I used to be the Security Team Lead for Web Applications at one of the largest government data centers in the world but now I do mostly “source available” security mainly focusing on BSD. I’m on GitHub but I run a self-hosted Gogs (which gitea came from) git repo at Quadhelion Engineering Dev.

Well, on that server I tried to deny AI with Suricata, robots.txt, “NO AI” Licenses, Human Intelligence (HI) License links in the software, “NO AI” comments in posts everywhere on the Internet where my software was posted. Here is what I found today after having correlated all my logs of git clones or scrapes and traced them all back to IP/Company/Server.

Formerly having been loathe to even give my thinking pattern to a potential enemy I asked Perplexity AI questions specifically about BSD security, a very niche topic. Although there is a huge data pool here in general over many decades, my type of software is pretty unique, is buried as it does not come up on a GitHub search for BSD Security for two pages which is all most users will click, is very recent comparitively to the “dead pool” of old knowledge, and is fairly well recieved, yet not generally popular so GitHub Traffic Analysis is very useful.

The traceback and AI result analysis shows the following:

  1. GitHub cloning vs visitor activity in the Traffic tab DOES NOT MATCH any useful pattern for me the Engineer. Likelyhood of AI training rough estimate of my own repositories: 60% of clones are AI/Automata
  2. GitHub README.md is not licensable material and is a public document able to be trained on no matter what the software license, copyright, statements, or any technical measures used to dissuade/defeat it. a. I’m trying to see if tracking down whether any README.md no matter what the context is trainable; is a solvable engineering project considering my life constraints.
  3. Plagarisation of technical writing: Probable
  4. Theft of programming “snippets” or perhaps “single lines of code” and overall logic design pattern for that solution: Probable
  5. Supremely interesting choice of datasets used vs available, in summary use, but also checking for validation against other software and weighted upon reputation factors with “Coq” like proofing, GitHub “Stars”, Employer History?
  6. Even though I can see my own writing and formatting right out of my README.md the citation was to “Phoronix Forum” but that isn’t true. That’s like saying your post is “Tick Tock” said. I wrote that, a real flesh and blood human being took comparitvely massive amounts of time to do that. My birthname is there in the post 2 times [EDIT: post signature with my name no longer? Name not in “about” either hmm], in the repo, in the comments, all over the Internet.

[EDIT continued] Did it choose the Phoronix vector to that information because it was less attributable? It found my other repos in other ways. My Phoronix handle is the same name as GitHub username, where my handl is my name, easily inferable in any, as well as a biography link with my fullname in the about.[EDIT cont end]

You should test this out for yourself as I’m not going to take days or a week making a great presentation of a technical case. Check your own niche code, a specific code question of application, or make a mock repo with super niche stuff with lots of code in the README.md and then check it against AI every day until you see it.

P.S. I pulled up TabNine and tried to write Ruby so complicated and magically mashed, AI could offer me nothing, just as an AI obsucation/smartness test. You should try something similar to see what results you get.

  • AlexanderESmith@social.alexanderesmith.com
    link
    fedilink
    arrow-up
    5
    arrow-down
    2
    ·
    edit-2
    5 months ago

    you got some criticism and now you’re saying everyone else is a bot or has an agenda

    Please look up ad hominem, and stop doing it. Yes, their responses are a distraction from the topic at hand, but so were the random posts calling OP paranoid. I’d have been on the defensive too.

    [Our company] publish[s] open source work … anyone is free to use it for any purpose, AI training included

    Great, I hope this makes the models better. But you made that decision. OP clearly didn’t. In fact, they attempted to use several methods to explicitly block it, and the model trainers did it anyway.

    I think that the anti-AI hysteria is stupid virtue signaling for luddites

    Many loudly outspoken figures against the use of stolen data for the training of generative models work in the tech industry, myself included (I’ve been in the industry for over two decades). We’re far from Luddites.

    LLMs are here

    I’ve heard this used as a justification for using them, and reasonable people can discuss the merits of the technology in various contexts. However, this is not a justification for defending the blatant theft of content to train the models.

    whether or not they train on your random project isn’t going to affect them in any meaningful way

    And yet, they did it while ignoring explicit instructions to the contrary.

    there are more than enough fully open source works to train on

    I agree, and model trainers should use that content, instead of whatever they happen to grab off every site they happen to scrape.

    Better to have your work included so that the LLM can recommend it to people or answer questions about it

    I agree if you give permission for model trainers to do so. That’s not what happened here.

    • bamboo@lemm.ee
      link
      fedilink
      English
      arrow-up
      2
      arrow-down
      3
      ·
      5 months ago

      Why do you think they need your permission to use information you posted publicly to train their models? Copyright isn’t unlimited, and model training is probably fair use.

      • AlexanderESmith@social.alexanderesmith.com
        link
        fedilink
        arrow-up
        7
        arrow-down
        2
        ·
        5 months ago

        “Your honor, we can use whatever data we want because model training is probably fair use, or whatever”.

        I don’t know what’s worse, the fact that you think creators don’t have the right to dictate how their works are used, or that you apparently have no idea what fair use is.

        This might help; https://copyright.gov/fair-use/

        • bamboo@lemm.ee
          link
          fedilink
          English
          arrow-up
          2
          ·
          edit-2
          5 months ago

          I mean, this is how courts work. Someone will sue because a work they hold copyright to was used in a training set without their authorization, the defendant will claim it was fair use, the judge will pick a side. To the best of my knowledge this hasn’t happened just yet, and since I’m not a judge, I use “probably”. Fair use is both vague and broad, and this is important to ensure copyright holders don’t have complete control over their work. It was recognized a long time ago that you can make works that utilize another copyrighted work, but don’t functionally replace the original work, and are therefore fair use. The whole point was to try and foster innovation, not to allow copyright holders to dictate how their works are used, and fair use is an essential part of that.

          Training an LLM with a work doesn’t functionally replace that work. If there is a filter that prevents 1:1 reproduction, then it literally cannot. It also provides significant benefit to have these LLMs, they are a unique and valuable work themselves. That’s why it’s fair use.

          • Agreed on all points, except my personal interpretation of “fair use” specific to the case of generative models.

            You call out “doesn’t replace the original work”. Is that not how you see an LLM Q/A bot replacing a user going to a git repo for established examples, or a website for an article (generating page views, subscriptions, ad revenue), or similar? Why would anyone go to the source materials if they’re getting their answer from the bot?

            This is practically the same as when Google started showing articles in AMP, and not bringing people to the original website, is it not?

            • bamboo@lemm.ee
              link
              fedilink
              English
              arrow-up
              1
              ·
              5 months ago

              How would an LLM answering questions about a git repo be legally different from a person answering those same questions (think stackoverflow)? Specific to this case, US law does not consider “APIs” to be copyrightable (Oracle v Google, Google reimplemented Java using the same APIs but their own implementation code, court ruled that Oracle couldn’t copyright the APIs).

              Regarding “replace”, the primary use of the git repo is the code itself, not the Q&A about how to use it. The LLM doesn’t generate code that fully replaces that library or program, or if it does, it is distinct enough to be a different work.

              • First, a chat bot is not an API. Second, they were talking about the the formatting and delivery method of the data, not the content.

                Regarding the output of the model: Some repos are entirely READMEs by their nature. No code, just documentation and walkthroughs. Notwithstanding that; If I set a flag that’s says “don’t use my data” and they use it anyway, that’s theft, even if it’s only one file, even if the file is just a description of the code. That’s my work, not yours. You don’t get to use it however you want, unless I specifically note that it’s public domain (or you use it and follow the license, like attributing me, or linking to the repo, etc).

                As to the difference between a bot and a human (re: stack overflow)? The former is a representative of a company (automation or not, whether it’s a bot or a page on their corporate site), the latter is a person relating experience and opinion. The legal difference is that one is using the data commercially, and the other is just a person in the world, answering another person’s question for no reason other than a desire to be helpful (and if they’re decent, attributing the source instead of claiming that they’re generating wisdom on their own).

                That last parenthetical used to be called plagiarism, by the way.

              • catloaf@lemm.ee
                link
                fedilink
                English
                arrow-up
                1
                ·
                5 months ago

                Yes, I am. Logically, if an author creates something and cannot control its distribution, it is available to everyone at no cost, therefore the author will never see a dime for their labor.

                This discounts the donation model, because in practice, it rarely pays the bills. It also ignores patronage, because I doubt that you want the creation of art to be dependent on the generosity of the rich.

                Thus, it makes sense for the author to maintain certain rights over the product of their labor. They provide the work under their terms, e.g. requiring payment for a copy, and that relatively low cost to the average Joe provides the money they need to buy food, pay rent, etc.

                • Victoria Antoinette @lemmy.world
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  arrow-down
                  3
                  ·
                  5 months ago

                  you recognize two well known cases where copyright is not necessary to get paid. I don’t think there is even an argument at this point. have a nice day.

                  • catloaf@lemm.ee
                    link
                    fedilink
                    English
                    arrow-up
                    1
                    ·
                    5 months ago

                    Yes, and I said they’re not feasible, because they’ve been tried in the past and present and found to not work very well. If you disagree, I’m happy to hear your thoughts.

          • AlexanderESmith@social.alexanderesmith.com
            link
            fedilink
            arrow-up
            3
            arrow-down
            2
            ·
            5 months ago

            I already replied to the essence of this in my reply to your other post about how “illegal downloads aren’t theft because its a copy”, but I’ll mention here that this is even more evidence that you aren’t a creator, and I suggest that your opinions on this subject aren’t relevant, and you should avoid subjecting other people to them.

              • AlexanderESmith@social.alexanderesmith.com
                link
                fedilink
                arrow-up
                2
                arrow-down
                1
                ·
                5 months ago

                “evidence suggests that you probably aren’t a creator” “As a result, I suggests that your opinions aren’t relevant”

                Aside from the fact that these are not character attacks, I encourage you to refute my assumptions. Otherwise, my points will stand on their own.

                • Victoria Antoinette @lemmy.world
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  arrow-down
                  2
                  ·
                  5 months ago

                  on the internet, no one knows you’re a dog. whether I have or not, saying so doesn’t prove it. what I said stands on its own merits and your inability to make an argument without attacking identity speaks to the strength of your argument, your understanding of the subject, and your ability (or willingness) to engage in good faith.