I’d be very skeptical of claims that Debian maintainers actually audit the code of each piece of software they package. Perhaps they make some brief reviews, but actually scrutinizing every line for hidden backdoors is just not feasible.

I don’t think any kind of “poisoning” actually works. It’s well known by now that data quality is more important than data quantity, so nobody just feeds training data in indiscriminately. At best it would hamper some FOSS AI researchers that don’t have the resources to curate a dataset.

What makes these consumer-oriented models different is that that rather than being trained on raw data, they are trained on synthetic data from pre-existing models. That’s what the “Qwen” or “Llama” parts mean in the name. The 7B model is trained on synthetic data produced by Qwen, so it is effectively a compressed version of Qen. However, neither Qwen nor Llama can “reason,” they do not have an internal monologue.

You got that backwards. They’re other models - qwen or llama - fine-tuned on synthetic data generated by Deepseek-R1. Specifically, reasoning data, so that they can learn some of its reasoning ability.

But the base model - and so the base capability there - is that of the corresponding qwen or llama model. Calling them “Deepseek-R1-something” doesn’t change what they fundamentally are, it’s just marketing.

There are already other providers like Deepinfra offering DeepSeek. So while the the average person (like me) couldn’t run it themselves, they do have alternative options.

A server grade CPU with a lot of RAM and memory bandwidth would work reasonable well, and cost “only” ~$10k rather than 100k+…

To be fair, most people can’t actually self-host Deepseek, but there already are other providers offering API access to it.

Wary reader, learn from my cautionary tale

I’m not sure what to learn exactly. I don’t get what went wrong or why, just that the files hit deleted somehow…

upcoming EU AI Act that regulates open source systems differently, creating an urgent need for practical openness assessment

So when they say “openness” they do put it in the context of open source rather accessibility.

Because FOSS shouldn’t add burdens. You publish your work and let everyone else use it. That shouldn’t add extra obligations on you. Usually, you’d also write some docs - after all, without them nobody will know how to use your program, so why bother publishing - but it shouldn’t be an obligation. Make it easy for people to open up their code without this attaching strings.

Documentation is nice, but it’s kind of different thing that open source: a program can be open and undocumented, or closed but well documented - and I don’t see why we’d want it different for models.

A bunch of these columns are outright absurd TBH, to the extend I’m not sure the author really knows what FOSS is about. What’s open API access even supposed to be - API access is closed by definition.

Also there has never been a requirement that open source software needs to be documented - and for good reason - so I’m not a fan of the documentation column as well.

I like the idea, but I really hate that they’ve hardcoded the provider.

That said, you can use a third party service only for sending, but receive mail on your self-hosted server.

What do you mean thousands at a very gradual rate? I don’t think I’ve sent 1000 emails offer the last year. And even if some people send more, I can’t imagine it would be at a pace where that becomes a problem (at least if it’s for personal use)…

If you have a VPS with dedicated IP they you (and only you) have used for a while, would it still be blacklisted?

Huh. I guess that’s what happens when Google actually prefer that you download the add-y version, because they also make money from the ads.

You can technically can your proprietary software “free” too. But that’s not what the term means. And nether does “open source”.

That’s not the accepted usage of the term, though. Rather, open source = free software.

And while I do like the term free software better, I don’t think trying to start war on which term to use would help anything.

The reasoning given by GrayJay was that they don’t want a bunch of malware / ad filled clones running around, and I think that’s reasonable justification?

It’s not.

1. That just hasn’t been a problem for open source projects. I’ve been using almost only open source since like 2007, and I’ve never seen or heard about an ad-filled clone of some of them. Even if they are a thing, they’ve never reached me as a user.
2. If someone did want to distribute malware clones, they won’t be stopped by a license restriction.

I didn’t come across any restrictions imposed on an end user to modify the app for their own needs or redistribution

It’s by default that you can’t redistribute modified versions. You need explicit permission to do so. Furthermore, that license is revocable. So let’s say you invest a lot of time into making modifications - at any point, they can revoke the license, and you suddenly find yourself forbidden from distributing your modified version, too/

If/when Grayjay is transitioned to FOSS, I imagine it’ll be difficult for the community to maintain it due to the complexity…

That’s not really relevant. There’s no requirement in open source on how the projects are to be maintained.

the last thing someone like that would want on a personal project is loads of strangers contributing, bad actors ripping it off trying to make a quick buck, or even worse redistributing it with malware.

It’s up to him whether he accepts strangers contributing. That has nothing to do with whether it’s open source. If he didn’t want contributions, he could disallow any pull requests on an open source software - or conversely, if there are people willing to contribute to a non-open-source project, there’s theoretically nothing stopping that. Redistributing it with malware is not really a problem open-source projects have, and malware writers wouldn’t care for the license anyway.

The only thing is would be the somewhat relevant would be making a quick buck part, but that’s only been a problem for people using MIT/BSD license.

Finally, I’ll never understand why people would want to name software after dental string…