Poll: The Ethical Dilemma at the Heart of GitHub’s Copilot

On June 29th, GitHub announced Copilot, an AI-powered auto-complete for programmers, prompting a debate about the ethics of borrowed code.

GitHub is one of the biggest code repositories on the Internet. It hosts billions of lines of code, creating an unparalleled dataset with which to train a coding AI. And that is exactly what OpenAI, via GitHub, thanks to its owners Microsoft has done — training Copilot using public repositories.

The chances are you haven’t tried Copilot yet, because it’s still invite-only via a VSCode plugin. People who have, are reporting that it’s a stunning tool, with a few limitations; it transforms coders from writers to editors because when code is inserted for you, you still have to read it to make sure it’s what you intended.

Some developers have cried “foul” at what they see as over-reach by a corporation unafraid of copyright infringement when long-term profits are on offer. There have also been reports of Copilot spilling private data, such as API keys. If, however, as GitHub states, the tool has been trained on publicly available code, the real question is: which genius saved an API key to a public repository.

GitHub’s defense has been that it has only trained Copilot on public code and that training AI on public datasets is considered “fair use” in the industry because any other approach is prohibitively expensive. However, as reported by The Verge, there is a growing question of what constitutes “fair use”; the TLDR being that if an application is commercial, then any work product is potentially derivative.

If a judge rules that Copilot’s code is derivative, then any code created with the tool is, by definition, derivative. Thus, we could conceivably reach the point at which a humans.txt file is required to credit everyone who deserves kudos for a site or app. It seems far-fetched, but we’re talking about a world in which restaurants serve tepid coffee for fear of litigation.

There are plenty of idealists (a group to which I could easily be accused of belonging) that nurture a soft-spot for the open-source, community-driven web. And of course, it’s true to say that many who walk the halls (or at least log into the Slack) of Microsoft, OpenAI, and GitHub are of the same inclination, contributing generously to open-source projects, mentoring, blogging, and offering a leg-up to other coders.

When I first learnt to code HTML, step one, before <p>hello World!</p> was view > developer > view source. Most human developers have been actively encouraged to look at other people’s code to understand the best way to achieve something — after all, that’s how web standards emerged.

Some individuals are perhaps owed credit for their work. One example is Robert Penner, whose work on easing functions inspired a generation of Actionscript/JavaScript coders. Penner published his functions online for free, under the MIT license; he also wrote a book which taught me, among other things, that a while loop beats a for loop, a lesson I use every day — I’d like to think the royalties bought him a small Caribbean island (or at least a vacation on one).

There is an important distinction between posting code online and publishing code examples in a book, namely that the latter is expected to be protected. Where Copilot is on questionable ground is that the AI is not a searchable database of functions, it’s code derived from specific problems. On the surface, it appears that anything Copilot produces must be derivative.

I don’t have a public GitHub repository, so OpenAI learned nothing from me. But let’s say I did. Let’s say I had posted a JavaScript-powered animation from which Copilot garnered some of its understanding. Does Microsoft owe me a fraction of its profits? Do I in turn owe Penner a fraction of mine? Does Penner owe Adobe (who bought Macromedia)? Does Adobe owe Brendan Eich (the creator of JavaScript)? Does Eich owe James Gosling (creator of Java), if not for the syntax, then for the name? And while we’re at it, which OS was Gosling using back in the mid-90s to compile his code — I doubt it was named after a fruit.

If this seems farcical, it’s because it is. But it’s a real problem created by the fact that technology is moving faster than the law. Intellectual property rights defined before the advent of the home computer cannot possibly define an AI-driven future.


Featured image uses images via Max Chen and Michael Dziedzic.


The post Poll: The Ethical Dilemma at the Heart of GitHub’s Copilot first appeared on Webdesigner Depot.

Source de l’article sur Webdesignerdepot

CERTFR-2021-ALE-014 : Vulnérabilité dans Microsoft Windows (02 juillet 2021)

Cette alerte annule et remplace l’alerte CERT-FR CERTFR-2021-ALE-013.

Le 29 juin 2021, deux chercheurs ont présenté une façon d’exploiter une vulnérabilité affectant le spouleur d’impression (print spooler) et permettant une exécution de code à distance, entraînant une …
Source de l’article sur CERT-FR

CERTFR-2021-ALE-013 : [MaJ] Vulnérabilité dans Microsoft Windows (30 juin 2021)

[version mise à jour le 30 juin 2021 à 19h20 : ajout d’informations d’aide à la détection]

Le 8 juin 2021, Microsoft publiait des correctifs concernant des vulnérabilités critiques de type « jour zéro » (zero day). Une de ces vulnérabilités – la CVE-2021-1675 – …
Source de l’article sur CERT-FR

Poll: Are You Excited by Windows 11?

It’s only been a few days since Microsoft officially followed Apple past the $2 Trillion valuation mark, and having done so it appears to be mimicking more of its long-term rival’s approach with hardware cut-offs and a macOS-style GUI refresh.

Hardware Shock

The first surprise for fans of Windows is that there is a Windows 11; the push for Windows 10 adoption was widely expected to all but eliminate numbered versions; creating a landscape in which there were numerous, regular minor updates. The arrival of Windows 11 later in 2021 kills off that idea.

Once Windows users come to terms with the fact that their (for the most part) reluctant upgrade to Windows 10 was short-lived, they’re going to have to come to terms with the fact that their hardware is probably about to be bricked by Microsoft.

Okay, so “bricked” is an exaggeration. But if you’re one of the many Mac users who were tempted over to the other side by the lure of the very desirable — and very expensive — Surface Studio 2, you’ll be understandably put out to discover that it is deemed too out-of-date to be supported by Windows 11.

The only hardware that Microsoft will officially support are those machines with AMD Ryzen 2000 processors, or better; you’ll also need at least a 2nd generation EPYC chipset. For those who cannot afford, or cannot stomach, purchasing new hardware this year, there is some respite to be found in the fact that you may be able to run Windows 11, you just won’t be officially supported and you’ll have to put up with regular compatibility warnings. You can check your hardware’s compatibility here.

It’s an unexpected departure for Microsoft, whose USP has until now been that — unlike macOS — Windows is hardware-agnostic, and the box you run Windows on is a personal preference.

macOS Style GUI

If however, you’re one of the lucky few who can download Windows 11, you’ll be confronted with a very macOS-style GUI. The whole environment has had a subtle refresh, with rounding happening throughout the design, resulting in a visually smoother, more Mac-like user experience.

The most obvious change is that the start button has been relocated to the center of the screen, making the process of using it considerably closer to macOS’ dock.

Windows 11 also includes a redesigned set of icons, which thankfully retain much of Windows’ current aesthetic.

Tablet mode has been removed in favor of a fullscreen option which indicates that Microsoft expects a greater blurring of the lines between traditional desktop machines, and touchscreen devices in future.


The post Poll: Are You Excited by Windows 11? first appeared on Webdesigner Depot.

Source de l’article sur Webdesignerdepot

Soft UI: Making Sense of the Latest Design Trend

A new design trend has emerged in the last year: Soft UI or Neumorphism is everywhere. 

Even Apple is in on the trend; the company introduced a host of changes in both its mobile and desktop operating systems that use the style. The elements of Soft UI introduced by Apple reflect various aspects of the Microsoft Fluent UI design too. 

So, if soft UI is such a huge concept, what do we need to know about it? How does soft UI work, and what are the pros and cons of using it?

What is Soft UI (Neumorphism)?

Soft UI involves using highlights and shadows in design elements to make them look as though they’re layered on the page. 

The term neumorphism is derived from a previous design style — skeuomorphism, where designers create something as close to its real-life counterpart as possible. If you remember the shift between iOS 6 and 7, you’ll remember the switch between skeuomorphic and flat designs. However, neumorphic design isn’t quite as dramatic. 

Neumorphism doesn’t focus excessively on things like contrast or similarities between real and digital elements. Instead, this “soft UI” practice creates a smoother experience for users. 

With neumorphism, you get the sense that buttons and cards are actually part of the background they’re on. This trend removes the flashier aspects of a typical interface and focuses on a softer style that stays consistent throughout the design. 

The Common Features of Soft UI

Soft UI is all about smoothing out the experience by making everything feel more connected. There’s nothing overly harsh in the aesthetic, hence the term “soft.”

So, what kind of features can you expect?

Rounded Corners: Soft UI removes some of the sharper parts of the interface, like the corners on modules and segments. This allows for a more gentle appearance overall. In this experimentation from Iqonic Design, we can see how the round corners tie everything together.

Transparency and Background Blur: Background blur and transparency are more popular today since the infamous iOS 7 solution emerged. Most people hated the appearance of ultra-minimalism, combined with thin fonts. However, the background blur effect was more popular. The blur in soft UI shows that part of the window is connected to the rest of the OS. It seems like parts of the background in the app are pushing through to the surface. 

Unified Symbols: Everything needs to fit perfectly in a soft UI design. Anything that doesn’t look like it’s part of the same entity throws off the experience. In this design experiment by Surja Sen Das Raj, you can see how all the colors, shadows, and gradients tie together consistently. Because everything is more uniform, the experience flows perfectly for the end-user. 

Implementing Soft UI Elements in Your Design

So, what does neumorphism look like in your UI design process?

Ultimately, it’s all about subtle contrast and aligned colors. Every part of your interface needs to look like it’s part of the same form. Your element and background need to be the same color so that you can create a feeling of objects protruding from the background. 

With Soft UI, the keys to success are shadows and highlights. 

Let’s take a look at some key steps. 

Achieving the Soft Look

When you’re designing your interface, remember that sharp edges make the interface more serious and formal. Rounded corners are more playful and friendly. 

What also makes the design look lightweight and delicate is plenty of deep shadows and highlights. When you add shadows to elements, you create a visual hierarchy. The items that cast a larger, deeper shadow are the ones closest to you. That’s why only a few elements need to cast an intense shadow. Everything else should work in the background. 

Take a look at this design by Alexander Plyuto, for instance.

Creating Smooth and Delicate Gradients

Gradients are part of the shadow and highlighting process in Soft UI design. Ideally, you’ll need to choose colors from the same palette, just toned down or brightened, depending on your needs. The gradient needs to be barely visible, but just enough to make the elements stand out. 

For white gradients, like highlights, use a very delicate color somewhere between white and your background shade. For instance, consider this design from Marina Tericheva.

Consider the Little Details

Finally, remember that the neumorphism design principle is all about little details. 

Choosing a font that visually matches the background is an excellent choice. However, you can also choose something more contrasting, as this will help information stand out

Adding a little bit of the background into your fonts might be suitable too. For instance, if you have a green font and a grey background, add a little grey into the mix. 

Extra elements in your design, like allowing a button to shift into a more recessed state after being clicked, are a great way to make the soft UI more engaging. Everything your end-user interacts with needs to feel smooth and perfectly unified. 

The Problems with Soft UI Design

Just because a design process is trending – doesn’t mean it won’t have its issues. 

Neumorphism is a fun way to make apps, operating systems, and websites feel more friendly and informal. However, this softer approach has a weak spot too. 

When you’re dealing with a small margin of contrast and color where neumorphism works well, it’s hard to get the effect right every time. For instance, this all-yellow design for Dtail Studio may be overwhelming for some.

A slight deviation in saturation or a problem with your shadowing could render the entire effect of Neumorphism completely pointless. 

Another major issue is accessibility. The soft UI design looks great for people who have a full visual range. However, visually impaired users might not see the same benefits. Anyone without perfect vision may see crucial objects disappearing into the background.

Your users don’t necessarily need significant vision problems to struggle with neumorphism, either. The design is all about softness that causes elements to almost blend together. People with low-quality screens that don’t have as many pixels to work with won’t see these elements. 

Issues With Buttons and CTAs

Another major issue of neumorphism is that its subtlety can lead to problems with attracting clicks and conversions. Usability is the most important consideration of any UI design. 

Unfortunately, when you focus on subtle elements throughout your entire interface, usability sometimes takes a hit. 

Let’s consider buttons, for instance – they’re essential to any interface. To simplify the customer journey, these buttons need to be noticeable, and they need to shift into different states when your customers interact with them. 

For the button experience to be excellent, users need to notice the design instantly. However, the heart of neumorphism revolves around the idea that nothing stands out too much. 

This isn’t just an accessibility issue; it’s a problem for conversions too. 

Neumorphism is soft on the eyes, with minimal color contrast and few color pops. This means that CTA buttons don’t stand out as much as they should. Buttons almost blend into the background, and the website struggles to pull attention to the areas that demand it most. 

How to Experiment With Soft UI (Free Kits)

The key to unlocking the benefits of soft UI interfaces without getting lost in the negative points – is proper experimentation. Like any new design trends, professionals and artists will need to learn how to merge the elements of soft UI together in a way that doesn’t compromise usability. 

Trends in UI design can’t focus exclusively on aesthetics, as a customer’s comfort will always be an essential part of the process. 

If you want to start exploring, here are some of the best kits and freebies to get you started:

Closing Thoughts on Soft UI

The world of design and the trends that we use are constantly changing. Companies are always searching for the best ways to connect with their users. Often, this means focusing on an interface that really connects with your target audience and delivers the best possible results. 

The soft UI design trend has its benefits and its downsides. On the one hand, the smooth appearance of every element on a combined screen can deliver a delightful aesthetic. Buttons feel less imposing, and elements are friendlier and easier to interact with. 

On the other hand, neumorphism also makes it difficult to truly capture your audience’s attention in the places where it matters most. It suffers from accessibility issues and requires plenty of care and practice.


The post Soft UI: Making Sense of the Latest Design Trend first appeared on Webdesigner Depot.

Source de l’article sur Webdesignerdepot

Gitless Cloud Systems

In most companies the single largest cost is human resources. However, by leveraging Open Source intelligently, you can significantly reduce this cost, by literally having the entirety of GitHub’s user base, working for « free » for your company. This of course is a bit like what investors refers to as « China math », but GitHub has 65 million registered user accounts, most of whom we must assume are developers one way or another. If you intelligently structure your organisation around GitHub, there is literally nothing preventing you from using every single one of these developers as your own company’s resource, making you a million times more productive than mega corporations such as Amazon, Facebook, and Microsoft – For a millionth of the cost these mega corporations are paying. But first let’s illustrate the problem, such that the solution becomes clear …

The problem

In one of my previous jobs somebody had cloned an open source git repository, then added its code to our own private corporate cloud’s git repositories, for then to start modifying the thing (the horror!) 2 years later it took one of my developers 6 weeks to update the thing to use the latest version as created by its main developer on GitHub, trying to keep as many of our own customisations as possible in the process. Needless to say, but I was furious about the original decision, due to having responsibilities for code quality at this company.

Source de l’article sur DZONE

CERTFR-2021-ALE-012 : Multiples vulnérabilités dans Microsoft Windows (09 juin 2021)

A l’occasion de sa mise à jour mensuelle de juin 2021, Microsoft a publié des correctifs, entre autres, pour six vulnérabilités qui sont activement exploitées dans le cadre d’attaques ciblées.

Quatre de ces vulnérabilités (CVE-2021-31199, CVE-2021-31201, CVE-2021-31956 et …
Source de l’article sur CERT-FR

Open Source Solution for Building Invincible Apps


I left Microsoft after 19 years, where I led teams that built system software for highly scalable cloud applications. This included leading development of the Microsoft Orleans framework from its inception at Microsoft Research until it became one of the most successful open-source projects within the .NET ecosystem. Orleans powers a number of large-scale Microsoft systems such as Xbox Game Services, Skype, Azure IoT, Azure ML, Azure Active Directory, and many more cloud services outside Microsoft. So if you’ve ever played online multiplayer games like Halo or Call of Duty, our team built much of the underlying infrastructure that supports it.

When I originally joined Orleans, cloud computing was still in its infancy. We had a 10,000-foot vision and not a single line of actual code. We needed to reimagine how cloud-scale applications should be coded because, at the time, available and high-performance scalable systems were only achievable by experts. And while everyone knew the cloud was coming, we had no idea how to build applications in a way that ensured they would be accessible and productive for millions of software engineers.

Source de l’article sur DZONE

Monitoring Kubernetes cert-manager Certificates With BotKube

The monitoring and alerting stack is a crucial part of the SRE practices. That’s where BotKube helps you monitor your Kubernetes cluster and send notifications to your messaging platform or any other configured sink. In this blog post, we will be configuring BotKube to watch the Kubernetes cert-manager certificates CustomResources.

What is BotKube?

BotKube is a messaging tool for monitoring and debugging Kubernetes clusters. BotKube can be integrated with multiple messaging platforms like – Slack, Mattermost, or Microsoft Teams to help you monitor your Kubernetes cluster(s), debug critical deployments, and gives recommendations for standard practices by running checks on the Kubernetes resources.

Source de l’article sur DZONE

Latécoère embrasse la mobilité avec SAP Cloud Platform et Fiori

Avec l’aide de son partenaire STMS, Latécoère a créé et déployé une série d’applications visant à faciliter le travail des magasiniers et opérateurs susceptibles de se déplacer au sein des sites de production. Des outils s’appuyant sur SAP Cloud Platform.

Latécoère est un équipementier majeur du monde aéronautique. Le groupe toulousain compte plus de 100 années d’existence. Il a réalisé un chiffre d’affaires 2020 dépassant les 410 millions d’euros, avec une production répartie dans 13 pays et près de 4200 collaborateurs. Latécoère dispose de deux activités principales : aérostructures (AS : tronçons de fuselage, portes d’avion…) et systèmes d’interconnexion (IS : câblage, meubles électriques…).

La société a lancé en parallèle deux projets ayant trait à la mobilité. « Côté AS, nous voulions équiper les magasiniers d’outils mobiles leur permettant de limiter les allers et retours entre le magasin et les bureaux, ainsi que le recours à une double saisie papier/numérique. Côté IS, les besoins sont identiques, avec en plus une problématique de traçabilité. Nous souhaitions en effet pouvoir suivre chaque lot, à chaque étape », explique Karim hajjaji, IT Manager, Support Process & Execution . Dans les deux cas, l’objectif est de faciliter la vie des opérateurs, tout en renforçant la qualité des données et la traçabilité.

SAP est déjà utilisé au sein de l’entreprise et semblait être le choix naturel pour ces projets. « Nous ne voulions pas rajouter de couche applicative supplémentaire à notre SI. Rapidement nous avons perçu le potentiel de SAP Cloud Platform pour enrichir notre SI de solutions mobiles dédiées. Nous y avons vu aussi une technologie qui pourrait nous propulser vers l’avenir et non nous retenir dans le passé. Notre partenaire STMS, avec lequel nous travaillons en confiance depuis de nombreuses années, a fini de nous convaincre d’aller vers SAP Cloud Platform. »

Une constellation de projets menés en mode express

STMS a choisi de travailler sous forme de sprints, avec des applications déployées fonctionnalité par fonctionnalité. Sur la partie AS, quatre sprints ont été lancés en juin, septembre, octobre et décembre 2019, avec une mise en production des outils entre un et deux mois plus tard. Le déploiement s’est effectué sur des tablettes Microsoft Surface Go. Les applications couvrent la plupart des transactions effectuées par un magasinier : réception des marchandises, prise de décision d’usage, inventaire et transferts de stocks internes, picking pour expédition.

Trois sprints ont été menés sur la partie IS, séparés en deux phases : une première comprenant un sprint mené entre avril et juillet 2019 et une seconde avec deux sprints organisés entre septembre 2020 et janvier 2021. Du matériel plus spécifique (des lecteurs Zebra) a ici été employé. Les tâches prises en charge par les applications vont de la réception des articles à la gestion des bacs en passant par l’inventaire des pièces.

L’un des défis qu’a dû relever STMS était de travailler avec des équipes réparties dans le monde entier. Un key user était en effet choisi sur chaque site, avec un leader situé en République tchèque. Quant au chef de projet, c’est au Brésil qu’il a été choisi. « C’était une volonté de notre part d’aller chercher des key users partout dans le monde, afin de ne rien rater concernant les besoins attendus pour ces solutions mobiles », explique Sébastien Ducruezet (IT Departement – Support Process & Execution – Purchase, Supply Chain & Quality). Les consultants de STMS ont utilisé des outils collaboratifs pour communiquer avec les équipes de Latécoère, tout en maquettant les applications avec SAP Build, au fur et à mesure de l’expression de besoins. Une fois une maquette validée, le projet correspondant partait en développement, test puis déploiement.

Un déploiement en cours… et déjà d’autres projets

Côté AS, toutes les applications sont aujourd’hui en production, sur l’ensemble des sites. Pour la branche IS, les travaux ne sont pas terminés : les applications sont déployées sur les sites français, mais à l’étranger il faudra attendre la fin des restrictions de déplacement liées à la crise du Coronavirus pour que les formations puissent s’organiser. Des travaux ont été initiés sur la branche IS afin de mesurer les gains apportés par ces solutions mobiles. Latécoère s’attend à des bénéfices en termes d’efficacité et de qualité des données.

L’approche SAP Cloud Platform, testée avec succès sur ces applications mobiles, a d’ores et déjà trouvé un écho sur les chaînes de production. Ainsi, lorsqu’il a fallu mettre en place dans les ateliers des interfaces permettant aux opérateurs de saisir la liste de composants prélevés, c’est  SAP Cloud Platform et une interface de type Fiori qui ont été mises en œuvre.

Et Latécoère entend bien ne pas s’arrêter en si bon chemin. Au travers de ces applications de nouvelle génération, l’entreprise prépare ses collaborateurs au passage à l’ERP SAP S/4HANA, qui propose lui aussi une interface utilisateur modernisée. SAP Cloud Platform devrait par ailleurs être stratégique pour faciliter cette migration. « Nous envisageons de développer nos spécifiques sur SAP Cloud Platfom et non plus directement dans l’ERP, poursuit Karim hajjaji, IT Manager, Support Process & Execution. C’est un changement de paradigme pour nous, mais aussi un moyen de simplifier notre future migration vers SAP S/4HANA. Chaque spécifique déplacé sur SAP Cloud Platform sera un obstacle de moins à notre migration. »

The post Latécoère embrasse la mobilité avec SAP Cloud Platform et Fiori appeared first on SAP France News.

Source de l’article sur