If a community isn't prepared, willing or able to maintain a well, is building a well in that community a good example of philanthropy? or is it an example of a lazy one-size fits all solution that reflects poorly on the donor, not the community? The donor is responsible for their choice of donation.
It is a complicated problem. A single village may consist of multiple groups who don't get along with each other. Also, there are people who benefit from the status quo in many ways.
Secondly, there is this issue of trust. There are villages where the people simply do not trust each other AT ALL. I have seen villages where each person thinks they ought to steal first before their neighbours do.
What responsibility does the donor have to evaluate the trust issues?
If someone is willing to donate a new facility, but the local people would prefer the "nuts and bolts" which make up the facility, why should they respect the donor's wishes over their own needs?
The nuts and bolts won't be evenly distributed and cause discord among the people. The new facility may too if not everyone benefits from it. And that is probably the reason why some people prefer the nuts and bolts. That is the risk of every charity and it is the responsibility of the donors to evaluate that risk. If the donor's wishes don't align with the peoples needs then the donor is doing something wrong.
Learning about this, and figuring out how to make a positive impact without upsetting some people is what I am trying to do here. I have had people tell me that the mere visit of a foreigner to one family caused envy among the neighbors because they assumed that this family was getting money from that visitor, and then they made up stories about that family and tried to discredit them with their landlord.
My point is that EVEN IF the donor gives funds towards a project which is immediately looted by those receiving the donation, it is not the donor's fault. The blame for this would still lie squarely on the shoulders of the locals who looted the project to their own detriment.
One of the issues with the thinking around community projects is the propensity to consider beneficiaries of donations as though they can't possibly do anything wrong - so the thinking goes that if a project fails the blame should never be placed on the beneficiaries - it can be placed on donors, the intermediate agencies, monitoring agencies.. EVERYONE apart from the beneficiary.
I am not supportive of such an approach.
I think it is far more helpful in the long run to make it very clear to the folks in these areas that if the donations made to them are misused that it will impact all donations in the future - that it is contingent upon them to ensure that the donations are well used, that the equipment is protected etc.. and that there are real consequences to not doing that.
That is, treat them as adults - not as infants. Make them accountable. Stop pussyfooting around talking about tough issues. Have people explain why something was allowed to be looted etc.
How much effort does one need to put into evaluating a community compared to building a well? It could be that a 60% failure rate is more efficient than a 0% failure rate with costly evaluations.
(I'm not familiar with Mr. Beast. I will say that the 2 videos I've seen bordered on psychopathy. But I think the general principle of my statement is still worth exploring.)
This is just an anectote, but I have had the opportunity to visit a village where such a well has been built by a charity. The charity was specifically invited to build the well there because months prior a child had drowned in the waterhole that they used before. I suspect if the villagers would have been able to pool enough resources they would have paid for it by themselves. The things needed to build the well are readily available (I passed a shop in a bigger city in the same country recently that sold them) and it's just a matter of finding some skilled people to do the work.
Many of the philanthropy videos are either manipulated or outright frauds. If you state your aim is to earn a million dollars to spend a million dollars on philanthropy and then after earning the million dollars you spend half a million dollars on philanthropy, the half a million spend is not a great philanthropic gift, it does not justify misappropriating the other half. Philanthropy as a shield is a strategy as old as time. We can forgive people for failing to meet their stated aims if they failed due to naivety following an earnest attempt. Can we forgive people for failing to meet their stated aims wilfully?
The premise of your position is that philanthropy is always a net good, but that isn't true: philanthropy can be harmful. Homelessness is the easiest example to think about, where half-baked philanthropic efforts can have immediate harmful consequences, as we see time and time again.
The “reputation washing” behavior of Tian Keyu has been extremely harmful
For the past two months, Tian Keyu has maliciously attacked the cluster code, causing significant harm to nearly 30 employees of various levels, wasting nearly a quarter’s worth of work by his colleagues. All records and audits clearly confirm these undeniable facts:
1. Modified the PyTorch source code of the cluster, including random seeds, optimizers, and data loaders.
3. Opened login backdoors through checkpoints, automatically initiating random process terminations.
4. Participated in daily troubleshooting meetings for cluster faults, continuing to modify attack codes based on colleagues’ troubleshooting ideas.
5. Altered colleagues’ model weights, rendering experimental results unreproducible.
It’s unimaginable how Tian Keyu could continue his attacks with such malice, seeing colleagues’ experiments inexplicably interrupted or fail, after hearing their debugging strategies and specifically modifying the attack codes in response, and witnessing colleagues working overnight with no progress. After being dismissed by the company, he received no penalties from the school or advisors and even began to whitewash his actions on various social media platforms. Is this the school and advisors’ tolerance of Tian Keyu’s behavior? We expect this evidence disclosure to attract the attention of relevant parties and for definitive penalties to be imposed on Tian Keyu, reflecting the social responsibility of higher education institutions to educate and nurture.
We cannot allow someone who has committed such serious offenses to continue evading justice, even beginning to distort facts and whitewash his wrongdoing! Therefore, we decide to stand on behalf of all justice advocates and reveal the evidence of Tian Keyu’s malicious cluster attack!
Tian Keyu, if you deny any part of these malicious attack behaviors, or think the content here smears you, please present credible evidence! We are willing to disclose more evidence as the situation develops, along with your shameless ongoing attempts to whitewash. We guarantee the authenticity and accuracy of all evidence and are legally responsible for the content of the evidence. If necessary, we are willing to disclose our identities and confront Tian Keyu face-to-face.
Thanks to those justice advocates, you do not need to apologize; you are heroes who dare to speak out.
Clarification Regarding the “Intern Sabotaging Large Model Training” Incident
Recently, some media reported that “ByteDance’s large model training was attacked by an intern.” After internal verification by the company, it was confirmed that an intern from the commercial technology team committed a serious disciplinary violation and has been dismissed. However, the related reports also contain some exaggerations and inaccuracies, which are clarified as follows:
1. The intern involved maliciously interfered with the model training tasks of the commercial technology team’s research project, but this did not affect the official commercial projects or online operations, nor did it involve ByteDance’s large model or other businesses.
2. Rumors on the internet about “involving over 8,000 cards and losses of millions of dollars” are greatly exaggerated.
3. Upon verification, it was confirmed that the individual in question had been interning in the commercial technology team, and had no experience interning at AI Lab. Their social media bio and some media reports are incorrect.
The intern was dismissed by the company in August. The company has also reported their behavior to the industry alliance and the school they attend, leaving further actions to be handled by the school.
If you look at what he did it was definitely 100% actively malicious. For instance, his attack only executes when running on >256 GPUs. He inserted random sleeps to slow down training time and was knowledgeable enough to understand how to break various aspects of the loss function.
He then sat in meetings and adjusted his attacks when people were getting close to solving the problem.
Certainly looks malicious, but what on earth would be his motive? He is an MSc student for heaven's sake and this tarnishes his entire career. Heck, he has published multiple first-author, top-tier papers (two at NeurIPS and one at ICLR) and is on par with a mid-stage PhD student that would be considered to be doing outstandingly well. The guy would (is?) likely to be on track for a great job and career. Not saying he did not do what was claimed, but I am unsure about any motive that fits other than "watching the world burn".
Also, what kind of outfit is ByteDance if an intern can modify (and attack) runs that are on the scale of 256 GPUs or more? We are talking at least ~USD 8,000,000 in terms of the hardware cost to support that kind of job and you give access to any schmuck? Do you not have source control or some sort of logging in place?
Rumors said that his motivation would be to just actively sabotage colleague's work because managers decided to give priority on GPU resources to those who were working on DiT models, and he works on autoregressive image generation. I don't know what exactly was his idea, maybe he thought that by destroying internal competitors' work he can get his GPU quotas back?
> Also, what kind of outfit is ByteDance if an intern can modify (and attack) runs that are on the scale of 256 GPUs or more?
Very high. These research labs are basically run on interns (not by interns, but a lot of ideas come from interns, a lot of experiments executed by interns), and I actually mean it.
> Do you not have source control or some sort of logging in place?
Again, rumors said that he gained access to prod jobs by inserting RCE exploits (on unsafe pickle, yay, in 2024!) to foundation model checkpoints.
Thanks, that is at least plausible (but utterly stupid if true) and tells me why I would not be a good cop. Holding off further judgement on the individuals involved until we have more details.
I do understand that interns (who are MSc and PhD students) are incredibly valuable as they drive progress in my own world too: academia. But my point was not so much about access to the resources, as the fact that apparently they were able to manipulate data, code, and jobs from a different group. Looking forward to future details. Maybe we have a mastermind cracker on our hand? But, my bet is rather on awful security and infrastructure practices on the part of ByteDance for a cluster that allegedly is in the range of ~USD 250,000,000.
> my bet is rather on awful security and infrastructure practices
For sure. As far as I know ByteDance does not have an established culture of always building secure systems.
You don't need to be a mastermind cracker. I've used/built several systems for research computing and the defaults are always... less than ideal. Without a beefier budget and a lot of luck (cause you need the right people) it's hard to have a secure system while maintaining a friendly, open atmosphere. Which, as you know, is critical to a research lab.
Also,
> from a different group
Sounds like it was more like a different sub-team of the same group.
From what I heard I'd also argue that this could be told as a weak supply chain attack story. Like, if someone you know from your school re-trained a CLIP with private data, would you really think twice and say "safetensors or I'm not going to use it"?
A lot of ML outfits are equipped with ML experts and people who care about chasing results fast. Security in too many senses of the word is usually an afterthought.
Also sort of as you also hinted, you can't exactly lump these top-conference scoring PhD student-equivalents with typical "interns". Many are extremely capable. ByteDance wants to leverage their capabilities, and likely wants to leverage them fast.
Basic user separation is not asking much though, or are we expected to believe that at ByteDance everyone has a wheel bit at a cluster worth many many millions? Let us see what turns up. Maybe they had a directory with Python pickles that were writeable by everyone? But even that is silly on a very basic level. As I said in another comment, I could be wrong and we have a mastermind cracker of an intern. But I somewhat doubt it.
I think we are converging at an opinion. Internal actors can be hard to detect, and honestly there is a reason at places like Google interns are treated with heightened security checks (my guess -- they learned to do so after some years).
Btw one of the rumors has that it is even difficult to hire engineers to do training/optimization infra at one of those ML shops -- all they want to hire are pure researcher types. We can imagine how hard it will be to ask for resources to tighten up security (without one of these incidents).
That level of security is true for most big tech companies :) You mistake thinking that large and well funded = secure. They clearly have an audit trail but no preventative controls, which is sadly the standard for move fast environments in big tech.
this is closer to occam's since i think the most likely scenario here is malicious reputation damage - it's more likely someone has it out for this intern rather than this intern actually having done literally anything he's accused of
> PLEASE TAKE NOTICE that Defendants hereby respectfully object to the Case Management Order, Notice of Time and Place of Trial and Trial Related Orders dated May 23, 2024. Since the filing of Defendants’ Case Management Conference Statement on May 21, 2024, Mira Hashmall, lead counsel for Defendants, has had a 5-7 day trial scheduled with a start date of March 17, 2025. With the trial in this matter starting on March 10, 2025, and trial in Case No. CGC-22-600095 starting on March 24, 2025, that would be three back-to-back trials and potential overlap amongst them.
You're citing Matt but Matt has been proven to be untrustworthy. For example, his claim of many year long negotiations includes a claim that he had delivered a term sheet to WP Engine in May, but that claim was disproven by himself, no such term sheet was delivered. Additionally, the contributions that he counts from WP Engine are only those included in the "Five for the Future" program which Matt administrates. The actual contributions of WP Engine to the ecosystem include millions of dollars per year on event sponsorship, plugin development (WPGraphQL, ACF) and more.
Read the lawsuit filed by WP Engine. No such negotiations existed. Matt has been arguing with WP Engine in his head. You may believe WP Engine's contributions to WordPress are disproportionately small for their size but make that argument on the basis of accurate information, not the fiction from Matt.
Nobody likes WP Engine but Matt's lying has been so problematic that it is impossible to take his side unless you believe that integrity is optional.
> millions of dollars per year on event sponsorship
Are you for real? Event sponsorship is part of the marketing budget. They're there to promote their company among competitors. It's a universal business expense.
> plugin development ACF
ACF is their own asset
I mentioned this in my comment, they don't contribute significantly beyond their mouth. What you came with are just the receipts for what I said.
And Automattic's control over WordPress is part of their "marketing" budget. Let's not forget how valuable the exclusive commercial license for the WordPress trademark is to Automattic, their ability to use the WordPress.com domain has huge commercial value to them. I have no doubt that WP Engine would pay tens of millions of dollars per year for the exclusive commercial license to the WordPress trademark which is tens of millions that could be funnelled to the WordPress Foundation, which is tens of millions more than Automattic spend. Ask yourself how Matt justifies Automattic spending millions of dollars per year on hosting WordPress.org and millions of dollars on the 100+ staff Automattic have working on WordPress.org.
We can't pick and choose which contributions are valid and which aren't. WP Engine spend money on the development of WPGraphQL a free plugin, WP Engine spend money on the development of Advanced Custom Fields which they release for free for millions of WordPress sites to use... of course they're not doing that out of some altruistic moral crusade, of course it's a clear calculus about the benefit to their bottom line, but that doesn't change that they're contributing.
The "Five for the Future" contributions are specifically about contributing to WordPress Core, which is owned and controlled by Matt Mullenweg: you're playing into Matt's absurd narrative that the only valid contribution is one that is made to something under Matt's control.
I think WP Engine are Private Equity leeches, I have zero doubt about that, I wish that they were to contribute more but that's the deal with Open Source software, that's what we choose to allow by releasing Open Source software. The moral obligation we have when we use Open Source software is to respect the license, Matt had the choice about the license to release WordPress under, he made the choice for it to be GPL.
dhh is more eloquent and authoritative than I, read these if you need further convincing:
> Let's not forget how valuable the exclusive commercial license for the WordPress trademark is to Automattic, their ability to use the WordPress.com domain has huge commercial value to them.
In the discussion for this post alone, we have commenters with no idea that WordPress can be self-hosted, or that dot com has a free plan.
That's skimming the top for how confused a non-HN-reading layperson could be at the whole project.
> The "Five for the Future" contributions are specifically about contributing to WordPress Core, which is owned and controlled by Matt Mullenweg
And? It is the backbone that powers their entire business. You're acting like they're being asked to contribute to something they don't use. That should be the bare minimum. Even business wise it make sense to contribute to it and help make it better. It's absurd we're even having this discussion.
You're also inconsistent. You claim something is fine because it's legal (the license doesn't ask for more as a condition) but you condemn the other party reaction on a different grounds? I thought everything you can get away with, legally, is OK. Matt has barely scratched the surface of what's within his power to do in response.
WP Engine are a Private Equity owned for-profit corporation who exist solely to hoover up as much revenue as possible, consequence be damned, that's Private Equity. Matt Mullenweg is an individual who professes to be an open-source software for-the-greater-good moral crusader. I hold them to very different standards. Matt has to behave according to his professed principles otherwise they're not his principles, they're just a mask.
I release Open Source software under a permissive license: if I leverage my control over that software to harm the consumers of my software that I believe are taking without giving, then I am far worse than a leech.
Regarding "WordPress Core": if WordPress Core is all that matters, why are plugins fundamental to WordPress? Why do millions of WordPress websites use Advanced Custom Fields?
You've repeated a bunch of Matt's lies, either you're uninformed or not impartial. The latter cannot be addressed, the former can. Read more, speak less.
Everyone should be held to the same standards. If my professed principle was to be evil, then would you judge me negatively if I acted good?
I release software under a permissive license too. But I understand the only reason I'm able to do it, is because companies like Google and Mozilla believe in supporting people like me. There's this unwritten rule that the most successful people in our society should be philanthropic, because they're the only ones who can. However nothing formally requires this.
It's similar to how a company might officially give you unlimited vacation days. Imagine if one person tests that rule, and makes every day a vacation day. It would probably take years before someone tries that, but once someone actually does, the rules are going to quickly change for everyone and you might end up with a lot less freedom than before.
WPEngine has certainly tested the limits of the open source gift economy and the way Automattic is reacting isn't helping either. It's a sad thing to witness.
I don't think WPEngine is a fox. I think it's more like a factory farm moves in next door and sells your customers eggs at a lower price, because it keeps more hens cramped in metal cages. So eventually your family farm has to close its hen house and all your hens end up at the factory farm.
Matt isn't being held to a higher standard, he's being held to a different standard, a standard he chose.
WP Engine is a company that chose to build a business around a piece of software released under a license that permits their commercialisation of the software.
Matt is an individual who chose to release software under a license that permits companies to build a business around the software and has then chosen to initiate a "nuclear war" against one of those companies who is complying with the license he chose to release the software under because they are not contributing to the software in a way that he deems acceptable.
They're fundamentally different actors in fundamentally different positions. WP Engine has behaved exactly as one would expect from the start. Matt has behaved in a way that suggests he has lost his damn mind, doing everything in his power to harm a business that is complying with the license he chose.
I don't disagree with the idea that WP Engine should contribute more, I don't disagree that Private Equity is harmful to Open Source, but I fundamentally disagree with Matt's weaponisation of Open Source to make a point. There is a lot of great prior thinking on this subject[1], Matt has many options, he is making the choice to behave in this way, it is not a foregone conclusion.
Our discussion isn't going to lead anywhere, but we can revisit it in a month when Matt's downward spiral has resulted in the inevitable. Perhaps, at that point, you'll reflect on whether Matt's behaviour was worth supporting.
You don't see the non-premium version of ACF as contributing? I'm curious, why not?
WPE has other employees dedicated to WP and The Community. I'm not defending WPE but just because they don't contribute in a way MM wants doesn't mean they don't contribute. Suggesting they're not contributing is disingenuous.
Matt is not a dictator. Oh wait, scratch that.
p.s. Matt should be careful what he wishes for. If WPE or anyone contributes they're going to want a voice, a seat at the table. Is Matt willing to share control? If the answer is no, then that is the root problem here.
So if I go successfully make a feature addition to ie Kubernetes, or the Linux kernel, and it is exclusively motivated by furthering my business needs instead of altruism, but happens to incidentally benefit others too - do you consider that a "contribution" under your mental model? If not, what's the distinction?
> make a feature addition to ie Kubernetes, or the Linux kernel
In your example, you're contributing to other people projects so yes it would be contribution right of the bat. That's completely different than the case with ACF.
And WPEngine does not own Wordpress or its ecosystem, right? So that's also "other people's projects" if they produce something of value to its ends users?
> if they produce something of value to its ends users?
No, that's would be their value proposition or what every company on earth have been doing since inception, filling a gap in the market.
You seem to be claiming that their mere existence in the ecosystem would be a contribution, even if they were closed source. They would be providing value and attracting users in a butterfly effect style. Sure, that help and have a positive impact but is it a contribution to an open source project and the ecosystem?
My model is fairly simple, you can't claim credit for something if you did it involuntarily or with a different intention or it happened as n-level side effect of what you are trying to do.
And what makes Automattic's contributions any different? They "steer" the product to their benefit and sell that as what's good for them is good for all.
That's rubbish.
It's not contributing to "the cause" when the features you add are solely for your own benefit. Not that self-serving is wrong. But to sell it as benevolent red lines any decent bullshit detector.
Matt defined the license. Now he regrets that and he wants a cut. Nuttin wrong with that. But to sell it otherwise is shite. We're not that stupid.
- And the list goes on: contributing and sponsoring many projects and developers that everyone using the web benefited from, including you and billions of people (not counting wordpress's impact)
Please educate yourself before spreading FUD about people who made great contributions constantly to the open web, the entire industry, and promoted open source on every chance they got.
You left out Matt & Co partnering with privacy-crusher Google, and other "f*k the users this partnership is good for Automattic and my pockets" deals and decisions. And what about his anti-accessibility transgressions (with Gutenberg).
Matt championing himself as benevolent and using OSS as a shield is BS. No one is expecting him - or anyone - to be perfect. But he and his hypocrisy has jumped the shark.
“I love how I never said I was going to fork the project and only wanted to support those who did. Matt is incredible at only hearing the things he wants to hear.”
reply