This was my experience too. The USA is the only country I've ever been to where random strangers will strike up a conversation with me completely out of the blue, and I've travelled quite a lot.
Using the source code to ask questions about poorly documented features in projects you have no experience is my favourite thing that LLMs make possible (of course you could do this before but it would take way, way more time). There are so many little annoyances that I’ve been able to patch and, thanks to NixOS, have the patched software permanently available to me.
In fact NixOS + LLMs feels like the full promise of open source software is finally available to me. Everything is within reach. If you don’t like something, patch it out. If you want to change a default, patch that in.
No need to know the language, the weird build process, or the custom tooling. Idea to working binary in minutes. I love it so much.
Yes, the idea that you can meaningfully modify the program for your own purposes (one of Stallman's four freedoms) was quite unrealistic except for the most skilled and invested among users. LLMs change this. I mean, as long as you use open models. I fear that in the future, corporate models may start to refuse building software like this that is inconvenient for them. Like possible future-Gemini saying, "oh I see you're patching chromium to continue working with adblockers, this is harmful activity, I cannot help you and reported your account to Google. Cease and desist from these plans or you lose your Gmail!"
Today is the honeymoon phase, enshittification will come later when the pie stops growing and the aspect of control comes more into focus.
It's just too good to be true. Most people still don't know that you can now do what you just described. Once people in the suits understand this, the propaganda will start about how unsafe this all is and that platforms must be locked down at the hardware level, subscriptions cut off if building unapproved software etc.
Investor confidence is far more important to them than cashflow, and the best way to shake investor confidence is with the magic words "user numbers are down".
I don’t really understand the point of sandboxing if you’re going to give it access to all your accounts (which it needs to do anything useful). It reminds me of https://xkcd.com/1200/
Yeah I have been planning to give it its own accounts on my self hosted services.
I think the big challenge here is that I'd like my agent to be able to read my emails, but... Most of my accounts have Auth fallbacks via email :/
So really what I want is some sort of galaxy brained proxy where it can ask me for access to certain subsets of my inbox. No idea how to set that up though.
> So really what I want is some sort of galaxy brained proxy where it can ask me for access to certain subsets of my inbox. No idea how to set that up though.
Though of the same idea. You could run a proxy that IMAP downloads the emails and then filters and acts as IMAP server. SMTP could be done the same limited to certain email addresses. You could run an independent AI harmful detector just in case.
Yeah I think for SMTP it's easy since it's perfectly scalable to do manual approval for each mail.
But not really sure how to set up safe search. One idea I had was to say "nobody would ever put a secret in the subject line, right..?". Then you could let the agent read all the headers and just have it ask permission to see the body.
That's still not entirely safe since if you can search the body you can eventually infer the presence of arbitrary strings. But I think you could probably mitigate that risk by just setting up alerts for if the agent starts spamming loads of searches?
it'll be interesting to see if people start writing worse as a form of countersignalling. deliberately making spleling mistakes, not caring about capital letters, or punctuation or grammar or proper writing techniques and making really long run-on sentences that don't go anywhere but hey at least the person reading it will know its written by a human right
That’s fair, but GitHub themselves do it with GitHub Actions. Versioning of all official actions is done with git tags, which has always made me uncomfortable.
That makes sense, so does doing releases by using tags, why would that make you uncomfortable?
What doesn't make sense, is creating a completely new language/framework/package manager and decide to place the package registry burden on someone else.
Are you confusing tags with branches? Git tags for all intents and purposes are immutable. If you have a tag in your local repository that was pulled down from another remote, and the remote changes the tag and you update your local repository, it'll reject the incoming tag.
It's true they're both refs inside git, but git literally treats them as "shouldn't move", unlike branches. They're not immutable in the technical sense, so I guess you're technically right. But they're not used the same way as branches, and the tooling won't like that either.
That's irrelevant in the context of GitHub Actions: CI runners clone the repo fresh every run. If someone gets write access to a widely used action, they can force push all tags to point to a malicious commit.
> Pinning an action to a full-length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps mitigate the risk of a bad actor adding a backdoor to the action's repository, as they would need to generate a SHA-1 collision for a valid Git object payload.
If you're in (for example) a CI context and do a git checkout @tag, there's no guarantee that you'll get the same content as the last time you fetched that tag.
> At one point I had the misfortune to be the target audience for a particular stomach churning ear wax removal add.
So isn’t it possible that your friend had the same misfortune? I assume you were similar ages, same gender, same rough geolocation, likely similar interests. It wouldn’t be surprising that you’d both see the same targeted ad campaign.
Have you considered it was just proximity? The overlords know you were in proximity with your friend. It is not unreasonable to assume you share interests and would respond to the same ads.
reply