One wonders who would have the time, interest and money to setup and control AI to do all this… One wonders 🤔 and the one remembers -just as a random example- Microsoft funding SCO with tens of millions of dollars right after which it attacked Linux with fake copyright claims for years, after which Microsoft extorted large corporations into switching to Microsoft platforms. Also, why controls GitHub now? Anyway, I digress.
OS will deal with this, I imagine it won’t be too hard to setup tools that will deal with this shit, but I’m so sick and tired of continuously having to deal with this shit. Can we just formonce have something nice?
More than some nefarious corpo, I think this is more an evolution of the same problem that existed before AI was popular.
Some people realised that their credibility as a job candidate was tied on a very surface level to their GitHub profile, so they sought to optimise it. They started going to cool projects and proposing absolutely stupid merge requests, like “replace single quotes with double quotes in README.md” or “improved spacing in this sentence” in the hopes that the developers would go “well why not”, so they could show that they contributed to tensorflow or redis or what have you. Already years ago, a lot of FLOSS projects were plagued by spam PRs.
Now coming up with absolutely stupid reasons to issue a PR is a tedious job and you have a very fierce competition of people doing the same thing as you, so… why not gain the edge with AI?
No, this is definitely big corporations. It has Microsoft written all over it.
Microsoft has now gone “all in on Open Source” (except for their own code, of course).
They rely on OSS for most of their revenue (Azure). And they force their employees to use Copilot for everything.
It would only make sense for them to flood the devs of OSS they use with Copilot-generated bug reports and feature requests.
To avoid company-internal pressure.
Microsoft is pretty cult-like nowadays. Employees need to write weekly self-assessments using Copilot, which are used to judge their “growth mindset” and decide if they get a raise, or fired.
Not saying it can’t be, but I’ll be more convinced by an article that is a bit less emotionally loaded. It’s clear that the author has a bone to pick with Microsoft, and it reads as it’s written by a high schooler who wants to LARP as a journalist.
Just to be clear I have been in big tech corpos with cult-ish undertones and I have also seen the mindset poppycock shoved to my face multiple times, it’s not that I find their contents hard to believe. I just find that article hard to trust.
Just do a search for ‘exploiting GitHub open source’ and you’ll find numerous resources of past and current exploits. Best way to exploit someone’s machine is to infect an open source package used by millions.
Over the next year, they would largely take control of the project from its original maintainer, Lasse Collin, a change driven in part by nagging emails sent to Collin by a handful users complaining about slow updates.
So unleash the AI to overburden the maintainers. Which means they could hand over the project entirely like this instance or just not provide the amount of scrutiny they previously did over the things getting merged into the project. Either way it’s bad for all of us.
One wonders who would have the time, interest and money to setup and control AI to do all this… One wonders 🤔 and the one remembers -just as a random example- Microsoft funding SCO with tens of millions of dollars right after which it attacked Linux with fake copyright claims for years, after which Microsoft extorted large corporations into switching to Microsoft platforms. Also, why controls GitHub now? Anyway, I digress.
OS will deal with this, I imagine it won’t be too hard to setup tools that will deal with this shit, but I’m so sick and tired of continuously having to deal with this shit. Can we just formonce have something nice?
More than some nefarious corpo, I think this is more an evolution of the same problem that existed before AI was popular.
Some people realised that their credibility as a job candidate was tied on a very surface level to their GitHub profile, so they sought to optimise it. They started going to cool projects and proposing absolutely stupid merge requests, like “replace single quotes with double quotes in README.md” or “improved spacing in this sentence” in the hopes that the developers would go “well why not”, so they could show that they contributed to tensorflow or redis or what have you. Already years ago, a lot of FLOSS projects were plagued by spam PRs.
Now coming up with absolutely stupid reasons to issue a PR is a tedious job and you have a very fierce competition of people doing the same thing as you, so… why not gain the edge with AI?
No, this is definitely big corporations. It has Microsoft written all over it.
Microsoft has now gone “all in on Open Source” (except for their own code, of course).
They rely on OSS for most of their revenue (Azure). And they force their employees to use Copilot for everything.
It would only make sense for them to flood the devs of OSS they use with Copilot-generated bug reports and feature requests.
To what end exactly?
To avoid company-internal pressure.
Microsoft is pretty cult-like nowadays. Employees need to write weekly self-assessments using Copilot, which are used to judge their “growth mindset” and decide if they get a raise, or fired.
https://www.wheresyoured.at/the-cult-of-microsoft/
Demonstrating your “commitment to advancing open source”, while using Copilot, benefits employees internally.
Not saying it can’t be, but I’ll be more convinced by an article that is a bit less emotionally loaded. It’s clear that the author has a bone to pick with Microsoft, and it reads as it’s written by a high schooler who wants to LARP as a journalist.
Just to be clear I have been in big tech corpos with cult-ish undertones and I have also seen the mindset poppycock shoved to my face multiple times, it’s not that I find their contents hard to believe. I just find that article hard to trust.
that’s just how Ed Zitron always writes. he makes some good points usually despite that, i wouldn’t dismiss him just because of it.
his blog is widely known and read among tech workers. i saw another one of his articles posted on hacker news just this morning.
Just do a search for ‘exploiting GitHub open source’ and you’ll find numerous resources of past and current exploits. Best way to exploit someone’s machine is to infect an open source package used by millions.
This is a particularly relevant article.
So unleash the AI to overburden the maintainers. Which means they could hand over the project entirely like this instance or just not provide the amount of scrutiny they previously did over the things getting merged into the project. Either way it’s bad for all of us.