I thought it was pretty good actually. Most of these leak disclosures usually say things like "We do not have evidence they accessed any secrets" or something like that, because they don't "know" what the hackers did once they were in. At least huggingface is saying "Yeah, they probably accessed secrets but we can't confirm it"
Any moderately well run shop will have a mechanism to get updates when a dependency of theirs has a security issues, depending on the line of business it may actually be required by a regulator or certification body (eg PCI etc)
We should probably be more afraid of the backdoors you can’t see in proprietary that would almost never be found.
This is how ALL open source used to be! Like literally ALL, this is the norm not this bullshit VC funded fremium restricted/tiered fuck the customer trap nonsense.
People built things because they loved it and wanted to help others , not to get rich. Now everyone just wants to get rich, and fast.
While I agree with your sentiment, maintaining software like postgreSQL is a full time job.
But your last sentence seems to apply to everything on the internet lately. People used to do podcasts, create guitar tabs or publish cooking recipes because it was their hobby and they wanted others to participate. Now everything seems about making money.
People would do these things for free because they had a stable job which guaranteed their material needs. Now every type of job can be automated and done better/cheaper by a machine, people will be forced to "monetize" everything that exists unless we get a literal revolution in how we tax and distribute the produced wealth.
It’s less automation and more about cheap labor. Content farms sprung up and flooded the landscape with worthless content to get a micro-slice of the pie.
Very discouraging to many content creators when their work is just going to be buried in SEO chaff.
Also, the automation wave is just beginning. Soon the human run content farms will be overwhelmed by AI created crap.
This is likely to happen in software as well. Every product will need to compete with some AI generated piece of garbage that’s barely passable functionally, but being sold at a fraction of the cost.
The jobs we’re talking about here, podcasting, development, etc aren’t jobs where everyone is forced out. Everyone is just more into making money these days and decide they want to make money doing those things rather than just fun. Let’s not try making excuses.
You are getting at it backwards. People are doing podcasts about investing, cooking, music production, <anything> because even those careers are being automated away and the money that they could be getting working is going away.
Even Software Engineers: take all the swaths of engineers who were productive but didn't want / didn't make to a FAANG company and now are having to compete in a world where most companies can replace a lot of the people they don't need a team of 8 engineers because their team of 4 now can have Co-Pilot and most of their "middle management" roles could be effectively replaced by some cheap, off-the-shelf SaaS.
I'm literally in this scenario. I'm too old to be interested in competing with someone who is 20 years younger than me but can call themselves a "programmer", and whatever knowledge/experience I have can be had at a fraction of my "cost" by using a commodified service that automates a process. So, what is left for me? Either I need to go downmarket and work for "programmer" jobs (further increasing the supply and lowering salaries) or I need to find someone who is willing to invest in my "idea for a startup" (thus getting into the Silicon-Valley way of life), or I need to find a way to take my unique experience and repackage as something of value - and then get to be called "greedy" by people like you.
I do not believe you can replace a competent developer with an AI, or say you have 2 and replace them with 1 dev and 1 AI.
You can't just type in ChatGPT something like "write me GTA5" and you get running code, just seen today an example of someone complaining that he asked soemthing like "Create a website in PHP for a company that does X" and they were expecting that by magic a website will just appear.
Aside from clueless people on Elance and upwork, no one goes to a developer and says "write me GTA5" or "make a website in PHP that does X", either.
What AI will do is leverage productivity of the individuals. Any new story will have its complexity reduced because the developer will be to use the existing codebase and say "hey, our current code is connecting with Foobar via the Zoberg SDK, now we are adding a customer that uses the BazBah platform and they need to change the order flow for 'deliver on payment' to 'deliver on invoice sent'. Show me what changes are needed to make this happen, and please write the integration tests to make sure that we are not breaking things from existing customers"
This goes from a one week task that will require three hour-long to something that can be done in an afternoon, reviewed by the developer and (most importantly) cheap to throw away if the original requirements change.
Does this work today?
I guess it might be able to write tests but does the rest just work?
In my experience the AI
- uses bad code practices because there is more bad code on the internet then good
- hallucinates APIs , so it tells you to use X but X does not exist in the library/framework you asked for
- suggests wrong solution
- if your language is not precise it gives you the answer to the wrong thing, like you see the answer and you realize it did not understand you
In my experience if your developers are 20% more productive you do not fire 20% of them because there always is a big backlog of features or bugs to be handled.
One of the reasons that I didn't drop out of college (almost 25 years ago) was because I was working part-time proofreading (and occasional translating tech manuals) for a translator who used to get about $25 per 1000 "touches". It could be good money for an experienced translator, but nowadays it's a dead profession outside of legal documents who need a certified notary.
Google's automatic translation was not good enough at the beginning to replace the translator's job, but by the time I was already graduated it was good enough for her to not need my proofreading and it was good enough for her to effectively get 60% of the job done. She has then effectively become the proofreader for a bad translator.
And nowadays, the bad translator is good enough to the point where her customers can just throw the original document on Google and do themselves the proofreading.
This is what will happen with programming tools. Code generation tools are still just at the "smart autocomplete" stage and the experienced programmer is still needed to act as reviewers, but as AI gets better, it will be cheaper to drop the "professional expert" altogether and let someone with tangential knowledge (maybe a product manager) in charge.
People still complain that machine translated Japanese is garbage so I bet will be the same with programming, some easy tass will be automated, complex stuff will be still done by humans with experience and understanding of the domain.
- There is not that much "complex" stuff going around for all the people that will be looking for a job in the field.
- what you call "garbage" might be someone else's "good enough for my needs". If I can go to Japan and a " garbage translator" still is enough for me to help navigate the city or poorly talk to a shopkeeper, then it's mission accomplished and I don't need to worry about a local guide.
- lots of "complex stuff" are dependent on context, and can be made less complex if we relax one single design constraint. E.g, centralized social media networks have a strong requirement for not losing user data. Distributed systems solve this by (a) duplicating data between every node and (b) letting it be deleted by users and node operators who do not want to have the data stored for long term.
It seems to me that you believe that what most software engineers is some dark magic that only a select few can master. It really isn't. The whole "software is eating the world" essay never mentioned what was going to happen after it ran of out of things to eat, now it is kind of obvious that it will gladly get into cannibalism.
My point was that your example was flawed, your translator friend can still have a a lot of work to do since the translators are average or garbage still.
A true intelligent AI sure could be a problem, but this stuff will just be an copilot, good enough to do basic stuff and maybe double check the programmer.
When you predict it would be possible I give the AI a JIRA ticked and it could open the application, reproduce the issue, update the ticket with details about the bug , then find the issue in a giant code base, fix it correctly etc .
Because today an AI can't do anything from the above. It can't replace a human.
My translator friend speaks no Japanese. She used to work with English, German and Portuguese. The fact that translators are still not Professional-level (yet?) is no consolation for the thousands of other professionals like her. She retired already.
> It can't replace a human.
If it provides enough leverage to today to make one person 20x more productive, then it is effectively replacing 19 humans. When it is effective to make one employee 200x more efficient, it will replace 199 humans.
And if you have enough hubris to think you are always going to be the lucky one out of the chopping block, it's not for lack of warning.
Sorry, my mistake. Replace "today" with "someday".
For "today", I've seen good engineers solving specific tasks in a third of the time already, but I won't make specific claims about absolute productivity multipliers.
>For "today", I've seen good engineers solving specific tasks in a third of the time
Specific is the important word here. Some boring tasks that can be automated in all jobs will be automated though you still need to check the AI. I assume no competent developer was fired because of that productivity boost in that specific task
You don't need to "fire" anyone for AI to cause a significant impact. All AI needs to do is to allow companies postpone hiring more people.
I really don't understand why you are being so obtuse about this. Do you honestly think that you can make the argument that software development (as an industry) is somehow immune to automation?
The main alternative to open source monetization is XKCD 2347 (one guy in Nebraska). PostgreSQL appears to have hit that sweet middle ground that is so rare in open source.
People should be more aware of what the license open source software is developed under allows.
Amazon can wrap an open source project in an AWS front end and create a paid for cloud service off the back of community effort. Or, key contributors can decide they want to take the existing code and change the license their contributions are released under going forward.
If the original license allows both these things to happen, then both are a risk and no one is being fooled.
Who cares if they do that? Do you see Torvalds and co running around crying because the entire world runs on Linux Kernels?
I would love nothing more than for a project I built or contributed to wound up as an AWS service.
Writing the code is just part of the value, running it is also very difficult. Especially as the use increases and expose new code paths and bugs and what not.
I think if a big company or two decided to lead development and charge for their Linux Linux kernels he’d have an issue as his influence etc would change. Also he is lucky in that he doesn’t have to care about the making money part. Companies have that issue.
Well I’m not sure if it’s just greed at the level at Amazon, Microsoft etc packaging your work and take all the support money from their vast influence.
OSS users don't complain about AWS wrapping around it. It's very much welcome.
The greedy people behind businesses managing OSS are concerned, because they are not satisfied with making money. They want to be THE ONLY ONES making LUDICROUS profits on top of community contributions.
I also have this feeling, but i do feel myself doubting from the lack of examples in this conversation. What are some recent examples of this type of scandal that we can use to solidify this conversation?
you can't fork and maintain everything yourself, and that de-facto lock in is exactly what companies bank on when they pull this kind of bait and switch. The idea is precisely to gain popularity with open source, "the first dose is free" style, and then capitalize on the dependency and popularity. Literally just the developer analog to the misleading "everything is free and always will be" advertisements of consumer facing software.
Ok find other people to help, that’s how open source works no?
There’s no issue here. Just whining. There is no lock in at all.
Even if it were OSI open source the maintainers like the very thread we are in could die. Then what? Oh you fork and maintain yourself, or the project rots.
Your comment leaves me scratching my head as it is all over the place.
We all need to just stop paying attention to Musk, he’s nothing more that a gussied up Musk supremcist dork with skin so thin he’s more translucent than he is white.
He’s made a career out of taking big risks with other people’s money and being saved by absurd fed policies while also milking the government for every last nickel he can squeeze out of it
> He’s made a career out of taking big risks with other people’s money
Quite a big statement about somebody that spent all his personal wealth to invest in Tesla and create SpaceX. Both companies in industries known to be startup unfriendly and places where he couldn't get much outside investment.
And before that, his first small startup, he reinvested that money into his second startup that then gave him the money to invest in Tesla/SpaceX.
By the time these companies got lots of outside investment they had proven their basic ability to operate. In case of SpaceX the flew Falcon 1 and had a contract for ISS resupply. In case of Tesla they had the Roadster working and had solid plans for Tesla Model S. And I think the investors in both companies were happy. Isn't this the whole point of startups?
You act like its easy to 'just get other peoples money and take big risks', and if that's all he did then maybe you would have an argument. But the whole point of why he is famous is that those investments turned into to major US companies.
> saved by absurd fed policies while also milking the government for every last nickel he can squeeze out of it
That's just factually incorrect.
In case of SpaceX they go ISS resupply contract, something that most people do not think is stupid. And they got it because they proved to be decent engineers and offered it at a low price, and the were successful. It was objectively one of the best contract NASA ever signed and you will find anybody on NASA who disagrees. Since then they have received many government contracts in addition to many private ones, non of those are stupid. Of all space companies in US history, SpaceX depends the least on the US government.
The first big federal help Tesla got was the investment in Model S production. All US automakers got money for 'next generation vehicle', Ford got way more then Tesla. GM was fully bailed out by the government at that time. And just FYI, when I last checked Ford had not paid back that money to the government. Tesla on the other hand paid that money back with interest ahead of schedule.
Beyond that the Fed did a bunch of stuff to encourage EV. Those policies helped all automakers, and often even foreign ones. One can argue that this actually hurts Tesla because it resulted in other automakers investing in EV not leaving the market open for Tesla to capture for longer.
Tesla received tax cuts and so on, but there Tesla is no different then any other company that does large manufacturing investments.
Encouraging EV is also not stupid. One can argue if its the best transportation policy (I don't think it is) but it isn't exactly stupid either.
And then who are you comparing them to? Against some idea perfect libertarian dream cooperation? If you compare them with actual real competitors, then making the argument that his companies are some government depended bloodsucker just doesn't hold up in the slightest.
Whenever I hear people talk about free market it is usually not in the sense of economic freedom or free software. So you are correct. It generally refers to free as in free beer aka the government is supposed to subsidize the private sector and average citizens are supposed to pay for it. I'm not talking about socialists here, I'm talking about neoclassical economists and neoliberals in business and politics.
Almost nobody wants to pay for the pollution they cause via CO2 taxes. Meanwhile income taxes are considered efficient despite their dead weight loss. Everything is upside down on this planet when it comes to economics.
That’s not helping, that’s excusing OpenAIs behavior, which is not something anyone on hn should be doing.
This is supposedly the greatest AI mankind has ever created, it goes down for a little while and we have zero information on why or how, that’s simply inexcusable
If this is such a socially impacting technical change we should be ripping it to pieces to understand exactly how it works. Thats a) how we protect society from technical charlatans b) how you spawn a whole new world of magnificent innovations (see Linus building a truly free Unix like operating system for everyone to use).
Failing to hold them to as high a bar is a another step down the path to a dystopian corporatists future…
> it goes down for a little while and we have zero information on why or how
We have more than zero information. They applied a change and it didn’t work on some set of their hardware so they reverted it. That is not much information but also not zero.
> that’s simply inexcusable
If your contractual SLAs were violated take it up with the billing department.
> If this is such a socially impacting technical change we should be ripping it to pieces to understand exactly how it works.
And people are doing that. Not by complaining when the corp are not sufficiently forthcomming but by implementing their own systems. That is how you have any chance of avoiding the dystopian corporatist future you mention.
Realistic examples of small, useful AI projects a junior dev could do in a sprint:
1) check for spelling/grammar mistakes on company website
2) summarise transcripts of zoom calls
3) scan codebase for misleading comments
4) generate mermaid diagrams from terraform
5) Scan Jira for near-duplicates on a backlog and add a label
None of these require data science teams to get involved.
reply