While the attack vector is completely obvious when you think about it, the gumption to do it is novel. Of course this is the best way to exfiltrate data, it's on a blessed path and no one will really bat an eye. Let's see how corporate-mandated anti virus deal with this!
Even using Claude Code vs. something like Crush yields drastically different results. Same model, same prompt, same cost... the agent is a huge differentiator, which surprised me.
I totally agree that the agent is essential, and that right now Claude Code is semi-unanimously the best agent. But agentic tooling is written, not trained (as far as I can tell—someone correct me) so it’s not immediately obvious to me that a third-party couldn’t eventually do it better.
Maybe to answer my own question, LLM developers have one, potentially two advantages over third-party tooling developers:
1) virtually unlimited tokens, zero rate limiting with which to play around with tooling dev.
2) the opportunity to train the network on their own tooling.
The first advantage is theoretically mitigated by insane VC funding, but will probably always be a problem for OSS.
I’m probably overlooking news that the second advantage is where Anthropic is winning right now; I don’t have intuition for where this advantage will change with time.
But vscode doesn’t just let you edit files on the remote, it runs everything on the remote: extensions, terminal commands, etc. If you’re working on a web project, it forwards ports so you can still visit localhost in your browser, even though your dev server is running on the remote host.
Yeah it's like fully virtualized to run the same familiar environment completely on a local machine. It's not even remotely comparable. Extremely necessary in many cases like thin clients for machine learning
sshfs doesn't work for things where you're developing for linux and working on macos - run the code, run the debugger, step, etc.
I don't use IDEs at all and work on sshfs almost exclusively, but I totally understand where people are coming from and the difference between editing files and running code.
I use rclone for that because, while the "complete opposite of do one thing”, it (mostly) solves the extremely annoying problem of "dealing with things that look like files in potentially remote locations, each with it's own bespoke API".
(it also has, for most of my use cases, better performance that sshfs).
How? Seems obvious that I missed the boat on LLMs. I don't have any ideas anyway (I have only one "idea", and it's someone elses and I have no faith that it'll get me a foothold). Robotics will be solved pretty soon by 10x reasoners if this development curve continues. Everything I can "change to" has a 2 year delta and that is a 100x capability change within the AI space right now.
> Robotics will be solved pretty soon by 10x reasoners if this development curve continues
Don't get high on your own (industry's) supply. This foward-looking BS is targeted at clueless investors, Level 5 self-driving cars have been a "few years away" for almost 2 decades now, and here we are, still having to deal with ADAS like cavemen, and looking back at the trail of dead companies that believed they could solve self-driving.
My buddy recently had asked me whether he should pivot into software dev. I told him: if you have a problem to solve through programming, learn to code and do it; if you don’t, don’t. Programmers that will survive LLM revolution naturally find problems to solve. If you aren’t such a person it might not be a direction for you.
what are you attempting to achieve with this idea? what kind of foothold? ideas are everywhere, they are cheap. the idea plus the execution, timing, marketing, and approach are all factors in something being successful. maybe you are thinking you need to make a startup or something to be successful.
i understand the feeling you have a little bit, but agree with the others that you don't need to despair too much about the industry, there is still a great need (and will be) for humans to understand the systems we are using and be able to get in the weeds to solve problems.
totally agree we might need less people writing/wrangling code, and it might put downward pressure on salaries... on the other hand, there might be upward pressure on salaries as developers will have a higher output and the ROI for hiring an effective developer in this environment will go up. especially when production is on fire, the AI that wrote the code that is on fire might not be the best source of how to solve it.
to me this is all basically a big unknown, without substantial reason to panic though, even if it feels overwhelming and hopeless from a certain perspective at the start of a career. currently a lot of development feels pretty sluggish to me, we fight with build tools and multiple languages and eke out these incremental improvements - if developers can work much much faster, that's great, but then we hit a limit to like... OK we need to let the product changes "settle" for a while and get user feedback about the changes, we can't actually ship 14 major product updates in a week because users will have no idea what the fuck is happening. but maybe we can do more advanced things with rapid split testing and automated success metrics to deploy pages that "self-optimize" or something, and there might be new second and third order ideas that come from this where it takes a human to manage and direct and build and solve things at that level.
I dunno, a job? I don't think one other person's idea is enough.
> ideas are everywhere, they are cheap. the idea plus the execution, timing, marketing, and approach are all factors in something being successful
And water is everywhere but you need a boat to get across it. I don't think I have a boat. I don't know if I can build one. I don't know if anyone will let me on their boat. s/boat/idea generation/g.
can you describe how any idea of this form connects to a job? I think what I'm saying is you don't need any "idea" - it's enough to have skills. You might be overestimating the bar you need to it or what it takes to get jobs in general.
The only thing I think that makes my resume as a student appealing is having real-world projects that show I can meaningfully develop. I'd need similar for GenAI, I'd imagine.
In addition - promote face to face meetings via zoom/google meet/discord/?, ideally on-the-fly meetings created in the open so others can join based on the topic.
if (authCheck.exitCode === 0) {
return {
result: "success",
message: 'Credentials are Valid'
};
}
return {
result: "failure",
message: 'Credentials are invalid. Please check the credentials set on the secret/credentials prop!'
};
Checking the validity of an STS token requires that you have a bona fide token first. Thus it’s not a “digital twin”; it is the real McCoy. And STS tokens are free.
There is no digital twin I’m aware of that is capable of simulating the real behavior of an EC2 instance. There are just too many variables to consider. To test instance launch and runtime behavior to a meaningful degree of certainty, you have to launch one first. And that means accepting the costs of doing that.
(I notice, too, that you appear to be executing the AWS CLI to do this. I’m not sure if that’s bad or not, but it smells a little fishy.)
We're being intentionally pragmatic here. If you're building a digital twin of, say, an F1 car - the complexity of the simulator has to be very high. It's more like building a mock of physics than just the car.
With Infrasturcture, it turns out that what you need to know is "did I make a valid configuration", or "does this set of things work together". It's less about making a mock of the results, and more about simulating that the results would have the effect you think they will. So we can't tell you "will your application work on this size of instance" (although if you know that, you could encode that!) - but we can tell you if the options your setting are correct, if the AMI exists in the region, etc etc.
It’s terribly slow, given that it’s starting an entire Python process, configuring boto3, etc. that’s 2 seconds on my machine, just to run —help. And it’s all to make a single HTTP request (80ms)
