Hacker News new | past | comments | ask | show | jobs | submit | bluesign's comments login

The problem is, which distro?, which DE? Even which drivers? Every distro usually has some missing pieces, when you raise that, people would say: ‘ oh you are using X thats why, it works on Y’


IANAL but searched a lot on this, this is very tricky subject legally.

To simplify:

- imagine all code Copilot trained on is GPL licensed. - we have a universal function `isInfringing(code)` that has access to all GPL code, and returns `true` if it is infringing some GPL code.

for a given prompt; if `isInfringing(copilot(prompt))==false` we cannot claim copilot infringing on GPL code, even it is trained on GPLed code.

so the problem starts here; does the piece of code copilot emits, if written by yourself also would be infringing ?


> so the problem starts here; does the piece of code copilot emits, if written by yourself also would be infringing ?

why everyone on discussions tries to bring "if a human made it"? a generative AI operates way faster than anyone ever existed and ever will and probably a person aware of the license & acting respectful towards it, will create something more sensible/plausible to avoid plagiarism

now having dozen/hundreds/thousands of humans substituted by a machine that makes money for some for-profit company is really fair? even if they were a non-profit, as someone pointed up, people who create the content that feeds the weights aren't recieving a penny! they already made money with it, they will make more & that is/will upgrading/e the state of gen. AI

for sure legal battles on people copying code from permissive licenses should exist but it's feels a different discussion


because discussion is around 'legal' and laws only apply to humans. On ethical side of the discussion, I tend to agree with you. But it is also complicated subject; 'fair' in general is complicated, all this, GPL/AGPL stuff born out of this subject. Hosting GPL code as SaaS is legal but not 'fair' for example.


If one was sufficiently inspired by code A when writing code B, then it is a derivate work. This is a core tenet of copyright law.

At what measure is one sufficiently inspired for it to be a derivate work? That is up to courts to decide.


yeah the problem here is there is no 'code A' usually, it is more like: 1000s of GPLed code (A1, A2, ... An )

Technically when you get a piece from each, there is no infringement legally. ( as they have all different copyright holders )


From my understanding of a blog post by GitHub last year, they are planning to launch a tool to find similar code to what emitted by CoPilot, implying that CoPilot does not mix multiple sources for a single function, but derives a code block it found with a similar functionality (or maybe bigger blocks with similar functionality, IDK).

If CoPilot indeed derives a function (or a functional block) from a single source, it might plainly violate the license of the repository where it derives the code from.

There are many questions, and nothing is clear cut. The only thing I know is, I will never use that thing.

EDIT: I remembered that people were able to make CoPilot emit their code almost as-is with the correct prompts: https://x.com/docsparse/status/1581461734665367554

So it's not we're taking a bit from n different sources, and generate something with that.


> Technically when you get a piece from each, there is no infringement legally.

False in ex-Commonwealth countries and Japan.


To be fair to telegram; similar things happened to many big names: facebook, google, apple etc


Delivering messages to the wrong recipient!? Examples, please!



How could client deliver messages to the wrong recipient? Why would client have messages for user outside of the one logged in anyway?


Seems like a rather easy thing to go wrong in the client, no?

User sends message via client. Client fumbles the recipient id. Message ends up at the wrong recipient.

Examples: incorrect recipient ID attached to contact in list where users selects recipient. Buggy selection of multiple targets in the selection UI due to incorrect touch event handling. Incorrect deletion of previously selected and then deselected recipient from recipient array of multitarget message. Or if working low level even a good old off by one error and reading out of bounds data for the recipient list (though that one hopefully should trigger a faulty send request due to other stuff no longer matching). There is endless examples.

The server can't really safeguard against the client providing a legitimate send request even though the user intended to send it to another recipient.


https://news.ycombinator.com/item?id=27950763

Yeah, I don't know how they manage to get bugs like that, but it's happened


Curious to know more. Will search but if anyone finds anything


There are many examples, I posted one to parent. Usually it effects some small percentage of users. But size of the team or company not directly solving the problem.


For me personally, when no commute, even 6x4 hours is much better than 4x8 hours ( 1 hour spent at lunch etc, effectively 4x7 maybe 4x6 anyway )


Of course for you personally 6x4=24 hours of work is better than 4x8=32 hours of work.

The math is so simple, obvious and scewed that I don't understand why you wrote your comment, what is the informational value.


Sorry I could write it more clear I suppose; I meant 4 hour daily work 6 days almost has the same productivity (if not more) as 8 hour daily work for 4 days.

If you consider time for lunch and productivity decline in long working hours; having usable free time everyday without spending all your mental energy has huge benefits.


I think the intention was to convey that 6x4 is more productive than 4x8.


Ok, this explanation might actually be plausible. Thank you for writing.


I think the issue here is, retention goes up because not everyone is doing it. ( so people have motivation to stay )

Also productivity does not go down, because not everyone is doing it. ( so people have motivation to not get fired )

In normal conditions, expected would be some drop in productivity but bigger gain in retention.


The main risk here is not to the sender but to the receiver. Receiver gets an OTP code from some number, it works, then they associate this number with telegram. So if sender, sends some secondary SMS like "we detected an intrusion attempt, please secure your account by following [some scam link]" they can have high degree of success.


SMS sender IDs can be spoofed quite easily as far as I know, just like caller ID, so they were never a trusted channel – but of course most people don't know that, and it's definitely a worrying extra threat.


I think tracking-free and ad-free are different concerns here. Basically you can offer ad-free for $X/month, but tracking consent should be separate ( basically anyone would be able to deny tracking )

Same issue on the Apple side will play out probably similar; either they can charge every developer some technology fee, or they cannot charge to anyone.


> I think tracking-free and ad-free are different concerns here

Maybe in theory, but in practice they are one and the same. The CPM on ads where you don't know the audience is so low that you might as well skip the ads entirely.

> Same issue on the Apple side will play out probably similar; either they can charge every developer some technology fee, or they cannot charge to anyone.

Yes, and the result for both will be that there is no free tier in the EU anymore. All EU developers will pay the CTF and all EU users will pay $10/month for for ad-free FB.


> Yes, and the result for both will be that there is no free tier in the EU anymore. All EU developers will pay the CTF and all EU users will pay $10/month for for ad-free FB.

And that's a good thing! If people really get value out of Facebook, they'll pay for it. If Facebook cannot deliver value without invading their users privacy and selling their data, maybe their business premise was flawed in the first place. Is it so alien to accept that the era of "free" online services might end after all?

Regarding the CTF specifically: I don't think Apple will get away with this after all, but we'll see.


I think as long as they don't discriminate, they can get away with it. But will they choose to go this way is another question.


I know you’re not the person to ask about this. Just asking out of curiosity and frustration: Why do advertisers think that they are entitled to everything about my life, family, habits, and other private information? Being able to collect and correlate data from various resources to identify everything about me doesn’t change the fact that I am entitled to my own privacy.


"People are taking the piss out of you everyday. They butt into your life, take a cheap shot at you and then disappear. They leer at you from tall buildings and make you feel small. They make flippant comments from buses that imply you’re not sexy enough and that all the fun is happening somewhere else. They are on TV making your girlfriend feel inadequate. They have access to the most sophisticated technology the world has ever seen and they bully you with it. They are The Advertisers and they are laughing at you.

You, however, are forbidden to touch them. Trademarks, intellectual property rights and copyright law mean advertisers can say what they like wherever they like with total impunity.

Fuck that. Any advert in a public space that gives you no choice whether you see it or not is yours. It’s yours to take, re-arrange and re-use. You can do whatever you like with it. Asking for permission is like asking to keep a rock someone just threw at your head.

You owe the companies nothing. Less than nothing, you especially don’t owe them any courtesy. They owe you. They have re-arranged the world to put themselves in front of you. They never asked for your permission, don’t even start asking for theirs."

– Banksy


> Maybe in theory, but in practice they are one and the same. The CPM on ads where you don't know the audience is so low that you might as well skip the ads entirely.

Your case only valid with "zero consent" case. This is proved with Apple's tracking protection for apps already; given that you have some x% of users consenting to tracking, CPM value for non-tracking users are within 85-95% range.


> The CPM on ads where you don't know the audience

Contextual Advertising is also a thing, see CarbonAds and others


> Don't get me wrong, I think the DMA is a good thing and it is totally the right thing to do.

This is the part that you and Google don't agree. If you look at your comment from that perspective, you can see why probe makes sense.


I think problem with 'SMS 2FA is much better than nothing, as long as it's an actual second factor.' statement is: even though it is totally correct, at least passes some responsibility to 3rd party. ( phone operators etc )

So it becomes easy choice for companies, this leads to non-savvy to stay non-savvy.


I think the main issue is attribution. Especially when a lot of stuff breaks even on web, when you change the browser.

Imagine I have some PWA at home screen now, working with Safari engine. I changed my browser to Chrome, let's say it stopped working. 90% of the users will blame Apple software update instead of the Chrome choice.


We luckily are finally living in a world where browser incompatibility is not a big issue anymore.

And as a developer, you'd simply check that your PWA works with Safari, Firefox and Chrome.


Nah. Those kind of incompatibilities are rare and users will generally place the blame on their last change, more likely the Chrome install than a check for updates.


Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: