Tag: source code
-
Simon Willison’s Weblog: Qwen2.5-Coder-32B is an LLM that can code well that runs on my Mac
Source URL: https://simonwillison.net/2024/Nov/12/qwen25-coder/ Source: Simon Willison’s Weblog Title: Qwen2.5-Coder-32B is an LLM that can code well that runs on my Mac Feedly Summary: There’s a whole lot of buzz around the new Qwen2.5-Coder Series of open source (Apache 2.0 licensed) LLM releases from Alibaba’s Qwen research team. On first impression it looks like the buzz…
-
Schneier on Security: AI Industry is Trying to Subvert the Definition of “Open Source AI”
Source URL: https://www.schneier.com/blog/archives/2024/11/ai-industry-is-trying-to-subvert-the-definition-of-open-source-ai.html Source: Schneier on Security Title: AI Industry is Trying to Subvert the Definition of “Open Source AI” Feedly Summary: The Open Source Initiative has published (news article here) its definition of “open source AI,” and it’s terrible. It allows for secret training data and mechanisms. It allows for development to be done…
-
Schneier on Security: Subverting LLM Coders
Source URL: https://www.schneier.com/blog/archives/2024/11/subverting-llm-coders.html Source: Schneier on Security Title: Subverting LLM Coders Feedly Summary: Really interesting research: “An LLM-Assisted Easy-to-Trigger Backdoor Attack on Code Completion Models: Injecting Disguised Vulnerabilities against Strong Detection“: Abstract: Large Language Models (LLMs) have transformed code com- pletion tasks, providing context-based suggestions to boost developer productivity in software engineering. As users often…
-
Technologies | Sovereign Tech Agency: Reproducible Builds
Source URL: https://www.sovereign.tech/tech/reproducible-builds Source: Technologies | Sovereign Tech Agency Title: Reproducible Builds Feedly Summary: AI Summary and Description: Yes Summary: The Reproducible Builds project plays a crucial role in enhancing the security of open source software supply chains by addressing vulnerabilities that arise from third-party dependencies. It aims to establish reproducible builds as a standard…
-
The Register: Scumbag puts ‘stolen’ Nokia source code, SSH and RSA keys, more up for sale
Source URL: https://www.theregister.com/2024/11/06/nokia_data_theft/ Source: The Register Title: Scumbag puts ‘stolen’ Nokia source code, SSH and RSA keys, more up for sale Feedly Summary: Data pinched from pwned outside supplier, thief says IntelBroker, a notorious peddler of stolen data, claims to have pilfered source code, private keys, and other sensitive materials belonging to Nokia.… AI Summary…
-
Schneier on Security: AIs Discovering Vulnerabilities
Source URL: https://www.schneier.com/blog/archives/2024/11/ais-discovering-vulnerabilities.html Source: Schneier on Security Title: AIs Discovering Vulnerabilities Feedly Summary: I’ve been writing about the possibility of AIs automatically discovering code vulnerabilities since at least 2018. This is an ongoing area of research: AIs doing source code scanning, AIs finding zero-days in the wild, and everything in between. The AIs aren’t very…
-
Hacker News: Writing Secure Go Code
Source URL: https://jarosz.dev/article/writing-secure-go-code/ Source: Hacker News Title: Writing Secure Go Code Feedly Summary: Comments AI Summary and Description: Yes **Summary:** The text provides a comprehensive guide on best practices for writing secure Go code. It emphasizes the importance of keeping Go versions updated, utilizing static code analyzers, checking for known vulnerabilities, and implementing best practices…
-
Slashdot: New ‘Open Source AI Definition’ Criticized for Not Opening Training Data
Source URL: https://news.slashdot.org/story/24/11/03/0257241/new-open-source-ai-definition-criticized-for-not-opening-training-data?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: New ‘Open Source AI Definition’ Criticized for Not Opening Training Data Feedly Summary: AI Summary and Description: Yes Summary: The text discusses the controversy surrounding the newly-released Open Source AI definition, which some believe undermines traditional open-source principles by allowing certain proprietary practices around training data. The concerns raised…
-
Cloud Blog: PyTorch/XLA 2.5: vLLM support and an improved developer experience
Source URL: https://cloud.google.com/blog/products/ai-machine-learning/whats-new-with-pytorchxla-2-5/ Source: Cloud Blog Title: PyTorch/XLA 2.5: vLLM support and an improved developer experience Feedly Summary: Machine learning engineers are bullish on PyTorch/XLA, a Python package that uses the XLA deep learning compiler to connect the PyTorch deep learning framework and Cloud TPUs. And now, PyTorch/XLA 2.5 is here, along with a set…