• Ricky Rigatoni@piefed.zip
    link
    fedilink
    English
    arrow-up
    74
    arrow-down
    2
    ·
    2 days ago

    All it takes is one person using an LLM tainted with proprietary code which then just gives them that code line for line to undo decades of courtroom defense.

    • ikidd@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      1
      ·
      29 minutes ago

      Yah, before AI there’s never been a chance of proprietary code entering the Linux ecosystem and they have no defences against it at all.

    • black0ut@pawb.social
      link
      fedilink
      arrow-up
      45
      arrow-down
      2
      ·
      2 days ago

      Not only that, but AI output can’t be licensed/copyrighted. The GPL license no longer covers the kernel in legal terms.

      • FauxLiving@lemmy.world
        link
        fedilink
        arrow-up
        19
        arrow-down
        2
        ·
        1 day ago

        The GPL license no longer covers the kernel in legal terms.

        The uncopyrightability of AI-written code only applies to the actual strings of code generated by an AI, not to the entire project.

        A person could ignore the GPL if they only copied the AI-written portions. But, how could they know for sure which lines were AI generated and which were not? A wrong choice would leave them civilly liable for copyright violation and all they stand to gain would be tiny portions of the Linux kernel code which are worthless by themselves.

        There’s no reason to steal the AI generated portions and risk a lawsuit, when you can just generate your own code.

      • Franconian_Nomad@feddit.org
        link
        fedilink
        English
        arrow-up
        10
        arrow-down
        1
        ·
        1 day ago

        There seems to be legal discussions about that. It’s not quite as simple as you say:

        However, there may be cases in which a different assessment is justified, namely when users use and operate the LLM as a tool that merely implements their personal creative intent. This could be compared somewhat more vividly to using a paintbrush. If the brush merely rolls over the paper, for example because it is dropped, no copyright-protected work is created, even if paint remains on the paper. However, if a painter deliberately swings the brush in a certain way, a protected painting can be created. If AI is used in a comparable way a copyright-protected work can indeed be created.

        https://kpmg-law.de/en/ai-and-copyright-what-is-permitted-when-using-llms/

        • SirActionSack@aussie.zone
          link
          fedilink
          English
          arrow-up
          4
          ·
          17 hours ago

          Best to not believe anything KPMG says about AI.

          Actually if KPMG say the sky is blue you should probably go outside and check and also make sure you still have your wallet.

        • fogetaboutit@programming.dev
          link
          fedilink
          arrow-up
          3
          ·
          17 hours ago

          yeah and the paintbrush somehow has abstracted access to millions of proprietary and copyleft licensed source code in forms of weight.

          this is a clear misuse and abuse of any fair use rights, and clear push to centralisation of copyright to only a few companies with big budgets that can defend themselves.

          i mean, can you really challenge and win against openai, a company backed by the govt, that your copyleft source code are misused as training data?

        • The_Decryptor@aussie.zone
          link
          fedilink
          English
          arrow-up
          12
          ·
          1 day ago

          Yeah any decision would be on a case by case basis, which is normally something you’d want to avoid.

          I’ve seen a couple of Linux devs talk about how they just give a prompt to claude and walk away leaving it alone to spit out the code, none of which can be licensed as GPL. But good luck working out what specific lines of what specific patches of theirs used an LLM vs. were re-written or such.

          • Franconian_Nomad@feddit.org
            link
            fedilink
            English
            arrow-up
            6
            arrow-down
            1
            ·
            1 day ago

            I’ve seen a couple of Linux devs talk about how they just give a prompt to claude and walk away leaving it alone to spit out the code

            While I share Linus opinion on LLMs, I think doing this shit is extremely stupid and lazy.

            • TeamAssimilation@infosec.pub
              link
              fedilink
              English
              arrow-up
              5
              ·
              1 day ago

              And extremely abusive, since they don’t review the code fully, but a human must review the whole commit before accepting it. They save their time but consume that of others.

        • Victor@lemmy.world
          link
          fedilink
          arrow-up
          5
          ·
          20 hours ago

          But if there are proprietary lines of code that end up in a project with an open license, you get a violation. 🤷‍♂️

          • terabyterex@lemmy.world
            link
            fedilink
            arrow-up
            4
            arrow-down
            6
            ·
            20 hours ago

            what is a proprietary line of code? how do you look at a for loop or uf statement and say “i own that”. i can tell you that in all the huge applications i have worked on in the last 27 years, there isnt special proprietary code. there is proprietary data but not code.

            the only time you really have proprietary codeis specialized code talking to a specialized device. so maybe a closed source driver.

            • Victor@lemmy.world
              link
              fedilink
              arrow-up
              5
              arrow-down
              2
              ·
              20 hours ago

              I have worked at two companies back-to-back for a total of about 8 years, so significantly less time, that both definitely had proprietary code.

              It is code that does things that nobody else is doing, or able to do, and patented, I believe(?).

              But nice anecdote. 👍

      • gjoel@programming.dev
        link
        fedilink
        arrow-up
        11
        ·
        1 day ago

        They use everything for everything, that’s the big issue. Also gpl code. Anything they can trawl through they use. And replicate, in part or in full.

        • Franconian_Nomad@feddit.org
          link
          fedilink
          English
          arrow-up
          1
          arrow-down
          2
          ·
          1 day ago

          They take code snippets and copy and paste them? Or do they create own code based on what they’ve learned by trawling?

          • Barbarian@sh.itjust.works
            link
            fedilink
            arrow-up
            16
            arrow-down
            4
            ·
            1 day ago

            LLMs don’t “create”. Under the hood, they’re tokenizing the queries, looking for “clouds” of tokens that are similar to the query, then returning a sequence of tokens (with some random noise thrown in) that match what their training data says the answer should be.

            In short: all LLM code is an amalgamation of their training data by definition. If there’s nothing similar in there, it’s literally not possible for it to be part of any response.

            • Franconian_Nomad@feddit.org
              link
              fedilink
              English
              arrow-up
              3
              arrow-down
              4
              ·
              1 day ago

              You’re exactly right. I should have used „generate“ instead of „create“.The point is I don’t think LLMs normally use copyrighted code in a way that would hurt open source projects.

              Under the hood, they’re tokenizing the queries, looking for “clouds” of tokens that are similar to the query, then returning a sequence of tokens (with some random noise thrown in) that match what their training data says the answer should be.

              Lol, so how do humans code in comparison?

              • prole@lemmy.blahaj.zone
                link
                fedilink
                arrow-up
                5
                ·
                1 day ago

                You’re exactly right. I should have used „generate“ instead of „create“

                Did you purposely respond like an AI?

              • Barbarian@sh.itjust.works
                link
                fedilink
                arrow-up
                4
                arrow-down
                1
                ·
                1 day ago

                The point is I don’t think LLMs normally use copyrighted code in a way that would hurt open source projects.

                I don’t know. I’m not a lawyer, and copyright for code was a hot mess even before LLMs got involved. With how many opportunistic copyright/patent trolls there are and how easily convinced judges have been in the past, it could go either way.

                Lol, so how do humans code in comparison?

                The good programmers normally code by breaking down the problem into constituent parts and logically working through the problem, step by step. What differentiates this from tokenization is that instead of just looking for code that is similar for a similar problem, programmers can usually understand the effects of each line of code, visualize what the state of each variable will be in that step (or dump out the variables to look directly if unsure), and then move on to the next step. This logical problem-solving approach is fundamentally different from a tokenization+noise looking for a similar-looking problem approach. For one thing, you can solve problems that haven’t been solved before.

              • vanillama@programming.dev
                link
                fedilink
                arrow-up
                2
                ·
                1 day ago

                Human programmers at least can tell you where they got a snippet they copied, whether it was in the docs, stack overflow or elsewhere, and you can try to keep attribution if you care about compliance. Not only that, but most of our skills are related to designing stuff and recognizing which pattern to use, the specific implementation isn’t necessary the same unless we go look for whatever we saw in the past, as our memories don’t just record everything and repeat it word by word. And after picking up a new language or framework I only need to look around when using a third party library or some API I’m less familiar with, or when something breaks.