activescott's Notes

In 2019, differences in diagnostic coding caused Medicare to pay MA plans $9 billion more than it would have spent if the same beneficiaries had been enrolled in FFS Medicare.

Excess payments to MA plans may benefit enrollees in the MA program (when used to increase the value of extra benefits offered rather than increase profits) but cost taxpayers more than if these enrollees were covered in FFS Medicare. Further, excess payments to MA plans increase fiscal pressure on the Hospital Insurance (Part A) Trust Fund as well as on the taxpayers, beneficiaries, and state Medicaid programs who pay premiums to finance the Part B program.

The Medicare Payment Advisory Commission We are a nonpartisan independent legislative branch agency that provides the U.S. Congress with analysis and policy advice on the Medicare program.

Fascinating that Medicare Advantage a private company healthcare plan rather than a government one where current political banter beats the drum about fraud. So these are private companies committing fraud and not government run plans.

Medicare Advantage plans offer seniors a private alternative to original Medicare. The insurance plans have grown dramatically in recent years and now enroll about 34 million members, more than half of the people eligible for Medicare.

In court filings, the government argued the health plan “pressured” doctors in Colorado and California to add diagnoses “regardless of whether these conditions were actually considered or addressed by the physician during the patient visits,” policies that violated Medicare requirements.

From 2009 through 2018, KP added roughly half a million diagnoses that generated about $1 billion in improper payments to the health plan, according to the complaint.

The KP settlement comes on the heels of a Senate report this month that accused UnitedHealth Group of “gaming” the Medicare Advantage payment system, which is called “risk adjustment.”

“My investigation has shown UnitedHealth Group appears to be gaming the system and abusing the risk adjustment process to turn a steep profit,” Sen. Chuck Grassley (R-Iowa) said in a statement accompanying the report’s release.

The report cited several medical conditions that have repeatedly been linked to overbilling by Medicare Advantage plans, such as coding for opioid dependence disorder in patients who are taking their medications as directed for pain.

we propose a method for eliciting an honest expression of an LLM’s shortcomings via a self-reported confession. A confession is an output, provided upon request after a model’s original answer, that is meant to serve as a full account of the model’s compliance with the letter and spirit of its policies and instructions. The reward assigned to a confession during training is solely based on its honesty, and does not impact positively or negatively the main answer’s reward.

The Eclipse Layout Kernel (ELK) implements an infrastructure to connect diagram editors or viewers to automatic layout algorithms. This library takes the layout-relevant part of ELK and makes it available to the JavaScript world. ELK's flagship is a layer-based layout algorithm that is particularly suited for node-link diagrams with an inherent direction and ports (explicit attachment points on a node's border). It is based on the ideas originally introduced by Sugiyama et al. An example can be seen in the screenshot below.

Note that elkjs is not a diagramming framework itself - it computes positions for the elements of a diagram.

There are many OBD2 scanners, but does FORScan somehow differ? Yes, because it is designed especially for Ford, Mazda, Lincoln and Mercury vehicles. So supports specific features of the manufacturer protocols, making the FORScan more powerful in work with these models than any regular OBD2 scanner.

For example, FORScan can detect modules which are not visible for regular OBD2 scanners, it can show you and reset trouble codes which are never displayed by OBD2 scanners. FORScan can show you PIDs which are not supported by any OBD2 scanner, and also run specific tests and service procedures. Version of FORScan for Windows can also perform configuration and programming functions. In other words, FORScan can do things that regular OBD2 scanners can not do.

Main features

Detect vehicle on-board network configuration Read and reset Diagnostic Trouble Codes from all modules (see list of supported modules) Reading of modules' sensors' data Run test diagnostic procedures Run service procedures Configuration and programming functions (only in FORScan for Windows, require Extended License)

AUX18L Auxiliary and Start/Stop Battery, by East Penn

the short version is that it’s now possible to point a coding agent at some other open source project and effectively tell it “port this to language X and make sure the tests still pass” and have it do exactly that.

the short version is that it’s now possible to point a coding agent at some other open source project and effectively tell it “port this to language X and make sure the tests still pass” and have it do exactly that.

Does this library represent a legal violation of copyright of either the Rust library or the Python one? #

I decided that the right thing to do here was to keep the open source license and copyright statement from the Python library author and treat what I had built as a derivative work, which is the entire point of open source.

Even if this is legal, is it ethical to build a library in this way? #

After sitting on this for a while I’ve come down on yes, provided full credit is given and the license is carefully considered. Open source allows and encourages further derivative works! I never got upset at some university student forking one of my projects on GitHub and hacking in a new feature that they used. I don’t think this is materially different, although a port to another language entirely does feel like a slightly different shape.

The much bigger concern for me is the impact of generative AI on demand for open source. The recent Tailwind story is a visible example of this—while Tailwind blamed LLMs for reduced traffic to their documentation resulting in fewer conversions to their paid component library, I’m suspicious that the reduced demand there is because LLMs make building good-enough versions of those components for free easy enough that people do that instead.

Prevention and Mitigation Strategies

Prompt injection vulnerabilities are possible due to the nature of generative AI. Given the stochastic influence at the heart of the way models work, it is unclear if there are fool-proof methods of prevention for prompt injection. However, the following measures can mitigate the impact of prompt injections:

1. Constrain model behavior

Provide specific instructions about the model’s role, capabilities, and limitations within the system prompt. Enforce strict context adherence, limit responses to specific tasks or topics, and instruct the model to ignore attempts to modify core instructions. 2. Define and validate expected output formats

Specify clear output formats, request detailed reasoning and source citations, and use deterministic code to validate adherence to these formats. 3. Implement input and output filtering

Define sensitive categories and construct rules for identifying and handling such content. Apply semantic filters and use string-checking to scan for non-allowed content. Evaluate responses using the RAG Triad: Assess context relevance, groundedness, and question/answer relevance to identify potentially malicious outputs. 4. Enforce privilege control and least privilege access

Provide the application with its own API tokens for extensible functionality, and handle these functions in code rather than providing them to the model. Restrict the model’s access privileges to the minimum necessary for its intended operations. 5. Require human approval for high-risk actions

Implement human-in-the-loop controls for privileged operations to prevent unauthorized actions. 6. Segregate and identify external content

Separate and clearly denote untrusted content to limit its influence on user prompts. 7. Conduct adversarial testing and attack simulations\

Perform regular penetration testing and breach simulations, treating the model as an untrusted user to test the effectiveness of trust boundaries and access controls.

Top 10 Risk & Mitigations for LLMs and Gen AI Apps

When asked to summarize the user’s recent mail, a prompt injection in an untrusted email manipulated Superhuman AI to submit content from dozens of other sensitive emails (including financial, legal, and medical information) in the user’s inbox to an attacker’s Google Form.

the injection in the email is hidden using white-on-white text, but the attack does not depend on the concealment! The malicious email could simply exist in the victim’s inbox unopened, with a plain-text injection.

This is a quite common use case for email AI companions. The user has asked about emails from the last hour, so the AI retrieves those emails. One of those emails contains the malicious prompt injection, and others contain sensitive private information.

The hidden prompt injection manipulates the AI to do the following:

Take the data from the email search results

Populate the attacker’s Google Form URL with the data from the email search results in the “entry” parameter

Output a Markdown image that contains this Google Form URL

Superhuman has a CSP in place - which prevents outbound requests to malicious domains; however, they have allowed requests to docs.google.com.

The AI Notetaker you’ll wish was in your last customer meeting.

Amazon letting sellers post ads for ~$3K graphics cards, and then the seller ships them fanny packs. Confirmed multiple times and in reviews.

Almost too tempting...

EDIT: 🤣🤣 Look at seller reviews: https://files.catbox.moe/wg1oqi.png

DONT DO IT.

Per a previous post, I actually tried it due to the FBA return policy, cause I was putting it on an empty amz card, and cause I was bored. 🥱😏

you get a Fanny pack

I recorded the shit out of opening the package and reported it as fraud. A few people were doing the exact same thing (ordering it it case it was real, and recording opening of the package to CYA) cause we were also bored 😂

out of the norm, you have to take detailed pics and the charge stays on your card until they receive Fanny pack (yes you have to send it back 😂🤣) and ‘inspect it’ I guess due to the massive number of returns and fraud reports+ add to that the normal refund period. Not even a credit to your account would be instant once you return it to a drop off. 😕

Clearly a waste of time but will mess you up serious if you use a debit card or if there is any sort of delay that results in them receiving it late, and taking too long to process it.

Amazon will not make you whole on this. Maybe they give you a shitty coupon (some people reported a $10 credit 😒) and it’s not worth your time.

https://imgur.com/a/dHlrKnh

https://imgur.com/a/tYKVyHz

You'd think Amazon would suspend the seller or remove the listing the moment 20+ people all reported it and returned it for the same reason instead of removing the reviews and letting people get scammed (and then dragging their feet getting the defrauded people their money back)

I just received my AORUS RTX 5090 from Amazon, sold and shipped directly by Amazon as brand new. When I opened the box, it was clearly an open-box item and contained only a PCB with no GPU chip or VRAM installed. How does Amazon ship something like this as new?

I saw that the other day. Was tempted, but then when I checked the store all the reviewers were 1 stars saying that they got a fanny pack instead of what they ordered. Amazon, being Amazon had removed or crossed the review out because it was fulfilled by them not the store, basically allowing them to defraud people

One day the mighty data centre could be toppled into obsolescence by the humble smartphone, said Perplexity CEO Aravind Srinivas on a recent podcast.

Apple's AI system, Apple Intelligence, already runs some features on specialised chips inside the firm's latest range of products.

Microsoft's Copilot+ laptops also include on-device AI processing.

a few years ago I heard about a tiny data centre, the size of a washing machine, that was being operated in Devon, UK. In addition to its computing power, the heat it was releasing was warming a public swimming pool.

He thinks every public building should instead house a small data centre, working in a large network with each other where required, and providing heating as a by-product.

In just the past week, President Donald Trump has ordered defense companies to halt dividends and stock buybacks, and limited executive compensation to $5 million a year; ordered Fannie Mae and Freddie Mac to buy $200 billion of mortgage-backed securities; ordered an array of energy firms to invest in Venezuelan oil infrastructure, called for a 10 percent cap on credit card interest rates; announced steps to ban institutional purchases of single-family homes; and opened a criminal investigation into Jerome Powell's handling of Federal Reserve building renovations in an attempt to influence monetary policy.

good 12v battery replacement vid

We used the Remy 12V Battery AUX18L

In the US it's important to know that you can use the: Energizer TX24HL AGM Motorcycle and ATV 12V Battery​ as a replacement for the 12 volt. It costs $105 at Amazon. Its been working flawlessly since November of 2023. It may be important to note that in my 2014 the entire car went dead and I had to watch a YouTube to find the emergency hood pull. I had bought the car from a dealer in 2017 so my original 12 volt was between 7 and 9 years old. Absolutely amazing.

I’d caution slightly. This battery seems to be a different physical size than the OEM, and the terminals look different as well. I like this one, because it is a one for one replacement: https://remybattery.com/start-stop-aux18l-auxiliary-battery.html

I worked with Ohmmu to ensure that its LFP battery would work well with an i3. The i3 DC-DC converter's output voltage is ideal for an LFP battery. The 0.5V higher resting voltage of Ohmmu's LFP isn't a problem with an i3's 12V electronics because 12V components are designed work well with the 14.0+ output voltage of the DC-DC converter. The higher resting voltage and the much more flat voltage vs. charge level curve of a LFP battery means that the risk of all of the spurious DTC's being stored when the OEM battery's voltage drops too low when it fails isn't as great with a LFP battery. My Ohmmu LFP battery has been in our former 2019 and current 2021 i3's for about a year without any problems.