What is really at risk?

Maybe the instances are shared between users via sharding or are re-used and not properly cleaned.

And maybe they contain the memory of the users and/or the documents uploaded?

And what do you expect to get? Some arbitrary uninteresting corporate paper, a homework, someones fanfiction.

Again, what is the risk?

Probably you’re being sarcastic to show that those AI companies don’t give a damn about our data. Right ?

Couldnt this be a first step before further escalation ?

And then what? What is the risk?

I guess a sandbox escape, something, profit?

Dont OpenAI have a ton of data on all of its users ?

And what is at risk? Someone seeing someones else fanfiction? Or another reworded business email? Or the vacancy report of sone guy in southern germany?

This is a wild take and I’m not sure where to begin. What if I leaked your medical data, or your emails, or your browser history. What’s at risk? Your data means nothing to me.

No it is not. Outside this strange bubble on hacker news, no ine really cares or has ever heard of the creator.

They just use wordpress.

1st rule of hacking: don't write your freaking name on it!

Plot twist: Nobody who is in charge should care.

Leave the no to the naysayers.

Ship your app, generate traffic, usage, income. Leave the discussions to other people.

Do that at $BigCorp and Legal will eat you alive, if not fired.

Long ago I went through the company-approved process to link to SQLite and they had such a long list of caveats and concerns that we just gave up. It gave me a new understanding of how much legal risk a company takes when they use a third-party library, even if it's popular and the license is not copyleft.

Unless you are now involved in a lawsuit that asks for a hypothetical 50% of your income for using a tech very similar to their and they speculate its been stolen and not permitted by their license and even if you know you are going to win/or that it doesn't affect you still have to spend money on the lawyers fighting it.

Commenting on this to mark it in my feed for later reference. Well said!

Yes, because the world is just binary like that. You can only choose on or the other... /s

How about we invent SAI and terraform superearths in Milky Way to atone for our sins here?

Just copy paste your error message and do what chat gpt tells you.

How well has that worked for you?

For me it's usually about useless. It "may" be this, "may" be that, and no clue about what information it would need for a more accurate diagnosis.

Everyone who is capable of your suggestion is not dumb enough to install a trojan in the first place.

Binance is not a blockchain company. It is a centealized exchange. Nothing is happening on-chain unless getting coins from or to the exchange. And this has nothing tondo with them then.

These are order and trade logs probably. You want to have them and you need them for auditing. Binance wants to be more professional in that way probably. HFT is making billions of orders per day per trader.

OK, so let's do some napkin math... I'm guessing something like this is the information you might want to log:

user ID: 128bits

timestamp: 96bits

ip address: 32bits

coin type: idk 32bits? how many fake internet money types can there be?

price: 32bits

quantity: 32bits

So total we have 352bits. Now let's double it for teh lulz so 704bits wtf not. You know what fuck it let's just round up to 1024bits. Each trade is 128bytes why not, that's a nice number.

That means 200Pb--2e17 bytes mind you--is enough to store 1.5625e16 trades. If all the traders are doing 1e9 trades/day, and we assume this dataset is 13mo of data, that means there are 38772 HFT traders all simultaneously making 11574 trades per second.. That seems like a lot..

In other words, that means Binance is processing 448.75 million orders per second.. Are they though?

EDIT: No, indeed some googling indicates they claim they can process something like 1.4 million TPS. But I'd hazard a guess the actual figure on average is less..

EDIT: err sorry, shoulda been 100Pb. Divide all those numbers by two. Still two orders of magnitude worth of absurd.

The only thing I can think of is that they are collecting every single line of log data from every single production server with absolutely zero expiration so that they can backtrack any future attack with precision, maybe even finding the original breach.

That's the only actual use case I can think of for something like this, which makes sense for a cryptocurrency exchange that is certainly expecting to get hacked at some point.

Security and customer support are the two main reasons why people want a super long retention.

Medium retention (1 or 2 months) is still very appreciable if some issue in your bugtracker stay stale for this amount of time.

Again, this is application logs. The stuff you would log in your program with log4j for instance.

With a microservices architecture in particular that can pile up rapidly.

This is NOT about transaction log. This is application logs. The thing you generate via Log4j for instance.

Also 100PB is measured as the input format (JSON). Internally Quickwit will have more efficient representations.

yeah I think I showed that pretty clearly

High frequency traders are making hundreds of billions of orders per day. And there are many bigger and smaller players.