I've been buying and playing games from GOG on Linux for a very long time with no need for GOG Galaxy -- which is a thing I know nothing about. Since this announcement, I've been trying to figure out why I'd need it.

It seems like it's just a convenience application and social connection point (leaderboards, etc.). In which case, it's not something of interest to me. However, I've also seen references to Galaxy that imply that it's necessary to play games -- which is obviously untrue in general, but perhaps there are some games that require it?

Anyway, I'm tremendously confused by all this.

- Download and all the gamefiles that I am entitled to, and keep them updated.

- Show me a pretty interface to launch games from, including recent news and patch notes about that game's updates.

- Keep track of my save files, synchronize them to other devices, and make sure they never get lost.

- (linux) have some kind of per-game startup command manager because even a platinum rated proton game might need a --force-grab-cursor or something.

But I sure as hell don't want to invest howevermany weekend days figuring out how to make games from other platforms as easy to play as Steam games on SteamOS.

I imagine this is that - give me "download" and "play" buttons that let me run GOG games on Linux, even if the binaries were authored for Windows.

Cloud saves and achievements and all that are nice (and expected from something like GOG), but even just a normal launcher feels essential on Linux.

> But I sure as hell don't want to invest howevermany weekend days figuring out how to make games from other platforms as easy to play as Steam games on SteamOS.

For games that are licensed under terms that allow it, Debian's Game Data Packager has already automated that work. And- as your comment suggests- a native port is much better than running on a wine shim, which will always be second-rate.

https://wiki.debian.org/Games/GameDataPackager

List of games supported by Game Data Packager:

https://game-data-packager.debian.net/available.html

Does that effectively replace the .exe parts of a Proton game with an equivalent Linux engine, while letting Steam et. al. manage the artwork/levels/etc?

So in the case of quake (for example) it makes a .deb file, which when installed will create the directory structure in the correct place and put the .pak files, config files, etc. where debian's quake engine package(s)[0] will look for them. This .deb file for the quake game data won't do anything on its own. You need to also install a quake engine, which debian includes.

You can create the game data packages from the installation CD, from a working install directory, or from a Good Old Games installer.

[0] https://packages.debian.org/stable/games/quake

I find it slightly more convenient when installing games on a new machine. I've never personally seen a game that required using it.

You can still play GOG games without any launcher, which is how it's intended to work.

Some people really like having a launcher to keep track of everything, so this isn't a nothing burger. It's one more convenience to help convince people to move over.

I 100% don't want genAI to be making any medical decisions, nor do I want a doctor who just accepts what genAI says as reliable fact.

But for me, when it comes to this kind of thing, that's not even the question. There's no chance I'd be willing to trust my sensitive personal information to a genAI system in the first place out of security/privacy concerns. I don't want it to even take notes because that would require it to be given sensitive information.

So I don't get far enough for "where is the line" questions to be important to me.

The iron law of encrapification - I doubt Microsoft (or Apple or Google or any other company) can overcome it, as the business incentives (at least in the short term) are too great.

This is illegal in my state.

> What's HNers feelings on this.

My feeling is that the operator of the fleet is responsible for what the cars in the fleet do. If a Waymo car is violating traffic/parking laws, then Waymo should get a ticket for that. Accumulating enough of those tickets should result in the same consequences as if a human had accumulated them.

> That’s the defense. And here’s the problem: it’s often hard to refute with confidence.

Why is it necessary to refute it at all? It shouldn't matter, because whoever is producing the work product is responsible for it, no matter whether genAI was involved or not.

It's negligence, pure and simple. The only reason we're having this discussion is that a trillion dollars was spent writing said scripts.

Engineers are accountable for the actions they authorize. Simple as that. The agent can do nothing unless the engineer says it can. If the engineer doesn't feel they have control over what the agent can or cannot do, under no circumstances should it be authorized. To do so would be alarmingly negligent.

This extends to products. If I buy a product from a vendor and that product behaves in an unexpected and harmful manner, I expect that vendor to own it. I don't expect error-free work, yet nevertheless "our AI behaved unexpectedly" is not a deflection, nor is it satisfactory when presented as a root cause.

You'd lose that lawsuit in a heartbeat.

I don't know what kind of drivers education you get where you live but where I live and have lived one of the basic bits is that you know how to park and lock your vehicle safely and that includes removing the ignition key (assuming your car has one) and setting the parking brake. You aim the wheels at the kerb (if there is one) when you're on an incline. And if you're in a stick shift you set the gear to neutral (in some countries they will teach you to set the gear to 1st or reverse, for various reasons).

We also have road worthiness assessments that ensure that all these systems work as advertised. You could let a pack of dogs loose in my car in any external circumstance and they would not be able to move it, though I'd hate to clean up the interior afterwards.

Who's liable?

I think this would be a freak accident. Nobody would be liable.

> Who's liable?

You are. It's still your dog. If you would replace dog with child the case would be identical (but more plausible). This is really not as interesting as you think it is. The fact that you have a sentient dog is going to be laughed out of court and your neighbor will be in the docket together with you for attempting to mislead the court with your AI generated footage. See, two can play at that.

When you make such ridiculously contrived examples turnaround is fair play.

But you would be liable for civil damages, because that does not. There are multiple theories for which to establish liability, but most likely this would be treated as negligence.

Everything an AI does is downstream of deliberate, albeit imperfect, training.

You know this, you rig it all up and you let things happen.

They correlate, but we must be careful not to mistake one for the other. The latter is a lower bar.

There was a notorious dark web bot case where someone created a bot that autonomously went onto the dark web and purchased numerous illicit items.

https://wwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwww.bitnik.or...

They bought some ecstasy, a hungarian passport, and random other items from Agora.

>The day after they took down the exhibition showcasing the items their bot had bought, the Swiss police “arrested” the robot, seized the computer, and confiscated the items it had purchased. “It seems, the purpose of the confiscation is to impede an endangerment of third parties through the drugs exhibited, by destroying them,” someone from !Mediengruppe Bitnik wrote on their blog.

In April, however, the bot was released along with everything it had purchased, except the ecstasy, and the artists were cleared of any wrongdoing. But the arrest had many wondering just where the line gets drawn between human and computer culpability.

If I build an autonomous robot that swings a hunk of steel on the end of a chain and then program it to travel to where people are likely to congregate and someone gets hit in the face, I would rightfully be held liable for that.

For most crimes, this is circular, because whether a crime occurred depends on whether a person did the requisite act of the crime with the requisite mental state. A crime is not an objective thing independent of an actor that you can determine happened as a result of a tool and then conclude guilt for based on tool use.

And for many crimes, recklessness or negligence as mental states are not sufficient for the crime to have occurred.

A good example might be this. In one case, a driver's brakes fail and he hits and kills a pedestrian crossing the street. It is found that he had not done proper maintenance on his brakes, and the failure was preventable. He's found liable in a civil case, because his negligence led to someone's death, but he's not found guilty of a crime, so he won't go to prison. A different driver was speeding, driving at highway speeds through a residential neighborhood. He turns a corner and can't stop in time to avoid hitting a pedestrian. He is found criminally negligent and goes to prison, because his actions were reckless and beyond what any reasonable person would do.

The first case was ordinary negligence: still bad because it killed someone, but not so obviously stupid that the person should be in prison for it. The second case is criminal negligence, or in some legal systems it might be called "reckless disregard for human life". He didn't intend to kill anyone, but his actions were so blatantly stupid that he should go to prison for causing the pedestrian's death.

I'm not sure it will actually work that way in real courts. At least not consistently.

That idea is really weird. Culpa (and dolus) in occidental law is a thing of the mind, what you understood or should have understood.

A database does not have a mind, and it is not a person. If it could have culpa, then you'd be liable for assault, perhaps murder, if you took it apart.

We as a society, for our own convenience can choose to believe that LLM does have a mind and can understand results of it's actions. The second part doesn't really follow. Can you even hurt LLM in a way that is equivalent to murdering a person? Evicting it off my computer isn't necessarily a crime.

It would be good news if the answer was yes, because then we just need to find a convertor of camel amounts to dollar amounts and we are all good.

Can LLM perceive time in a way that allows imposing an equivalent of jail time? Is the LLM I'm running on my computer the same personality as the one running on yours and should I also shut down mine when yours acted up? Do we even need the punishment aspect of it and not just rehabilitation, repentance and retraining?

At worst, you would confer liability to the platform, in the case of some sort of blatant misrepresentation of capabilities or features, but absolutely none of the products or models currently available withstand any rational scrutiny into whether they are conscious or not. They at most can undergo a "flash" of subjective experience, decoupled from any coherent sequence or persistent phenomenon.

We need research and legitimate, scientific, rational definitions for agency and consciousness and subjective experience, because there will come a point where such software becomes available, and it not only presents novel legal questions, but incredible moral and ethical questions as well. Accidentally oopsing a torment nexus into existence with residents possessed of superhuman capabilities sounds like a great way to spark off the first global interspecies war. Well, at least since the Great Emu War. If we lost to the emus, we'll have no chance against our digital offspring.

A good lawyer will probably get away with "the AI did it, it wasn't me!" before we get good AI law, though. It's too new and mysterious and opaque to normal people.

If you gave a loaded gun to a five year old, would "five-year-old did it" be a valid excuse?

Purely organically of course.

In weird way, that's actually true. It's a highly- (soon to be fully-) autonomous giga-swarm of the most complicated nanobots in existence, the result of investments over hundreds of thousands of years.

That said, we don't really get to choose which ones we own, although we do have input on their maintenance. :p

I think there is no distinction between the two for liability purposes.

Yeah that's exactly the I think we should adopt for AI agent tool calls as well: cryptographically signed, task scoped "warrants" that can be traceable even in cases of multi-agent delegation chains

> Agent Trace is an open specification for tracking AI-generated code. It provides a vendor-neutral format for recording AI contributions alongside human authorship in version-controlled codebases.

Now if you did all of that, but made a bug in implementing the filter, then you at least tried and wasn't negligible, but it's on you.

Ah, I get it. So the token can be downscoped to be passed, like the pledge thing, so sub agent doesn't exceed the scope of it's parent. I have a feeling, that it's like cryptography in general -- you get one problem and reduce it to key management problem.

In a more practical sense, if the non-deterministic layer decides what the reduced scope should be, all delegations can become "Allow: *" in the most pathological case, right? Or like play store, where a shady calculator app can have a permission to read your messages. Somebody has to review those and flag excessive grants.

The LLM can request a narrower scope, but attenuation is monotonic and enforced cryptographically. You can't sign a delegation that exceeds what you were granted. TTL too: the warrant can't outlive its parent.

So yes, key management. But the pathological "Allow: *" has to originate from a human who signed it. That's the receipt you're left holding.

You're poking at the right edges though. UX for scope definition and revocation propagation are what we're working through now. We're building this at tenuo.dev if you want to dig in the spec or poke holes.

Sure, But I generally speaking want my agent to send out emails, so I explicitly grant email reading and email writing. I also want to it to pay for invoices but with some semantic condition.

Then I give it the instruction to do something that implicitly requires only email reading. At which point is the scope narrowed to align my explicit permissions granted before with implicit one for this operation? It's not really a problem cryptography is helpful for to solve.

Should it be the other way around maybe -- only read permission is granted first and then it has to request additional permissions for send?

You keep a coarse cap (e.g. email read/write, invoice pay) but each task runs under a narrower, time-boxed warrant derived from that cap. Narrowing happens at the policy/UX layer (human or deterministic rules), not by the LLM. The LLM can request escalation ("need send"), but it only gets it via an explicit approval / rule.

Crypto isn't deciding scope. It's enforcing monotonic attenuation, binding the grant to an agent key, and producing a receipt that the scope was explicitly approved.

For a single-process agent this might be overkill. It matters more when warrants cross trust boundaries: third-party tools, sub-agents in different runtimes, external services. Offline verification means each hop can validate without calling home

Courts of law have already found that AI interactions with customers are binding, even if said interactions are considered "bloopers" by the vendor[1]

[1] https://www.forbes.com/sites/marisagarcia/2024/02/19/what-ai...

If the user claims that they only authorized the bot to review files, but they've warranted the bot to both scan every file and also send emails to outside sources, the competitors in this case, then you now have proof that the user was planning on committing corporate espionage.

To use a more sane version of an example below, if your dog runs outside the house and mauls a child, you are obviously guilty of negligence, but if there's proof of you unleashing the dog and ordering the attack, you're guilty of murder.

The new and interesting part is that while we have incentives and deterrents to keep our human agents doing the right thing, there isn't really an analog to check the non-human agent. We don't have robot prison yet.

  > It shouldn't matter, because whoever is producing the work product is responsible for it, no matter whether genAI was involved or not.

  | *Who authorized this class of action, for which agent identity, under what constraints, for how long; and how did that authority flow?*
  | A common failure mode in agent incidents is not “we don’t know what happened,” but:
  | > We can’t produce a crisp artifact showing that a specific human explicitly authorized the scope that made this action possible.

The point is "explicitly authorized", as the article emphasizes. It's easy to find who ran the agent(article assumes they have OAuth log). This article is about 'Everyone knows who did it, but did they do it on purpose? Our system can figure it out'

The workflow of starting dozens or hundreds of "agents" that work autonomously is starting to gain traction. The goal of people who work like this is to completely automate software development. At some point they want to be able to give the tool an arbitrary task, presumably one that benefits them in some way, and have it build, deploy, and use software to complete it. When millions of people are doing this, and the layers of indirection grow in complexity, how do you trace the result back to a human? Can we say that a human was really responsible for it?

Maybe this seems simple today, but the challenges this technology forces on society are numerous, and we're far from ready for it.

When orchestrators spawn sub-agents spawn tools, there's no artifact showing how authority flowed through the chain.

Warrants are a primitive for this: signed authorization that attenuates at each hop. Each delegation is signed, scope can only narrow, and the full chain is verifiable at the end. Doesn't matter how many layers deep.

People want to use a tool and not be liable for the result.

People not wanting to be liable for their actions is not new. AI hasn't changed anything here, it's just a new lame excuse.

AI is just better because no one can actually explain why the thing does what it does. Perfect management scapegoat without strict liability being made explicit in law.

The software world has been very allergic to getting anywhere near the vicinity of a system like that.

Licensure alone doesn't solve all these ills. And for that matter, once regulatory capture happens, it has a tendency to make things worse due to consolidation pressure.

AI is worse in that regard, because, although you can't explain why it does so, you can point a finger at it, say "we told you so" and provide the receipts of repeated warnings that the thing has a tendency of doing the things.

And when sub-agents or third-party tools are involved, liability gets even murkier. Who's accountable when the action executed three hops away from the human? The article argues for receipts that make "I didn't authorize that" a verifiable claim

If you don't want to be responsible for what a tool that might do anything at all might do, don't use the tool.

The other option is admitting that you don't accept responsibility, not looking for a way to be "responsible" but not accountable.

Had it worked then we would have seen many more CEOs in prison.

In practice, almost everyone is held potentially or actually accountable for things they never had a choice in. Some are never held accountable for things they freely choose, because they have some way to dodge accountability.

The CEOs who don't accept accountability were lying when they said they were responsible.

Such so magic forcefield exists for you, though.

No, it's trivial: "So you admit you uploaded confidential information to the unpredictable tool with wide capabilities?"

> Who's accountable when the action executed three hops away from the human?

The human is accountable.

----

A computer can never be held accountable

Therefore a computer must never make a management decision

Now companies are all about doing bad all the time, they know they're doing it, and need to avoid any individual being accountable for it. Computers are the perfect tool to make decisions without obvious accountability.

That's an orthodoxy. It holds for now (in theory and most of the time), but it's just an opinion, like a lot of other things.

Who is accountable when we have a recession or when people can't afford whatever we strongly believe should be affordable? The system, the government, the market, late stage capitalism or whatever. Not a person that actually goes to jail.

If the value proposition becomes attractive, we can choose to believe that the human is not in fact accountable here, but the electric shaitan is. We just didn't pray good enough, but did our best really. What else can we expect?

If one decided to paint a school's interior with toxic paint, it's not "the paint poisoned them on its own", it's "someone chose to use a paint that can poison people".

Somebody was responsible for choosing to use a tool that has this class of risks and explicitly did not follow known and established protocol for securing against such risk. Consequences are that person's to bear - otherwise the concept of responsibility loses all value.

What if I hire you (instead of LLM) to summarize the reports and you decide to email the competitors? What if we work in the industry where you have to be sworn in with an oath to protect secrecy? What if I did (or didn't) check with the police about your previous deeds, but it's first time you emailed competitors? What if you are a schizo that heard God's voice that told you to do so and it's the first episode you ever had?

Frankly, I think that might be exactly where we end up going. Finding a responsible person to punish is just a tool we use to achieve good outcomes, and if scare tactics is no longer applicable to the way we work, it might be time to discard it.

It's scary that a nuclear exit starts looking like an enticing option when confronted with that.

Twelve–year–olds aren't capable of dealing with responsibility or consequence.

That value proposition depends entirely on whether there is also an upside to all of that. Do you actually need truth, meaning, responsibility and consequences while you are tripping on acid? Do you even need to be alive and have a physical organic body for that? What if Ikari Gendo was actually right and everyone else are assholes who don't let him be with his wife.

I'm not claiming to have all the answers about how to achieve that, but I am fairly certain punishment is not a necessary part of it.

    [ $[ $RANDOM % 6] = 0 ] && rm -rf / || echo "Click"

    # terrible code, never use ty
    def cleanup(dir):
      system("rm -rf {dir}")


    def main():
        work_dir = os.env["WORK_DIR"]
        cleanup(work_dir)

At what point is it negligent?

Though rm /$TARGET where $TARGET is blank is a common enough footgun that --preserve-root exists and is default.

0: https://github.com/MrMEEE/bumblebee-Old-and-abbandoned/commi...

Without quotes it becomes: `rm -Rf /home/user/documents and settings /bin`

It really doesn't. That falls straight on Governance, Risk, and Compliance. Ultimately, CISO, CFO, CEO are in the line of fire.

The article's argument happens in a vacuum of facts. The fact that a security engineer doesn't know that is depressing, but not surprising.

That's a very subtle guinea pig joke right there.

"Three months later [...] But the prompt history? Deleted. The original instruction? The analyst’s word against the logs."

One, the analysts word does not override the logs, that's the point of logs. Two, it's fairly clear the author of the fine article has never worked close to finance. A three month retention period for AI queries by an analyst is not an option.

SEC Rule 17a-4 & FINRA Rule 4511 have entered the chat.

This is important, but only if they're developing consumer software.

At home, I use towers.