Readit News logoReadit News
nowahe commented on Claude Sonnet 4.6   anthropic.com/news/claude... · Posted by u/adocomplete
e1g · 25 days ago
On a Mac, I use built-in sandboxing to jail Claude (and every other agent) to $CWD so it doesn’t read/write anything it shouldn’t, doesn’t leak env, etc. This is done by dynamically generating access policies and I open sourced this at https://agent-safehouse.dev
nowahe · 25 days ago
By any chance, do you know what Claude Code's sandbox feature uses under the hood and how that relates to your solution ? From what I remember it also uses the native MacOS sandbox framework, but I haven't looked too deep into it and don't trust it fully
nowahe commented on Running Claude Code dangerously (safely)   blog.emilburzo.com/2026/0... · Posted by u/emilburzo
kernc · 2 months ago
It being deprecated and all, didn't feel like wrapping it, but macOS supposedly has a similar `sandbox-exec` command ...
nowahe · 2 months ago
IIRC from a comment in another thread, it's marked as deprecated to stop people from using it directly and to use the offical macOS tools directly. But it's still used internally by macOS.

And I think that what CC's /sandbox uses on a Mac

nowahe commented on ReMarkable Paper Pro Move   remarkable.com/products/r... · Posted by u/ksec
loughnane · 6 months ago
Granted I've only used a remarkable as an e-reader, but i read a lot of paper books.

I don't understand why this is such a necessary feature. Most people don't read paper books with a dictionary handy.

nowahe · 6 months ago
I'm not a native English speaker, but I read a lot of books in their original English. Being able to quickly look up a word you've never encountered is a god send

I find myself really missing this feature when I occasionally read a paper book, thinking about clicking the word on the page to get a definition.

nowahe commented on Anna's Archive: An Update from the Team   annas-archive.org/blog/an... · Posted by u/jerheinze
fransje26 · 7 months ago
Are there any links you could share for.. ..ehm.. ..research purposes?
nowahe · 7 months ago
I've downloaded a few from yggtorrent, but there might be some more niche/less public sites I'm not aware of
nowahe commented on Amazon to invest another $4B in Anthropic   cnbc.com/2024/11/22/amazo... · Posted by u/swyx
Filligree · a year ago
Hate to be that guy, but did you tell it up front not to ask? And, of course, in a long-running conversation it's important not to leave such questions in the context.
nowahe · a year ago
The weird thing is that when I tried to tell it to distill it to a much smaller message it had no problem outputting it without any followup questions. But when I edited my message to ask it to generate a larger response, then I got stuck in the loop of it asking if I was really sure or telling me that `I apologize, but I noticed this request would result in a very large response.`

It sparks me as odd, because I've had quite a few times where it would generate me a response over multiple messages (since it was hitting its max message length) without any second-guessing or issue.

nowahe commented on Amazon to invest another $4B in Anthropic   cnbc.com/2024/11/22/amazo... · Posted by u/swyx
cainxinth · a year ago
They certainly need the money. The Pro service has been running in limited mode all week due to being over capacity. It defaults to “concise” mode during high capacity but Pro users can select to put it back into “Full Response.” But I can tell the quality drops even when you do that, and it fails and brings up error messages more commonly. They don’t have enough compute to go around.
nowahe · a year ago
I've had it refuse to generate a long text response (I was trying to concise a 300kb documentation to 20-30kb to be able to put it in the project's context), and every time I asked it replied "How should structure the results ?", "Shall I go ahead with writing the artifacts now ?", etc.

It wasn't even during the over-capacity event I don't think, and I'm a pro user.

nowahe commented on The business of gutting failed Bay Area tech companies   sfgate.com/bayarea/articl... · Posted by u/adrianmonk
rozenmd · a year ago
plenty of businesses like this operate online too - had my aeron shipped from a Parisian startup liquidator
nowahe · a year ago
Do you happen to have the name of the place you found it ? I'm in France, and I wasn't really able to find anything with a quick google search
nowahe commented on GitHub cuts AI deals with Google, Anthropic   bloomberg.com/news/articl... · Posted by u/jbredeche
jillesvangurp · a year ago
Most of the LLM quality discussions have a shelf life measured in weeks. The companies involved are leap frogging each other with model updates and tweaks every few weeks.

Try it yourself. I'm getting a lot of value out of just using chat gpt for coding. It's not without flaws. But I can get it to do a lot of routine stuff quite quickly. What I like about the desktop client is that a prompt is just one alt+space away. I usually just copy paste whatever I'm working on and then ask it to do stuff to it.

There's some art to the prompting and you usually have to nudge it to not be lazy and do the whole thing you asked for. It seems engineers on the other side are working really hard to minimize token usage.

I find it's increasingly the UX that's holding me back, not the model quality. Context windows are now big enough to hold a lot of stuff. But how do you get everything in there that matters? Manually copy pasting together stuff is tedious. I actually wrote a script (well, with some llm help) that flattens things in my repository into a file that I then simply attach to a conversation. Works surprisingly well.

nowahe · a year ago
I also found that passing all the codebase in a single file in the context works really well. I've tried Cursor et al, but I found that it not having the full context of the codebase (and having to do some back and forth for it to requests files) was slower and didn't really yield any better results. Granted I work on projects where the codebase fit in 100-200kb text files, but I'm still only at 20% of the context limit in Claude.

Also I found the UX of Claude to be better for this, especially their Projects feature. I can just put the codebase in the Project's context, and start a new conversation to ask different questions/solve different problems.

The only pain point I have is that it seems to be pretty optimized to only show changes in existing files, not rewriting them in full, which is a bit of a pain to copy-paste into my IDE. I'll see if I can write out a system prompt to force it to generate diff or a similar format that could more easily be applied automatically to my code.

nowahe commented on Ask HN: Is split keyboard worth the effort?    · Posted by u/throwaway_43793
nowahe · 3 years ago
I switched to an Ergodox-EZ about 3 years ago, and I don't regret doing it at all. I didn't switch layout tho, stayed on AZERTY.

My experience is that at first it was very frustrating. I went from ~80WPM on my macbook keyboard to ~20WPM on the ergodox. After a couple of weeks I was able to write text at a comfortable speed again, but any special character was painfully slow, as I had to consciously think where each character was, and often look it up on my layout. After about 3 months I was back up to 80WPM.

What took a long time as well, was configuring my layout to fit my programming needs, it took me about 6 months to come up with a layout that had everything I needed (you can see it here if you're curious[1]). My recommendation is to do it incrementally, trying with something general at first, then with use seeing what feels right and doesn't.

In the end it was a really good idea, a lot of back pain I had has gone away, and after long typing session I have way less pain in my wrists and hands.

[1]: https://configure.zsa.io/ergodox-ez/layouts/BOLz0/ybXMx/0

nowahe commented on Prompt injection: what’s the worst that can happen?   simonwillison.net/2023/Ap... · Posted by u/simonw
NumberWangMan · 3 years ago
I mean, I think it's scarier that once these models get smart enough, they will be able to act in the world in the same way that a shell script can execute on your machine. A model that can read code and find and exploit security flaws to build a botnet, or even sign up for a bank account using a fake identity, invest in stocks, make money, and purchase servers to train copies of its own mis-aligned AI, or fork copies of itself and give them instructions... That's what keeps me up at night. They aren't smart enough to do long-term planning and reasoning yet, but it's a problem we absolutely need to solve before they can.

Imagine what a world-class programmer could accomplish in this world if they thought 100 times faster than a human, and had no fear of going to jail. Our world is an insecure machine, and we're preparing to run untrusted code with root access.

And sure, maybe we can try to use less-intelligent AIs to secure things before then, but the weak point is still humans. Social engineering is typically way easier than straight up hacking. We've seen these lesser AIs threaten people, and while we can keep bonking them on the nose when they do that, we can't prove or tell that they won't ever do it in a different situation, when they judge that it's likely to be the most effective course of action.

I hope every day that this is all just hype and that another AI winter is coming, because we need time (who knows how long) for a way to align these things. But I really fear that it isn't.

nowahe · 3 years ago
If you haven't seen it already, you might enjoy this story from gwern : https://gwern.net/fiction/clippy
n

u/nowahe

KarmaCake day178April 12, 2017
About
AWS Solutions Architect
View Original