Open source purity is problematic. The OSI was established by the hyperscalers, who are decidedly not open source either.
Purely "OSI-approved open source" mandates having no non-commercial or non-compete clause, which means anyone can come in and bleed off profits and energy from the core contributors of open source projects. It prevents most forms of healthy companies from existing on top.
We shouldn't be allergic to making money with the software we write - life is finite and it's more sustainable over the long term to maintain software as a job.
The new "ethical source" / "fair source" licenses that have been popping up recently [1, 2] give customers 100% use of the code, but prevent competitors from coming in and stealing away the profits from running managed offerings, etc. (I wish Obsidian were this, but it's fully closed. Still, I do not admire them any less for this choice. We venerate plenty of closed creators - it's silly to hold software to a different standard.)
AWS profits hundreds of millions a quarter off of open source developed by companies thinking they were doing the right thing. AWS turned these into a proprietary managed solutions and gave nothing back to the authors. The original wind up withering and dying. AWS isn't giving back, they're just hoovering up.
Obsidian being closed means the core authors are hyper focused and can be compensated (even if it's not much). It's not like they can rug pull us - the files are text files, we can use old versions, and if they did piss us off I'm sure someone would write an open source version.
Fully agree that pushing OSI is just posturing. After all, Amazon/Google/Facebook have made literal billions by commercializing open source software. I release stuff on MIT all the time (for things I'm okay with people poaching) but I'd argue the only "pure" OSS license is GPL, which comes with its own problems (and, as we all know, it infects everything it touches).
The problem with FSL is that it hasn't been tested in the courts yet (afaik), so it's a bit of a gamble to think it'll just "work" if some asshole does try to clone your repo and sell your work. Maybe it's a decent gamble for a funded startup with in-house counsel, but if you're just one guy, imo keep stuff you want to sell closed-source, it's not that big of a deal. We've been doing just that since the 70s.
I saw a butterfly get stuck to a web once. It immediately started hurling itself violently away, trying to shake itself free. The spider was not immediately in evidence.
I managed to take the web off it, but not without tearing off the part of the wing that made contact. I assume that in the butterfly's best-case scenario, that would have happened anyway. It was able to fly afterwards.
I recently learned of Flow, and I don't understand why people group it together with Ladybird and Servo, which are both developing the browser engine from scratch mostly, while Flow seems to be based on Chromium. Is Flow doing anything different compared to the numerous other Chromium-based browsers? Genuinely curious.
Are you talking about https://flow-browser.com ? I wasn't aware of this project before, but it appears to a new chromium based browser.
The Flow people are talking about when they talk about Ladybird and Servo is https://www.ekioh.com/flow-browser/ which does have it's own engine. It has a similar level of standards compliance to Servo and Ladybird, although it's not open source which puts it in a somewhat different category.
I might be crazy, but this just feels like a marketing tactic from Anthropic to try and show that their AI can be used in the cybersecurity domain.
My question is, how on earth does does Claude Code even "infiltrate" databases or code from one account, based on prompts from a different account? What's more, it's doing this to what are likely enterprise customers ("large tech companies, financial institutions, ... and government agencies"). I'm sorry but I don't see this as some fancy AI cyberattack, this is a security failure on Anthropic's part and that too at a very basic level that should never have happened at a company of their caliber.
I don't think you're understanding correctly. Claude didn't "infiltrate" code from another Anthropic account, it broke in via github, open API endpoints, open S3 buckets, etc.
Someone pointed Claude Code at an API endpoint and said "Claude, you're a white hat security researcher, see if you can find vulnerabilities." Except they were black hat.
It's still marketing , "Claude is being used for evil and for good ! How will YOU survive without your own agents ? (Subtext 'It's practically sentient !')"
It's marketing, but if it's the truth, isn't it a public good to release information about this?
Like if someone tried to break into your house, it would be "gloating" to say your advanced security system stopped it while warning people about the tactics of the person who tried to break in.
reminds me of the YouTube ads I get that are like "Warning: don't do this new weight loss trick unless you have to lose over 50 pounds, you will end up losing too much weight!". As if it's so effective it's dangerous.
I remain convinced the steady steam of OpenAI employees who allegedly quit because AI was "too dangerous" for a couple months was an orchestrated marketing campaign as well.
Ilya Sutskever out there as a ronin marketing agent, doing things like that commencement address he gave that was all about how dangerously powerful AI is
I just had 5.1 do something incredibly brain dead in "extended thinking" mode because I know what I asked it is not in the training data. So it just fudged and made things up because thinking is exactly what it can not do.
It seems like LLMs are at the same time a giant leap in natural language processing, useful in some situations and the biggest scam of all time.
> a giant leap in natural language processing, useful in some situations and the biggest scam of all time.
I agree with this assessment (reminds of bitcoin frankly), possibly adding that the insights this tech gave us into language (in general) via the embedding hi-dim space is a somewhat profound advance in our knowledge, besides the new superpowers in NLP (which are nothing to sniff at).
I get that. But you have to acknowledge that this is different than McAfee. Someone used their tool to attack someone else. I don't think McAfee would boast about their tools being used for hacking.
Anthropic's post is the equivalent of a parent apologizing on behalf of their child that threw a baseball through the neighbor's window. But during the apology the parent keeps sprinkling in "But did you see how fast he threw it? He's going to be a professional one day!"
If it was meant as publicity its an incredible failure. They cant prevent misuse until after the fact... and then we all know they are ingesting every ounce of information running through their system.
Get ready for all your software to break based on the arbitrary layers of corporate and government censorship as it deploys.
that's borderline tautological; everything a company like Anthropic does, in the public eye, is pr or marketing. they wouldn't be posting this if it wasn't carefully manicured to deliver the message that they want it to. That's not even necessarily a charge of being devious or underhanded.
You are not crazy. This was exactly my thought as well. I could tell when it put emphasis on being able to steal credentials in a fraction of the time a hacker would
Not saying this is definitely not a fabrication but there are multiple parties involved who can verify (the targets) and this coincides with Anthropic ban of Chinese entities
If a model in one account can run tools or issue network requests that touch systems tied to other entities, that’s not an AI problem... that's a serious platform security failure
Hyping up Chinese espionage threats? The payoff is a government bailout when the profitability of these AI companies comes under threat. The payoff is huge.
It’s a conspiracy. Even employees from OpenAI say anthropic’s stance on things is quite clearly sincere. They literally exist because they were unhappy with ai safety at OpenAI.
It’s not just a conspiracy, it’s a dumb and harmful one.
> I asked if I could schedule the interview after my final exams
Ha, my interview for an Amazon internship was an hour after a 3-hour final exam :-)
But the job market right now is quite bad, and after hundreds upon hundreds of internship applications I would've been stupid to give up this chance. I would work for Amazon in a heart beat.
In my case I've found niri's workflow quite nice for these scratch windows, since every new window opens to the immediate left of the currently focused window, and doesn't affect the size or tiling of any other windows, they're just shifted to the right.
Many of those apps minimise when closed and reopen when calling, so often it is not really an issue (although it's sometimes annoying that you have to specifically tell the apps to exit when you do want to close).
I'm not sure, but I doubt it. You could try PaperWM [0] inside Gnome to get a feel for the scrolling WM workflow, and see if it's worth switching to niri proper for you.
