- Dev Notes
- Posts
- The GitHub Black Market
The GitHub Black Market
Good Morning! Today we’'ll talk about the rise of a black market for fake GitHub stars, a new tool called Nightshade that helps artists protect their rights from AI art generators, and the resilience of Java despite recent licensing changes and ongoing security concerns. The GitHub stars black market highlights the proliferation of fake engagement tactics, while Nightshade aims to shift power back to content creators. Meanwhile, Java faces challenges but remains entrenched in software development.
The GitHub Stars Black Market: A New Frontier in Fake Engagement
GitHub has recently seen the emergence of a black market in fake engagement. This underground ecosystem of online stores and chat groups openly sells GitHub stars, which users award to signal interest in a project and can be tallied to rank the most popular ones.
For as little as $6 paid in ether, the crypto token of the Ethereum blockchain, one can buy 50 stars for a GitHub project. These fake endorsements, which appear within hours, are part of a wider black market in online engagement metrics used by coders, investors, and others in tech to highlight promising programmers and startups.
The Impact of Fake Stars: Fraser Marlow, head of growth for data orchestration startup Dagster, discovered the market when he noticed investors using stars on GitHub as an indicator of traction for open source projects. His team purchased stars from online stores and developed a model to detect fake stars in GitHub repositories. The findings were startling, with certain projects having a high percentage of fake stars.
The Investor's Perspective: Kevin Zhang, a former venture investor now building his own startup, says GitHub stars have become a target for entrepreneurs looking to impress. However, he and other investors agree that while gaming a metric like stars may help a startup get the first meeting with a VC, it's unlikely to get them a second time. Investors' perspective on GitHub metrics has changed in recent years as a result of gamification and a growing understanding of the open source market.
The Sellers of Fake Stars: Among the sellers of fake GitHub stars are Baddhi Shop and GitHub24. Baddhi Shop, a specialist in low-cost faking of pretty much any online publicly influenceable metric, will sell you 1,000 fake GitHub stars for as little as $64. GitHub24, a service from Möller und Ringauf GbR, is much more pricey at €0.85 per star.
Read More Here
Nightshade: A New Tool to Protect Artists' Rights in the AI Era
Image: Arstechnica
In an amazing development, researchers from the University of Chicago have introduced a novel tool named "Nightshade" that aims to protect artists' rights in the era of AI art generation. This tool is designed to disrupt the training process of AI models by subtly altering images in ways that are invisible to the human eye but can significantly impact an AI model's learning process.
The Power of Nightshade: Nightshade operates by making minute changes to the pixels in a digital artwork, effectively "poisoning" it and rendering the image useless for the purposes of training AI. For instance, an artist may paint a picture of a cat that can clearly be identified as a feline by any human or AI that examines it. However, upon applying Nightshade, humans will still see the same image while AI will incorrectly believe it's a dog.
This tool is particularly potent when used en masse. While a single poisoned image is unlikely to significantly impact an AI image generator's algorithm, the training data would need to be tainted by thousands of altered images before a real impact is seen. Given that AI image generators are known to indiscriminately scoop up thousands of new samples from the internet to refine their algorithm, if enough artists upload their images with Nightshade applied, it could eventually make such AI tools unusable.
Balancing the Power Dynamics: The primary goal of Nightshade is to balance the power dynamics between model trainers and content creators. As it stands, model trainers have the majority of the power, often using datasets of images scraped from the web without artist permission, which includes copyrighted material. The Nightshade team hopes their technology can force AI training companies to license image data sets, respect crawler restrictions, and conform to opt-out requests.
Read More Here
State of Java: Resilience Amid Licensing Changes and Security Concerns
In the world of software development, Java continues to be a resilient player, despite recent licensing changes and ongoing security concerns. This article will delve into these issues, providing a comprehensive understanding of the evolving landscape.
Oracle's Java Licensing Changes: Oracle, the company behind Java, introduced significant changes to its licensing model in 2023. The most notable change was the introduction of the Java SE Universal Subscription, licensed per employee, marking a significant shift in Oracle's license model for Java SE. This new pricing model is based on the number of employees, with different price tiers for different ranges of employee numbers. However, it's important to note that these changes only affect the license metric and not the terms of usage. Existing licensing agreements such as Java BCL, Java OTN, and Java NFTC remain valid despite these changes.
These changes have left many companies in a state of confusion, especially those with heavy usage of Java. While some see the new licensing as a simplification of the process, others, particularly those with lighter Java usage, are actively looking for ways to abandon Oracle Java and use alternative solutions.
Java's Security Concerns: Java has been a high-security risk for many years, with a multitude of critical vulnerabilities discovered since 2011. These vulnerabilities have led to numerous zero-day attacks affecting millions of systems, with most exploits requiring little or no user interaction.
Read More Here
UK's Online Safety Bill Becomes Law, Focusing on Internet Safety and Content Regulation
The UK's Online Safety Bill has become law, aiming to make the UK "the safest place in the world to be online." The legislation imposes legal duties on social media platforms to protect users from harmful content and focuses on protecting children from online harm. It also requires tech firms to remove illegal content, such as child sexual abuse and extreme sexual violence. However, the bill has faced controversy, with critics arguing that it undermines end-to-end encryption and raises privacy concerns.
Key Points
The Online Safety Act focuses on protecting children and empowering adults with more choices over what they see online.
Tech firms are required to remove illegal content and introduce new rules, such as age checks for pornography sites.
Critics argue that the bill undermines end-to-end encryption and raises privacy concerns.
Read More Here
Youtube Spotlight
Dev Startup Day 4 - A Day in the Dev Life w/ Next.js & Supabase
In this video, Forrest discusses his progress in developing a startup using Next.js and Supabase. He mentions the challenges of multitasking and starting his coding day late and talks about adjusting database tables and generating dummy data for the project. He also encounters an issue with accessing posts due to an access policy restriction.
Was this forwarded to you? Sign Up Here
Reply