(via www.gq-magazine.co.uk/article/red-... - dated October 2018. Dan Houser left Rockstar in 2020)
You made me double-check my open programs, even if I haven't used slsk in ages...
November 4, 2025 at 11:44 PM
You made me double-check my open programs, even if I haven't used slsk in ages...
For its price, it better taste like caviar
October 23, 2025 at 11:13 PM
For its price, it better taste like caviar
"Taskbar on the side? Sorry, we didn't implement that in the latest rewrite yet"
Except they don't accept pull requests.
Except they don't accept pull requests.
October 23, 2025 at 11:11 PM
"Taskbar on the side? Sorry, we didn't implement that in the latest rewrite yet"
Except they don't accept pull requests.
Except they don't accept pull requests.
Windows is now reaching the levels of polish and user-friendliness of the Linux desktop experience of decades ago, namely by forcing users to spend hours tinkering with their OS install to get it to behave how they want it.
October 23, 2025 at 11:10 PM
Windows is now reaching the levels of polish and user-friendliness of the Linux desktop experience of decades ago, namely by forcing users to spend hours tinkering with their OS install to get it to behave how they want it.
Reposted by gbl08ma
"Maybe now that I've used activation scripts, debloated my install, and installed shell extensions to get functionality back to my system, I am immune to the exploits of capitalism"
Listen to yourself. You're putting so much more effort in staying in the fucking pot compared to jumping out.
Listen to yourself. You're putting so much more effort in staying in the fucking pot compared to jumping out.
October 23, 2025 at 11:06 PM
"Maybe now that I've used activation scripts, debloated my install, and installed shell extensions to get functionality back to my system, I am immune to the exploits of capitalism"
Listen to yourself. You're putting so much more effort in staying in the fucking pot compared to jumping out.
Listen to yourself. You're putting so much more effort in staying in the fucking pot compared to jumping out.
You weren't suffering enough because your brain is not good enough at reliving embarrassing situations, so we've got the product for you!
October 23, 2025 at 10:51 PM
You weren't suffering enough because your brain is not good enough at reliving embarrassing situations, so we've got the product for you!
This is why specific generations of Surface Pens can come in handy.
October 21, 2025 at 7:34 PM
This is why specific generations of Surface Pens can come in handy.