that's a great point, and also the problem with relying on a human-in-the-loop to catch these kind of issues when it can be circumvented even if they were perfect
Agents should make better use of OS sandboxing facilities with finer-grained ACLs.
Less: Do you want to run "npm run build"?
More: "npm run build" tried to read your Chrome cookie database, do you want to allow that?
Some agents like Codex use sandboxing on Linux/MacOS but the permissions are far too coarse - they'll run the command in a relatively strict sandbox and when it fails they'll ask you to allowlist the command as a whole, forever. There should be a new permission prompt every time a command tries to do something new.
Claude suggests (or used to suggest - it's been a while) to allowlist "bash" which completely defeats the point. If you do that the agent can run `bash -c "echo literally anything"`
Don’t rely on your non deterministic agent and its creators to secure your software. Design defense in depth and trust guardrails that don’t expect Anthropic to vibe good security into existence.
If you start by treating any autonomous actor in your system as an actor with the potential to go rogue the design starts to create itself
Not using agents at all. It could edit your code to do something malicious when you run it. Not even once. Not even if the agent has a gun to your head.
You misunderstood and it's really simple. Implying that on-device scanning makes it impossible for them to access any information is misleading. Just drop that faulty reasoning because it creates a dangerous misunderstanding of how technology works.
To illustrate: Because I wrote this comment, the sun is going to rise again tomorrow.
> All the LLMs have ingested nearly every cookbook ever made, across multiple languages.
That's not a positive thing, good recipe developers are Rare. For every recipe that's been meticulously tested and documented there are 1000 that haven't been. Many cookbooks are riddled with errors.
Sure, but most recipe books are just copies of other good recipe books. There are only so many ways to bake cookies.
I've always been a pretty good cook, but I've been able to pull off some really cool stuff with the help of ChatGPT lately. It is probably just an incremental lift, and I still catch it making errors from time to time, but it has been a huge help in the kitchen.
Whether something is "impractical" depends on your expectations. High-latency unattended inference is definitely viable, even though it doesn't align much with what's being run in hyperscale datacenters.
Can you elaborate what do you think C has in terms of simplicity that Zig doesn't, and which "same kinds of issues" do you think it has?
I'm not an expert in either language but my anecdotal experience disagrees with this - writing Zig has been far simpler and less error-prone than writing C.
Sure, maybe don't bet your entire company on mountains of Zig code just yet, but aside from the breaking changes it's been perfectly usable and suitable for every project I've ever wanted to work on.
If someone is switching from C because it's too easy to trigger undefined behavior, picking one of the few other not memory safe languages is missing the point.
> must be able to maintain equal power generation levels
This is a myth, you just need to overbuild the renewables like solar, add some storage, and then have _some_ capacity from other sources to handle the dips.
reply