Not quite. You need to include the MIT license text when distributing the software*, but the software you build doesn't need to also be MIT.
*: which unfortunately most users of MIT libraries do not follow as I often have an extremely difficult time finding the OSS licenses in their software distributions
From my experience working on B2B applications, I am happy that everything is generally spammed to the logs because there would simply be no other reasonable way to diagnose many problems.
It is very, very common that the code that you have written isn't even the code that executes. It gets modified by enterprise anti virus or "endpoint security". All too often do I see "File.Open" calls return true that the caller has access, but actually what's happened is AV has intercepted the call, blocked it improperly, and returns 0 bytes file that exists (even though there is actually a larger file there) instead of saying the file cannot open.
I will never, in a million years, be granted access to attach a debugger to such a client computer. In fact, they will not even initially disclose that they are using anti virus. They will just say the machine is set up per company policy and that your software doesn't work, fix it. The assumption is always that your software is to blame and they give you nearly nothing, except for the logs.
The only way I ever get this solved in a reasonable amount of time is by looking at verbose logs, determining that the scenario they have described is impossible, explaining which series of log messages is not able to occur, yet occurred on their system, and ask them to investigate further. Usually this ends up being closed with a resolution like "Checked SuperProtectPro360 logs and found it was writing infernal error logs at the same time as using the software. Adjusted the monitoring settings and problem is now resolved."
Agreed. A situation similar to this happened to me with Steam over a payment issue with their service. They banned me even though I had thousands of dollars of games and an account since Sept 2003. I had to go to my bank and escalate multiple times to get letters providing the info steam wanted about my account and credit card to prove it was legitimate. Eventually after contacting them enough times they said they would do a "one time good faith" gesture by unbanning me but warned if it ever happens again they cannot help and that my account will be flagged with this. In the end I didn't do anything wrong and the bank didn't do anything wrong, it was all on steam. It was over $10 by the way.
They've made it clear that you don't own your cloud library, so the only reasonable answer is to never pay for something with DRM you cannot remove (including things that require an online account for functionality you consider important), and treat services like Steam as a temporary convenience to download known good files that you then fix to remove any DRM. If you only treat these services as a download tool, their ban loses all teeth.
> never pay for something with DRM you cannot remove
I take this to mean to sail the seas but I have apprehension over running modified binaries from random people. Is there anything that can be done to alleviate this worry?
That only goes so far though. A lot of games need internet access, so essentially you are running potentially modified binaries running on your hardware/network, that gets access to the outside. Sure, blast radius becomes somewhat limited, but you still have a potential problem.
The only games that need a network connection are online games. With those you can use a application firewall (which you should anyways) like opensnitch to only allow connections to sites that make sense and block anything else e.g. internal connection.
Unless you get your cracks from google.com it will be fine.
It's not a great solution, but you can vote with your wallet and simply not partake in that form of entertainment. I can't say it's fun to be not up on current games, or to find indie/non-drm games to play. But piracy is just an end-around a terribly policy of non-ownership that manages to both not remunerate the folks who do the work and make no impact on the actual problem which is that we don't like the non-ownership clause in modern games.
So yeah, TLDR, vote with your wallet and give up the entertainment this time.
You could buy from a provider that advertises non-use of DRM like GOG, or on Steam, it lists third party DRM, so you can know whether you have the tools to remove it (and whether you have the tools to remove Steam's DRM, or whether the game appears on a web list of games that don't use any DRM). You could also refund it if you can't verify you're able to successfully back it up and run the backup on a computer or user session without Steam installed. For multiplayer, if it's possible, you can find people discussing it on the web (maybe in pirate communities). Otherwise, just don't buy it.
Some recent stats indicated most gamers buy at most two games per year, so it's not a ton of work to ensure they have a working archive.
Both GOG and Steam allow you to use local copies of games, and both would deny you access to your account to download more games once banned. Steam allows you to install games without DRM from their platform.
Unless they've changed recently, I thought GOG's platform itself does not have DRM? Steam does provide DRM and doesn't tell you if a game uses it, though as far as I know there are generic tools to bypass it.
GOG also specifically advertises games that don't have DRM, e.g. [0]. Steam versions of the same game (e.g. Skyrim) often require Steam to be running and enforce mandatory updates that aren't always desirable with no rollback ability.
> Steam versions of the same game (e.g. Skyrim) often require Steam to be running and enforce mandatory updates that aren't always desirable with no rollback ability.
Yeah, but that's a developer choice. Steam doesn't force anyone to use their API for things like that. If that's a concern for someone as a gamer, they should probably support the companies that don't do it no matter the platform, not blame Steam for it.
The original question was "how do you know these things before you buy the game?" My answer was "You could buy from a provider that advertises non-use of DRM like GOG." Whether it's a developer choice is irrelevant. GOG tells you the information you need for your purchasing decision, so if you want to know what you're buying, buy from somewhere like GOG. Also, don't assume that because it's DRM-free on GOG, it is also DRM-free elsewhere like Steam.
Buying a DRM-free copy on GOG seems like a perfectly reasonable thing to do even if a company has DRM on Steam; it provides an economic signal that there's some segment of customers that requires no DRM as a condition of sale. Since marginal cost of digital "goods" is ~0 and it's likely trivial to disable DRM in your build, it would be dumb not to cater to them and take your free money.
> it provides an economic signal that there's some segment of customers that requires no DRM as a condition of sale
Do you just assume that's the reason someone uses GOG vs Steam? People could be using GOG for other reasons, and the lack of DRM is just bonus. So how does that signal really get interpreted correctly?
Steam is its own DRM on top of whatever else a developer chooses to do. I found this out one year when I spent months without internet access. At a certain point steam would refuse to run any of the locally installed single player games I had paid for through their platform until my computer phoned home to their servers. I'd already configured everything for working offline and they did successfully for a long time until one day they just wouldn't anymore.
If you don't want lose access to every game you fully paid for on Steam you'd better pirate a copy of everything you bought because on a whim they can take it all from you at any time.
There are some games on GOG that still include DRM. The one I can remember offhand is Cult of the Lamb where the game would only run until a certain milestone at which the copy protection determined the GOG version was pirated and would gate the player from advancing. There were forum posts from the developer confirming this was intended.
I'm honestly pretty disappointed that GOG is still selling the game. If they are going to sell it at all they should have massive warnings all over the page that the game is broken.
https://www.gog.com/en/game/cult_of_the_lamb
When banned on steam, I believe you are still about to download and play your (offline) games.
My understanding is that your account is effectively made read-only (blocked from purchasing, community, etc) and not removed entirely. Steam's help article on restricted accounts[1] seems to agree with this, given the text description of account suspension implying that it's temporary or for legal reasons (because the account has been used for illegal activity, or to prevent the account's use until it can be restored to its owner in cases where a lock might not suffice)
Admittedly, I have no personal experience with this, nor do I even know anyone who does, but I've never heard of anyone complaining about being unable to play their existing library when banned; complaints about steam tend to be about accounts being stolen and VAC/community bans, with the occasional complaint from someone I know that lost access to an account when they lost their email address and forgot the password (this was before steam had account limitations and steamguard, and they had never bought anything).
Another issue is, how do you get your games when you're banned? Most people don't have all their games installed at any given time.
With GOG, there is at least an unofficial, supported way to get an offline installer for each of your games. With Steam, there's no officially supported way to do this, so it's likely to be a bigger PITA to archive all your games ahead of time.
In reality, though, almost nobody is thinking ahead so that they have all their games archived, and, given the size of games and collections, it's a difficult thing to do on the cheap.
How is something unofficial yet supported? Is there just no "download installer" button on the site, but can be done as long as you know how to obtain the URL?
For purposes of backup I don't see that large of a difference between a single installer executable and a zipped folder that you'd get after installing a non DRMed game from Steam.
GOG has allowed third party backup software like https://github.com/Sude-/lgogdownloader to exist. I have a full offline mirror of my GOG library that I update monthly that will never happen with my Steam library.
The non-DRMed steam game will stop working after a while if you haven't logged into steam after a very long time. If steam ever went under, your locally installed single player games that work offline will stop working. Ask me how I know.
I've taken to getting a cracked copy of every steam game in my library so that steam can't screw me over again in the future.
Steam's lawyers would say that one should know by reading the terms of service for the storefront and the purchase. But in the real world, how often does that happen?
This is 90% of the reason I don't bother buying modern computer games. For me, I assume games require phoning home and use some kind of DRM unless it is otherwise advertised.
Sadly, the real issue here is with the banks and the payment processors. It's very likely that they have metrics for larger marketplaces about being below a threshold for fraud. Online game stores like steam live, breathe and die by payment processing.
This was the reason why free trade was removed from RuneScape back in the day and it wasn't even a Jagex issue. People would go to 3rd party gold selling websites and then pay for gold with stolen credit cards. They could easily keep the money because the trade cannot be reversed without a moderator and what they were doing was against the rules so everyone would just get banned. The payment processors saw a bunch of fraud related to a game called RuneScape and told Jagex if they dont fix this then they will be blacklisted.
> This was the reason why free trade was removed from RuneScape back in the day and it wasn't even a Jagex issue. People would go to 3rd party gold selling websites and then pay for gold with stolen credit cards. They could easily keep the money because the trade cannot be reversed without a moderator and what they were doing was against the rules so everyone would just get banned.
Gold farmers were paying for bot memberships using stolen credit cards, which Jagex had to refund along with a chargeback fee.
The blackmail scenario you’re describing wouldn’t make any sense since all of these gold farmers used mule accounts to launder their gold before making the trades. The changes to the trade system were intended to interfere with this laundering so that farming would no longer be profitable.
It wasn't a blackmail scenario specifically Jagex got punished either way because the fraud was enabled by their platform.
I don't have the time to check but I believe this was mentioned by the one of the Gower brothers in the runescape documentary.
My broader point is that even if they cracked down on fraud which was absolutely not the fault of Jagex because of the poor security options at the time from Credit Card companies, they still had the issue of people buying gold from RunescapeGoldSeller.com and chargebacks
> Sadly, the real issue here is with the banks and the payment processors
I disagree. The issue is these huge platforms can arbitrarily ban people and consumers have no recourse.
This sort of thing wasn't really possible before the internet age. We need new laws to deal with it.
Banks are nothing to do with this. You could have your Steam/Google/Apple/etc. account summarily executed for any reason; it doesn't have to be money-related.
> This sort of thing wasn't really possible before the internet age. We need new laws to deal with it.
Yes, it was and it always has been[1]
>I disagree. The issue is these huge platforms can arbitrarily ban people and consumers have no recourse
This is par for course with every single EULA ever. I will say in the case of Steam it's hard pressed to find your account completely disabled and unable to play the games you rightfully purchased. I think the worst-case scenario is that you will be banned from engaging with the steam online community which restricts your ability to play with other users on steam
Redlining is the example that I am giving to show this has long been the behavior of businesses and unless its racist it's not illegal. Also read your EULAs
Afaik if your account is banned Valve still lets you log in to Steam and access your existing library of purchased games. You just lose access to all the other platform features. Obviously that's their policy that they can change anytime... but in this case, it's not inconsistent to their "nice Linux guys" persona.
Buy from GoG instead. It's better. At least you can download the install files and don't need to install any 3rd party software to login to play them. I have 200+ games on Steam but I have ceased purchase on Steam.
There's also grey areas with Steam like when you buy a Steam key for a game outside of Steam through places like GreenManGaming and get your reviews discounted or otherwise flagged arbitrarily based on an opaque authenticity heuristic.
Yeah, you need a much smaller number for e.g. giving access to journalists/media pre-release. But the key mechanism is also used for any legitimate sales or giveaways that happen outside the Steam platform.
If you buy a Humble Bundle, you get a set of Steam keys for the games in the bundle. If Intel/AMD/Nvidia are doing a promotion for a free game with a purchase of their product, they give you Steam keys. Etc.
How keys are used explained in other answers already. Number of keys you can request would obviously depend on how successful is your hame on Steam. E.g I doubt Valve would generate 100,000 keys for a game with zero sales, but likely under 10,000 is possible.
Other than selling keys they can also be used for marketing. If you for instance have a game with multiplayer, lots of DLCs or IAP then giving away keys for base game make a lot of sense: even if only 1% of people who grab the key gonna play it they can still eventually buy other copy for a friend, etc.
- "First, calculate the orbital radius. To do this accurately, measure the average diameter of each planet, p, and the average distance from the center of the image to the outer edge of the planets, x, and calculate the orbital radius r = x - p"
- "Next, write a unit test script that we will run that reads the rendered page and confirms that each planet is on the orbital radius. If a planet is not, output the difference you must shift it by to make the test pass. Use this feedback until all planets are perfectly aligned."
This is my experience with using LLMs for complex tasks: If you're lucky they'll figure it out from a simple description, but to get most things done the way you expect requires a lot of explicit direction, test creation, iteration, and tokens.
One of the keys to being productive with LLMs is learning how to recognize when it's going to take much more effort to babysit the LLM into getting the right result as opposed to simply doing the work yourself.
Re: tokens, there is a point where you have to decide what's worth it to you. I'd been unimpressed with what I could get out of chat apps but when I wanted to do a rails app that would cost me thousands in developer time and some weeks between communication zoom meetings and iteration... I bit the bullet and kept topping up Claude API and spent about $500 on Opus over the course of a weekend, but the site is done and works great.
Hm, I didn't try exactly this, but I probably should!
Wrt unit test script, let's take Claude out of the equation, how would you design the unit test? I kept running into either Claude or some library not being capable of consistently identifying planet vs non planet which was hindering Claude's ability to make decisions based on fine detail or "pixel coordinates" if that makes sense.
Do you give Claude the screenshot as a file? If so I’d just ask it to write a tool to diff each asset to every possible location in the source image to find the most likely position of each asset. You don’t really need recognition if you can brute force the search. As a human this is roughly what I would do if you told me I needed to recreate something like that with pixel perfect precision.
Ok! will give it a shot. In a few iterations I gave him screenshots, i have given him the ability to take screenshots, and I gave him the Playwright MCP. I kind of gave up on the path you're suggesting (though I didn't get super far along) because I felt like I would run into this problem eventually of needing a model to figure out what a planet is, where the edge of the planet is, etc.
But if that could be done deterministically, I totally agree this is the way to go. I'll put some more time into it over the next couple weeks.
If I were to do this (and I might give it a try, this is quite an interesting case), I would try to run a detection model on the image, to find bounding boxes for the planets and their associated text. Even a small model running on CPU should be able to do this relatively quickly.
Congratulations, we finally created 'plain English' programming languages. It only took 1/10th of the worlds electricity and 40% of the semiconductor production.
Yes, this is a key step when working with an agent—if they're able to check their work, they can iterate pretty quickly. If you're in the loop, something is wrong.
I'm trying to understand why this comment got downvoted. My best guess is that "if you're in the loop, something is wrong" is interpreted as there should be no human involvement at all.
The loop here, imo, refers to the feedback loop. And it's true that ideally there should be no human involvement there. A tight feedback loop is as important for llms as it is for humans. The more automated you make it, the better.
Yes, maybe I goofed on the phrasing. If you're in the feedback loop, something is wrong. Obviously a human should be "in the loop" in the sense that they're aware of and reviewing what the agent is doing.
Maybe he means invisible whitespace characters that don't render? I haven't verified this but depending on the definition of whitespace it's possible you can pass a base64 string and insert an arbitrary number of them. When decoded per spec they do nothing so nobody notices them. But if you can pass the base64 string through you can receive or verify the hidden message. Lots of reasons you might want to hide data in plain sight.
This is what I'm most interested in. I have an application which has a smaller trimmed down client version but it shares a lot of code with the larger full version of itself. Part of that code is query logic and it's very dependent on multiple connections and even the simplest transactions on it will deadlock without multiple connections. Right now if one wants to use the Postgres option, it needs Postgres manually installed and connected to it which is a mess. It would be the dream to have a way to easily ship Postgres in a small to medium sized app in a enterprise-Windows-sysadmin-friendly way and be able to use the same Postgres queries.
I'm using teams at work and it's a laggy buggy mess, even with fairly beefy machines (eg. 64GB RAM, nvme ssd, workstation gpu). By this I mean when you click on a button or hover over something on the UI there is frequently more than 5 seconds for it to respond (eg. stuff like hovering over a button, it should show a hover state, but that won't appear unless you park the mouse over it for several seconds).
We have 5-6 different "endpoint protection" and security related pieces of software running on our machines at all times. We also have enterprise SSO via SAML2 which is constantly logging us out, saying we aren't logged in, re-prompting over and over to enrol the machine into some management policy which then hangs the program if you click yes, and makes you re-authenticate (eg redo login and MFA) if you click no.
It frequently just hangs when you click join on a call. Sometimes when you are talking it stops responding but other people can still hear and see you, which is annoying because if you un-mute or take over the screen in a large company meeting, but then get stuck with mic on or presenting, everyone can awkwardly keep watching you while you can't stop doing either of those for 45-60 seconds.
Many of these problems are probably just due to the machines being hampered by huge amounts of instrumentation/monitoring/interception, but teams is much worse than other electron apps. For example, Slack and vscode do not exhibit these problems on the same machine.
>You can't trust anything "will resolve in time period X"
As is, this statement just means you can't trust anything. You still need to choose a time period at some point.
My (pedantic) argument is that timestamps/dates/counters have a range based on the number of bits storage they consume and the tick resolution. These can be exceeded, and it's not reasonable for every piece of software in the chain to invent a new way to store time, or counters, etc.
I've seen a fair share of issues resulting from processes with uptime of over 1 year and some with uptime of 5 years. Of course the wisdom there is just "don't do that, you should restart for maintenance at some point anyway" which is true, but it still means we are living with a system that theoretically will break after a certain period of time, and we are sidestepping that by restarting the process for other purposes.
You can have liveness without a timeout. Think about it. Say you set a timeout of 1 minute in your application to transfer 500 mb over a 100mbps link. This normally takes 40s and this is that machines sole job, so it fails fast.
One day, an operator is updating some cabling and changes you over to a 10mbps link for a few hours. During this time, every single one of your transfers is going to fail even though if you were to inspect the socket, the socket is still making progress on the transfer.
This is why we put timeouts on the socket, not the application. The socket knows whether or not it is still alive but your application may not.
*: which unfortunately most users of MIT libraries do not follow as I often have an extremely difficult time finding the OSS licenses in their software distributions
reply