Saturday, July 11, 2026

LLM Analysis of College Ratings

Money Magazine recently published research on the best colleges in America. Its methodology includes metrics that are weighted based on graduation rates, costs, financial aid, student debt, and alumni salaries. My daughter is looking at University of California schools (among other options), and I noticed that while UC Berkeley, UC Davis, UC Irvine, and UC San Diego achieved 5-star ratings, UCLA “only” received 4.5 stars.

Beyond what was stated in the methodology, I could not find detailed information about the raw scores that led to the star ratings, so I decided to consult various large language models (LLMs) to see if they could do some digging for me and propose plausible explanations for why UCLA wasn’t given a full 5 stars as I would have expected.

I asked the exact same question to Copilot, ChatGPT, and Claude: “Money Magazine released their 2026 ratings of the best colleges in the US (https://money.com/best-colleges/). Try your best to find out why UC Berkeley, UC Davis, UC Irvine, and UC San Diego achieved 5-star ratings while UCLA only received 4.5 stars. Make sure to examing their scoring methodology and determine what criteria may have caused UCLA to not achieve a full 5 stars.” Note that I copied and pasted the same typo (“examing” should have been “examine”).

Copilot didn’t spend much time researching this topic, and it started spitting out an answer 1-2 seconds after I pressed the “return” key. One of its main explanations for UCLA not achieving 5 stars was due to affordability which didn’t make sense based on the table above, so I followed up with a 2nd prompt: “UC Berkeley has a higher estimated full price and estimated priced with average aid than UCLA, yet UC Berkeley achieved 5 stars. Are you still confident in your assessment? If not sure, then state so.” Copilot then backtracked and revised its explanation, and its revision sounded more plausible to me. Here is Copilot’s full response.

A similar thing happened with ChatGPT which spent only a second or two longer to “think” than Copilot, and it responded almost immediately. It too explained that cost was a factor in it not achieving 5 stars, so I followed up with the exact same 2nd prompt: “UC Berkeley has a higher estimated full price and estimated priced with average aid than UCLA, yet UC Berkeley achieved 5 stars. Are you still confident in your assessment? If not sure, then state so.” Like Copilot, ChatGPT also backtracked and revised its explanation. Here is ChatGPT’s full response.

On the other hand, Claude thought long and hard about its response. It displayed multiple websites that it was consulting to formulate its response, including Money Magazine’s methodology page and the websites from each of the schools mentioned. I can no longer see the pages it was consulting, as they disappeared and were not displaying in the final response. Although I didn’t use a stopwatch, I’d estimate that Claude took 20-30 seconds to think before providing a response. I felt that Claude’s explanation was the most analytical and credible of the 3 LLMs, and unlike Copilot and ChatGPT, I didn’t feel that any of its responses were contradicted by the data. Here is Claude’s full response.

Of course, these are my personal opinions which are completely subjective. Also, my conclusion that Claude performed the best on this specific task are not necessarily generalizable to conversations about other subjects. The take home message is that if you often consult LLMs, I’d encourage you to always think critically about LLM replies and to explore multiple LLMs to compare and contrast their responses and determine which ones are best suited to your needs.

Monday, June 8, 2026

3D Model License Violation

I contribute 3D models to the 3D printing community on MakerWorld, the Bambu Lab model repository. One of the models that I uploaded was an iPad stand for thick cases, and it is the model in my collection that gets downloaded and printed the most. Recently a stranger messaged me to let me know that Sarina’s 3D Printing was selling my model on Facebook. This was Sarina’s post:

The problem with Sarina’s post is that I had uploaded the iPad stand under a Creative Commons Attribution-NonCommercial 4.0 International Deed (CC BY-NC 4.0) license which means that the model cannot be sold without my permission. So I decided to write a comment on Sarina’s post: “Just so everyone knows, the original model is available at https://makerworld.com/en/models/985191-stand-for-ipad-with-thick-case, and it is provided to the community under an Attribution-NonCommercial license which means that work must be attributed to the original designer, and the object cannot be sold.”

Within a couple of days, the post had been taken down. Unfortunately it is very common for people to violate Creative Commons license terms. Sometimes it is blatant theft, such as these examples:

Because I am only a 3D printing hobbyist, and I don’t depend on 3D printing for income, unapproved use of my models does not impact me financially. If anything, I choose the view the breach of licensing terms of my 3D model as a compliment. However, there are many designers out there whose models are used without their permission.

I greatly appreciate being notified by a stranger that someone was selling my model. I recently noticed some suspicious activity and took similar action. A designer posted AirPods Max Jewelry under a Cults 3D Private Use License which prohibits commercial sale, remixing for public sharing, and distribution. However, the exact same model was reposted as Airpods Max Skeleton Accessory. I publicly commented on the repost and also messaged the original designer.

I’ve found the 3D printing community to be helpful and supportive of one another, although there are occasional bad actors. If we all look out for each other, we can hopefully hold people accountable to the licenses that make this community possible.

Thursday, May 14, 2026

Image Editing with LLMs

Yes, you read that correctly. Large language models (LLMs) can come in handy for not just text and image generation—they can be versatile image editors too. Perhaps you’ve uploaded a photo of yourself to your favorite LLM and asked it to generate a caricature of you or portrayed you as a celebrity being chased by paparazzi. These are LLM-based examples of image editing in which you start with an image, add your text-based prompt to manipulate the image, and the result will hopefully resemble what you had in mind.

I recently came up with another use case for image editing. I was trying to find a high quality image of the Eagles’ Hotel California album cover. I searched the web and found many photos and scans of the album cover, but they all had one major shortcoming—the dark areas in the bottom half of the image had little to no detail. Here are 2 such examples:

I uploaded the images to both Copilot and ChatGPT and entered the following prompt: “These are 2 photos of the cover of the Eagles "Hotel California" album with different exposures and levels of detail in the shadows. Merge them into 1 photo and recover details from the shadows. Significantly boost the shadows so that it is possible to see the trees and bushes. Preserve the fluorescent "Hotel California" words that are superimposed on what looks like a car's side view mirror. Also boost the fluorescent "Hotel California" words so they are more bold. Preserve the original aspect ratio. Reduce overall contrast by making the sky a warmer golden glow and increase overall brightness, especially in the darker shadows.” I got very similar results with both Copilot and ChatGPT, and here is the result from the latter:

As you can see, ChatGPT did a remarkable job of creating the bushes in the lower half of the album cover. I honestly don’t know if it was able to recover detail from the source images or if it generated the bushes from scratch (or perhaps a combination of both). In any case, I was very happy with the recovery of what was otherwise lost detail. It also slightly sharpened the palm trees and did a very nice job of highlighting the “Hotel California” stylized wording while preserving its original look and feel. This was exactly the kind of image quality I had hoped to find in a Hotel California album cover, and although I was unsuccessful with my search, I was thrilled to learn that LLMs could generate the next best thing.

If you’re wondering why I wanted such an image, it’s because I wanted to 3D print the Hotel California album cover, and I wanted to include some detail in the bottom half rather than have it appear pure black. Here is the resultant 3D print:

If you have a 3D printer, you can access the 3D model and print profiles here. I hope this give you ideas for how you can use LLMs to edit photos.

Monday, May 4, 2026

TP-Link Router Exploitation

I recently received an email notification from Spectrum, my internet service provider. It warned that some TP-Link routers may be vulnerable following a recent FBI-identified security issue. Because I don’t rent my modem and router from Spectrum, they can’t fix it remotely. They recommend that I (1) update the firmware, (2) change the admin password, and (3) replace the router if it’s over 5 years old.

I explored the links provided in the Spectrum email notification. The first is a link to an FBI Public Service Announcement (PSA). It says that the Russian military, specifically the group known as APT28, Fancy Bear, or Forest Blizzard, is conducting attacks on vulnerable home and small-office routers around the world. This allows them to intercept internet traffic so they can steal passwords, authentication tokens, emails, and browsing data. High-value targets include military, government, and critical infrastructure.

Specifically, the PSA refers to CVE-2023-50224 where CVE stands for “common vulnerabilities and exposures”, 2023 is the year the vulnerability was found, and 50224 is a unique identifier for the flaw. A TP-Link security advisory lists the legacy products that are impacted by CVE-2023-50224 (i.e., the models targeted by APT28) and their remediation status.

Fortunately my TP-Link Deco S4 version 3.6 mesh router system is not on the list. I updated the firmware just over a year ago to build 20240927 (i.e., September 27, 2024). The firmware description does not comment on whether specific CVEs have been fixed, but given that CVE-2023-50224 was identified in 2023 and the firmware update was Build 20240927 (i.e., September 27, 2024), I assume the vulnerability, if it existed on my model in the first place, has been patched.

On a related note, I came across a list of TP-Link End of Life Products and discovered that my TP-Link Deco S4 version 3.6 has an “EOS Notification Date” of 7/27/2025 and an “EOS Date” of 1/27/2026. TP-Link defines End of Life (EOL) products as “products where the production has either ended on the model or the specific version of the model.” Of greater relevance to security vulnerabilities are 2 additional milestones as defined in the TP-Link EOL Policy. The End of Sales (EOS) date is when TP-Link discontinues a product. The End of Maintenance (EOM) date is when TP-Link will no longer provide support or maintenance for a product. So if I interpret these definitions correctly, the first thing that happens is EOL when TP-Link stops producing a model. Then EOS occurs when TP-Link stops selling and accepting new orders for the product. And finally EOM occurs when TP-Link no longer supports the product (I assume this includes firmware updates). So even though my Deco S4 version 3.6 is no longer sold (at least not by TP-Link; it is still sold by Amazon via the link above) according to the EOS Date, I have not received any clear indication that it is no longer maintained. According to ChatGPT, TP-Link does not publicly disclose EOM dates but in general, EOM occurs roughly 3 years after EOS and the only way to determine the EOM date for a specific model is to contact TP-Link support.

The PSA also refers to a UK National Cyber Security Centre Cybersecurity Advisory. It provides a more detailed description of APT28 malicious activity and provides a non-exhaustive list of specific TP-Link router models targeted by APT28 that closely resembles the TP-Link security advisory for CVE-2023-50224.

The bottom line, as described in the Spectrum email notification, is that your router is a device that can have security holes, similar to your desktop/laptop computer or phone. It is therefore important to keep your router firmware updated similar to how you’d update the operating system on your computer or phone. Additionally, you should practice good security hygiene by using strong passwords and replacing equipment that is no longer supported by the manufacturer.

Saturday, May 2, 2026

Website Change Detection

I recently encountered a work-related scenario in which I felt that it would be beneficial for me to know when a website had been updated. The website in question performs periodic updates of certain kinds of data in a downloadable file format, but it does not offer a notification mechanism (e.g., via email, RSS, or other technology) when such changes occur. That led me to explore options for website change detection.

There appear to be many options available, but I found that most of them required subscriptions. Because I am merely evaluating these technologies, I was only looking for free options. That led me to sign up for accounts at Visualping and PageMonitor. I configured both of them to monitor my blog, https://digitaldaddyla.blogspot.com/.

Visualping and PageMonitor use slightly different methods to determine if a change has occurred. For Visualping, setting up a new monitor requires entering the URL and specifying either an AI prompt to describe what changes you are looking for or “Any changes” which they label as “No AI used” as depicted below. I used the “Any changes” option. I also had the option to specify the frequency of page checks, and I chose “every day”. It did not allow me to specify an exact time.

For PageMonitor, setting up a task requires that you specify a URL to display the current webpage. From there, you specify both an “Anchor area” and “Region of interest” by drawing boxes around both regions. The region of interest is the part of the page you want to monitor. The anchor area is a reference point that is used to relocate the region of interest each time the page is checked—this should be an area of the page that is not expected to change. You then specify how often to run the task. When I chose “once a day”, it prompted me to enter a time, for which I think I chose 7 AM.

I have since published 7 new blog entries and have been receiving email notifications from both Visualping and PageMonitor. For the purpose of this blog post, I am presenting my findings based on review of change logs in each of my accounts. Here is a summary.

I have several observations. First, I noticed that Visualping failed to detect my most recent blog post on 4/17/2026, while PageMonitor has not missed any new blog posts. It is not clear to me why Visualping did not detect the 4/17/2026 blog post. One possibility is that I have not logged in to my account since setting up the monitoring job. I received an email from Visualping on 5/2/2026 that stated, “We have not seen you for 3 months! We would like to confirm that you are still interested in us checking things for you. Please login in the next 3 days to keep your current monitoring frequency. Otherwise, your job frequency will be reduced to checking only once a month.” However, my monitoring frequency would have to have been reduced prior to 4/17 to explain the false negative.

Second, the elapsed time between blog publication and webpage change detection was generally 1 day for both Visualping and PageMonitor. However, there was one blog post (Chicken Al Pastor and Oxford Commas) which was not detected by Visualping until after 2 days.

Third, Visualping seems to detect website changes at different hours of the day, while PageMonitor allowed me to specify exactly what time to run my daily task. Notice that the transition from 7:01 AM to 8:01 AM can be explained by Daylight Saving Time beginning on Sunday 3/8/2026.

My final observation is that PageMonitor occasionally alerted me to changes to my blog when I didn’t make any. For example, the “3D Printing Without Wi-Fi” blog that I published on 2/13/2026 was correctly detected on 2/14/2026. However, PageMonitor detected changes on 2/25/2026 and 2/26/2026. I suspect that maybe an image did not load on 2/25 which resulted in a conclusion that the page appeared different, and then the image properly loaded on 2/26 which resulted in another conclusion that the page changed again.

Another example of a false positive from PageMonitor is from my “3D Printing and Firearm Blocking Technology” blog post on 4/17/2026. Following a successful detection on 4/18/2026, it falsely detected a change on 4/29, errored out on 4/30, and falsely detected another change on 5/1, even though I did not make any edits to the blog post or publish any new blogs.

In conclusion, based on a small sample size, Visualping appears to err on the side of false negatives, and PageMonitor seems to err on the side of false positives. It is possible that some of these errors could be due to webpage itself (e.g., images not loading). In any case, I find both Visualping and PageMonitor to be useful for detecting changes to websites. If you are looking for free options, I would recommend checking out both of them.

Friday, April 17, 2026

3D Printing and Firearm Blocking Technology

On February 17, 2026, California introduced Assembly Bill 2047 which is known as the Firearm Printing Prevention Act. It would require several things to happen:

  • On or before July 1, 2027, the Department of Justice must publish written guidance on performance standards for persons or entities engaged in the creation of firearm blueprint detection algorithm to be certified for use by 3-dimensional printer manufacturers, as specified.
  • On or before January 1, 2028, the Department of Justice must accept applications for certification of firearms blueprint detection algorithms and begin issuing certifications of algorithms that meet or exceed the performance standards.
  • On or before July 1, 2028, any business that produces or manufactures 3-dimensional printers for sale or transfer in California must submit to the Department of Justice an attestation for each make and model of printer they intend to make available for sale or transfer in California, confirming that the manufacturer has equipped that make and model with a certified firearm blueprint detection algorithm.
  • On or before September 1, 2028, the Department of Justice must publish a list of all the makes and models of 3-dimensional printers whose manufacturers have submitted complete self-attestations and would require the department to update the list no less frequently than on a quarterly basis and to make the list available on the department’s internet website.
  • On March 1, 2029, the bill would prohibit the sale or transfer of 3-dimensional printers that are not equipped with firearm blocking technology and that are not listed on the department’s list of manufacturers with a certificate of compliance verification.

The bill would authorize a civil action to be brought against a person who sells, offers to sell, or transfers a printer without the firearm blocking technology. It would also make it a crime to knowingly disable, deactivate, uninstall, or otherwise circumvent any firearm blocking technology.

The bill refers to a couple of terms which deserve exploration. According to Assembly Bill 2047, “firearm blocking technology” means hardware, firmware, or other integrated technological measures capable of ensuring a three-dimensional printer will not proceed to any print job unless the underlying three-dimensional printing file has been evaluated by a firearms blueprints detection algorithm and determined not to be a printing file that would produce a firearm or illegal firearm parts. The bill also states that “firearm blueprint detection algorithm” means a software service that evaluates three-dimensional printing files, whether in the form of stereolithography (STL) files or other computer-aided design files or geometric code, to determine if the files can be used to program a three-dimensional printer to produce a firearm or illegal firearm parts, and flag any such files to prevent their use to manufacture a firearm or illegal firearm parts.

I searched the web to try to find companies or individuals who have created such technologies or algorithms, and the search results mainly yielded articles and videos about the 3D printing legislation in Washington, New York, and California. I then asked ChatGPT to summarize what it knows about firearm detection technology, and it stated that Thingiverse uses AI to detect and remove gun design files, and there are experimental tools such as 3D GUN’T. However, the solutions seem to be immature. ChatGPT concludes that the firearm blueprint detection algorithms mentioned in legislation are “largely hypothetical or early-stage” and “reliable prevention at the printer level is an unsolved problem” which is consistent with my observations.

I think that AI approaches are the best way to address this need, but I can also think of many challenges to doing it accurately. First, 3D models are not always designed so that the finished physical object is contained in a single file—they are often provided in multiple parts. Splitting a model could be necessary because the object is too large to fit on a standard print bed. It could also be because different parts of a model need to be printed with different materials (e.g., to add strength or flexibility) or colors. It could also be that certain features of a model are best printed in a certain orientation to optimize strength, improve print bed adhesion, reduce the need for support material, or factors to minimize chances of print failure. The bottom line is that when models are split into multiple objects, it could become difficult for firearm blocking technology to accurately understand that many parts, when assembled, would resemble a firearm.

Second, firearms come in many shapes and sizes. I suppose that with enough training data, AI-based detection methods could learn what many different kinds of firearms look like. But what happens when users modify (or “remix” as the 3D modeling community would say) models so that they differ from training data? For example, what if a 3D model of a gun is presented in the form of a kit card? Its overall geometry would be a square or rectangle. When the borders and connectors of the kit card are snapped off, it would look like a gun, but that would happen in post-processing (downstream of the AI detection). Or what if a 3D model of a firearm was natively designed with support material? The support material could make the overall geometry significantly different than the firearm after all the support material was removed. Could firearm blocking technology be reliable enough to understand all of this?

Third, will firearm blocking technology be capable of understanding functional capabilities of 3D models? In other words, could it tell the difference between a “real” functional firearm and a non-functional prop? What if someone wants to print a replica of Han Solo’s blaster for a Halloween costume or a Star Wars convention? Would firearm blocking technology have a high enough false positive rate that it could become a burden to print legitimate models that pose no danger to society?

Perhaps there are current solutions to these challenges, or maybe technology will advance rapidly enough in the next couple years that these problems will be in the rear view mirror. In any case, I believe we have a major problem with guns in the United States, and I would love to see progress on reducing injury and death from firearms. However, it feels to me that the 3D printing legislation is misdirected, and I fear that it will adversely affect hobbyists like me while doing little to nothing to curb illegal activity because criminals will just find ways to circumvent firearm blocking technology.

For an additional perspective, read The Dangers of California’s Legislation to Censor 3D Printing by the Electronic Frontier Foundation.

Saturday, April 11, 2026

Sending a Fax in 2026

The other day my wife gave me 4 pages of paper and asked me to take it to a store and fax it to its destination. I suspected that this was the most expensive and inconvenient method to send the document. Based on various online sources, sending a domestic outgoing fax at FedEx costs approximately $2.50 for the first page, followed by approximately $2.00 for each additional page, so a 4-page fax would cost approximately $8.50. Prices would be similar at The UPS Store, Staples, Office Depot, and other similar offerings and of course would vary from store to store.

Therefore, I asked her to consider alternative options. Could the document be sent as a PDF file via email? She told me that email was unfortunately not an option and that it had to be sent via fax.

I read online that some public libraries offer free or low-cost fax services. I checked the website for our local library, and unfortunately it did not list faxing as a service at that branch. I wanted to call the library to ask if they offered fax services, but unfortunately it was after hours.

Finally, I decided to use an online fax service. Not having ever used an online fax service, I asked ChatGPT to recommend one with a good reputation and fair pricing. It offered a couple of options, and I somewhat randomly went with FaxZero.com, although I am sure that there are many other online fax services with competitive offerings. The process was simple. I first scanned my 4-page document to a PDF file. I then entered information about the sender and receiver and attached my PDF file. There was an option to enter text for a cover page, but I left it blank. Then I paid $3.29 via credit card (note that sending faxes up to 3 pages is free) and sent the fax. Email confirmations were provided upon initial transmission and successful sending of the fax.

I appreciated many aspects of the online fax service. First, we could send a fax without purchasing a physical fax machine. Second, we could send the fax from the comfort of our own home and avoid locating and driving to a physical store, and potentially waiting in a line or waiting for an agent to assist us. Third, we did not have to wait for the fax to transmit—instead, we simply received an email notification upon job completion.

If I was ever asked to fax something, I’d still first search for better alternatives such as email, but if I absolutely had to fax something, I’d definitely consider using an online fax service again due to its convenience and lower cost in comparison to in-store options.