| ▲ | Sweepi 22 days ago |
| "Torvalds' remarks contrast with recent comments from fellow kernel maintainer Greg Kroah-Hartman, who recently told The Register that AI has become an increasingly useful tool for the FOSS community." Does it? Both points can be true at the same time. |
|
| ▲ | ses1984 22 days ago | parent | next [-] |
| Linus also said “AI tools are great, but only if they actually help, rather than cause unnecessary pain and pointless make-believe work,” he wrote. “Feel free to use them, but use them in a way that is productive and makes for a better experience.” So I think the closing remark from the register isn’t really appropriate given the context from the quotes they pulled. |
| |
| ▲ | dathinab 22 days ago | parent | next [-] | | the problem here is that many of the submissions are not "make-believe work" but actual existing security issues it's just that in the past people most times didn't find security vulnerabilities independently of each other without knowing about the others en mass worse it's non trivial to dedup on the submitter side, nor on the receiver site (as long as we stay with a classical mailing list format) and while this might be fixable with an AI auto grouping duplicates etc. getting that right is _hard_ especially if we consider that there can be a lot to gain for an adversary to use prompt injection and similar to cause an effective "hiding" of "useful" security issues (e.g. by wrongly causing them being labeling as duplicate). In addition to all the technical problems this causes some other problems: 1.) additional cost you can intentional (maliciously) increase 2.) dependence on some LLM provider 3.) trust problem wrt. the used LLM provider. Some of this can be avoided by running open models on sponsored owned hardware, but at the cost of often outdated LLM tech, higher cost, now needing to maintain additional hardware etc. | | |
| ▲ | pessimizer 22 days ago | parent [-] | | > the problem here is that many of the submissions are not "make-believe work" but actual existing security issues Not exactly, the submissions are reports about actual existing security issues. They are make-believe work because everybody has access to AI, and anybody could have done it. Deduping is not productive work, it's a search for productive work. Instead of spamming bug reports generated by AI, people should spam cash or token credit of some sort so the project can generate these themselves. The real unnecessary part of the entire process is the submitter. There's no need for an AI middleman. If somebody comes up with some witty trick that gets an AI to find a bug that it wouldn't have found on its own, submit the prompt. |
| |
| ▲ | mock-possum 22 days ago | parent | prev [-] | | So if a thing is good then it is good, but if a thing is bad then it is bad? Got it! |
|
|
| ▲ | renegade-otter 22 days ago | parent | prev | next [-] |
| I will argue that ON AVERAGE, humans are lazy, and will use LLMs to generate walls of text and code. We like the easy way out - just pop a pill. Here we have a technology that can finally help us manage the crippling firehose of data, and instead, we are going to make it much worse. As expected. A few of us will actually use these tools to reduce toil and achieve something useful. |
|
| ▲ | j16sdiz 22 days ago | parent | prev | next [-] |
| Torvalds didn't say AI isn't useful. He is saying everybody use AI to file same duplicate bug report causing extra churn. |
|
| ▲ | orthoxerox 22 days ago | parent | prev | next [-] |
| AI can amplify your intelligence just as easily as it can amplify your stupidity. All while telling you how smart and brilliant you are. |
| |
|
| ▲ | happytoexplain 22 days ago | parent | prev | next [-] |
| I mean, they are two (of many) contrasting results of AI. The writer didn't say "contradict". But I agree they probably could have chosen better wording. |
|
| ▲ | m463 22 days ago | parent | prev [-] |
| yeah reading the original post linus seems to be pretty constructive in his words and open to AI in a common-sense way. |
