I’m aware (unfortunately) of the marketing claims and even if they might be true, as you say it is “for now”. So if it’s only temporary for that arm race, especially if held by a company who leaked its own code just days ago, then I have a hard time understanding why ‘zero-days are numbered’ because this title claims the dynamic itself is gone. That’s now my understanding, especially if other models are just marginally (which is hard to prove with models, finding proper metrics) worst than it.

See comment that shared https://techcrunch.com/2026/04/21/unauthorized-group-has-gained-access-to-anthropics-exclusive-cyber-tool-mythos-report-claims just few hours ago, and that’s not even sophisticated.

Anthropic and OpenAI have multiple times used this arm race rhetoric before and it worked. Their models are supposedly “too dangerous” to be released thus consequently they have to control access.

It might be true but so far what we have witnessed is that roughly equivalent models get released by others merely weeks or maybe months after, sometimes open, but the “moat” never lasted long so I’m questioning why it would be different this time.

That doesn’t make sense. Don’t the attackers have the same tools?

Paying for DRM-free quality content https://www.defectivebydesign.org/guide/ and pirating the rest. Also promoting the concept of Big Content from Chokepoint Capitalism https://www.penguinrandomhouse.com/books/710957/chokepoint-capitalism-by-rebecca-giblin-and-cory-doctorow/

AI tools can find bugs faster than they can be patched

Not a security expert but wasn’t that the case already? It feels like before AI there were already a lot more bugs, security related or not, on backlogs. That’s precisely why there are metrics like severity.

🍾

I think the “trap” is to believe “we” can “win” once and for all.

Under capitalism (and I’m not suggesting there are better systems, only highlight a core mechanism) there will always be competition to capture value, both customers and lawmakers who (should) protect them.

There are countless examples but one of the most obvious on that topic if Microsoft itself with it’s sadly now classic EEE https://en.wikipedia.org/wiki/Embrace,_extend,_and_extinguish of which we can admire the comtemporary version with Github. Initially Github was acquired and no changed, nowadays a lot of basic functionalities, e.g. search within a repository are locked behind a login, there are more and more advertisements for Microsoft other products, e.g. CoPilot. That last product itself is questioning the foundation of free software and open source with its license washing process making unclear who did what, breaking provenance, etc.

The same happened with Google acquiring Android but not locking it down more and more.

The list could grow longer and longer, overall the point is to showcase a pattern : nothing is just “let” alone to grow on its own. It’s gradually captured and enshittified until there is nothing left but the name of a project because corporations exist only to extract more money. There is no moral, only an imperative for profit or their death.

So… unfortunately we WILL have to keep on both building AND protecting what’s been built so far with newer and more powerful threats. Microsoft, Google, and all large corporations who advertise themselves as allies of free software and open source MUST be judge on what they actually do, not on what they claim.

We have to push back and we will always have to. This year and the next.

I don’t think so. I think it takes 1 kid in the playground to find out about https://distrosea.com/ without understand what a container or VM even is, only discovering that somehow it works, to make us of it.

Then the school admin will block it once there is a peak of traffic through the website, kids will discover proxies, someone will realize there is a business for it, make a free version with ads, etc. It’s going to be an arm race and the most dedicated kids, not necessarily the smartest or wisest, will figure it out. Eventually they’ll get the concepts behind the tools they mindlessly use until then, eventually find much better tools allowing them to bypass a lot more restrictions.

I don’t see how a browser will be able to prevent this kind of usage. They might pass age related information to each page requesting it but it takes a single page to provide the capability without using the information to be enough. If a kid has a computer at home they can setup such a service themselves.

You read my mind. So straightforward.

I suggest to replace RTFM by WHYTSF : What Have You Tried So Far.

The goal isn’t to blame or guilt trip anyone, rather it’s to genuinely help and for that others need to know… WHYTSF?!

Most distributions include Wine AFAICT yet I’d argue you shouldn’t use Wine because typically it means using proprietary software.

If you are using Wine for games then it’s also reconsider that there are plenty of open source game you can still pay for to support their author.

If you still want to play proprietary Windows games without native support then I would recommend to use a wrapper, e.g. Bottles (because of Proton, not because of the GUI) or even Steam (since you want to play proprietary Windows games anyway) as they’ll remove a layer of tinkering to find the right version, path, etc (basically prefix management).

… but yeah, even though Wine is amazing I would argue every time one uses it, if they are using Linux because they want more agency, they probably should reconsider and search for a free software alternative instead. It will be awkward at first, other UI, other UX, new community, but it’s an investment in the future.

I haven’t tested this myself but I assume one could benchmark both and see if there is noticeable performance loss.

FWIW the SteamDeck running official SteamOS does have a full desktop environment, it’s just hidden by starting Steam in Big Picture mode.

So… you could benchmark the “gain” but I doubt it’s significant, if any.

Also if you do like to play with hardware for gaming across networks checking Selkies or Moonlight to stream from your machine to your machine, no intermediary, little latency or overhead.

A “normal” download is sending a file from 1 computer (e.g. server) to 1 other computer (e.g. client).

An example of that would be an HTTP server like the one we are both using now, e.g. you (client) visit lemmy.ml (server) and it sends you back the index.html page your browser requests. That is a great solution when you have a page that must dynamically be updated and broadcast back the new information to plenty of clients.

BitTorrent is a protocol like HTTP but instead of having 1 computer sending to many other computers, ALL computers send the part they have, ALL computers request the part they are still missing. That’s a different solution for a different problem, namely when a file is large enough and stable enough (does not change) that all the overhead is worthwhile.

So seeding implies having enough upstream bandwidth in order to help others who are still have missing parts. Note that most BitTorrent clients already have useful seeding defaults. Typically they’ll let you seed (namely share file parts) even after you have downloaded everything up to a positive ration, e.g. 2/1 meaning that you will keep on sharing until you have uploaded about twice more than you downloaded.

Hope that helps!

This makes me genuinely curious, who thought that would be a good idea?

It feels like a lot of “contribution” to open source suddenly is fueled by AI hype. Is it a LinkedIn/TikTok “trick” that is being amplified that somehow one will get a very well paid job at a BigTech company if they somehow have a lot of contributions on popular projects?

Where does that this trend actually come from?

Did anybody doing so ever bother checking contribution guidelines to see which tasks should actually be prioritized and if so with which tools?

This seems like a recurring pattern so it’s not a random idea someone had.

Thanks for the clarification. Unfortunately I’m no expert in the matter. I bet that some mods are compatible, I bet some aren’t. I bet some open source client/server pairing implementation might give more freedom but aren’t necessarily as popular. I have no idea how that impact culture or the size of projects. I imagine that the community of each project, e.g. Minetest, would know better if the limit itself is technical, e.g. mod compat, or not, e.g. network effect and thus a lot of people “sticking” to the “original” proprietary implementation not because it’s better but solely because their in-game friends are there.

I like risky sports (relative for some people it might be boring) but when I have to work or even play I want stuff that just works. I can’t imagine using a laptop and wondering every day if this is the last update to my OS I might get.

Sure Apple laptops might be great hardware, you might love the design, etc but just the fact that this question exists make it impossible to consider such hardware.

TL;DR: I don’t know and I don’t want to care. Please support OEMs who are not making money by selling locked hardware.

Yes I’m serious and I’m not a troll. I don’t know what in my questions or suggestions make it sound like that but feel free to dig deeper.

Anyway, AFAIK Minecraft has an official client which connect to official servers.

It’s possible to replace clients, as listed earlier, but they might still rely on official servers with their accounts as you pointed out. There are though, AFAICT, compatible servers too, e.g. https://glowstone.net/ so one could connect an unofficial client to an unofficial server and thus have a similar experience with no reliance on anything related to Microsoft, no?

No worries, if you want you can “test” that via a virtual machine, even a container e.g. https://docs.linuxserver.io/images/docker-webtop/ and see what you would genuinely miss.

It feels like our computer is very unique, very customized, but often it’s done in very few key places, e.g. browser profile data, ~/.bashrc , etc and once you locate those, transitioning to any other system is way easier.

the sheer amount of content that was added over the years, and the enormous amount of mods, and the entire community, aren’t remotely comparable

Are they compatible though? Like can I load content, connect to open source servers, uses mods on any client? Please don’t presume I know anything about the topic, I’m genuinely trying to understand exactly why alternatives are not good enough.

How about any open source alternative e.g. https://www.luanti.org/ or Minetest or Terasology or Voxel.js or…?