Locally run models use a fraction of the energy. Less than playing a game with heavy graphics.

What about unbound?

The question is: What is an effective legal framework that focuses on the precise harms, doesn’t allow AI vendors to easily evade accountability, and doesn’t inflict widespread collateral damage?

This is entirely my opinion and I’m likely wrong about many things, but at minimum:

1. The model has to be open source and freely downloadable, runnable, and copyleft, satisfying the distribution license requirements of copyleft source material (I’m willing to give a free pass to making it copyleft in general, as different copyleft licenses can have different and contradictory distribution license requirements, but IMO the leap from permissive to copyleft is the more important part). I suspect this alone will kill the AI bubble, because as soon as they can’t exclusively profit off it they won’t see AI as “the future” anymore.

2. All training data needs to be freely downloadable and independently hosted by the AI creator. Goes without saying that only material you can legally copy and host on your own server can be used as training data. This solves the IP theft issue, as IMO if your work is licensed such that it can be redistributed in its entirety, it should logically also be okay to use it as training data. And if you can’t even legally host it on your own server, using it to train AI is off the table. And the independently hosted dataset (complete with metadata about where it came from) also serves as attribution, as you can then search the training data for creators.

3. Pay server owners for use of their resources. If you’re scraping for AI you at the very least need to have a way for server owners to send you bills. And no content can be scraped from the original source more than once, see point 2.

4. Either have a mechanism of tracking acknowledgement and accurately generating references along with the code, or if that’s too challenging, I’m personally also okay with a blanket policy where anything AI generated is public domain. The idea that you can use AI generated code derived from open source in your proprietary app, and can then sue anyone who has the audacity to copy your AI generated code, is ridiculous and unacceptable.

“Wait, not like that”: Free and open access in the age of generative AI

I hate this take. “Open source” is not “public domain” or “free reign to do whatever the hell you want with no acknowledgement to the original creator.” Even the most permissive MIT license has terms that every single AI company shamelessly violate. All code derived from open source code need to at the very least reference the original author, so unless the AI can reliably and accurately cite where the code it generates came from, all AI generated code that gets incorporated into any publicly distributed software violates the license of every single open source project it has ever scraped.

That’s saying nothing about projects with copyleft licenses that place conditions on how the code can then be distributed. Can AI reliably avoid using information from those codebases when generating proprietary code? No? And that’s not a problem because?

I absolutely hate the hypocrisy that permeates the discourse around AI and copyright. Knocking off Studio Ghibli’s art style is apparently the worst atrocity you can commit but god forbid open source developers, most of whom are working for free, have similar complaints about how their work is used.

Just because you “can’t” obey the license terms due to some technical limitation doesn’t mean you deserve a free pass from them. It means the technology is either too immature to be used or shouldn’t be used at all. Also, why aren’t they using LLMs when scraping to read the licenses and exclude anything other than pure public domain? Or better yet, use literally last century’s technology to read the robots.txt and actually respect it. It’s not even a technical limitation, it’s a case of doing the right thing is too restrictive and won’t allow us to accomplish what we want to do so we demand the right thing be expanded to what we’re trying to do.

Open source only has anywhere between one and two core demands: Credit me for my work and potentially distribute derivatives in a way I can still take advantage of. And even that’s not good enough for these AI chuds, they think we’re the unreasonable ones for having these demands and not letting them use our code with no strings attached.

This is where many creators find themselves today, particularly in response to AI training. But the solutions they’re reaching for — more restrictive licenses, paywalls, or not publishing at all — risk destroying the very commons they originally set out to build.

Yeah blame the people getting exploited and not the people doing the exploiting why don’t you.

Particularly with AI, there’s also no indication that tightening the license even works. We already know that major AI companies have been training their models on all rights reserved works in their ongoing efforts to ingest as much data as possible. Such training may prove to have been permissible in US courts under fair use, and it’s probably best that it does.

No. Fuck that. There’s nothing fair about scraping an independent creator’s website (costing them real money) and then making massive profits from it. The creator literally fucking paid to have their work stolen.

If a kid learns that carbon dioxide traps heat in Earth’s atmosphere or how to calculate compound interest thanks to an editor’s work on a Wikipedia article, does it really matter if they learned it via ChatGPT or by asking Siri or from opening a browser and visiting Wikipedia.org?

Yes. And the fact that it’s stolen isn’t even the biggest problem by a long shot. In fact, even Wikipedia is a pretty shitty source, do what your high school teacher said you should do and search Wikipedia for citations, not the articles themselves.

Don’t let AI teach you anything you can’t instantly verify with an authoritative source. It doesn’t know anything and therfore can’t teach anything by definition.

Instead of worrying about “wait, not like that”, I think we need to reframe the conversation to […] “wait, not in ways that threaten open access itself”.

Okay, let’s do that then. All AI training threaten open access itself. If not by ensuring the creator can never make money to sustain their work, then by LITERALLY COSTING THE CREATORS MONEY WHEN THEIR CONTENT IS SCRAPED! So the conclusion hasn’t changed.

The true threat from AI models training on open access material is not that more people may access knowledge thanks to new modalities. It’s that those models may stifle Wikipedia and other free knowledge repositories, benefiting from the labor, money, and care that goes into supporting them while also bleeding them dry. It’s that trillion dollar companies become the sole arbiters of access to knowledge after subsuming the painstaking work of those who made knowledge free to all, killing those projects in the process.

And how does shaming the victims of that knowledge theft for having the audacity to try and do something about it help exactly?

Anyone at an AI company who stops to think for half a second should be able to recognize they have a vampiric relationship with the commons.

[…]

And yet many AI companies seem to give very little thought to this,

“Anyone at a Southern slave plantation who stops to think for half a second should be able to recognize they have a vampiric relationship with their black slaves.” Yeah, they know. That’s the point.

“Precrime”

“predictive policing”

AKA what they accuse aUtHoRiTaRiAn countries like China of.

So the Raspberry Pi would be a better choice in this regard?

They’d have to prove a lot in the first instance to warrant arresting you then and there

No? It’s been pretty clear they can arrest literally anyone and you’re lucky if you even get to see a judge before you’re shipped off to the concentration camps. Even in the cases where judges have gone out of their ways to file injunctions against the ICE on someone’s behalf they won’t give a shit and have no problems blatantly violating court order and disappearing anyway.

Haven’t things like Cellebrite machines been able to almost fully recover data even after a format since basically ever? Most phones aren’t zeroing out the SSD on factory reset AFAIK, might not even format the partitions.

Sounds like a good place for an API hook that executes whatever contingency script you want on entering of the fake password.

Mostly paraphrased, I don’t remember exactly how it was worded. Also the non-quote responses were made up after the fact for this post, this wasn’t a single conversation in this order:

“You’ll miss out on so many events and social opportunities because you don’t have any ‘real’ social media.”

As an introvert, I don’t care.

“You’re selfish for putting your silly notions of ‘privacy’ over being in the loop with what your friends are doing. One day you’ll realize that being there when your friends post about their life events is more important.”

Said by someone who I never considered my friend in the first place. My actual friends have ways of reaching me other than Facebook or WhatsApp.

“Most people aren’t going to bother figuring out which obsecure ‘privacy oriented’ service you decide to use, they’re just not going to talk to you if you’re not on mainstream apps. Normal people value their time more than they value privacy.”

Please stop talking to me then, so I stop wasting your time.

“This isn’t the 1950s anymore. You need to get with the times and embrace the information age.”

I know how to program, you don’t. I know how the protocols that power the internet work, you think it’s a literal magic cloud. I run my own server at home with hardware I bought, you have to pay for Google Drive every month. I’m the one embracing the information age, you’re just blindly using it.

“Geez, you’re like an Amish person! Don’t you see you’ve fallen into a cult? Just instead of not using electricity you don’t use social media.”

No I’m not. See above, I fully embrace technology. In fact, I embrace it so much I’ve spent most of my life figuring out how it works and only use things I understand and control, and I choose not to use certain conveniences because I know how they work. Also, I’m not an antivaxxer or against modern medicine. I also think raising horses in captivity to be your slave is cruel and barbaric. Finally, I don’t believe in God and don’t try to live my life according to a 2000+ year old book. Privacy isn’t a cult, if anything, your blind faith in trillion dollar tech companies is more like the Amish’s blind faith to their God.

Is opnsense more secure?

Thank you!

Wouldn’t the old firmware still have to respond to and perform the flashing request? For example reading from a USB drive? Is it more likely to overwrite potentially malicious code compared to the reset button or automatic updates from the web admin panel?

Since all connections go through the ISP router anyway you won’t really gain that much privacy unless you directly put a VPN on your router.

I’m more concerned about local network traffic to and from my home server, especially over Wi-Fi. Most of it is SSH but there are still some unencrypted HTTP (and proxy) traffic.

Same with Google allowing literal malware to advertise themselves posing as legitimate apps that show above the actual app’s website.

They even let ads spoof the display domain name to match the official website (and do no checks for whether they actually own the display domain despite literally having the infrastructure to do that in their SEO tools) while redirecting to a different domain when you click the ad.

John Hammond video: https://www.youtube.com/watch?v=Nlnuk8W2A0Y (also a good video to send to anyone who still thinks Macs “can’t” get malware)

Even if this is genuine incompetence and not malice, they’re so disgustingly incompetent that they don’t deserve to exist just the same as if it was malice.

Yeah the malware is called Windows 11

Run it in a VM? Maybe even one of those fancy ones that make it appear as a normal window in your Linux DE. Doesn’t solve the problem of the spyware existing but at least it’s contained and can’t touch your Linux apps.

I mean, compared to what? Picking your nose on transit? The people sitting across from you is probably a bigger source of “spying” (and judgment) than the cameras in that case. IMO if you’re okay with being spied on in your car you really don’t have much more to worry about on a train or in a station.

I further submit that cars, being your personal space but still very much “in public,” give you much more of an illusion of privacy while in most cases being just as if not more invasive than transit.

Also, if we’re talking only the transit or road system and not the spying at your destination, driving gives much more precise location data than transit. They’ll know which exact house or building you pulled up to compared to which train station or bus stop you get off at. And if you do consider all surveillance, then they can figure out where you’re going even if you walk because there will be cameras at your destination.

OK, edited.

So do roads, and your metal cage literally has a code on a plaque tied directly to your government ID, with a retroreflective background and each character carefully engineered to be machine readable from any angle and lighting. Hell, a good number of the cars you pass have 360 degree camera arrays pointed directly in your windows, or if you spring for a higher end model with all the features, you get the privilege of a camera pointed straight at your face and at your passengers’ faces.

Also, you can cover your face on transit with something like a medical mask and sunglasses. If you try covering your license plate you’ll literally get arrested.