The earliest arrests under the Take It Down Act (TIDA) suggest that cops don't have to work too hard to identify people illegally posting and selling nonconsensual sexualized deepfakes of women online.

Last week, the FBI arrested two men after visiting porn websites and clicking on hashtags like #AI #Deepfakes or video titles like "AI_tits" or "Ass_AI."

One suspect accused of violating TIDA was 20-year-old Arturo Hernandez. He allegedly posted 113 albums viewed nearly a million times featuring AI-generated sexualized images and videos of approximately 50 women. Victims included political figures, actresses, and musicians, as well as women who are not public figures, such as female individuals who attended his Texas high school and an Instagram friend.

Geo-location data helped cops identify Hernandez as a suspect. In his affidavit, an FBI special agent, Christopher Powell, explained that cops investigating the porn site found a second account re-posting all the content that Hernandez allegedly uploaded. That second account was linked to Hernandez's PayPal account, the complaint said, and an IP address often used to log in to it was the same IP that Hernandez's Apple records showed he'd used to log in to his iCloud.

While sexualized deepfakes of celebrities and politicians may be easiest to spot in the wild, cops also sought evidence tying Hernandez to AI content depicting people he knew. It likely simplified their search to find that not only did Hernandez follow the Instagram account of one victim, but cops discovered that Hernandez had also saved in a folder on his own Instagram account the specific image used to create AI porn content viewed more than 36,000 times.

Hernandez seemingly tried to distance himself from some of the activity, for example, by registering his Gmail account with the nickname "Ryan" instead of his actual first name. However, cops noted that Hernandez used the "Ryan" nickname elsewhere online, including on his Snapchat account.

However, the other man arrested, 51-year-old Cornelius "Neil" Shannon, was allegedly less careful, Powell's affidavit for that arrest showed.

Shannon is accused of publishing approximately 360 AI-generated albums that have been viewed more than 2 million times, featuring approximately 90 women, primarily political figures, actresses, and musicians.

Powell's affidavit suggested it was trivially easy to link Shannon to the porn site account because Shannon apparently used his own photo as the profile pic. Cross-referencing Department of Motor Vehicle records and surveillance photos, cops alleged that a man seen posing in a Mets baseball shirt on the account's profile appeared to be Shannon.

Both Hernandez and Shannon risk up to two years in prison if cops can prove they violated TIDA.

FTC warns 12 nudify toolmakers

Officials appear motivated to track images posted online and enforce the law.

In a press release announcing the recent arrests, Joseph Nocella, Jr., United States Attorney for the Eastern District of New York, accused the suspects of using "cutting-edge digital technology to create images that degraded and violated victims across the United States." And James C. Barnacle, Jr., assistant director in charge of the New York FBI field office, confirmed that his agents would continue investigating similar cases.

"This predatory conduct represents a disturbing abuse of technology that inflicts emotional harm on victims, violating their privacy, dignity, and security," Barnacle said. "The use of this emerging technology to victimize individuals is not innovative—it is criminal and will be pursued with the full force of the law."

However, some people charged with TIDA violations may continue using the technology to harm victims, as it remains readily available and relatively cheap to make realistic-looking content sexualizing real people. An Ohio man who was hailed by the US Justice Department as the first arrest under TIDA notably continued making sexualized deepfakes while on pre-trial release, apparently undeterred by even the threat of imminent consequences.

To block people from using AI services to "undress" people and share harmful images online, the Federal Trade Commission announced last week that it sent warning letters to 12 companies offering so-called "nudify" tools.

Those companies appear to be violating TIDA, the FTC warned, and need to implement "a process through which victims can request the removal of nonconsensual intimate images appearing on their platforms" within 48 hours or risk "civil penalties of up to $53,088 per violation."

It's unclear if the social media platform X—which has been sued by three girls who claimed its chatbot Grok turned their real photos into AI child sexual abuse materials—received a warning. But X's Safety account posted last week, notifying users that TIDA victims can report harmful content through the Help Center. They can also report any post by "tapping the three-dot menu (⋯), selecting 'Private or Non-Consensual Content' > 'Report content under the US Take It Down Act' and then completing the form."

"Our team reviews these reports as fast as possible and well within the Act’s 48-hour timeline," the X Safety account said.

More broadly, the FTC is seemingly stepping up enforcement after a deadline passed this month when all online platforms were required to have such a process in place. A week before the warning letters went out to nudify services, the FTC sent additional letters to operators of major platforms, including Amazon, Alphabet, Apple, Automattic, Bumble, Discord, Match Group, Meta, Microsoft, Pinterest, Reddit, SmugMug, Snapchat, TikTok, and X. Those letters told platforms to be prepared to face penalties for any non-compliance.

Even if such a process were in place on every online platform, however, TIDA seems imperfect, since it doesn’t stop the initial sharing and still puts the burden on the victim to monitor and flag harmful images across the Internet. Critics have warned that the process could also be abused by people, including possibly Donald Trump, who hope platforms will automatically remove any reported content they don't like.

Read full article

Comments

I should start by saying that Kagi is a paid product. For those who want to look at what other search engines are out there, Startpage and DuckDuckGo both offer great services free of charge.

Why pay for search?

As the oft-repeated adage goes: "if you're not paying for the product, you are the product". We all know that there's a reason Google can provide the services it does for free. We also all know that this is a bit of an oversimplification, but it's probably a good heuristic to apply to the landscape of software tools nonetheless.

I like the fact that when I search on Kagi, the first hit is actually a hit, not a sponsored result or ad. It feels as though I'm using a direct tool without any advertiser incentives muddying the waters.

In itself, that's not enough to justify the cost for me, but the bundling of the below features pushes me over the fence.

I've been using it as a daily driver for months and I've never once felt the need to switch back. Not one single withdrawal itch.

Lenses

Lenses focus search results down across a narrow field. For example, you can narrow your search to only include Academic or Forum results. Furthermore, you can create your own custom lenses. It's not a feature I tend to use very often, but a neat little one nonetheless.

As an example, I've created a Bearblog lens which only returns *.bearblog.dev sites:

What's really cool is that these lenses can be applied to the lookups undertaken by AI features, which neatly leads me onto the topic of...

AI

Kagi has Quick Answer which serves the same purpose as Google's AI Overview. I'm not going to pretend that it's quite as good or as fast, but it's more than good enough for me. The main thing I like about it is that it's toggle-able. It's off by default and if I want to use it, I can just affix a ? to the end of my query. It's a feature, not a new default mode of search forced onto users.

Kagi also has Assistant - an inference provider for a whole host of well known LLM models. I like the idea of subscribing to this service, instead of directly subscribing to a specific model provider (e.g. via OpenAI's app, or Kimi's app). It means I'm not locked in; I can experiment with whichever model I like best. I can save this preference in a Custom Assistant (CA) which allows me to provide a system prompt describing the behaviour for all interactions used when that specific CA is selected. This CA can then be given a custom name and neatly accessed via the search bar. For example, I've got a CA called jair (James + AI + Reasoning; very creative, I know) which looks like:

With a system prompt of:

Include references wherever possible. 
Express uncertainty wherever possible; you should express doubt and avoid over-confident, authoritative statements. 
Keep the formatting light; the quality of the information is more important than its presentation. 
Take on the role of a professional correspondent. Statements should be direct and to the point. Discard any pleasantries or unnecessary verbosity.  
Do not cater to my feelings whatsoever. 
If you lack the information required to give a comprehensive and correct answer, prompt me for clarification. 

So now I can go and search !jair what is the circumference of the moon and how do we know and it'll give me a result as per my settings above.

As well as flexibility, Kagi as an inference provider also allows for a higher degree of privacy. Not necessarily full privacy, but better than that of most alternatives.

The privacy policy for Moonshot's Kimi app (the model I use via Kagi) states:

1. Personal Information We Collect:

User Content: This includes prompts, audio, images, videos, files, and any content you input or generate while using our products and services. We process this information to provide and improve the Services, including training and optimizing our models. The legal basis for this processing may be our legitimate interests or your consent, depending on your jurisdiction.

Device and Usage Information: We collect information about your device and how you interact with the Services, such as:Device type, model, and operating system;Browser version and user agent;Unique device identifiers (such as device ID, MAC address);Conversation IDs and session identifiers;Network and telecommunications provider;Clipboard data (if applicable and permitted by your settings);Date and time of access, pages viewed, and interaction patterns.This information helps us monitor service performance, troubleshoot issues, and optimize user experience.

This is pretty cookie-cutter; OpenAI, Alibaba, Google, Anthropic, etc. all store user prompts. If they offer a feature to not do so, then it's generally not available within consumer-grade plans.

If every prompt is being recorded, then I can't ask certain things. For 95% of the time throughout daily life, I'm prompting something innocuous. But for that 5% when my prompt is personal or involves information that I'm not comfortable or willing to share, then I'm out of luck. Unless I run a model locally (which is a faff and not all that practical a lot of the time).

Also, note that they state that they can potentially collect clipboard information. As someone who uses a password manager and so relies on the clipboard to sign in to services from time to time, I find that a little scary.

Kagi uses APIs from various services, all of which are set up to have temporary data retention or zero data retention, depending on the model being used. Using Kimi via Kagi, I know that my prompts and associated context files aren't being stored, and that my clipboard isn't being read.

It's worth noting however that Kagi is just acting as the middleman, and so are subject to any policy changes affecting the APIs they use. Furthermore, they state in their privacy policy that prompts "may be retained for a short period of time as a part of request debugging".

It's also worth noting that other LLM providers to offer paid tiers which feature data retention controls.

Small Web

Kagi's small web, as per their blog post:

...typically refers to the non-commercial part of the web, crafted by individuals to express themselves or share knowledge without seeking any financial gain.

This is more of a gimmick than a competitive search feature, but I'd argue that it acts as a good litmus test for their philosophy of the company. That of user control, and an individually expressive, human-centric internet built by people - not by big tech encapsulating their users in their proprietary walled gardens.

To Conclude

I like Kagi. I recommend you give it a go if you haven't (they have a trial). If you find that it's not worth the cost paying for a plan, then by all means give Startpage a go; it used to be my search engine of choice.

Kagi does also have other features that I've not talked about: Translate, News, Summarizer, their own web browser, and a host of other quality-of-life features alongside their search service.

If you have any feedback or disagree with anything I've said, let me know!

A lot of the above experiences are anecdotal; they derive from personal experience. I've not done any systematic tests or comparisons between Kagi and Google Search.

‘If you don’t have clean water, you really don’t have anything.’

The post Contamination, climate change and political drama stall clean water for Colorado’s Arkansas Valley appeared first on High Country News.

Steve Yegge’s article about programmer burnout (“The AI Vampire”) along with Margaret Storey’s article about Cognitive Debt started an ongoing conversation about programmer fatigue and software quality—two topics that should be linked, but often aren’t. Steve argues that programming constantly with the help of agentic AI leds to burnout; it’s fast, it’s fun, but keeping up with your agents causes mental strain. He recommends programming with agents no more than 4 or 5 hours per day. I could cynically say that most software developers spend at most 20% of their time writing code, which leaves about an hour and a half for wrestling with agents—but that’s beside the point. Yegge’s point about burnout is important, and is in line with what friends have told me. At some point, you have to put the laptop down.

Storey makes a different point. Agentic engineering is great at creating software that works, but that you don’t quite understand. Like humans, agents can generate a lot of spaghetti code. They can “design” convoluted and inappropriate software structures—I hesitate to call them “architectures”; they’re what happens in the absence of architecture. Agents are very capable of creating technical debt—and not the kind of meaningful technical debt that lets you release a product on time with the knowledge that you need to make pay it back with interest. If nobody is looking hard at the code, the debt can grow without bounds, sort of like not checking your credit card balance. What’s worse—and this is Storey’s contribution—while that technical debt is growing, developers are losing track of the design, the structure, the architecture. She calls that “cognitive debt.” You don’t just have problems in the code; those problems are harder to find and fix than they should be because you’re unclear on the structure of the code you’re working with.

Other voices have made similar points. The Sonarsource blog writes about how AI is reshaping technical debt and creating new burdens, new kinds of toil. In “The Mythical Agent Month,” Wes McKinney links the problem of burnout to the introduction of “accidental complexity” and “agent scope creep,” while Tim O’Brien writes that while scope creep isn’t new, AI supersized its growth. And Addy Osmani writes about finding your parallel agent limit, coming to grips with what you’re capable of accomplishing without compromising your work or your life.

Cognitive debt and burnout aren’t new, alas. With or without AI, we’ve all stayed up to 4AM working on a bug that won’t go away or pursuing an interesting idea to its end. Sometimes that’s heroic, but AI threatens to turn it into a lifestyle. AI fatigue is real, as Siddhant Khare writes, and it’s something we need to talk about. When fatigued, it’s tempting to say “this works, it looks good, and it passes our tests” without considering how the code fits into the overall plan. With 10x code generation, you also get 10x the debt load, and that’s being optimistic. When the debt curve goes exponential, strategies for managing that debt are stressed past the breaking point.

The problem with cognitive debt is that it eventually makes new features and bug fixes difficult or impossible. The code has become so convoluted that it can’t be changed. I’ve certainly done that with hand-written code: added a feature without thinking enough about how the new code fit in, added some more code later, and then—when I needed to add a third feature—discovered that I’d created a problem that wouldn’t be simple to fix. The right stuff was there, but in the wrong places because I wasn’t thinking about the overall structure.

That’s a common enough problem with handwritten code; it’s almost always a problem with legacy code where the original developers and maintainers are no longer around. We need to realize that it’s also a problem with AI-generated code, which has been characterized as legacy code from the day it’s written. Somebody or something has to pay down the debt. As Storey writes, “velocity without understanding is not sustainable”: not for humans, not for machines. If you understand the structure of what you’re building, you can steer the AI away from creating a problem in the first place, or you can use it to author a fix. If you don’t understand the structure or can’t describe it to the AI, you’re lost.

Cognitive debt accumulates much more quickly when you’re burned out. Burnout has always been a problem for programmers, especially for those who really love programming: you stay up all night to solve a problem. And, while some programmers resist using AI to write code, those who use AI frequently find that it exacts the same toll: it’s hard to stop. It is its own kind of toil: toil that gives you a sense of accomplishment and fulfillment, but still leaves you empty.

Agents may not be subject to burnout, but the humans who control them are. Agents are quickly becoming more capable, but they still can’t maintain a sense of the shape and structure of a project over the long term. That’s our job. They can pay down technical debt, but only if properly guided; that’s also our job. And we won’t be able to do either if we’re burned out.