• 0 Posts
  • 94 Comments
Joined 11 months ago
cake
Cake day: July 5th, 2023

help-circle







  • The issue on the copyright front is the same kind of professional standards and professional ethics that should stop you from just outright copying open-source code into your application. It may be very small portions of code, and you may never get caught, but you simply don’t do that. If you wouldn’t steal a function from a copyleft open-source project, you wouldn’t use that function when copilot suggests it. Idk if copilot has added license tracing yet (been a while since I used it), but absent that feature you are entirely blind to the extent which it’s output is infringing on licenses. That’s huge legal liability to your employer, and an ethical coinflip.


    Regarding understanding of code, you’re right. You have to own what you submit into the codebase.

    The drawback/risks of using LLMs or copilot are more to do with the fact it generates the likely code, which means it’s statistically biased to generate whatever common and unnoticeable bugged logic exists in the average github repo it trained on. It will at some point give you code you read and say “yep, looks right to me” and then actually has a subtle buffer overflow issue, or actually fails in an edge case, because in a way that is just unnoticeable enough.

    And you can make the argument that it’s your responsibility to find that (it is). But I’ve seen some examples thrown around on twitter of just slightly bugged loops; I’ve seen examples of it replicated known vulnerabilities; and we have that package name fiasco in the that first article above.

    If I ask myself would I definitely have caught that? the answer is only a maybe. If it replicates a vulnerability that existed in open-source code for years before it was noticed, do you really trust yourself to identify that the moment copilot suggests it to you?

    I guess it all depends on stakes too. If you’re generating buggy JavaScript who cares.




  • I think it’s more the dual-use nature of defense technology. It is very realistic to assume the tech that defends you here, is also going to be used in armed conflict (which historically for the US, involves in many civilian deaths). To present the technology without that critical examination, especially to a young audience like Rober’s, is irresponsible. It can help form the view that this technology is inherently good, by leaving the adverse consequences under-examined and out of view to children watching this video.

    Not that we need to suddenly start exposing kids to reporting on civilian collateral damage, wedding bombings, war crimes, etc… But if those are inherently part of this technology then leaving them out overlooks a crucial outcome of developing these tools. Maybe we just shouldn’t advertise defense tech in kids media?




  • Wow, what a dishearteningly predictable attack.

    I have studied computer architecture and hardware security at the graduate level—though I am far from an expert. That said, any student in the classroom could have laid out the theoretical weaknesses in a “data memory-dependent prefetcher”.

    My gut says (based on my own experience having a conversation like this) the engineers knew there was a “information leak” but management did not take it seriously. It’s hard to convince someone without a cryptographic background why you need to {redesign/add a workaround/use a lower performance design} because of “leaks”. If you can’t demonstrate an attack they will assume the issue isn’t exploitable.


  • Spedwell@lemmy.worldtoGames@lemmy.worldSteam :: Introducing Steam Families
    link
    fedilink
    English
    arrow-up
    5
    arrow-down
    2
    ·
    edit-2
    2 months ago

    This is demonstrably wrong. The 30% cut is standard because Steam has used the same strategy as Amazon to fix prices across the market (a “Platform Most Favored Nation” clause—see the Wolfire Games v. Valve class action, specifically items 204 and 205 on pg 55). Competing storefronts cannot undercut Steam, so why would they take less than a 30% cut?

    Epic Games Store—which is trying to undercut steam at a 12% fee—still list games at the same price as on Steam because of Valve has strongarmed publishers into fixing the prices. If Epic is charging 18% less but Valve is stopping publishers from reducing the game cost by that much, how is that not blatantly anti-competitive and anti-consumer?

    enshitifies

    Oh good, you are familiar with Cory Doctorow. He has an article on how Amazon abuses their position using the exact same playbook Valve uses.



  • Spedwell@lemmy.worldtoGames@lemmy.worldSteam :: Introducing Steam Families
    link
    fedilink
    English
    arrow-up
    2
    arrow-down
    1
    ·
    edit-2
    2 months ago

    You have to have never seriously engaged with the details of the Valve monopoly if you think that’s what we are upset about.

    We know Steam is an amazing storefront—I buy my games there because it’s the best experience for the cost. But Steam charges a premium. And despite taking smaller cuts, competing platforms like Epic cannot actual pass those cost savings to consumers because Valve is strongarming game publishers into fixing prices.


  • Spedwell@lemmy.worldtoGames@lemmy.worldSteam :: Introducing Steam Families
    link
    fedilink
    English
    arrow-up
    3
    arrow-down
    2
    ·
    2 months ago

    Yep. Because honestly, Steam is better than Epic in almost every way. When you want to buy a particular game X, you get a lot more from your purchase if it’s on Steam (workshop, friends, multiplayer, etc.). There is strong inertia and network effects that keep us all preferring Steam.

    Epic can’t compete with the Steam experience. But if Epic was able to list everything 18% cheaper (the difference in fees between Epic and Steam)—then they would rightly be able to compete on price.


  • Spedwell@lemmy.worldtoGames@lemmy.worldSteam :: Introducing Steam Families
    link
    fedilink
    English
    arrow-up
    11
    arrow-down
    3
    ·
    edit-2
    2 months ago

    “Platform Most Favored Nation”. It’s a type of clause in platform/marketplace agreements that prohibit a seller from listing their product for a lower price on a different sales platform. Specifically, it prevents selling on a different marketplace with lower fees (e.g. Epic Games or a publishers own website) and passing the difference as savings to the consumer.