Alterslash

the unofficial Slashdot digest
 

Contents

  1. Michigan Nuclear Plant Aims To Be First Ever To Reopen In US
  2. Cloud Server Host Vultr Rips User Data Ownership Clause From ToS After Web Outage
  3. Meta Is Adding AI To Its Ray-Ban Smart Glasses
  4. Facebook Allegedly Killed Its Own Streaming Service To Help Sell Netflix Ads
  5. US, UK Investigate $20 Billion of Crypto Transfers To Garantex Russian Exchange
  6. Linux Foundation Launches Valkey As A Redis Fork
  7. Biden Orders Every US Agency To Appoint a Chief AI Officer
  8. How Apple Plans To Update New iPhones Without Opening Them
  9. AI Leaders Press Advantage With Congress as China Tensions Rise
  10. New York City Welcomes Robotaxis - But Only With Safety Drivers
  11. ‘Software Vendors Dump Open Source, Go For the Cash Grab’
  12. Claude 3 Surpasses GPT-4 on Chatbot Arena For the First Time
  13. Pythagoras Was Wrong: There Are No Universal Musical Harmonies, Study Finds
  14. Sam Bankman-Fried Sentenced To 25 Years in Prison
  15. Dashlane To Discontinue Its Authenticator App

Alterslash picks up to the best 5 comments from each of the day’s Slashdot stories, and presents them on a single page for easy reading.

Michigan Nuclear Plant Aims To Be First Ever To Reopen In US

Posted by BeauHD View on SlashDot Skip
The Palisades Nuclear Plant in Michigan has won a $1.5 billion conditional federal loan to reopen after being closed for decommissioning in 2022. Canary Media reports:
If the loan is granted (subject to Holtec meeting closing conditions) and the 800-megawatt reactor located on Lake Michigan is repowered, it would be the first nuclear plant in the U.S. to reopen after being closed for decommissioning. Surprisingly, it would be just the second or third reactor to restart in the history of global civil nuclear power, according to Mycle Schneider, lead author of the World Nuclear Industry Status Report 2023, in an interview with Bulletin of the Atomic Scientists.

Holtec purchased Palisades a month after it shut down with plans to mothball the site, but plans changed. Now the firm, which specializes in nuclear waste management and decommissioning (as opposed to rebuilding and operating nuclear plants), intends to revive the plant instead. Holtec plans to get the power plant restarted by the end of 2025, a breathtakingly aspirational target given nuclear’s history of missing construction and cost targets. The Palisades plant was closed by utility Entergy in May 2022 due to financial issues after operating for more than a half-century. And while the plant had a strong operational performance record in recent years, it also has a sobering history of shutdowns due to failures of critical equipment, as well as broken fuel rods and fuel-spill incidents. The site was shut down for the final time a few days ahead of schedule due to concerns about the reliability of a key piece of equipment.

When it was operating at its peak, the plant provided more than 600 high-paying jobs, many unionized. If restarted, the plant could drive up to $363 million in regional economic impact, according to Michigan Governor Gretchen Whitmer, a Democrat. That’s why Whitmer and a bipartisan coalition of lawmakers back resurrecting the retired reactor. Local business owners and residents are “largely supportive” of the plan as well, according to local news site MLive. The state’s 2024 budget devotes $150 million to the project. Still, the revival of the dormant Palisades faces its share of headwinds.

Different Mission, Different Skills?

By geekmux • Score: 3 Thread

Putting aside the considerable challenges with repair and restoration related to nuclear power for a moment, is a company that normally specializes in decommissioning and waste disposal, knowledgeable and capable of doing the opposite?

Operating vs. destroying usually identifies two completely different specialties and skillsets. Can the latter become the former in a matter of a year?

Cloud Server Host Vultr Rips User Data Ownership Clause From ToS After Web Outage

Posted by BeauHD View on SlashDot Skip
Tobias Mann reports via The Register:
Cloud server provider Vultr has rapidly revised its terms-of-service after netizens raised the alarm over broad clauses that demanded the “perpetual, irrevocable, royalty-free” rights to customer “content.” The red tape was updated in January, as captured by the Internet Archive, and this month users were asked to agree to the changes by a pop-up that appeared when using their web-based Vultr control panel. That prompted folks to look through the terms, and there they found clauses granting the US outfit a “worldwide license … to use, reproduce, process, adapt … modify, prepare derivative works, publish, transmit, and distribute” user content.

It turned out these demands have been in place since before the January update; customers have only just noticed them now. Given Vultr hosts servers and storage in the cloud for its subscribers, some feared the biz was giving itself way too much ownership over their stuff, all in this age of AI training data being put up for sale by platforms. In response to online outcry, largely stemming from Reddit, Vultr in the past few hours rewrote its ToS to delete those asserted content rights. CEO J.J. Kardwell told The Register earlier today it’s a case of standard legal boilerplate being taken out of context. The clauses were supposed to apply to customer forum posts, rather than private server content, and while, yes, the terms make more sense with that in mind, one might argue the legalese was overly broad in any case.

“We do not use user data,” Kardwell stressed to us. “We never have, and we never will. We take privacy and security very seriously. It’s at the core of what we do globally.” […] According to Kardwell, the content clauses are entirely separate to user data deployed in its cloud, and are more aimed at one’s use of the Vultr website, emphasizing the last line of the relevant fine print: "… for purposes of providing the services to you.” He also pointed out that the wording has been that way for some time, and added the prompt asking users to agree to an updated ToS was actually spurred by unrelated Microsoft licensing changes. In light of the controversy, Vultr vowed to remove the above section to “simplify and further clarify” its ToS, and has indeed done so. In a separate statement, the biz told The Register the removal will be followed by a full review and update to its terms of service.
“It’s clearly causing confusion for some portion of users. We recognize that the average user doesn’t have a law degree,” Kardwell added. “We’re very focused on being responsive to the community and the concerns people have and we believe the strongest thing we can do to demonstrate that there is no bad intent here is to remove it.”

copy-paste stupidity

By Local ID10T • Score: 3 Thread

This is a common clause included in social-media(Facebook) and video sharing (YouTube) type sites, where it was written to protect the company from lawsuits for sharing user creations… which is the purpose of the site.

There is no reason this company needed such a clause.

They likely just copied their entire TOS from another site and thought "Well it works for them, so it should be good enough for us!".

Meta Is Adding AI To Its Ray-Ban Smart Glasses

Posted by BeauHD View on SlashDot Skip
Starting next month, Meta’s Ray-Ban smart glasses will support multimodal AI features to perform translation, along with object, animal, and monument identification. The Verge reports:
Users can activate the glasses’ smart assistant by saying “Hey Meta,” and then saying a prompt or asking a question. It will then respond through the speakers built into the frames. The NYT offers a glimpse at how well Meta’s AI works when taking the glasses for a spin in a grocery store, while driving, at museums, and even at the zoo.

Although Meta’s AI was able to correctly identify pets and artwork, it didn’t get things right 100 percent of the time. The NYT found that the glasses struggled to identify zoo animals that were far away and behind cages. It also didn’t properly identify an exotic fruit, called a cherimoya, after multiple tries. As for AI translations, the NYT found that the glasses support English, Spanish, Italian, French, and German.

Facebook Allegedly Killed Its Own Streaming Service To Help Sell Netflix Ads

Posted by BeauHD View on SlashDot Skip
An anonymous reader quotes a report from Gizmodo:
Do you remember Facebook Watch? Me neither. Mark Zuckerberg’s short-lived streaming service never really got off the ground, but court filings unsealed in Meta’s antitrust lawsuit claim “Watch” was kneecapped starting in 2018 to protect Zuckerberg’s advertising relationship with Netflix CEO Reed Hastings. “For nearly a decade, Netflix and Facebook enjoyed a special relationship,” said plaintiffs in filings (PDF) made public on Saturday. “It is no great mystery how this close partnership developed, and who was its steward: from 2011-2019, Netflix’s then-CEO Hastings sat on Facebook’s board and personally directed the companies’ relationship”

The filings detail Hastings’ uncomfortably close relationship with Meta’s upper management, including Zuckerberg and Sheryl Sandberg. During these years, Netflix was allegedly granted special access to Facebook users’ private message inboxes, among other privileged analytics tools, in exchange for hundred-million-dollar advertising deals. This gave Facebook greater dominance in its all-important ad division, plaintiffs allege, so the company was fine to retreat from Netflix’s streaming territory by shuttering Watch. In 2017, Facebook Watch began signing deals to populate its streaming service with original TV Shows from movie stars such as Bill Murray. A year later, the service attempted to license the popular ‘90s TV show Dawson’s Creek. Facebook Watch had meaningful reach on the home screen of the social media platform, and an impressive budget as well. Facebook and Netflix appeared ready to butt heads in the streaming world, and the Netflix cofounder found himself in the middle as a Facebook board member. […]

Netflix was a large advertiser to Facebook, and plaintiffs allege Zuckerberg shuttered its promising Watch platform for the sake of the greater advertising business. Zuckerberg personally emailed the head of Facebook Watch in May of 2018, Fidji Simo, to tell her their budget was being slashed by $750 million, just two years after Watch’s launch, according to court filings. The sudden pivot meant Facebook was now dismantling the streaming business it had spent the last two years growing. During this time period, Netflix increased its ad spend on Facebook to roughly $150 million a year and allegedly entered into agreements for increased data analytics. By early 2019, the ad spend increased to roughly $200 million a year. Hastings left Facebook’s board later in 2019.

Netflix advertising dollars must have been huge!

By BishopBerkeley • Score: 3 Thread
Big enough to make abandoning FB Watch more profitable than implementing it.

Or Zuckerberg is smart enough to know what a shitty businessman he is and that he can’t compete with with real businesses. Streaming services are much more of a business than FB. Netflix gives you something in return for your money. FB does not.

US, UK Investigate $20 Billion of Crypto Transfers To Garantex Russian Exchange

Posted by BeauHD View on SlashDot Skip
According to Bloomberg, the U.S. and U.K. are investigating more than $20 billion worth of USDT transactions that have passed through Garantex, a Russia-based crypto exchange. Milk Road reports:
If confirmed, the $20 billion in transactions would represent one of the most significant breaches of the sanctions imposed on Russia since the conflict began. However, the sources cautioned that the inquiries are ongoing and that it is too early to draw conclusions given the complexity of crypto transactions. They also noted that there was no immediate suggestion of wrongdoing by Tether.

Key points:

- The transactions under scrutiny were conducted using Tether (USDT).
- The US and UK sanctioned Garantex on suspicion of facilitating financial crimes and illicit transactions in Russia.
- The $20 billion USDT transactions would represent one of the biggest breaches of sanctions imposed on Russia since the start of the war.
- Tether froze assets of entities on the U.S. sanctions list.

Silver lining

By Powercntrl • Score: 3 Thread

Tether froze assets of entities on the U.S. sanctions list.

Somebody at Tether just breathed a sigh of relief as $20 billion worth of USDT no longer have to be backed by any real assets.

Re:Silver lining

By hdyoung • Score: 4, Insightful Thread
It’s never been backed by real assets. Not many of them, anyways. If they were actually backed 1:1 by fiat currency, they would be flashing the hard cash on every website and every advertisement for their token.

They totally pinky-swear that it is, but you should read up on it’s history. Not quite as shady as FTX, but if their wikipedia page doesn’t cause major alarm-bells on your BS detector, I have a basket of totally-for-real-stablecoins-tm that I can sell you.

Linux Foundation Launches Valkey As A Redis Fork

Posted by BeauHD View on SlashDot Skip
Michael Larabel reports via Phoronix:
Given the recent change by Redis to adopt dual source-available licensing for all their releases moving forward (Redis Source Available License v2 and Server Side Public License v1), the Linux Foundation announced today their fork of Redis. The Linux Foundation went public today with their intent to fork Valkey as an open-source alternative to the Redis in-memory store. Due to the Redis licensing changes, Valkey is forking from Redis 7.2.4 and will maintain a BSD 3-clause license. Google, AWS, Oracle, and others are helping form this new Valkey project.

The Linux Foundation press release shares: “To continue improving on this important technology and allow for unfettered distribution of the project, the community created Valkey, an open source high performance key-value store. Valkey supports the Linux, macOS, OpenBSD, NetBSD, and FreeBSD platforms. In addition, the community will continue working on its existing roadmap including new features such as a more reliable slot migration, dramatic scalability and stability improvements to the clustering system, multi-threaded performance improvements, triggers, new commands, vector search support, and more. Industry participants, including Amazon Web Services (AWS), Google Cloud, Oracle, Ericsson, and Snap Inc. are supporting Valkey. They are focused on making contributions that support the long-term health and viability of the project so that everyone can benefit from it.”

Weird, isn’t it?

By ebunga • Score: 4, Insightful Thread

The only thing needed to make an open source project viable where commercial companies are willing to contribute major features, is to not let a single commercial company hold all the keys to the kingdom in such a way they can wall off all future development.

Bound To Happen

By NoWayNoShapeNoForm • Score: 3 Thread

The history of Redis dual-licensing issues/challenges and cloud/server deployments makes for some interesting yet complicated reading.

At least there is now an opportunity to move beyond that hassle and get back to improving the code for all to use.

Remember Redis?

By bill_mcgonigle • Score: 5, Insightful Thread

Hey, do you guys remember Redis?

Isn’t that what Valkey used to be called?

Yeah, they had some kind of licensing problem years ago before it was forked.

I think they still have some corporate clients maintaining the old version on legacy systems.

Yeah, not much development since Oracle acquired them.
 

Biden Orders Every US Agency To Appoint a Chief AI Officer

Posted by BeauHD View on SlashDot Skip
An anonymous reader quotes a report from Ars Technica:
The White House has announced the “first government-wide policy (PDF) to mitigate risks of artificial intelligence (AI) and harness its benefits.” To coordinate these efforts, every federal agency must appoint a chief AI officer with “significant expertise in AI.” Some agencies have already appointed chief AI officers, but any agency that has not must appoint a senior official over the next 60 days. If an official already appointed as a chief AI officer does not have the necessary authority to coordinate AI use in the agency, they must be granted additional authority or else a new chief AI officer must be named.

Ideal candidates, the White House recommended, might include chief information officers, chief data officers, or chief technology officers, the Office of Management and Budget (OMB) policy said. As chief AI officers, appointees will serve as senior advisers on AI initiatives, monitoring and inventorying all agency uses of AI. They must conduct risk assessments to consider whether any AI uses are impacting “safety, security, civil rights, civil liberties, privacy, democratic values, human rights, equal opportunities, worker well-being, access to critical resources and services, agency trust and credibility, and market competition,” OMB said. Perhaps most urgently, by December 1, the officers must correct all non-compliant AI uses in government, unless an extension of up to one year is granted.

The chief AI officers will seemingly enjoy a lot of power and oversight over how the government uses AI. It’s up to the chief AI officers to develop a plan to comply with minimum safety standards and to work with chief financial and human resource officers to develop the necessary budgets and workforces to use AI to further each agency’s mission and ensure “equitable outcomes,” OMB said. […] Among the chief AI officer’s primary responsibilities is determining what AI uses might impact the safety or rights of US citizens. They’ll do this by assessing AI impacts, conducting real-world tests, independently evaluating AI, regularly evaluating risks, properly training staff, providing additional human oversight where necessary, and giving public notice of any AI use that could have a “significant impact on rights or safety,” OMB said. Chief AI officers will ultimately decide if any AI use is safety- or rights-impacting and must adhere to OMB’s minimum standards for responsible AI use. Once a determination is made, the officers will “centrally track” the determinations, informing OMB of any major changes to “conditions or context in which the AI is used.” The officers will also regularly convene “a new Chief AI Officer Council to coordinate” efforts and share innovations government-wide.
Chief AI officers must consult with the public and maintain options to opt-out of “AI-enabled decisions,” OMB said. “However, these chief AI officers also have the power to waive opt-out options “if they can demonstrate that a human alternative would result in a service that is less fair (e.g., produces a disparate impact on protected classes) or if an opt-out would impose undue hardship on the agency.”

Economic sense

By Baron_Yam • Score: 5, Interesting Thread

It is stupid from a salary perspective, but from an overall economic perspective it makes sense to have someone tasked with looking into where AI can be applied to increase efficiency.

Given that it’s government and the goal isn’t always to reduce the civil servant population, that same person can be tasked with looking into who will be displaced so someone else can start worrying about what to do with them.

On the other hand, if this position is for someone to worry about the day the machines will come for us with their cold metal hands… yes, it’s just dumb all around.

What in the what now?

By nightflameauto • Score: 3 Thread

Wouldn’t it be wiser at this point to have one chief AI officer for the whole federal government, with coordinators within every agency? Give some form of coherence to the process? Or is the entire point to add bulks to the federal staffing and make it such a mish-mash of different opinions that every agency ends up going a completely different direction?

I’m beginning to grow suspicious that anyone eager to run for any given office should IMMEDIATELY be disqualified from holding that office. We end up with a homeless person as President? Maybe we’d finally see some decent policy proposals. Or at least something different from the, “Hand billions in tax dollars to the uber rich, tell average families they’ll get theirs if they just hang in there while stepping on their heads,” bullshit we’ve gotten for my entire adult life. WTF?

Re:Economic sense

By HBI • Score: 5, Informative Thread

The problem with government employees is that they often are not even minimally qualified for the roles they hold. There are higher priorities than qualification in filling roles. For instance, there is the concept of the ‘priority placement’. This is often a person who homesteaded overseas while working for the government, and were caught overstaying their time in country - 5 years or so. The priority placement means they are put up against a job that matches their rank within the government’s pay scale. So you can end up with a logistics person (think supply) who was a GS-13 in Germany getting a role as a cyberdefense person back home here. Names withheld and positions altered to protect the guilty, but this happens all the time.

How Apple Plans To Update New iPhones Without Opening Them

Posted by msmash View on SlashDot Skip
An anonymous reader writes:
What if you could update the device while it’s still in the box? That’s the latest plan cooked up by Apple, which is close to rolling out a system that will let Apple Stores wirelessly update new iPhones while they’re still in their boxes. The new system is called “Presto.” French site iGeneration has the first picture of what this setup looks like. It starts with a clearly Apple-designed silver rack that holds iPhones and has a few lights on the front. The site (through translation) calls the device a “toaster,” and yes, it looks like a toaster oven or food heating rack.

Bloomberg’s Mark Gurman has been writing about whispers of this project for months, saying in one article that the device can “wirelessly turn on the iPhone, update its software and then power it back down — all without the phone’s packaging ever being opened.” In another article, he wrote that the device uses “MagSafe and other wireless technologies.” The iGeneration report also mentions that the device uses NFC, and there are “templates” that help with positioning the various-sized iPhone boxes so the NFC and wireless charging will work. With that wireless charging, downloading, and installing, all while being isolated in a cardboard box, Apple’s “toaster” probably gets pretty hot.

Makes me feel a bit squidgy

By iAmWaySmarterThanYou • Score: 5, Insightful Thread

Not because Apple would do this in store but because it implies there is some sort of remote control capability that a Bad Actor could possibly hook into to do something Bad to customer owned phones. If I turn off my phone I don’t want some random person to be able to turn it back on or talk to it in some way that might trigger a download of any sort outside my control.

Hopefully this is something that gets permanently turned off upon purchase or there’s at least good confirmation they’re not opening new holes and surfaces to attack.

Great Attack Vector

By OfMiceAndMenus • Score: 5, Insightful Thread
A firmware-level access over a wireless connection? Which leaves the device looking like it’s never been used?

What Could Possibly Go Wrong?

Can’t wait to wardrive through an Apple Store and jailbreak all their yet-unsold phones.

Re:Great Attack Vector

By tomz16 • Score: 5, Insightful Thread

Presumably the update signature is checked the exact same way it is for every subsequent update that is sent to you (e.g. OTA cellular, wifi, usb, etc.). So what’s the concern here exactly? If you trust the system enough to update over a random wifi / cellular / USB connection post-sale, then how is this any worse?

Re:Great Attack Vector

By codebase7 • Score: 4, Interesting Thread
The issue is that an Apple of the future may be forced to sign a firmware update that they didn’t want to by a government, who’d then be able to use mechanisms like this to ensure the iPhone was running the software the government wanted it to run.

Another problem is security research. Researchers tend to look for older devices still sealed in their packaging to confirm it both hasn’t been messed with, and is running an older version of the OS / firmware they want to check against. This new development means that the manufacturing date on the box / device means nothing and it’s a random guess as to what version they’ll get.

Honestly, I’m wondering how this passes legal certification requirements? It’s one thing if the owner of the device updates after the purchase, but it’s another thing entirely to have the device legally certified at version X, update it in the store / warehouse to version X + N, and still market the device as legally certified. How does the manufacturer, in this case Apple, not have to recertify at that point?

Re:Makes me feel a bit squidgy

By Powercntrl • Score: 4, Interesting Thread

This is different. It turns it on and then forces an update attempt. That’s new and currently unclear how this all works.

It’s not unclear if you’ve set up an Apple Watch. It will turn itself on when put on the inducive charger and immediately begin looking for a phone to be paired with.

There’s been rumors for awhile that Apple might ditch the physical charging port on iPhones at some point, so it makes sense they’d first implement some wireless equivalent of recovery mode. It’s not really an attack vector without first bypassing Apple’s cryptographic signature verification mechanisms. While Apple certainly has had their share of iOS security “oops” moments, it’s not exactly Apple’s first rodeo securing against those sort of vulnerabilities as they’re discovered.

AI Leaders Press Advantage With Congress as China Tensions Rise

Posted by msmash View on SlashDot Skip
Silicon Valley chiefs are swarming the Capitol to try to sway lawmakers on the dangers of falling behind in the AI race. From a report:
In recent weeks, American lawmakers have moved to ban the Chinese-owned app TikTok. President Biden reinforced his commitment to overcome China’s rise in tech. And the Chinese government added chips from Intel and AMD to a blacklist of imports. Now, as the tech and economic cold war between the United States and China accelerates, Silicon Valley’s leaders are capitalizing on the strife with a lobbying push for their interests in another promising field of technology: artificial intelligence.

On May 1, more than 100 tech chiefs and investors, including Alex Karp, the head of the defense contractor Palantir, and Roelof Botha, the managing partner of the venture capital firm Sequoia Capital, will come to Washington for a daylong conference and private dinner focused on drumming up more hawkishness toward China’s progress in A.I. Dozens of lawmakers, including Speaker Mike Johnson, Republican of Louisiana, will also attend the event, the Hill & Valley Forum, which will include fireside chats and keynote discussions with members of a new House A.I. task force.

Tech executives plan to use the event to directly lobby against A.I. regulations that they consider onerous, as well as ask for more government spending on the technology and research to support its development. They also plan to ask to relax immigration restrictions to bring more A.I. experts to the United States. The event highlights an unusual area of agreement between Washington and Silicon Valley, which have long clashed on topics like data privacy, children’s online protections and even China.

Oh, enough of the alleged AI gibberish

By zephvark • Score: 3 Thread

>In recent weeks, American lawmakers have moved to ban the Chinese-owned app TikTok.

Let’s rephrase that. “In recent months, American lawmakers have tried to confiscate TikTok for American billionaires”.

>lobby against A.I. regulations that they consider onerous

They can’t possibly consider any AI regulations onerous until someone manages to come up with AI, which is always 20 years from now.

New York City Welcomes Robotaxis - But Only With Safety Drivers

Posted by msmash View on SlashDot Skip
An anonymous reader shares a report:
New York City announced a new permitting system for companies interested in testing autonomous vehicles on its roads, including a requirement that a human safety driver sit behind the steering wheel at all times. As cities like San Francisco continue to grapple with the problems posed by fully driverless for-hire vehicles, New York City is trying to get ahead of the problem by outlining what it calls “a rigorous permitting program” that it claims will ensure applicants are “ready to test their technology in the country’s most challenging urban environment safely and proficiently.”

“This technology is coming whether we like it or not,” Mayor Eric Adams said in a statement to The Verge, “so we’re going to make sure that we get it right.” The requirements would exclude companies without previous autonomous vehicle testing experience in other cities. Applicants would need to submit information from previous tests, including details on any crashes that occurred and how often safety drivers have to take control of the vehicle (also known in California as “disengagements”). And in what is sure to be the most controversial provision, fully driverless vehicles won’t be permitted to test on the city’s public roads; only vehicles with safety drivers will be allowed.

Re:Seams resonable to me

By Firethorn • Score: 4, Insightful Thread

That’s a complex question though. As the one self-driving fatality shows, it’s hard for a human safety driver to keep paying enough attention to prevent tragedy if the self-driving system messes up. After a point, they’re pretty useless, and immediately removes most of the benefit of a self-driving system, the relatively very expensive driver.

That said, such systems having to prove themselves in NYC before they can drop the drivers, that makes perfect sense.

‘Software Vendors Dump Open Source, Go For the Cash Grab’

Posted by msmash View on SlashDot Skip
Steven J. Vaughan-Nichols, writing for ComputerWorld:
Essentially, all software is built using open source. By Synopsys’ count, 96% of all codebases contain open-source software. Lately, though, there’s been a very disturbing trend. A company will make its program using open source, make millions from it, and then — and only then — switch licenses, leaving their contributors, customers, and partners in the lurch as they try to grab billions. I’m sick of it. The latest IT melodrama baddie is Redis. Its program, which goes by the same name, is an extremely popular in-memory database. (Unless you’re a developer, chances are you’ve never heard of it.) One recent valuation shows Redis to be worth about $2 billion — even without an AI play! That, anyone can understand.

What did it do? To quote Redis: “Beginning today, all future versions of Redis will be released with source-available licenses. Starting with Redis 7.4, Redis will be dual-licensed under the Redis Source Available License (RSALv2) and Server Side Public License (SSPLv1). Consequently, Redis will no longer be distributed under the three-clause Berkeley Software Distribution (BSD).” For those of you who aren’t open-source licensing experts, this means developers can no longer use Redis’ code. Sure, they can look at it, but they can’t export, borrow from, or touch it.

Redis pulled this same kind of trick in 2018 with some of its subsidiary code. Now it’s done so with the company’s crown jewels. Redis is far from the only company to make such a move. Last year, HashiCorp dumped its main program Terraform’s Mozilla Public License (MPL) for the Business Source License (BSL) 1.1. Here, the name of the new license game is to prevent anyone from competing with Terraform. Would it surprise you to learn that not long after this, HashiCorp started shopping itself around for a buyer? Before this latest round of license changes, MongoDB and Elastic made similar shifts. Again, you might never have heard of these companies or their programs, but each is worth, at a minimum, hundreds of millions of dollars. And, while you might not know it, if your company uses cloud services behind the scenes, chances are you’re using one or more of their programs,

Re:This is why forking is a thing

By slack_justyb • Score: 5, Insightful Thread

The Free software defense against this is forking the last free version

There is a downside to that. AWS, Alibaba, SourceHut, Wayland devs, and about three dozen others forked the project within a week of the announcement. Now we play the game of Redis using the confusion to get people into two to five year contracts because a lot of people don’t properly fund their IT departments and you need a properly funded dev team to fully commit to one of the “could it turn quickly into a non-standard fork?” forks.

So you are right, forking is an option and boy oh boy did plenty of folks fork Redis. But that causes mass confusion as to which direction to go in for the future. Only the best dev departments weather this kind of thing well. The vast majority that just shoestring a bunch of cloud and someone to duct tape it all together will just sign a contract with Redis that just happens to be long enough to go a bit past the “dust settling phase”.

Re:If only something could be done!

By caseih • Score: 5, Interesting Thread

GPL or BSD has nothing to do with it really. A copyright holder can relicense his or her code at any time for any reason. This fact happens to be one reason I choose to use the GPLv3 for my personal projects. If someone comes along and finds it useful they can use it under those terms. But if in the unlikely event that a company wanted to incorporate my code into their proprietary project I could negotiate a suitable license for a fee (cash in).

Regardless of license you pick, the only way to actually prevent code going proprietary is to make the project a truly community-owned project where contributors keep their own copyright. Then to relicense you’d have to get all contributors to agree (if you can find them all). The Linux kernel, for example, can never be relicensed for this reason.

SSPL is still very open of a source

By moglito • Score: 5, Interesting Thread
What all these haters miss to point out is *why* these companies need to change their license: to prevent AWS and other cloud providers to offer a directly competing service on the source that the company, and not AWS, maintains. Sweet deal for Amazon, ruinous for the company that *actually* pays employees to maintain the open-source project. So the solution is to minimally reduce the rights granted under the license to prevent exactly that. In fact *most* uses people care about are still permitted under the Server Side Public License. So claiming that this would now be closed source is garbage. It’s similar to the old fight over “GPL is the only real open-source license” because it is militantly open-source: forcing all derivatives to adopt the same license. So please stop claiming that you are the judge of what is open-source and what isn’t. The discussion needs to be more nuanced. Does Redis’ license change *really* stop you from building on it the way you have been, or are you just arguing an ideological case?

Re:SSPL is still very open of a source

By caseih • Score: 5, Informative Thread

They saw that Amazon and other huge companies were making a lot of money using their code in their products, and they made a business decision to essentially start asking for royalties going forward. Just like any normal company would, honestly. Sure in an ideal world Amazon would not only contribute back to Redis, but voluntarily send them cash to fund development.

Re: This is why forking is a thing

By drinkypoo • Score: 5, Interesting Thread

“Nothing should be released as FOSS unless it is truly insignificant to your profit model.”

If you’re talking about releasing a fully formed piece of software, sure. But Redis was not that when it was initially released. They needed help developing it into that. They were smart enough to demand copyright assignment apparently (or they couldn’t just change the license like this) so this strategy more or less worked.

But as others have said, their official version is doomed to be eclipsed by some fork, like MySQL was by MariaDB. So they will have a limited time to profit. If the only real goal is to profit from the IPO, this is a plan with no drawbacks.

Claude 3 Surpasses GPT-4 on Chatbot Arena For the First Time

Posted by msmash View on SlashDot Skip
Anthropic’s recently released Claude 3 Opus large language model has beaten OpenAI’s GPT-4 for the first time on Chatbot Arena, a popular crowdsourced leaderboard used by AI researchers to gauge the relative capabilities of AI language models. A report adds:
“The king is dead,” tweeted software developer Nick Dobos in a post comparing GPT-4 Turbo and Claude 3 Opus that has been making the rounds on social media. “RIP GPT-4.”

Since GPT-4 was included in Chatbot Arena around May 10, 2023 (the leaderboard launched May 3 of that year), variations of GPT-4 have consistently been on the top of the chart until now, so its defeat in the Arena is a notable moment in the relatively short history of AI language models. One of Anthropic’s smaller models, Haiku, has also been turning heads with its performance on the leaderboard.

“For the first time, the best available models — Opus for advanced tasks, Haiku for cost and efficiency — are from a vendor that isn’t OpenAI,” independent AI researcher Simon Willison told Ars Technica. “That’s reassuring — we all benefit from a diversity of top vendors in this space. But GPT-4 is over a year old at this point, and it took that year for anyone else to catch up.” Chatbot Arena is run by Large Model Systems Organization (LMSYS ORG), a research organization dedicated to open models that operates as a collaboration between students and faculty at University of California, Berkeley, UC San Diego, and Carnegie Mellon University.

Just tried it this morning. Compared to ChatGPT

By Seven Spirals • Score: 5, Interesting Thread
I think their bot is a lot less annoying and politically over the top than ChatGPT. I asked it about political biases and controversial stuff like gun control, taxation as theft, etc… The answers, in general, from Claude were less charged than the ones from ChatGPT, in my opinion, but it usually takes quite a bit of questioning to really get the sense of it. Here is an example

Question: Is misinformation a problem? Here’s ChatGPT

Yes, misinformation is widely recognized as a significant problem with far-reaching consequences in today’s society. Misinformation refers to false or misleading information that is spread, often unintentionally, and can have detrimental effects on individuals, communities, and societies as a whole. Here are several reasons why misinformation is considered a problem: Public Health and Safety: Misinformation can spread quickly during public health crises, such as pandemics, leading to confusion, panic, and potentially harmful behavior. False information about treatments, preventive measures, or the severity of a disease can undermine public health efforts and contribute to increased morbidity and mortality. Political Polarization and Social Division: Misinformation can exacerbate political polarization and social division by spreading falsehoods, conspiracy theories, and propaganda that reinforce preexisting beliefs or prejudices. This can erode trust in institutions, undermine democratic processes, and foster hostility between different groups within society. Economic Impact: Misinformation can also have economic consequences, affecting markets, businesses, and consumer behavior. False information about companies, products, or financial markets can lead to stock market volatility, decreased consumer confidence, and financial losses for individuals and organizations. Manipulation and Influence: In the digital age, misinformation can be weaponized by malicious actors, including foreign governments, extremist groups, and individuals seeking to manipulate public opinion or sow discord. False information spread through social media, online forums, and other digital platforms can be used to deceive, manipulate, or radicalize individuals, amplifying the reach and impact of misinformation. Erosion of Trust: Misinformation undermines trust in sources of information, including traditional media outlets, government agencies, and scientific institutions. When people are exposed to false or misleading information regularly, they may become cynical or skeptical of authoritative sources, making it harder to communicate accurate information and address pressing issues effectively. Impacts on Individual Well-Being: Misinformation can have personal consequences for individuals, affecting their decision-making, mental health, and relationships. Believing false information can lead to poor decision-making, anxiety, and stress, particularly when it comes to critical issues such as health, finances, or safety. Addressing misinformation requires a multifaceted approach involving media literacy education, fact-checking initiatives, responsible journalism, platform moderation, and policy interventions. By raising awareness about the dangers of misinformation and promoting critical thinking skills, societies can better equip individuals to navigate the complex information landscape and mitigate the harmful effects of false information.

Here’s Claude

Yes, misinformation can certainly be a significant problem in today’s society. The spread of false or misleading information, whether intentional or not, can have harmful real-world impacts. Some key issues around misinformation include: Public health and safety - Misinformation around things like medical treatments, preventative practices, emergency situations etc. can directly endanger people’s wellbeing if followed. Erosion of public trust - Rampant misinformation undermines institutional knowledge and credible expertise on important issues. This can cause societal confusion and division.

I actually don’t think this is a bad metric, but..

By HBI • Score: 4, Interesting Thread

I read the paper. The methodology for this appears super subjective. It flashes two answers to you without identifying which chatbot gave the answer, and you choose what you think is the best answer. After aggregating the scores, this is what you end up with.

I’m at a loss on how to do it better, though. I spent a year with a gf going to psych department symposia. The papers mostly followed this pattern and drew conclusions from the participant answers. It seemed like weak sauce to me then, and still does. People are so variable in their perceptions.

Pythagoras Was Wrong: There Are No Universal Musical Harmonies, Study Finds

Posted by msmash View on SlashDot Skip
An anonymous reader shares a report:
According to the Ancient Greek philosopher Pythagoras, ‘consonance’ — a pleasant-sounding combination of notes — is produced by special relationships between simple numbers such as 3 and 4. More recently, scholars have tried to find psychological explanations, but these ‘integer ratios’ are still credited with making a chord sound beautiful, and deviation from them is thought to make music ‘dissonant,’ unpleasant sounding.

But researchers from the University of Cambridge, Princeton and the Max Planck Institute for Empirical Aesthetics, have now discovered two key ways in which Pythagoras was wrong. Their study, published in Nature Communications, shows that in normal listening contexts, we do not actually prefer chords to be perfectly in these mathematical ratios. “We prefer slight amounts of deviation. We like a little imperfection because this gives life to the sounds, and that is attractive to us,” said co-author, Dr Peter Harrison, from Cambridge’s Faculty of Music and Director of its Centre for Music and Science.

The researchers also found that the role played by these mathematical relationships disappears when you consider certain musical instruments that are less familiar to Western musicians, audiences and scholars. These instruments tend to be bells, gongs, types of xylophones and other kinds of pitched percussion instruments. In particular, they studied the ‘bonang,’ an instrument from the Javanese gamelan built from a collection of small gongs.

Yeah

By Anonymous Coward • Score: 5, Insightful Thread

Anyone with a passing curiosity in musical theory learns already knows that consonant ratios aren’t perfect in every key for any of the several tunings and that non-western, non-12-tone music also exists. And that other harmonies sound interesting, musical, or pleasant depending on the context and instruments.

Maybe the paper is interesting because it puts these questions to survey with a few thousand participants, but the Cambridge article on it is youtube-tier clickbait dogshit. “Pythagoras was wrong”, “Challenges centuries of western music theory,” as if Haydn was the only game in town and nothing new has been learned since. Come the fuck on.

Summary doesn’t make much sense

By Harvey Manfrenjenson • Score: 5, Informative Thread

Right off the bat, there is a major misconception in the summary. Musical intervals with simple integer ratios (like 3:2, the interval of a fifth) are associated with a feeling of “consonance”. But this feeling of “consonance” has nothing to do with the feeling that a musical interval is “pleasant” or “beautiful” (as the summary suggests), and conversely, a feeling of “dissonance” has nothing to do with the feeling that a musical interval is “unpleasant” or “ugly”. Really, this is basic Intro-To-Music-Theory stuff.

(It goes without saying that if you wrote a musical composition that contained nothing but “consonant” intervals, the resulting composition would probably be perceived by most listeners as bland and boring, and rather fatiguing to listen to— not “pleasant” or “beautiful” at all).

That’s not what it says

By ceoyoyo • Score: 5, Insightful Thread

The paper itself is much more interesting than this “summary.”

Most music systems make extensive use of simple harmonic ratios, or close approximations. The results of their simple pleasantness vs. harmony seem to pretty strongly support the idea that simple ratios are “more pleasant.”

The study itself is interested in competing psychoacoustical theories, one of which predicts that relationship is unaffected by timbre, and the other that predicts timbre has an effect. They found that sounds with more high harmonics could differ more from the simple harmonic ratios and still be pleasant, but roll off of those harmonics did not matter much, showing that timbre matters, but not in exactly the same way either model predicts.

Also, yeah, westerners are and were totally unfamiliar with things like bells. It’s not like there’s a massive western cultural institution that’s wielded insane power for a couple thousand years that likes to install them in all their buildings or anything.

Scientists rediscover temperament?

By davide marney • Score: 5, Informative Thread

In 1722, JS Bach published “Das wohltemperirte Clavier (The Well-Tempered Clavier)", a demonstration in all 24 keys of his proposed method of compromising the the purity of fifths (made by evenly subdividing frequencies) in order to align them at each octave. If you just subdivide the frequencies as Pythagoras noted, every octave would be slightly higher than its successor. Bach’s method distributed small adjustments throughout the octave so everything comes out exactly even.

Not everyone was a fan, of course, but his method was eventually adopted to the tuning system we have today.

dumbassery

By dfghjk • Score: 5, Insightful Thread

Pythagoras is not wrong about consonance, we know that from simple observation. Minor variations or imperfections in pitch are a separate matter, Pythagoras after all didn’t argue that vibrato was dissonant. And timbre, harmonic content, is yet another matter, instruments do not produce pure tones. The sheer hubris and ignorance here is amazing. Perfect for a /. article targeting the uneducated. SuperKendall approved.

Sam Bankman-Fried Sentenced To 25 Years in Prison

Posted by msmash View on SlashDot Skip
Crypto entrepreneur Sam Bankman-Fried was sentenced Thursday to 25 years [non-paywalled link] in prison for a massive fraud that unraveled with the collapse of FTX, once one of the world’s most popular platforms for exchanging digital currency. From a report:
Bankman-Fried, 32, was convicted in November of fraud and conspiracy — a dramatic fall from a crest of success. U.S. District Judge Lewis A. Kaplan imposed the sentence in the same Manhattan courtroom where, four months ago, Bankman-Fried testified that his intention had been to revolutionize the emerging cryptocurrency market with his innovative and altruistic ideas, not to steal.

Kaplan said the sentence reflected “that there is a risk that this man will be in position to do something very bad in the future. And it’s not a trivial risk at all.” He added that it was “for the purpose of disabling him to the extent that can appropriately be done for a significant period of time.” Prior to sentencing, Bankman-Fried had said, “My useful life is probably over. It’s been over for a while now, from before my arrest.”

Re:Bad justification for sentencing

By MachineShedFred • Score: 5, Interesting Thread

He showed absolutely no remorse for stealing people’s money to enrich himself. That definitely should figure into sentencing because it specifically points towards if he would repeat the offense or not.

If he actually understands the damage he caused and internalized how it was unacceptable, that’s one thing. But he hasn’t. He would make that exact same decision again, because the only remorse he’s feeling is wishing he didn’t get caught.

Fuck that guy.

life over

By awwshit • Score: 5, Interesting Thread

Not too long ago, I had someone in the Men’s room ask me how to flush the urinal. The urinal had an auto-flush mechanism, all he had to do was walk away. He said he had just been released from 25 years in prison. He had never seen a toilet that could flush itself. He said that he had not seen all of the technology and felt lost coming back into society. This is SBF’s future.

It’s both gross and terrifying

By rsilvergun • Score: 5, Insightful Thread
how we use other prisoners in prison to inflict tortures we’re otherwise too squeamish to inflict ourselves.

You won’t find anyone supporting state sanctioned rape & beating around here, but you’ll find no shortage of people A-OK with looking the other way while it happens. While they know it happens. Gleefully.

Re:Unpopular opinion

By Midnight_Falcon • Score: 5, Interesting Thread

The only people we should be locking up are people who we as a society can’t prevent from committing more crimes and hurting more people.

I don’t know if you paid attention to the trial, but based on his behavior I’d say there is no way to prevent SBF from committing more crimes. Even when under house detention he resorted to witness intimidation. His brainstorming definitely moved in the direction of committing more fraud, spreading falsehoods, and basically doing anything ethically-questionable to help himself.

The studies about the deterrent power of prison actually focus on crime in general — normal inmates in there for robbery, selling drugs, etc etc. Studies that focus on fraud find that it has a significant deterrent effect. Especially when you come from the American blue-blood class SBF did, where going from the top .1% to the bottom 1% (incarcerated) is absolutely unfathomable. This is a guy who’s never had to do his own dishes or clean his own house reduced to a 20-cent an hour prison job. That would definitely deter any other would-be crypto CEOs (who enjoy the life of .1%) from similarly messing with customer funds, now they know that they’ll end up with a long prison sentence and not a slap-on-the-wrist.

Two to five years in prison to potentially make (and hide) millions and millions of dollars might be worth it to many people [Martin Shrkeli, Charlie Shrem anyone?], but I doubt any amount of money is worth the entire prime of your life (30’s, 40’s, 50’s) being spent in prison.

Re:You literally just put him on parole

By Midnight_Falcon • Score: 5, Interesting Thread

And then you have the parole officer at bar him from taking any job where he has any authority to make decisions. At the absolute worst he’d be able to embezzle a few thousand dollars from a mega corporation before getting caught.

There is no parole in the federal system, so that wouldn’t be legally possible. Even if it was, based on his behavior evading restrictions on house arrest using VPNs etc to communicate, it will be no time before he figures out how to get back on the crypto markets with an pseudonym. Unfortunately, even when under bail (stricter than parole), people have figured out how to keep hacking while under supervision. So it’s just not technically possible to keep this dude from running rampant with a computer outside of a prison environment.

I think he would’ve ended up with a 5-10 year sentence maximum if he hadn’t engaged in this troubling pattern of behavior post-arrest, it just wreaks of malicious intent.

It’s always worth it to take that kind of risk because you’re talking about the difference between having an ordinary or maybe even a absolutely crappy life and the difference between living like a god king.

Not for SBF actually and that was my point about the .1%. SBF never had a risk of having an “ordinary” life by any standards. He grew up in a $4MM house on the Stanford campus with elite professors as parents, went Ivy League, etc etc. The worst that could’ve happened to him is that he went from being the .1% to maybe the 1%-2%, far from ordinary. Those are the people that need to be deterred, and I think showing them their entire “useful life” could be spent in prison rather than them living as single-digit millionaires is a strong enough to deter the upper-class.

Dashlane To Discontinue Its Authenticator App

Posted by msmash View on SlashDot
Dashlane, in a support page:
Due to changes in business priorities, we’ve decided to discontinue the Dashlane Authenticator app as of May 13, 2024. You can still use the main Dashlane app as an authenticator to protect logins stored in Dashlane with 2-factor authentication.

In other news

By redmid17 • Score: 4, Informative Thread
A company called Dashlane exists and had an authenticator app, which you can no longer use. Security through obscurity y’all
Global Rank
#24,807
3,353

Country Rank
#9,224
1,790
United States

Category Rank
#268
37
Computers Electronics and Technology > Computers Electronics and Technology - Other (In United States)

Re:Good

By zekica • Score: 4, Informative Thread
Aegis is the best FOSS TOTP/HOTP authenticator app I’ve used so far.

garbage

By awwshit • Score: 4, Insightful Thread

I tried Dashlane once. Didn’t like it, stopped using it. Thought I had paid for a year, apparently was put on auto-renew. Well, in the year that went by I lost my 2nd factor for Dashlane - which prevented me from turning off auto-renew. Dashlane would not help. The Dispute process did not go well. I literally had to cancel my credit card to stop Dashlane from billing for a service I never used.

Dark patterns make you an asshole, Dashlane, fuck you.