Hey, I need a bit of moral compass here. We can agree that using AI to generate code is bad, no questions asked. The environmental and societal impact is awful, the skill loss is real etc.

But! What about security? The past months have shown that AI has become actually good at finding real security issues which have been missed for years in high-profile software.

So not using AI for that might actually expose users to undiscovered security issues which are then found and exploited by more ruthless people.

In light of that: How would you like the maintainer of your favourite Open Source projects use AI?

Boost the hell out of this please.

Talked to a software engineer at Microsoft working on Copilot Studio today at a social event and he said he was ashamed that he hadn’t written a single line of code in over three months. “I used to take pride in my work.” (They simply create plans in natural language and feed it to the LLM which generates the code. They can’t even do human code reviews anymore as there’s too much code being generated.)

He said a lot of them were waiting for a catastrophic event (something that would take down critical infrastructure) to get top management to reverse course. He seemed to think such a failure was very likely.

Given what we’ve been seeing recently, I tend to agree with him. Although I feel they will just double down. There’s too much money in the pot for them to fold.

#AI #microsoft #LLMs

RE: https://tldr.nettime.org/@tante/116605858023186072

Google Search rests on a social contract: their bots can crawl our sites, they can index our sites, and they can show excerpts of our sites because

and •only because•

they send people to our sites. •Our• sites, our words, with our design, with our links, with our context and our aesthetics, shared the way we want to share them.

Google is announcing — unambiguously and with great fanfare — that they are now fully breaking that already-ragged contract. We should reciprocate.

1/2

RE: https://chaos.social/@rixx/116379123779980396

When the age of space datacenters arrived German developers had some unfair advantages. 😌

So, I recently saw some quiet discussion about a paper where researchers reverse-engineered and disclosed some attacks against PhotoDNA, the very-super-duper-secret algorithm used by tech megacorps to scan for illegal images.

They didn't make any code public, and so... I did: https://github.com/ArcaneNibble/open-alleged-photodna

A _complete_ reverse-engineering and commented Python reimplementation of the algorithm from publicly-leaked binaries.

This means that studying the algorithm and any potential flaws is now much more accessible.

This took only about two days (once I knew that there even _was_ a leaked binary to compare against), which just goes to again show that security through obscurity never works.

🔁 encouraged

This is the funniest Steam Deck accessory I’ve ever seen!

Don’t get me wrong. I understand why this keyboard/stand exists. It has a practical function.

But imagine sitting down at Starbucks. The room is full of normal laptops. Clean lines. Thin aluminum. Civilized.

You unzip a case that looks like it contains military hardware. Out comes a handheld gaming console.

Then a keyboard.

Then a clamp.

You assemble it in stages like you’re preparing to launch a small satellite.

Click. Lock. Adjust angle. Tighten mount.

The joysticks loom over your Word document like twin anti-aircraft turrets. The ABXY buttons shimmer with the promise of violence.

You begin typing your gentle coming-of-age novel.

Every paragraph is written beneath a D-pad.

Someone glances over, expecting Elden Ring. Instead they see you carefully crafting a metaphor about autumn leaves.

You nod solemnly and continue Chapter 3.

When the barista calls your name, you detach the entire contraption in reverse order like a NASA rollback procedure.

You pack away the clamp. You holster the console. You slide the keyboard into its sheath.

You leave behind only confusion.

No one knows if you were coding, gaming, or coordinating a drone strike.

You were writing poetry.

#Heliboard is gathering gesture typing data, so that we can implement a #FOSS alternative to the closed gesture typing library Heliboard currently relies on. The data we collect will be released under the CC BY-SA 4.0

I also made a video including details & instructions.

Boosts Please! The greater the diversity of people & languages in the data, the better we can test for correctness.

PT: https://makertube.net/w/cQECfDkuLGR9eUQquUEo4K

YT: https://youtu.be/CyjumVTWtJA

Text (instructions only):
https://github.com/Helium314/HeliBoard/wiki/Tutorial:-How-to-Contribute-Gesture-Data