3
points
jart
Joined 13,639 karma
- jartThey have solved the popup problem. It's called AI. If I ask Claude to browse the web for me and report back what it finds, then there's no popups, no ads, no newsletters. I'm insulated from all the awful things people do. That's what I love about technology. It always comes along at just the right time to solve the greatest problem people have ever had, which is other people.
- You've named half of the weasel security technologies of the last three decades. The nice thing about SECCOMP BPF is it's so difficult to use that you get the comfort of knowing that only a very enlightened person could have written your security policy. Hell is being subjected to restrictions defined by people with less imagination than you.
- It'd probably be such a small amount of money that it'd cost me more to cash the cheque. Lawyers are the only people who get rich over that kind of thing. Don't share any information with the robot that you don't feel comfortable with them using to make their service better. If you want to be fully in control of your interactions with AI then use llamafile which is 100% local. That's the healthy thing to do. Everything else is just rent-seeking and the fact that so many people are doing it is threatening much more important goals than money like transcendence.
- WASM sandboxes don't do much to guarantee the soundness of your program. It can hose your memory all it wants, it can just only do so within the confines of the sandbox.
Using a sandbox also limits what you can do with a system. With stuff like SECCOMP you have to methodically define policies for all its interactions. Like you're dealing with two systems. It's very bureaucratic and the reason we do it, is because we don't trust our programs to behave.
With Fil-C you get a different approach. The language and runtime offer a stronger level of assurance your program can only behave, so you can trust it more to have unfettered access to the actual system. You also have the choice to use Fil-C with a sandbox like SECCOMP as described in the blog post, since your Fil-C binaries are just normal executables that can access powerful Linux APIs like prctl. It took Linux twenty years to invent that interface, so you'll probably have to wait ten years to get something comparable from WASI.
- I've been doing just that. If there's a way to break fil-c we're gonna find it.
- I hope Anthropic is saving all my interactions with Claude so they can replace me when I'm gone.
Then future generations who like old school systems hacking will be able to pair program with Justine AI.
- Sucks to have all the downsides of being famous, but none of the benefits.
- Yeah Google liked llamafile so much that they asked me to help them improve the LLM on their website too.
- I think App Engine was really ahead of its time in showing how simple cloud deployments can be. It had a similar ease of use as setting up a YouTube account. For that reason, a lot of people thought of it as a toy, which was kind of unfair because companies like Niantic were able to build global products on it. So a lot of Google Cloud afterward ended up being designed to be more "normal" like how Amazon is. Now people are seeing what normal gets them, so maybe it's going to be time for the Google way of doing things to finally shine. (Disclaimer: I'm a Google employee)
- Really exciting to see Mozilla AI starting up and I can't wait to see where the next generation takes the project!
- It's always been the case with local infrastructure that if you run it yourself, you have to secure it yourself. It's not a vulnerability for local software to do what I tell it to do. Maybe I want to ask an LLM to try to hack into the things on my local network, to make sure nothing is vulnerable. The real vulnerability would be if the LLM does things I didn't ask it to do, like delete my production database. So it always irks me when security work is approached with the viewpoint that I'm the one who's untrustworthy and needs to be controlled rather than the machine. The whole point of tools throughout history has been to give people more power.
- No they're the same. Why do you think xz was targeted? It's a giant slippery hairball.
- Folks have been ringing the alarm bell for a decade. https://www.nongnu.org/lzip/xz_inadequate.html xz is insane because it appears to be one of the most legitimately dangerous compression formats with the potential to gigafry your data but is exclusively used by literal turbonormies who unironically want to like "shave off a few kilobytes" and basically get oneshotted by it.
- So you think being a carless renter with no formal education or credit cards is privileged? I thought privileged people called them rubes.
- There's that word we again. So you're the crazy gringo who always picks my pocket?
Deflation is only bad for people who hold a lot of debt. For people who are cash positive, deflation means you're richer, you're being paid more to do the same job, etc. all while maintaining your freedom. Deflation actually being good is the central gamble behind bitcoin's design. If more people understood that then they'd probably stop using it for such frivolous purposes. Not everyone is privileged enough to even hold debt, so it's really an exclusionary system. And what do the people who the system trusts to have debt (e.g. private equity firms) do with it? They do leveraged buyouts to rip out the heart and soul of responsible American companies. The only thing inflation is good for is keeping folks running on the hamster wheel and bankrolling entitlements.
- It's a foolish idea to short gold on the eve of a currency crisis. Gold went up 1812% the last time this happened. You'll be paying through the nose if you do it with $GLD since it's hard to borrow. You'll get IV crushed if you do it with put options. The smart way to profit off gold's fall from grace is by selling futures each time it hits a new high and then closing your position quickly after the inevitable ~50 point pullback. Markets can be timid. They sometimes price in new information slowly and reluctantly.
- I copied and pasted that line from a tweet I made a while ago. Why don't you Google "san francisco elected official pay school board" ($6000/year) and "san frascisco school board budget" ($1.2 billion). So they actually manage 10 figures up there and they get paid even less than European e-commerce developers. The President of Y Combinator is a died in the wool conspiracy theorist. He tweets all the time about his belief that they're removing algebra from curriculum. Another one of my favorite conspiracy theories is that the SF school board secretly does arms trafficking. You should google it. But at least they're better than european politicians, who are putting larvae in your food supply and want to spy on literally everyone with chat control.