Companies like Anthropic and OpenAI need to sponsor open source projects by giving them free agent credits. Otherwise, bad actors can just outspend and totally overwhelm the somewhat dim and very overworked set of human maintainers. Humans in software are obsolete, full stop.
Yes. This has happened before, a few times, before LLMs were even a thing. Via the same mechanism as well (someone else adopting an orphaned package). The big one I'm remembering was in 2018.
Outside of that mechanism though, anyone who uses the AUR regularly knowingly accepts this kind of risk. It's why I'm not a huge fan of distros (like Cachy, Endevaor, etc) that take Arch and package it up in a one-click easy installer with preinstalled AUR helpers. Cachy even uses the chaotic AUR too (auto build service for AUR packages to serve binaries). I like CachyOS, but good lord don't put in Yay + the AUR by default.
The ability for any registered user to just adopt an existing orphaned package is a problem (these attacks will always exist, but least force a fork & resubmission under a different name), and so is the use of automated AUR helpers that don't show PKGBUILD diffs.
The hygiene required to use the AUR is no different than the hygiene required to use pip, npm, cargo, etc. Anyone just blindly trusting user submitted packages and code from the internet is not operating with security in mind.
Adopt a policy of zero trust from any arbitrary code you download from the internet.
For what it's worth with regard to the Chaotic AUR, there's claims I've seen that they do vet packages updates going into it before they're actually built.
Well, both give you 6 months of access. Out of interest I applied some time ago and (despite maintaining a few fairly important OSS projects) never got a response from them. Of the other maintainers I know, it seems to me that they decide who to give access to fairly randomly.
That will also make it entirely unfeasible for anyone to use their services. The cost of the tokens you could burn on a $200 plan is in the neighborhood of $1200. They're getting users now and gambling on the cost of compute (or the difficulty of compute) dropping precipitously before they run out of cash.
My bet is that Anthropic will be exposed as openly evil within the next five years--even if they aren't even secretly evil now. That's the arc of the sociopathic corporate brain, every time.
This is endemic with open source. Nobody owns the hard bugs, nobody does the systems spelunking, and there is little power to make cross-cutting changes. This is why I use a Mac. Not perfect, but better than that no-accountability midden-heap that is Linux.
Maybe AI coding agents will make the situation better, but because open source maintainers are too dim to understand the complex changes the AI makes, and too poor to have their own AIs to help them, they won't take the changes. I make improvements to open source but am forced to keep them to myself.
Except GP said it works fine with all configurations with KDE, which is what most people should be using. I've been using Linux for 15+ years and have never heard of niri.
Take this as a sign that you're out of the loop and your bubble is smaller than you thought. niri is the current hot tiling compositor, and I've switched my laptop over to it recently - away from Plasma - because it's so incredibly slick. It's gathered enough mindshare to have several desktop environments explicitly target it (Dank Material Shell, Noctalia).
In fact there's a whole new cultural wave within open source - tiling Wayland compositors, shockingly featureful DEs based on QuickShell, brand new TUI tools with no CLI or GUI equivalents, and most of it written in Rust.
Tesla is a big part of this. They ship their headlights misaligned from the factory, so they point right into the drivers eyes. Tesla has no quality culture at all. A bunch of wankers.
I think the gigantic prevalence of huge or lifted trucks is a bigger influence, especially given the tendency to mod them out (poorly) with aftermarket lights.
Truck headlights are already on a level with sedan drivers' eyes. There are far more F-150s on the road than there are Teslas.
Not only is this NOT the case, but all Tesla vehicles since something like 2021 have included matrix lights. They have adaptive beams to automatically darken sections of the headlight beam to avoid blinding other drivers.
I'm sure they don't. The law requires a 10 degree downward angle for directed headlights out of the factory. It would never pass NHTSA testing without it. High beams are a different matter: They are designed to scatter in a wide arc, but people shouldn't be using them when there's opposing traffic.
I dunno, I think all manufacturers are at fault. Even the ones that are properly aligned are ridiculously bright, but aimed down. Which is fine if two vehicles approach each other on flat ground. But if two vehicles approach the crest of a hill, then the headlight that was aimed down is now aimed straight at the other driver.
And don't get me started on jackasses that put LED bulbs in old halogen housings.
While all automakers are incentivized to make driving in the competition's vehicles as hellish as possible, Tesla is doubly so. The worse it gets to drive, the more likely people are to want self-driving.
Any market that Anthropic suddenly thinks is valuable will silently and suddenly be off limits to you. They will train their model on your prompts, and then become your competitor.
BLS doesn't look at job ads when compiling "job opening" data. Their method isn't perfect (nothing in life is), but far more comprehensive than you give it credit for.
The results of them actually talking to businesses and asking questions that are more than "did you have a job ad posted?" You are hardly the first person to imagine that job ads aren't representative of actual job opportunities. Obviously they are going to put in effort to avoid those weak signals.
The market should consider this a huge negative: SpaceX is renting out their compute because they have failed to make use of it themselves. This calls into question whether they have any talent in xAI at all.
That's a budget thing. Claude is suffering from huge demand and they're pulling out all the stops to try to keep the lights on: terse tokens, lobotomizing Claude six ways from Sunday, aggressive batching, the works.
reply