alt Hacker NewsIf I look around in the FLOSS communities, I see a lot of skepticism towards LLMs. The main concerns are:
1. they were trained on FLOSS repositories without consent of the authors, including GPL and AGPL repos
2. the best models are proprietary
3. folks making low-effort contribution attempts using AI (PRs, security reports, etc).
I agree those are legitimate problems but LLMs are the new reality, they are not going to go away. Much more powerful lobbies than the OSS ones are losing fights against the LLM companies (the big copyright holders in media).
But while companies can use LLMs to build replacements for GPL licensed code (where those LLMs have that GPL code probably in their training set), the reverse thing can also be done: one can break monopolies open using LLMs, and build so much open source software using LLMs.
In the end, the GPL is only a means to an end.
> 3. folks making low-effort contribution attempts using AI (PRs, security reports, etc).
Meanwhile as people sleep on LLMs to help them audit their code for security holes, or even any security code auditing tools. Script kiddies don't care that you think AI isn't ready, they'll use AI models to scrape your website for security gaps. They'll use LLMs to figure out how to hack your employees and steal your data. We already saw that hackers broke into government servers for the Mexican government, basically scraping every document of every Mexican citizen. Now is the time to start investing in security auditing, before you become the next news headline.
AI isn't the future, it's already here, and hackers will use it against you.