Comment Re:This Is Why I Ditched Ubuntu (Score 1) 58
Comment Everywhere around the world... (Score 3) 9
Comment Translation: AI publishes our material anyway (Score 4, Interesting) 27
And in this particular one case, I for one welcome the blatant stealing the LLM training companies did, as such standards belong in the public domain anyway.
Comment Re:Coding AI vs "Many Eyes" (Score 1) 43
There are certainly also "open source devs" that irresponsibly include libraries from wherever, but that is a completely different topic unrelated to AUR. And unlike for closed source, in both scenarios users are technically and legally allowed to review the foreign code, and encouraged to do so.
Comment Re:People's attitude to this is interesting ... (Score 1) 92
Comment Re: Enshittification marches ever onward (Score 3, Insightful) 54
Comment Re: Enshittification marches ever onward (Score 2) 54
It's a "feature" that was never publicly announced
That does not change the situation that their firmware updates are now malware that removes existing features from existing systems.
Comment Not AMD's first SCAM, remember ECC? (Score 3, Informative) 54
Let's face it, AMD has for a long time not been the "underdog" who plays fair with customers to get a reputation. Now that they had some years of success, they give a damn about their reputation, and will continue to scam their customers as they please.
Comment AI investments may not be meant to "pay off" (Score 5, Insightful) 65
We have already seen how normal "consumers" have become irrelevant as customers, we have seen how "retail brokerage" customers have become irrelevant as "investors", and the next stage has already begun, where the world economy is shaped to address the needs of AI/robots, not the needs of puny humans.
Comment Re:Many eyes (Score 1) 43
If we want to talk about indoctrination, we could ask why the title of this article is "Arch Linux Malware Incident". That is as misleading as if somebody wrote an article about "Slashdot Malware Incident" just because some commenter posted base64-encoded viruses in 100 Slashdot comments.
Comment Re:Coding AI vs "Many Eyes" (Score 1) 43
"Many Eyes" is a good thing, but it's been oversold.
Who said that files on AUR were reviewed by "many eyes"? AUR is specifically a repository for software only very few people want to install, so it is not unlikely that you are the only one to review an AUR build script (after the uploader).
Having coding AI's scan everything will probably work out better in the long run. We're only at the early days, coding AI are also oversold in they own way, but it's a safe bet they will get better over time.
The many "security issues" LLM based bots have recently found were programming bugs that nobody intended to hide - but which were non-obvious enough that they slipped through normal reviews. I would not expect contemporary "AI tools" to find malware that has been intentionally hidden in the code.
Comment Re:AUR (Score 1) 43
Comment Re:AUR (Score 1) 43
Comment Re:Talk about a productivity boost from AI (Score 1) 43
No reactions yet? My main question is which AI was used for so many attacks in such a short time.
This "attack" does not require technical competence or "AI" for automation. Allowing volunteers to take ownership of existing "AUR" packages may have had good intentions, but it was also an invitation for the scum to abuse this mechanism to spread malware to less cautious AUR users. There is a reason why the official Arch packages are not as easily handed to the first one to offer maintenance.