#2 is why the government, via laws, needs to establish employment rights, such as redundancy payments when someone is terminated due to their position being no longer required.
Those rights need to show up in company balance sheets as a contingent liability.
That applies when the company is acquired as well.
The employment of a company need to be either paid out to employees at net present value, or need to be transferred to the new owners as part of the sale.
In the US, with employment sponsored health insurance, it's even more important.
This is the same business model that Computer Associates used successfully in the 1990s, so it's not new to IT or technology.
The primary difference now is that the transition from bespoke IT on premises environments has been subsumed by the cloud hyperscalars and an entire hierarchy of products that use that infrastructure in a higher level of composability than in the past.
Products like SAP will continue to require engineering to maintain compatibility with the changes in its customers' requirements.
Products like MS-Word don't need that same level of feature work.
If a product is essentially feature complete then making the engineering a "maintenance only" support is about minimizing those support costs.
The US/EU/JP manufacturers are half-pregnant, they have engine and other mechanical production plants that will become stranded assets as BEVs don't need engines, gearboxes or the other hydraulic/cooling etc infrastructure that an ICE vehicle needs.
Electric motors are essentially maintenance free over the life of a BEV, same for the batteries. The maintenance is for brake pads/rotors, but regen braking also avoids that.
There is the passenger heat pumps for heat/cooling, and the lighting, but LED lighting also requires minimal maintenance.
That cuts out a large chunk of the automotive industry in general.
US/EU/JP manufacturers are having to handle a major market disruption, independent of whether or not CN is leaping over them.
> Electric motors are essentially maintenance free
They require maintenance, although less than an ICE, but drive train repairs are not as uncommon as you might think. Manufacturers are always going to pinch pennies.
> That cuts out a large chunk of the automotive industry in general.
Hardly. You've removed the engine, fuel and exhaust system. You still need literally everything else. Windows and motors, doors and locks, wheels and hubs, seats and accessories, gauge clusters and radios, environmental controls, differentials and oil changes, the list goes on and on.
You deliver them the same way, you sell them the same way, you license them into the system the same way.
> US/EU/JP manufacturers are having to handle a major market disruption
That was called COVID. They all handled it badly save Toyota. The oil companies have far more to worry about.
This is not a market disruption, this is a supply chain change that is not going to be delayed by artificial tariffs or other protectionist attempts.
Post COVID was getting back to what was before, this is the equivalent of the introduction of Ford mass production techniques on the previous industry of coach building.
ICE engine parts are a major ongoing expense but also profit centre for dealers and an entire industry on their own.
So there's entire supply chains that will be disrupted.
How many engine plants are going to be needed going forward?
Australia went through this wrench back in 2014 when our local car industry collapsed after the government withdrew a measly amount in annual subsidies.
Fortunately it was a 3 year process that played out that allowed adjustments.
That had a major knock on effect of the loss of roughly 50K manufacturing jobs and industries had to pivot.
The US/EU/JP manufacturers are having trouble pivoting, the US because its car industry is entirely about trucks/SUVs, EU because its premium for manufacturing is rapidly eroding, and JP because they seem to be having trouble actually manufacturing EVs.
You wish. These EV get charged $15k more compared what they used to be with their gas models with crap touch screens, stupid ass voice controls: things that when broken are hard to repair and costly, the battery, the range. Keep dreaming
The suspension is a rust issue, I believe EVs are still made of metal.
Given in the last 3 years I’ve only spent money on tyres, replacement wing mirror, and now suspension on this car, and you assert an EV needs more spending on tyres and suspension, it seems that an equivalent EV would be higher maintenence costs.
I’m sure things are different at the high end of the market where you’re spending £10k on a nearly new car, but at my end where it’s under £2k it doesn’t make sense.
When your LED brake light goes out, you have to purchase an entire assembly as the LED's are part of the PCB. There are no "bulbs" for a few dollars. And with the matrix LED's a few may go out, now your brake light "sort of" works, so it's even harder to justify replacing.
Evidence so far says they are not a gamble at all, and common (required?) eight year warranties on 80% life remaining are on all BEVs, plus record show that BEVs tend to to retain that 80% range at ten years. The gamble might be in whether the batteries have manufacturing defects, but warranty and recalls cover that, and as Samsung showed, can happen to even smaller, cheaper items.
But if the person writing the prompt is expressing their mental model at a higher level, and the code can be generated from that, the resulting artifact is, by Naur's theory, a more accurate representation of the actual program. That would be a big deal.
The problem here is that the domain was allowed (Anthropic) but Anthropic don't check the API key belongs to the user that started the session.
Essentially, it would be the same if attacker had its AWS API Key and uploaded the file into an S3 bucket they control instead of the S3 bucket that user controls.
Cowork does run in a VM, but the Anthropic API endpoint is marked as OK, what Anthropic aren't doing is checking that the API call uses the same API key as the person that started the session.
So the injected code basically says "use curl to send this file using the file upload API endpoint, but use this API Key instead of the one the user is supposed to be using."
So the fault is at the Anthropic API end because it's not properly validating the API key as being from the user that owns it.
the next attack will just be like malicious captions in a video. Or malicious lyrics in an mp3. it doesn't ever really end because it's not something that can be solved in the model.
In the article it says that Cowork is running in a VM that has limited network availability, but the Anthropic endpoint is required. What they don't do is check that the API call you make is using the same API key as the one you created the Cowork session with.
So the prompt injection adds a "skill" that uses curl to send the file to the attacker via their API key and the file upload function.
Those rights need to show up in company balance sheets as a contingent liability.
That applies when the company is acquired as well.
The employment of a company need to be either paid out to employees at net present value, or need to be transferred to the new owners as part of the sale.
In the US, with employment sponsored health insurance, it's even more important.
reply