The great part is that you can always build your own selfhosted tools. There is nothing that can't be done at home, it's just a calculation of how much you're willing to spend.
Lately though the RAM crisis is continuing and making things like this more unfeasible. But you can still use a lot of smaller models for coding and testing tasks.
Planning tasks I'd use a cloud hosted one, for now, because gemma4 isn't there yet and because the GPU prices are still quite insane.
The cool and fun part is that with ollama and vllm you can just build your own agentic environment IDE, give it the tools you like, and make the workflow however you like. And it isn't even that hard to do, it just needs a lot of tweaking and prompt fiddling.
And on top of that: Use kiwix to selfhost Wikipedia, stackoverflow and devdocs. Give the LLM a tool to use the search and read the pages, and your productivity is skyrocketing pretty quickly. No need anymore to have internet, and a cheap Intel NUC is good enough for self-hosting a lot of containers already.
Source: I am building my own offline agentic environment for Golang [1] which is pretty experimental but sometimes it's also working.
>There (...) isn't a warm connection between the CCC and the BND in Germany
Fun fact: In the 1990s, the CCC e.V. was declared a terrorist organization by the BND. Also, a lot of members have been sued for Landesverrat (high treason) for disclosing found vulnerabilities and/or doing journalistic work.
For example, the netzpolitik guys have been sued for high treason twice.
Just as a side note on how competent the German state is to use their existing talent to work on issues in cyber security.
> If a hacker collaborates with the BND they do run a risk of many of their peers not wanting to collaborate with them anymore.
Another fun fact: There is no effective witness protection program in Germany. You have to have been attacked almost murdered twice (with legal cases leading to prosecution) before you can apply for the witness protection program.
And they're asking themselves why all the witnesses in high profile cases from Europol/Interpol keep disappearing ...
This is essentially the hack that Claude Code did with their dedicated sub-agent that summarizes a list of previous messages and maintains different types of memory (temporary, persistent, cross-agent). They also built tools so that agents can talk to each other and use that summary to propagate knowledge to other agents if needed.
Setting aside that their codebase is absolute slopcrap, I think something like this might work nicely if it's built from the ground up.
For my own test environment I'm relying on Golang and its conventions (go build, go test, go fmt, gopls etc) which saves a lot of prompts and tokens down the line. Additionally I think that spec driven development might be more successful but I haven't found out yet what the right amount of details for specifications is, so that semantic anchors can help summarize it better.
Still need to implement the summarizing agent and memory parts, it's a little fiddlework to get that right so I'm currently experimenting a lot locally with both ollama and vllm as an inference engine.
Note that this law still exists because it requires a constitutional change to include women (well, or to be abandoned). A constitutional change of the Grundgesetzbuch requires a 2/3rd majority in the parliament. That almost never happens these days, especially with green/left/social party being not really united anymore in their votes and the conservatives allying themselves with the far right.
The last time Germany had that much of a majority, it was under Bundeskanzler Kohl and Schroeder if I remember correctly. So like ~25 years ago.
> The last time Germany had that much of a majority, it was under Bundeskanzler Kohl and Schroeder if I remember correctly. So like ~25 years ago.
This is not true. After the last election the old parliament made a deal to change the grundgesetz with 2/3rd majority to allow the new parliament to take more debt.
> Nicholas has found hundreds more potential bugs in the Linux kernel, but the bottleneck to fixing them is the manual step of humans sorting through all of Claude’s findings
No, the problem is sorting out thousands of false positives from claude code's reports. 5 out of 1000+ reports to be valid is statistically worse than running a fuzzer on the codebase.
> 5 out of 1000+ reports to be valid is statistically worse than running a fuzzer on the codebase.
Carlini said "hundreds" of crashes, not 1000+.
It's not that only 5 were true positives and the rest were false positives. 5 were true positives and Carlini doesn't have bandwidth to review the rest. Presumably he's reviewed more than 5 and some were not worth reporting, but we don't know what that number is. It's almost certainly not hundreds.
Keep in mind that Carlini's not a dedicated security engineer for Linux. He's seeing what's possible with LLMs and his team is simultaneously exploring the Linux kernel, Firefox,[0] GhostScript, OpenSC,[1] and probably lots of others that they can't disclose because they're not yet fixed.
> On the kernel security list we've seen a huge bump of reports. We were between 2 and 3 per week maybe two years ago, then reached probably 10 a week over the last year with the only difference being only AI slop, and now since the beginning of the year we're around 5-10 per day depending on the days (fridays and tuesdays seem the worst). Now most of these reports are correct, to the point that we had to bring in more maintainers to help us. ... Also it's interesting to keep thinking that these bugs are within reach from criminals so they deserve to get fixed.
The reason I love my old cheap 1080p monitors so much is because they need less organizational overhead compared to a large 4k monitor where you constantly have to fix UI scaling bugs and zoom in/out, force different fonts for shitty web pages etc.
I am never gonna sway away from i3 [1], a notification free tiled window desktop system is just way too convenient. When I have to bootup a Windows VM for work (I am a malware analyst most of the time) I am losing my mind with all the notifications and blocking popup windows all the time. I have no idea why people are tolerating this as their work setup. It is hostile design to its users.
I use my computer to work. I don't want a computer that works me all the time.
[1] for desktop/GUI apps I use a mixture of GNOME forks and LXDE apps. Everything that makes popups when running in the background is avoided.*
“compared to a large 4k monitor where you constantly have to fix UI scaling bugs and zoom in/out, force different fonts for shitty web pages etc.”
counterpoint: this doesn’t appear the case with Apple, as they have defaulted their OS entirely to retina-level density now, removed subpixel rendering, and anything non-5K may look off (and you need to go through hoops to make it look well).
As such, I’m typing this in a MacBook with 3x5K displays connected.
Subpixel rendering has nothing to do with any of this: it was messing up on non-RGB pixel layout panels like VA and OLED, and it used to be a simple setting in GNOME (hidden these days unfortunately).
Still, even 5K at 27" is not without noticeable jagged edges in diagonal lines and textual characters (though I've only tried 4K at 24", but that's a similar DPI and angular resolution if at the same distance) if your visual acuity (with or without correction) is around 20/20 or better (mine is better with glasses/contacts).
I hate how the text looks with a Mac on a 4K 32" screen, let alone 4K 42" screen.
And I love my multi monitor setup, because each monitor has its own set of app, and I can remove window switching by a lot.
I put my browser on 2k monitor so no need to fight with resolution and other things
but IDE is always on 4k monitor, no scaling, slightly larger font size, so I can see more code. And all the log, and note app are on 3rd 1080p monitor.
And Wayland gnome was pretty solid for me, until recently gnome-shell eating over 2/3gb on long run. Switched to niri for the time being, which is working pretty solid.
I've seen 4K monitors in person. Disabling anti-aliasing (with full hinting enabled) on a 1080p monitor increases text sharpness to equal that of anti-aliased text on a 4K monitor. The only drawback is that the font no longer approximates the shape of printed text. This doesn't matter except in the outlier cases of Chinese and Japanese, which use some extremely visually intricate characters.
Gas is likely mixed with cheaper Ethanol now. Depending where you live there's likely less taxes on Ethanol, too.
Ethanol has an Octane rating of 114%, meaning that you can run your engine with less fuel in the fuel/gas mixture, if your engine, pipes, fuel pump and rubber hoses are made for that.
Ethanol is pretty awesome in terms of HP output, but you have to reprogram the maps in the ECU to correctly use it. The timings of "how fast" Ethanol explodes inside your engine cylinders is also faster, meaning if you don't remap your ECU there's chances of backfire because the valves don't close fast enough. That means if you don't have a V-Tec or similarly digitally controlled valve steering you have to also modify your camshaft.
Source: Rebuild 3 cars and their engines to be fueled with Ethanol because I live near a race track with cheap access to Ethanol.
Edit: some gas stations in the past were using shitty additives to boost the ethanol mixture with toluols and methyl ethylene variants, so could also be that. They're really bad for your engine block. Like, reeeeally bad because their mixture is very unpredictable and varies too much for a proper ethanol ECU map.
China telecom regularly has BGP announcements that conflict with level3's ASNs.
Just as a hint in case you want to dig more into the topic, RIR data is publicly available, so you can verify yourself who the offenders are.
Also check out the Geedge leaked source code, which also implements TLS overrides and inspection on a country scale. A lot of countries are customers of Geedge's tech stack, especially in the Middle East.
Just sayin' it's more common than you're willing to acknowledge.
Lately though the RAM crisis is continuing and making things like this more unfeasible. But you can still use a lot of smaller models for coding and testing tasks.
Planning tasks I'd use a cloud hosted one, for now, because gemma4 isn't there yet and because the GPU prices are still quite insane.
The cool and fun part is that with ollama and vllm you can just build your own agentic environment IDE, give it the tools you like, and make the workflow however you like. And it isn't even that hard to do, it just needs a lot of tweaking and prompt fiddling.
And on top of that: Use kiwix to selfhost Wikipedia, stackoverflow and devdocs. Give the LLM a tool to use the search and read the pages, and your productivity is skyrocketing pretty quickly. No need anymore to have internet, and a cheap Intel NUC is good enough for self-hosting a lot of containers already.
Source: I am building my own offline agentic environment for Golang [1] which is pretty experimental but sometimes it's also working.
[1] https://github.com/cookiengineer/exocomp
reply