More

tuananh · 2026-03-20T06:47:02 1773989222

> buy Marcus Rashford

that would strengthen Man Utd :D

tuananh · 2026-03-20T03:17:53 1773976673

@jackpot51 you may want to take a look at this accusation.

tuananh · 2026-03-20T01:30:05 1773970205

they said they will keep maintaining uv/ruff/ty ... but that's an impossible promise to keep with their priority changes once they are in the bed with OAI.

tuananh · 2026-03-17T04:26:35 1773721595

with no track record, i would imagine it's hard to ask for sponsorship

tuananh · 2026-03-16T09:58:37 1773655117

where's the code? i can't see it. https://github.com/MatrixForgeLabs/OctantOS is just some docs.

jamieoglindsey · 2026-03-16T11:02:14 1773658934

yeah. that's the public facing repo with docs only.

Making it open-source would like of defeat the object here and render it worthless.

A project like this isn't worth much when it gets cloned 1000 times and people start using all my code for free.

The whole point is to create a proprietary software system that will be able to help me make something of my life.

tuananh · 2026-03-11T01:50:52 1773193852

tbh, llama leak was the best thing that happened to the AI/LLM community. Lots of good things happen because of that: LoRA, QLoRA, DPO, RoPE,...

arugulum · 2026-03-11T03:40:41 1773200441

LoRA? The parameter-efficient fine-tuning method published 2 years before Llama and already actively used by researchers?

RoPE? The position encoding method published 2 years before Llama and already in models such as GPT-J-6B?

DPO, a method whose paper had no experiments with Llama?

QLoRA? The third in a series of quantization works by Tim Dettmers, the first two of which pre-dated Llama?

tuananh · 2026-03-11T07:34:13 1773214453

you're right. those things predated llama leak. but from my understanding (from the sideline), it's llama that's made them popular and approachable from hacker perspective.

tuananh · 2026-03-09T07:53:32 1773042812

mcp just need to add dynamic tools discovery and lazy load them, that would solve this token problem right?

tuananh · 2026-03-09T02:45:12 1773024312

*most* of the homelab setup doesn't have much load so it's mostly matter of ram available and then power consumption.

many people with setup like this probably needs maybe a 4 cores low powered machine with idle consumption at ~5-10w

Semaphor · 2026-03-09T08:51:55 1773046315

Yeah, this is the AI tax. I have several times as many services (28) on a vastly smaller machine (N100 fanless), but besides some very light AI for image detection which runs on CPU, I have no AI there, so I don’t need a desktop PC.

tuananh · 2026-03-09T01:41:04 1773020464

isn't sandbox-exec already deprecated?

e1g · 2026-03-09T01:56:49 1773021409

Yes, for about a decade. But it’s available everywhere, and still works - and protects us - like brand new!

rvz · 2026-03-09T03:52:13 1773028333

It's quite naive to assume that. There is a reason why it is deprecated by Apple.

Apple is likely preparing to remove it for a secure alternative and all it takes is someone to find a single or a bunch of multiple vulnerabilities in sandbox-exec to give a wake up call to everyone why were they using it in the first place.

I predict that there is a CVE lurking in sandbox-exec waiting to be discovered.

TheTon · 2026-03-09T05:00:42 1773032442

On the other hand, the underlying functionality for sandboxing is used heavily throughout the OS, both for App Sandboxes and for Apple’s own system processes. My guess is sandbox-exec is deprecated more because it never was adequately documented rather than because it’s flawed in some way.

rvz · 2026-03-09T06:39:57 1773038397

> the underlying functionality for sandboxing is used heavily throughout the OS, both for App Sandboxes and for Apple’s own system processes.

The security researchers will leverage every part of the OS stack to bypass the sandbox in XNU which they have done multiple times.

Now, there is a good reason for them to break the sandbox thanks to the hype of 'agents'. It could even take a single file to break it. [0]

> My guess is sandbox-exec is deprecated more because it never was adequately documented rather than because it’s flawed in some way.

You do not know that. I am saying that it has been bypassed before and having it being used all over the OS doesn't mean anything. It actually makes it worse.

[0] https://the-sequence.com/crashone-cve-2025-24277-macos-sandb...

TheTon · 2026-03-09T15:22:34 1773069754

You could apply this same reasoning to any feature or technology. Yes there could be a zero day nobody knows about. We could say that about ssh or WebKit or Chrome too.

I hear what you're saying about the deprecation status, but as I and others mentioned, the fact that the underlying functionality is heavily used throughout the OS by non deprecated features puts it on more solid footing than a technology that's an island unto itself.

JimDabell · 2026-03-09T05:03:33 1773032613

As I understand it, Chrome, Claude Code, and OpenAI Codex all use sandbox-exec. I’m not sure Apple could remove it even if they were sufficiently motivated to.

rvz · 2026-03-09T06:46:10 1773038770

> As I understand it, Chrome, Claude Code, and OpenAI Codex all use sandbox-exec.

Apple can still decide to change it for any reason, regardless of who uses it, since it is undocumented for their use anyway.

> I’m not sure Apple could remove it even if they were sufficiently motivated to.

It can take multiple security issues for them to remove it.

TheTaytay · 2026-03-09T13:51:00 1773064260

Is there a better alternative on Mac?

tuananh · 2026-02-28T11:45:56 1772279156

bootc is kind of perfect for edge. delivering OS update as a whole. ease of update/rollback.