Inlay

Profile

Cryptography, privacy, zero knowledge, Rust, Zcash dev, gaming, hardware hackery, art appreciation. He/him. https://str4d.xyz https://abyssdomain.expert/@str4d age18f63qx4gk8x7p4lfuwwglqcan7snvp406q5vmk26g9fmpe9c799qqzzr3w

str4d

The privacy risks (very nicely outlined herein) are one of the core motivations for the personal assistant system I'm currently building for myself. That and I really want the hackability I get from a system I fully control (Per-task encrypted secrets? Seamless local models? Cyberdeck integration?)

My main takeaway: I need to remember that LLMs are not typical computer tools. Normally when I encounter a failure mode, I can configure the tool or env to prevent it going forward. That simply doesn't work here, because everything you tell it in-band is just suggestions that it can and will ignore.

Been a while since I had a post escape containment. Normally when I wake up to the 30+ notifications icon, it's because @eprint.ing.bot is posting 😄

Claude has successfuly convinced me that it is unsafe to use for large projects. It reads skills / user instructions at the start of the session, but once the project itself is in context, there is enough pressure even with 1M context that it is reliably forgetting both the skills and instructions.

Ooh, another bad Claude Code permissions failure mode from @anthropic.com: requests are a stack (LIFO) instead of a queue (FIFO). You can be in the act of pressing Enter after reviewing a request, when another request takes over the permissions UI (frequent with ultracode), and steals the approval.

Muting it, but otherwise leaving it up as a honeypot for bad AI takes about my AI take being bad.

Fun quirk: the app.bsky.embed.images Lexicon allows at most 4 images, so this post uses a new app.bsky.embed.gallery Lexicon without that restriction. The old app doesn't know about the new Lexicon, so it doesn't show any images. Would be nice to instead see "update your app to view this content".