Harness needs to intercept all too calls and compare with an authorisation list. The problem is that this is using already granted core permissions.
So you have to have a tighter set of default scopes, which means approving a whole batch of tool calls, at the harness layer not as chat. This is obviously more tedious.
The answer might be another tool that analyses the tool calls and presents a diagram of list of what would be fetched, sent, read and written. But it would get very hard to truly observe what happens when you have a bunch of POST calls.
So maybe it needs a kind of incremental approval, almost like a series of mini-PRs for each change.
We need a new suite of utilities with defined R/W/X properties, like a find that can't -exec arbitrary programs. Ideally the programs would have a standard parseable manifest.
I've seen this before with sodoers programs including powerful tools. Saw one today with make, just gobsmacked.
I would really love to see the Cohens make a reenactment documentary about American injustices, with the lead-in being "These are real events that happened, names have not been changed."
This is a great argument for fines indexed to the price of the car, and non-linearly with speed and value and repeated occurrences.
Fine = 2 ^v^2 ^n^2 ^p^2
Where v is velocity % higher than the speed limit, n is the number of speeding occurrences in the past 12 months, p is the normalised price of the vehicle. Obviously these parameters could be tweaked.
The result should be that frequent violations cost much more, cost is proportional to the increased danger, and rich people feel the cost of violations.
Or they can just hire more police and deter crime with actual hard work instead of building a nanny state running social experiments based on how nice your car appears.
I can see that you have sand in your underpants about getting infringements for breaking the law. It is obviously uneconomic to have very expensive police officers enforce traffic crime when automated cameras are so effective. What you are really arguing for is individual exceptionalism for rich people to violate speed limits.
It isn't a "social experiment" to deter crime, and calibrating punishment to have an actual deterrent effect has a long precedent. If it is "nanny state" policy to set speed limits that penalise repeat offenders and hoons in high powered cars, you will find it has broad community support.
A set of clothing used to cost a month's wages. Yearning for the pre-industrialised era is an unintended pean to aristocracy, whitewashed by fiction and movies to be clean and virtuous.
At the moment, a single line of production code costs hundreds of dollars. I'm not talking about the bedrock of technology, like compilers, mysql, the Linux kernel, which represent hundreds of billions of value. I'm talking about the shitty code that powers Salesforce and ERP integration, Drupal modules, intranet customisation, insurance company call centre agent policy workflows, the thrice cursed apps that ship with cheap Chinese android phones, the putrid code to analyse our shopping loyalty card purchases and turn it into business insights.
All that code is shit, and it costs a fortune. Meanwhile regular people have no code. Even I run my life on almost no code, I have to use SaaS (like Gmail and Docs). If I want something like a financial analysis to be understood by my family I don't code it in python, I use Excel. I use whatever automation comes in my car. But once simple code becomes a process of thinking about what you want rather than knowing esoterica like calling conventions, allocation lifetimes etc, then we have made custom software accessible to billions of people, people who are clever and industrious.
So stay in your cathedral and illuminate your manuscript if you like, there is a need for excellent code, and tooling like Lean that can define what correct means, but let the people eat.
Rogue-like games use the most simple randomisation to generate the next room, and I burnt hundreds of hours in Mines of Moria before I forced myself to quit.
Now with an LLM I could have AD&D-like campaigns, photorealistic renders of my character and the NPCs. I could give it the text of an AD&D campaign as a DM and have it generate walking and talking NOCs.
The art of those great fantasy artists is definitely being stolen in generated images, and application of VLMs should require payment into some sort of art funding pool. But modern artists could well profit by being the intermediary between user and VLM, crafting prompts, both visual and textual, to give a consistent look and feel to a game.
Artists want to create. They do not want to tweak prompts and click "Generate" repeatedly until the output matches their vision. I would find this maddening.
But this wouldn't make sense anyway. Game companies won't foot the bill for real-time renders of your character, let alone a world of generated NPCs. If/when costs are low enough, and players accept a recurring subscription to play games, then this could happen, sure. No way in hell will artists be available in real-time to keep the generated imagery consistent.
Why would game companies be paying for rendering on my computer? My computer can fantasise player specific details, in a palette created by game artists, and render them itself.
Game artists could indeed be working in real time in MMORPGs to tweak the world, impresarios of the shared experience. Paying for live human shaped performance art is a great way to keep human creativity central to the experience.
The thought you have while coding should be part of your workbook. This is a distillation of all the input and processing at the time, which can be a valuable clue for bug hunting and refactoring.
Since the code is literally the answer to What comes next after this prompt the answer is yes. Unfortunately there is also a hidden random seed in the engine (which this doesn't seem to address). But if you capture the seed, the exact version of the software and the prompt, the system is completely deterministic.
However there is an unpleasant reality: the system could be incredibly brittle, with the slightest change in input or seed resulting in significantly different output. It would be nice if all small and seemingly inconsequential input perturbations resulted in a cluster of outputs that are more or less the same, but that seems very model dependent.
So you have to have a tighter set of default scopes, which means approving a whole batch of tool calls, at the harness layer not as chat. This is obviously more tedious.
The answer might be another tool that analyses the tool calls and presents a diagram of list of what would be fetched, sent, read and written. But it would get very hard to truly observe what happens when you have a bunch of POST calls.
So maybe it needs a kind of incremental approval, almost like a series of mini-PRs for each change.
reply