tridge has written a post about the recent #rsync issues:

rsync and outrage

https://medium.com/@tridge60/rsync-and-outrage-d9849599e5a0

pls at least read his post before commenting on this toot
 
 
like most non-trivial things in life, tech, & especially security, my thoughts on this are… “it’s complicated”
 
 
I’m only tenuously connected to tridge via the #LinuxConfAU / #EverythingOpen community, but his reputation is the stuff of F/LOSS nerd legend – I was in the room for his #LCA2015 talk in Auckland, Flying with Linux, where he did a live demo of #ArduPilot controlling an RC aircraft in Canberra (AU) with real-time telemetry from the aircraft that was also compiling the Linux kernel while in-flight… 🤯

YouTube: https://youtu.be/2Twl2mQAh6g

LA mirror: https://mirror.linux.org.au/pub/linux.conf.au/2015/OGGB_FP/Friday/Flying_with_Linux.webm

in the post, tridge argues that he is able to bring his (undisputed) expertise in software design & development to find ways use LLMs (relatively) safely to assist with specific coding tasks. I think that’s probably true, even given the regression bugs introduced in the most recent version of rsync – and it may even be the pragmatic least-worst way for open source maintainers to try to deal with the current deluge of LLM-assisted (or entirely LLM-generated) security reports currently overwhelming many open source projects

but most software devs are not on tridge’s level, and are already using #LLMs as coding assistants in unsafe and unpredictable ways (or just wholesale vibe-coding things without regard for building guardrails at all)

tridge also points out that he is technically retired and would rather be out sailing than working on maintaining rsync. a very possible outcome from all this might be that he decides to just… walk away and let others pick up the slack (he did note that the silver lining is that a couple of other experienced devs are – at least for now – working on the project)
 
 
but even if everyone using LLMs to generate code was supervising it closely with very-experienced-software-design-and-development-level skills (they’re definitely not), I still don’t think that would justify or offset the enormous ethical, environmental, & social issues with the creation & use of LLMs

like I said, #ItsComplicated 💁‍♀️

Porting Games To Linux (linux.conf.au 2017)

https://spectra.video/w/2vJC99m7HHjGj7PK585apf

Dunno why, but remembering the inspired choices for speakers and penguin dinners at #linuxconfau in 2008

Chapter House and the Night market.

Creating the cathedral and the bazaar.

#EverythingOpen 2024 welcomes #RedHat as a Royal Penguin #sponsor

Red Hat has a long history with Everything Open and formerly with #linuxconfau

Red Hat, the first billion US$ #OpenSource company, showed that open source as a model could not only pay the bills, but enabled organisations to see the advantages.

There would be few enterprises world wide that do not use Red Hat Enterprise Linux #RHEL

Thank you, Red Hat!

#Google are long-term supporters of #EverythingOpen and, previously, #linuxconfau, and jumped at the chance to again #sponsor us this year in #Gladstone #Queensland. We're super grateful for their support.

#Google has been contributing to the #OpenSource #ecosystem from the start, with projects like #Android, based on the #Linux kernel, and #Chrome, based on the open source #Chromium.

Thank you, Google!

#Fosdem “Like #linuxconfau with fancy accents.” - @andy

Just much much bigger with much more chaos.