The Path to Open-Sourcing the DeepSeek Inference Engine

https://github.com/deepseek-ai/open-infra-index/tree/main/OpenSourcing_DeepSeek_Inference_Engine

#HackerNews #OpenSourcing #DeepSeek #Inference #Engine #AI #DeepLearning #OpenSource #TechInnovation

id like to share some details about how my app works so you can discover/give me feedback on my app. id like to have wording in my app to say something like "most secure chat app in the world"... i probably cant do that because it doesnt qualify.

https://github.com/positive-intentions/chat

https://positive-intentions.com/blog/introducing-decentralized-chat

im not an expert on #cyberSecurity. im sure there are many gaps in my knowlege in this domain.

using #javascript, i initially created a fairly basic #chatApp using using #peerjs to create #encrypted #webrtc #connections. this was then easily enhanced by exchanging additional #encryption #keys from #cryptography functions built into browsers (#webcrypto api) to add a redundent layer of encryption. a #diffieHelman key #exchange is done over #webrtc (which can be considered #secure when exchanged over public channels) to create #serverless #p2p #authentication.

- i sometimes recieve feedback like "javascript is inherently insecure". i disagree with this and have #openedSource my #cryptography module. its basically a thin wrapper around vanilla cryptography functions of a #browser (webcrypto api).

- another concern for my kind of app (#PWA) is that the developer may introduce malicious code. this is an important point for which i open sourced the project and give instructions for #selfhosting. selhosting this app has some unique features. unlike many other #selfhosted #projects, this app can be hosted on #githubPages (instructions are provided in the readme). im also working towards having better support for running the index.html directly without a static server.

- to prevent things like browser extensions, the app uses strict #CSP headers to prevent #unauthorised code from running. #selfhosting users should take note of this when setting up their own instance.

- i received feedback the #Signal/#Simplex protocol is great. completely undertsandable and agree, but wonder if im reducing the #complexity by working with #webrtc. while it has its many flaws, i think risks can be reasonable mitigated if the #cryptography functions are implemented correctly. (all data out is #encrypted and all data in is #decrypted on-the-fly)

- the key detail that makes this approach unique, is because as a #webapp, unlike other solutions, users have a choice of using any #device/#os/#browser. while a webapp can have nuanced #vulnerabilities, i think by #openSourcing and providing instructions for #selfhosting and instructions to #build for various #platforms, it can provide a reasonable level of #security.

i think if i stick to the principle of avoiding using any kind of "required" service provider (myself included) and allowing the #frontend and the peerjs-server to be #hosted #independently, im on track for creating a #chatSystem with the "fewest moving parts". i hope you will agree this is true #p2p and i hope i can use this as a step towards true #privacy and #security. #security might be further improved by using a trusted #VPN.

while there are several similar apps out there like mine. i think mine is distinctly a different approach. so its hard to find #bestPractices for the functionalities i want to achieve. in particular #security practices to use when using #p2p technology.

(note: this app is an #unstable, #experiment, #proofOfConcept and not ready to replace any other app or service. It's far from finished and provided for #testing and #demo purposes only. This post is to get #feedback on the progress to determine if i'm going in the right direction for a secure chat app)

UC Berkeley develops a groundbreaking language model with video understanding!

Researchers at UC Berkeley have made a significant advancement in Gen AI with their new "World Model on Million-Length Video and Language". Such models could develop a understanding of both human textual knowledge and the physical world, enabling broader AI capabilities for assisting humans.

https://largeworldmodel.github.io/

#AI #NLP #languagemodel #videounderstanding #research #opensourcing

Nice blog post by Matt Mullenweg where he talks about messaging security, tech exclusivity, Apple's role in tech-ghettoisation with their green bubble thing.
He makes a case for #InterOperatibility and #OpenSourcing

https://ma.tt/2023/11/sunbird/

Didn’t Elon say something a long while ago about supposedly #opensourcing Twitters codebase? How you gonna do that without an OSPO? In fact, how are you gonna do anything Open Source related without an OSPO?

Of course. This is the same dude who feels that you don’t need lots of other teams as well…

PSA: #MAILSPRING / #NYLASMAIL HAS *NOT* GONE OPEN SOURCE

Beware the #openwashing claims of this company about removing the need for a MailspringID and #opensourcing #MailSync. These make it sound like this #email project has gone #FOSS / #opensource, getting many to pay for a subscription for #privacy focused #email. The server though is (and is planned to remain) closed, #proprietary, #centralized and owned by a US corporation (Foundry 376 LLC).

Details:
https://community.getmailspring.com/t/a-free-open-source-future-for-mailspring/484/20

Please boost.

Intel is working on OPEN-SOURCING the FSP - would be huge win for Coreboot & security.

FSP (Firmware Support Package) is a firmware initialisation and management infrastructure to easily integrate into a boot loader of the developer’s choice.

Coreboot is an Open Source project to provide auditability and maximum control over tech.

===> https://www.phoronix.com/scan.php?page=news_item&px=Intel-Open-Source-FSP-Likely

===> https://blogs.coreboot.org/
_
#Coreboot #FSP #Intel #opensourcing #PCboot