Just a regular Joe.

  • 0 Posts
  • 21 Comments
Joined 3 years ago
Cake day: July 7th, 2023
  • Joe@discuss.tchncs.detoOpen Source@lemmy.mlBenefit of AI?
    3·
    4 months ago

    Many people have “itches to scratch” and some interest in development but little time to learn, so AI coding tools will allow them to scratch many of those itches without paying $ to others or investing that time (for better or for worse). Even as an experienced (but no longer full time) coder, I use it to scratch itches when I don’t have the time/lust.

    Often enough, you’ll find some customizable app that does 90% of what you want, with a bunch of features you don’t care about. Writing personalized apps is a cool new thing, giving you exactly the functionality that you want. Many times these will be based on OSS or open libraries, which the AI just glues together.

    Will this personalized development result in new quality OSS apps, though? I doubt it. We also don’t really need more sloppy code on github.

    There are a lot of personal apps that just happen to have an OSS license… and then there are OSS projects, built and maintained as OSS community projects. It takes dedication to run a real OSS project, build a community, handle issues, websites, etc.

    Will AI coding tools assist developers of real OSS projects? Sure… many are already using it to varying degrees. We’ll increasingly see it being used to find and fix bugs and security issues ahead of time - security researchers & blackhats are already having a field day.

  • Joe@discuss.tchncs.detoOpen Source@lemmy.mlHistomat of F/OSS: We should reclaim LLMs, not reject them
    6·
    5 months ago

    Indeed. I suspect it would need to be framed around national security and national interests, to have any realistic chance of success. AI is being seen as a necessity for the future of many countries … embrace it, or be steamrolled in the future by those who did, so a soft touch is being embraced.

    Copyright and licensing uncertainty could hinder that, and the status quo today in many places is to not treat training as copyright infringement (eg. US), or to require an explicit opt-out (eg. EU). A lack of international agreements means it’s all a bit wishy washy, and hard to prove and enforce.

    Things get (only slightly) easier if the material is behind a terms-of-service wall.

  • Joe@discuss.tchncs.detoOpen Source@lemmy.mlHow hard is it to make a FOSS DoorDash or Uber?
    105·
    7 months ago

    So you want to create a human exploitation / profit maximising system?

    Pretty sure those are proprietary algorithms, with some common knowledge foundations that LLMs will happily tell you about.

    It’s all simple enough at a small scale, but the challenge is optimizing it for your use-cases, and building for scale & reliability in a cost efficient manner.

    Such companies will likely also have top notch software engineers & statisticians, marketing teams, psychologists and lawyers on the payroll, all contributing their part to the perpetuation of human misery in the name of corporate profit.

  • Joe@discuss.tchncs.detoSelfhosted@lemmy.worldPlex now want to SELL your personal dataEnglish
    10·
    1 year ago

    But not Fire tablets (kids profile) or Samsung TV or many others that Plex currently supports.

    JellyFin android phone app’s UI is a little weird at times, but does work pretty well for me.

    What I would adore from any app would be an easy way to upload specific content and metadata via SFTP or to blob storage and accessible with auth (basic, token, or cloud) to more easily share it with friends/family/myself without having to host the whole damn library on the Internet or share my home Internet at inconvenient times.

    Client-side encryption would be a great addition to that (eg. password required, that adds a key to the key ring). And of course native support in the JellyFin/other apps for this. It could even be made to work with a JS & WASM player.

  • Joe@discuss.tchncs.detoOpen Source@lemmy.mlInnerSource - A way to spread the Open Source way / culture in organizations?
    2·
    1 year ago

    And contributions to codebases that have developed with the goal of meeting the team’s own needs, and who similarly don’t have the time or space to refactor or review as needed to enable effective contributions.

    Enabling Innersource will be a priority for management for only two weeks, anyway, before they focus on something else. And if it even makes it into measurable goals, it will probably be gamed so it doesn’t ruin bonuses.

    Do you also work for $GenericMultinationalCompany, per-chance? Do you also know $BillFromFinance?

  • Joe@discuss.tchncs.detoSelfhosted@lemmy.worldSecrets ManagementEnglish
    3·
    1 year ago

    Encryption will typically be CPU bound, while many servers will be I/O bound (eg. File hosting, rather than computing stuff). So it will probably be fine.

    Encryption can help with the case that someone gets physical access to the machine or hard disk. If they can login to the running system (or dump RAM, which is possible with VMs & containers), it won’t bring much value.

    You will of course need to login and mount the encrypted volume after a restart.

    At my work, we want to make sure that secrets are adequately protected at rest, and we follow good hygiene practices like regularly rotating credentials, time limited certificates, etc. We tend to trust AWS KMS to encrypt our data, except for a few special use cases.

    Do you have a particular risk that you are worried about?

  • Joe@discuss.tchncs.detoSelfhosted@lemmy.worldSecrets ManagementEnglish
    31·
    1 year ago

    Normally you wouldn’t need a secrets store on the same server as you need the secrets, as they are often stored unencrypted by the service/app that needs it. An encrypted disk might be better in that case.

    That said, Vault has some useful features like issuing temporary credentials (eg. for access to AWS, DBs, servers) or certificate management. If you have these use-cases, it could be useful, even on the same server.

    At my work, we tend to store deployment-time secrets either in protected Gitlab variables or in Vault. Sometimes we use AWS KMS to encrypt values in config files, which we checkin to git repositories.

  • Joe@discuss.tchncs.detoOpen Source@lemmy.mlWe are misunderstanding the strenghts of open source
    2·
    1 year ago

    It typically takes a small core team to build the framework/architecture that enables many others to contribute meaningfully.

    Most OSS projects get bugger all contributions from outside the initial core team, having limited ability to onboard people. The biggest and most active (out of necessity or by design) have a contribution friendly software architecture and process, and often deliberately organized communities (eg. K8S & CNCF) or major corporate sponsors filling the role.

    Free Software and resulting ecosystems seem to have a better chance of contributing to the common good over the long term. This is simply because most companies are beholden to their shareholders, and at some point the urge to squeeze every last cent out of an opportunity comes to the forefront, and many initially well intentioned efforts get poisoned.

    Free Software licenses like the GPL help to protect our freedom and to set open standards, and are essential for the core technology stack.

    When someone can get annoyed with some shitty software or its license-terms and reimplement the core functionality in a few days/weeks/months … eventually someone will get annoyed and create some decent free software that will kill off the shitty alternatives, or even just a better commercial alternative. This only works because of the open platforms & protocols.

    One of the major challenges for consumers is finding good software today in the grey goo of projects and appstores. This harks back to OP’s point about curated collections of software. It’s also where the various foundations add value (CNCF, Linux Foundation, Apache) … along with “awesome X” gitlab repos, which are far better than random youtube videos or ad-riddled blogs or magazine articles.

  • Joe@discuss.tchncs.detoOpen Source@lemmy.mlWe are misunderstanding the strenghts of open source
    36·
    1 year ago

    The true strength is in the open interfaces and common protocols that enable competition and choice, followed by the free-to-use libraries that establish a foundation upon which we can build and iterate. This helps us to stay in control of our hardware, our data, and our destiny.

    Practically speaking, there is often more value in releasing something as free software than there is to commercialising it or otherwise tightly controlling the source code… and for these smaller tools and libraries it is especially the case.

    Many bigger projects (eg. linux kernel, firefox, kubernetes, apache*) help set the direction of entire industries, building new opportunities as they go, thanks to the standardization that comes from their popularity.

    It’s also a reason why many companies release software as open source too, especially in the early days, establishing themselves as THE leader…for a while at least (eg. Docker Inc, Hashicorp).

  • Joe@discuss.tchncs.detoLinux@lemmy.mlLinux distro for 14* year old laptop?
    1·
    1 year ago

    You have an opportunity. Give him a pre-installed Linux and a terminal, along with a page of commands that he can run to do neat things… including starting the GUI to watch his favourite (ideally pre-downloaded) videos, running some demos, etc.

    Don’t make it too easy, but not too hard (2 you said? Can type a few characters though…)… Add to it over the years, unlocking the power, and guiding him to discover more by himself.

    Kids won’t become tech savvy if we hand everything to them on a silver platter, with touch screens, controllers, and flashy games. It can be bland and boring, until they do something.

    It might just be the most life changing gift they ever receive.