This likely takes 500mb+ RAM, TFA probably didn't account for tauri://localhost in their calculation, which by itself takes 200mb+ RAM. Then your app process will take 100mb+ RAM, and there will be a couple of other processes besides.
Tauri is no better than electron in terms of RAM, just like people calling it "lightweight" are no better than flat earthers. Let's hope they come around.
You have used chatgpt presumably. Based on your interactions with it, do you seriously think it should be allowed to shoot a gun without any human oversight?
We have nukes, missiles, bombs, all capable of mass widespread death. Should we give those up too and just let adversaries be the only ones in possession of these types of weapons?
That's the setup you want for serious work yes, so probably $60kish all-in(?). Which is a big chunk of money for an individual, but potentially quite reasonable for a company. Being able to get effectively _frontier-level local performance_ for that money was completely unthinkable so far. Correct me if I'm wrong, but I think Deepseek R1 hardware requirements were far costlier on release, and it had a much bigger gap to market lead than Kimi K2.5. If this trend continues the big 3 are absolutely finished when it comes to enterprise and they'll only have consumer left. Altman and Amodei will be praying to the gods that China doesn't keep this rate of performance/$ improvement up while also releasing all as open weights.
I'm not so sure on that... even if one $60k machine can handle the load of 5 developers at a time, you're still looking at 5 years of service to recoup $200/mo/dev and that doesn't even consider other improvements to hardware or the models service providers offer over that same period of time.
I'd probably rather save the capex, and use the rented service until something much more compelling comes along.
At this point in time, 100% agreed. But what matters is the trend line. Two years ago nothing came close, if you wanted frontier-level "private" hosting you'd need an enterprise contract with OpenAI for many $millions. Then R1 came, it was incredibly expensive and still quite off. Now it's $60k and basically frontier.
Of course... it's definitely interesting. I'm also thinking that there are times where you insource vs outsource to a SaaS that's going to do the job for you and you have one less thing to really worry about. Comparing cost to begin with was just a point I was curious about, so I ran the numbers. I can totally see a point where you have that power in a local developer workstation (power requirements notwithstanding), good luck getting that much power to an outlet in your home office. Let alone other issues.
Right now, I think we've probably got 3-5 years of manufacturing woes to work through and another 3-5 years beyond that to get power infrastructure where it needs to be to support it... and even then, I don't think all the resources we can reasonably throw at a combination of mostly nuclear and solar will get there as quickly as it's needed.
That also doesn't consider the bubble itself, or the level of poor to mediocre results altogether even at the frontier level. I mean for certain tasks, it's very close to human efforts in a really diminished timeframe, for others it isn't... and even then, people/review/qa/qc will become the bottleneck for most things in practice.
I've managed to get weeks of work done in a day with AI, but then still have to follow-up for a couple days of iteration on following features... still valuable, but it's mixed. I'm more bullish today than even a few months ago all the same.
AFAIK the signal backups use symmetric encryption with user generated and controlled keys and anonymous credentials (https://signal.org/blog/introducing-secure-backups/). Do you have a link about the usage of sgx there?
Also fwiw I think tees and remote attestation are a pretty pragmatic solution here that meaningfully improves on the current state of the art for llm inference and I'm happy to see it.
And yet if you want applications to work on your phone, many times you'll need approval from either Apple or Google. Google can effectively ban manufacturers (like they did with Huawei) from using "Android" by blacklisting them from Play Services. Apple owns the entire ecosystem and prevents third-party from having access to the same feature set.
Something tells me that the thing about Google not allowing custom Andriod operating systems to install apps is not quite true. I don't know about this specific topic yet, but I bet that if I look into it, I'll find out that there's nuance here that isn't been correctly portrayed by your comment.
Look up Play Integrity, it's the remote attestation framework Google uses to ensure apps only run on Google-blessed hardware and software. Apps that use it verify that both hardware and software are unmodified and blessed by Google before apps are allowed to run. Banking apps use it, the fucking McDonald's app uses it, public transit pass apps use it, etc.
If you want to use your phone like normal people do in 2025, and not relegate yourself to being a second-class citizen when it comes to simple things like paying for stuff, riding the subway, etc, your phone is either an iPhone or something that plays nicely with Play Services.
And that's just the remote attestation side. Many apps rely on Play Services themselves, and without access to them, will not work. Google gates access to Play Services through contracts, it is not open source or part of Android.
You need to allow Play the play store and it's services and those will wall you in. Many times discussed here: many banking, gov, health apps around the world are banning anything not blessed by Google or Apple and installing on a non blessed system will not allow you to use them. My bank allows a modern and supported android or ios phone or a Windows laptop with a biometric card reader. Pretty much locked in and all banks are following.
I do! I've been an Android stalwart since I first got a smartphone over a decade ago.
Problem is, every year Android announces some new stupid-ass restriction or anti-feature that significantly degrades the capability of application software on the OS in the name of security. In other words, Google keeps trying to turn my Android into a shittier iPhone. It's gotten so bad that they recently floated the idea of mandatory notarization, and only marginally backed down after shittons of pushback.
Every time the EU passes a law intended to stop obviously monopolistic shit like this from happening, a certain brand of Ayn Randroid Apple fan comes out of the woodwork to decry the EU "forcing Apple to give away its technology for free". Which is absolutely bullshit, on two counts. First off, Apple sold its technology to us when we bought the phone. That's the whole deal with Apple: the OS is a bundle with the hardware. Ergo, them going to app developers and asking for a cut is double billing. Second off, and more importantly, the only reason why you even need the EU DMA is because Apple won't let you ship an app that is capable of doing what their own first-party daemons do.
I'm going to be honest. Every time I read people like you saying "you can just buy an Android if you want that", I get the same vibes as I do when I see, say, old boomers showing up at town hall meetings to oppose the building of the IBX[0]. You're just App NIMBYs, carrying water for a tech industry trying to turn every computer into the tech equivalent of a car-dependent suburb with restrictive zoning laws.
Now if only the EU could pass a law saying Apple needs to ship an Android app that provides all the missing functionality of AirPods on that platform. At the very least, I should be able to update the firmware on them.
[0] Inter-Borough eXpress - A proposed circumferential NYC subway line connecting Brooklyn and Queens.
I was a diehard Android user as the memory of Apple locking down things like the filesystem among other things really sowed some bad blood for me. But these days it really seems like they're kind of converging and Apple's privacy features are quite appealing...
> Every time the EU passes a law intended to stop obviously monopolistic shit like this from happening, a certain brand of Ayn Randroid Apple fan comes out of the woodwork
These companies spend billions in dollars on PR agencies and lobbying. They spend the most on lobbying the EU out of everyone. The likelihood that zero of that goes towards writing such comments in places like HN is minuscule. And then there's the legions of actual Googlers and Applers here and elsewhere who
have drunk the koolaid.
If you're alleging that I replied to an Apple-affiliated troll farm employee, the possibility is there. But Apple is particularly unique in that it has a certain brand of customer that stuck it out during the days where System 7 was being absolutely clowned on by Windows 95 and NT. These hardcore Apple customers treat the company as if they are members of a persecuted minority religion. In other words, Apple doesn't need a troll farm, they have their fans to do it.
(Which, ironically, was also the strategy of Epic's entire Fortnite stunt...)
I am alleging that specifically because it's always the same old dumb anti-EU narrative that they're pushing. If it was something else, then sure. Those hardcore customers you're talking about have existed similarly for other tech brands like Microsoft or Sony - or even more laughably, Intel or Nvidia - they're just less active in these spaces, and even they can't really excuse Windows 11 and its idiocy.
Just a couple examples off the top of my head I have bumped into: Packages that cannot be full source bootstrapped like Haskell are allowed, so total trust is placed in a third party compiler binaries. Also in cases like qemu where binary blob firmware is in the repo, it is kept as is and not rebuilt from source. Determinism is also not mandated so there is no way to know if any of the non deterministic packages were faithfully built from source. There are no hard enforced rules in cases like these, only cultural guidelines that are followed optionally.
Compare to e.g. stagex which I founded specifically because nix did not wish to adopt a strict threat model that trusts no single individual, build machine, or third party binary.
Stagex is a remarkable achievement and one of the most exciting projects that I have encountered this year. I plan on migrating a few high value build pipelines in the near future. Thank you for the excellent work.
With that said, I also write a lot of Haskell and would be very sad if nixos dropped support because it was not yet fully bootstrappable. The NixOS supply chain and build pipeline could absolutely be meaningfully hardened, but I think that given the state of the ecosystem at large, and the project's widespread usage as a general purpose OS, achieving the kind of trust model and security guarantees offered by something like stagex is not yet realistic without making usability compromises that most of it's userbase would not find acceptable.
NixOS made a decision to tolerate single party supply chain security to support as many packages as possible even if it means nixos cannot be used for high security applications. This is a perfectly acceptable stance IF they communicate their single-party-risk tolerant threat model honestly so people know they cannot trust nixos in high risk situations.
It absolutely does not have the supply chain security guarantees it is widely believed to have and that is my core problem with it.
Also you wanted to use stagex for haskell today anyway and accept the risks you totally can but you would want to make a docker build layer to import a pre compiled binary from the internet like nixos does, and then it is very explicit that your resulting software has single party trust. We should have all dependencies of haskell but we cannot safely offer it as a precompiled package. That said as an end user you can of course use stagex in any way that suits your own project threat model.
If you're not making changes to the bootloader it's essentially impossible to brick nixos: updates are fully atomic and every change can be rolled back by booting into an old generation.
This combined with the fact that the full source code for the system is contained within a single monorepo that I can checkout and grep through makes NixOS the easiest to understand and most transparent distro I have ever used.
> updates are fully atomic and every change can be rolled back by booting into an old generation
Well, the updates themselves yeah, but not what data they use. You cannot always rollback database upgrades for example, without also having to rollback the data source of the database. In most cases you're right though.
I'm saying this as someone who is a fan of NixOS and use it on all my servers because I tend to forget what I do if I just ssh in and fix stuff. Although I'm on Arch/CachyOS on all other hardware.
maybe something to do with Haskell being a beautiful and foundational language that has been a major driver of progress in programming language design for the last two decades?
reply