I want this but as a Linux distribution.
Uncategorized
207
Posts
103
Posters
5
Views
-
@gsprs @nina_kali_nina @luana @mcc it’s funny because pro-AI sentiment has even less thought behind it
@benjamineskola @nina_kali_nina @luana @mcc A "no you" reply like this really hammers home the idea that anti-AI sentiment has no real substance behind it and is just a way to virtue signal the in-group political belief. AIs are currently not sentient and yet an LLM could come up with a more elaborate and constructive reply, what does that say about your supposed sentience?
-
@benjamineskola @nina_kali_nina @luana @mcc A "no you" reply like this really hammers home the idea that anti-AI sentiment has no real substance behind it and is just a way to virtue signal the in-group political belief. AIs are currently not sentient and yet an LLM could come up with a more elaborate and constructive reply, what does that say about your supposed sentience?
@gsprs Whe your starting point is “lol anti-AI people are stupid” there’s no point in putting real thought into a response. In fact there’s nothing of substance to respond to.
-
@nina_kali_nina @luana @mcc Bloody hell. Maybe at least those are some cosmetic changes, like, you know, fixing indentation or something equally benign?
#bitWarden@blotosmetek @nina_kali_nina @luana @mcc but you don't need an LLM in order to fix indentation and in fact they can't do so reliably anyway; so even using one for something 'harmless' like that shows questionable judgment.
-
-
@mcc Both KeePassXC and Bitwarden support exporting their databases to other password managers, how is that not a way to “quickly back out” from them? It’s not like there’s a vendor lock-in, moving from them to another password manager takes minutes at most.
-
@tris @mcc we are trying to be.
We recently introduced a policy of no LLM contributions with exceptions if people need to use LLM for accessibility purposes.
It's probably impossible to declaratively state all submissions are 100% human created but we have our stance and hope people will respect that and we will also reject submissions if we doubt authenticity.
Are you saying you have a software repository free of software containing LLM contributions?
It's very easy to say your distribution's unique software follows some principle or other because most Linux distributions write little software, instead mostly packaging other people's software.
-
@mcc Oh come on for fucks sake. I just migrated from KeepasXC to Vaultwarden/Bitwarden be außer of this shit. Passwordstore is great but the client and browser integration sucks. So now what?
@CodingPhysicist Note vaultwarden is a separate project and has no specific signs of LLM use as far as I'm aware. I don't know what to do with this information though since surely vaultwarden is usually used with a bitwarden client?
-
@luana @nina_kali_nina @mcc @Timshel Indeed, that's a job for sed or an IDE's refactoring tool if you feel fancy. Doing that kind of work with an LLM is unreliable and ridiculously expensive.
@gabrielesvelto @luana @nina_kali_nina @Timshel I am not qualified to speak on this but I've seen others look into it and seen that claud's bot submits many of these trivial/cleanup PRs, and some of them introduce security flaws, because the bot has no way of knowing if a change is good or bad. You shouldn't be trusting a bot which knows nothing but statistics to make minor random changes. Keep allowing that and eventually it will slip something awful past you.
-
My understanding is that Bitwarden and KeePassXC, the two open source password managers, are *both* using random code generators at this point, which is terrifying as those are the exact tools where a small error could have the largest negative impact, and also tools that once you've committed to using it you can't quickly back out if they enter a code quality decline
@mcc
AI assisted code generation is here to stay. It's not random and probably one of the best uses for an LLM. I'd only be concerned if LLM generated code was commited without review.I only see 2 PRs that are marked ai-assisted for KeePassXC and neither look like a problem. The large commit @nina_kali_nina to bitwarden/clients also used checkmarx scanner, github-advanced-security scanner and claude to review, but, there are also 11 non-bot reviewers listed on it.
-
RE: https://mastodon.scot/@kim_harding/116108957641748718
I want this but as a Linux distribution. I don't think I'm asking for much here. I am just asking for the "open source community" to be to the left of Goldman Sachs
@mcc@mastodon.social so I’m assuming the index is exclusively companies that have never touched so-called ‘AI’, which is what you’re expecting from said Linux distro?
-
@mcc@mastodon.social so I’m assuming the index is exclusively companies that have never touched so-called ‘AI’, which is what you’re expecting from said Linux distro?
@mkljczk Eventually, I'd expect we should be able to build a complete computer's repository of software written only by people who have verified they haven't used LLM "code assistants". Since companies are unlikely to provide such verification, we should get as close as we should possibly get.
But since you asked, yes, I think any software or OSS code contributions from a corporation should be treated with concern right now, since many have adopted mandatory LLM policies.
-
@mcc @itamarst this is a bit tangential to the whole thing but that phrasing bothers me a LOT. "an essential part" — is it? is it "essential?" where was it five years ago? and three years from now, when everyone, even the most braindead useless dead-weight MBA executive, finally realizes that it doesn't fucking work at all, will it still be "essential" then? or is the plan to stop being successful?
-
@mkljczk Eventually, I'd expect we should be able to build a complete computer's repository of software written only by people who have verified they haven't used LLM "code assistants". Since companies are unlikely to provide such verification, we should get as close as we should possibly get.
But since you asked, yes, I think any software or OSS code contributions from a corporation should be treated with concern right now, since many have adopted mandatory LLM policies.
@mcc@mastodon.social can't imagine a Linux distribution, even just a fork of Linux kernel that would be free of corporate contributions from the past few years and the future ones as a sustainable project
-
@mcc@mastodon.social can't imagine a Linux distribution, even just a fork of Linux kernel that would be free of corporate contributions from the past few years and the future ones as a sustainable project
@mcc@mastodon.social though i can absolutely imagine smaller kernel projects with explicit anti-'ai' getting serious
-
@mcc@mastodon.social can't imagine a Linux distribution, even just a fork of Linux kernel that would be free of corporate contributions from the past few years and the future ones as a sustainable project
@mkljczk That is not what the people who originally created Linux believed. It's not what we believed when I first started using Linux in like 1997-1998. The idea that the open source movement is driven by the leavings of large otherwise-propreitary software corporations is something that developed after the fact.
-
@debacle@framapiaf.org @mcc@mastodon.social thats just someone taking debian and porting it somewhere else. It happened with some BSD and android too
-
@mkljczk Eventually, I'd expect we should be able to build a complete computer's repository of software written only by people who have verified they haven't used LLM "code assistants". Since companies are unlikely to provide such verification, we should get as close as we should possibly get.
But since you asked, yes, I think any software or OSS code contributions from a corporation should be treated with concern right now, since many have adopted mandatory LLM policies.
@mcc @mkljczk what this has really done is erode the base level of trust that I extended by default, when looking for software / library / package to accomplish something, or when reviewing someone else's contribution to code I maintain
It used to be, I would read a bit of the code and docs to get a feel for the person's understanding of the topic and programming style, and make an initial decision based on those general vibes
Now, someone can pass a vibe check and then still slip in insidious errors that no human developer would introduce
-
@gabrielesvelto @luana @nina_kali_nina @Timshel I am not qualified to speak on this but I've seen others look into it and seen that claud's bot submits many of these trivial/cleanup PRs, and some of them introduce security flaws, because the bot has no way of knowing if a change is good or bad. You shouldn't be trusting a bot which knows nothing but statistics to make minor random changes. Keep allowing that and eventually it will slip something awful past you.
@mcc @gabrielesvelto @luana @nina_kali_nina I was wondering how their review process is, so looked at the PR (https://github.com/bitwarden/clients/pull/18584) and there is like 10 reviews apparently done by humans. And I'm like 10 wtf 🤨.
-
@luana @nina_kali_nina @mcc @Timshel Indeed, that's a job for sed or an IDE's refactoring tool if you feel fancy. Doing that kind of work with an LLM is unreliable and ridiculously expensive.
@gabrielesvelto It's interesting to think about why proper refactoring tools have been a lot less successful than LLMs now-days (in term of usage). Is it just cost? or the more "human like interaction" you get from LLMs? or something else?
-
@mcc KeePassXC has merged only a little bit of AI-assisted code, not in any critical parts. And there has been no merges of that kind of code since last November. KeePassXC is not preferred to use AI code, but they require people to let them know if they are trying to push code that includes it. It doesn't mean the code will not be reviewed before it's even accessed. Majority of the developers are NOT using AI. Read their blog post.
@mcc I was banned because of my comments? Very nice.
Gli ultimi otto messaggi ricevuti dalla Federazione
-
@info oooh. Omw!
-
@ratsnakegames oh yeah i don't use any of that lol
-
'Texas Instruments TI-5034 SV' by Peter Simonsson
https://blenderartists.org/t/texas-instruments-ti-5034-sv/1630569?mtm_kwd=mastodon
#b3d #blender3d #blenderart #blenderrender #blendercommunity
-
@lowqualityfacts where did you get a copy of the <<frozen water>> training manual?!?
-
@peterkotrcka this is the best video to learn Italian (sorry, YouTube link):
-
F4b10ebasta (@soserio.bsky.social)
https://bsky.app/profile/soserio.bsky.social/post/3mfmmdsys4k2m
-
-
@lowqualityfacts Have you ever fired your gun in the air and gone "aaaah!"?
