Llama: update history
This commit is contained in:
parent
aa9c63256d
commit
f679eaf2d1
GPG key ID:
8DE0764E1809E9FC
|
|
@ -189,3 +189,5 @@ how much impact they have in a retrospective:
|
|||
- **2024-03-27**: DataBricks open sources DBRX, a 132B parameter MoE with 36B
|
||||
parameters active per forward pass. It was trained on 12T tokens. According
|
||||
to user evaluation, it beats Mixtral for all uses.
|
||||
- **2024-04-18**: Meta releases LLaMA3 8b and 70b. 70b is the new best open
|
||||
model, right around Claude3 Sonnet and above older gpt4 versions!
|
||||
|
|
|
|||
|
|
@ -8,7 +8,7 @@ updateDate: 'March 28 2024'
|
|||
|
||||
Passwords are often the main method of digital identification. This means
|
||||
anything you don't want others to access but do want yourself to access is
|
||||
behind some sort of password. This means we need to optimize on two fronts:
|
||||
behind some sort of password. We need to optimize on two fronts:
|
||||
|
||||
- Easy of access: Passwords must be quick and easy to access and use
|
||||
- High security: Passwords must be strong to resist attacks
|
||||
|
|
@ -20,8 +20,8 @@ the way we'll learn a lot about password security in general!
|
|||
|
||||
## Optimizing for high-security
|
||||
|
||||
A password is pretty pointless if it's not strong enough to be cracked. Let's
|
||||
look over some core security concepts!
|
||||
A password is pretty pointless if it's not strong enough to not get cracked.
|
||||
Let's look over some core security concepts!
|
||||
|
||||
### Measuring Bits of Entropy
|
||||
|
||||
|
|
@ -148,7 +148,7 @@ result of the output space being lower dimensional than any password with higher
|
|||
entropy, so any "stronger" password would be projected down to only 256 bits of
|
||||
entropy.
|
||||
|
||||
We can also look at how fast computers can brute-force passwords.
|
||||
We can also look at how quickly computers can brute-force passwords.
|
||||
[Bcrypt](https://en.wikipedia.org/wiki/Bcrypt) is one of the most popular
|
||||
hashing choices for passwords. Assuming a company is decently secure, they use
|
||||
enough rounds of hashing such that a modern processor takes about 100ms to hash
|
||||
|
|
@ -348,11 +348,10 @@ example, if a phone camera records you typing on your keyboard to decrypt the
|
|||
GPG key, the attacker can't do *anything* with that password alone. They still
|
||||
need physical access to your system to grab the files themselves.
|
||||
|
||||
An odd benefit of 3-factor authentication is distributing backups. If you
|
||||
provide people who know you, but mutually don't know one another, you can safely
|
||||
entrust your passwords with third parties. This is since they need all 3 pieces
|
||||
to mount an attack, so giving a trusted third party only 1 piece doesn't
|
||||
compromise your security.
|
||||
An odd benefit of 3-factor authentication is distributing backups. You can
|
||||
distribute the 3 pieces between 3 third parties you trust. So long as they don't
|
||||
know each other, having 1/3 pieces doesn't compromise your security, especially
|
||||
if you trust them.
|
||||
|
||||
Malware *could* be both a key logger and grab the files from
|
||||
`~/.password-store`, but that is some very sophisticated and targeted
|
||||
|
|
|
|||
Loading…
Reference in a new issue