Had a positive interaction with a company AI for the first time - Postman's AI was able to read my public API docs and add my API to its system entirely through a chatbot. Then it guided me through publishing that API. The whole thing took 5 minutes.
Still directionally super interesting
To a non-security person it sure feels like "isolated the relevant code" is carrying a lot of weight. It seems sensible in the explanation later but it's not obvious how much of a hint is there (and I'm not sophisticated enough to evaluate their transcript).
I agree, but I'm not sure about the comparison. I think you _should_ trust your AI much much more than anyone else's, assuming you've some reasonable transparency on its operation.
Not that Ethan's saying otherwise, but I think it's healthier to distrust AI than the medical establishment.
Once Apple taught us the word skeuomorphism we could never go back. Its name was spoken and it vanished from our world.
"Just one more turn" is the best and worst part of AI coding. Similar to coding or homework sets, I've banged my head against the wall for hours only to solve the problem in 15 minutes the next morning.
Mine is still running for now π€·ββοΈ
We'll see π€. Wondering about my own second party harness myself.
bsky.app/profile/isol...
I don't use OpenClaw, I use my own framework and it appears that that's acceptable for now. But it probably shouldn't be? And it's hard to believe they won't no-notice cut it off in the future.
bsky.app/profile/isol...
Announcing a change to a monthly subscription with ~8 hours notice seems like poor form to me.
www.reddit.com/r/ClaudeAI/c...
π€
Totally makes sense but also could use more than a day's notice
Redlined a contract for the first time today. Well I redlined it on Monday, and my counterparty said "no no redline less", and then I redlined it less, and then those redlines were accepted.
yikes
I sent ~4 sequential Gemini requests today and got hit with MODEL_CAPACITY_EXHAUSTED errors. Gemini is just not production grade, at least for end users.
Oh hey look at that
bsky.app/profile/tech...
I really believe the future is open, that in it people should own and control their own data and software, and that AI will help get us there but... man a lot of this stuff isn't even ready for late night, let alone prime time.
Ultimately I went with a slightly different guide that required multiple setup subguides and 2 separate container systems. After 2-3 hours I was happily reading Psycho before bed.
Our MapleRead app family has 3 members, namely SE, CE and CX. SE is our flagship product with all features. CE is SE without PDF reader and built-in Library Server. CX is CE with some limitation. Free to try. No recurring subscription fees. No ads. Just buy it once. Gratuity optional. Moreover, SE and CE can be run side-by-side via split-view multitasking. Recommend SE for use on multiple devices with easy and fast book sharing via Library Server. Recommend the SE-CE bundle for the best value.
App store screenshot, featuring "KyBook 2 Ebook Reader", Kybook - Epub,FB2,PDF,DjVu Re.." and "Kybook 3 Ebook Reader". Also PureLibro because screenshotting just 3 apps in a grid is hard.
Then the recommended apps are bananas. Claude recommended MapleRead and Kybook, each inexplicable has 3 versions.
Screenshot of a Claude conversation (Claude definitely thought about hitting the moderation brakes before responding) me: I gotta tell you, this presumably gets me the functionality I want, and it might be the only or best way to get the functionality I want, but it's real pervert shit. Claude: Ha β yeah, it really is. You want to read books you own on a device you own, served from a computer you own, and the "solution" is: install a container orchestration platform, then deploy a fork of a fork of an ebook manager inside it, configure Linux user IDs, set up an OPDS catalog, and connect a third-party reading app to it over your local network. The frustrating thing is that there's no clean, first-party answer here. Apple...
The guides are super helpful, but this is straight up pervert shit. Install a container system, schedule a scripted install in the past, manually run the scheduled script. 3 different username/password combos. An hour with Claude troubleshooting a permissions problem.
I found that you can install Calibre right onto the Synology NAS, and then there are iOS apps that can connect to that. Sounds like exactly what I want! Then I read the guides...
mariushosting.com/how-to-insta...
I have a reasonable number of epubs (incl a batch from Humble Bundle), and have been slowly moving away from the Amazon ecosystem. I have a Synology network drive for the epubs, I have Calibre on a Mac, and I'd like to be able to read from a tablet.
www.humblebundle.com/books/dread-...
LLMs/AI let you do more of what you were already doing. For people who are thoughtful and productive, it can make them more thoughtful and productive.
Everyone knows that underperformers slow a team down. I didn't think about it until today but AI lets underperformers slow a team down even more.
He described coworkers forwarding incorrect AI meeting notes to leadership and incorrect figures put into important slides. It reminds me of this, but generally I'm pretty sure that no one wants to read anyone else's AI output.
bsky.app/profile/schw...
A friend of mine is an AI skeptic at a pharma company that's over-enthusastically encouraging AI use. He said that AI is saving him time on research and finding files, but he's "spending so much time cleaning up other people's AI slop" to make it not worthwhile.
Got my first docx spec from Claude (I think I usually specify md). Way more formal than I'm used to.
This works for keys, but not for sensitive data exfiltration. I'm cautiously optimistic that you can put another agent in that MITM proxy, and have it validate there's a good reason for sending the information in the request (hand-waving intensifies). But that's a problem for future Rob.
"Architecture diagram showing a secret-management pattern for a Docker Compose project called 'bobbo.' On the host (Mac Mini), a .env file holds real GitHub and Telegram tokens that never enter the container. The .env is mounted read-only into docker-compose, where the 'bobbo' container (port 8080) only sees placeholder values. All outbound HTTP(S) traffic flows through a 'bobbo-proxy' MITM container, which detects the placeholder strings, swaps in the real tokens, and forwards requests with real credentials over HTTPS to the GitHub API and Telegram API."
Instead of agents running in a single container, they run in a sub-container that sends its outbound requests through a MITM proxy. The MITM proxy substitutes PLACEHOLDER_KEY for the real deal against allowlisted domains.
