Relevant: https://news.ycombinator.com/item?id=48016224
what's the differnce between this vs running shannon on aws/bedrock fully airgapped in my vpc? I've got some pretty great results with shannon [no subprocessor and can pay via aws credits]. Even better using claude code token [effectively free with our $200/mo cc subscription]
I tried kimi but it generally spins it's wheels extensively in it's thinking tokens. kimi2.7 is an attempt at reducing this. But doing finetuning, means you will always be behind the latest.
as a side note - I think it's very unprofessional and very shitty to not mention kimi2.6 at all in your marketing copy. and i feel that you posted that in this hn post begrudgingly since the hn crowd would have flagged that.
confirmed with a google search too: https://www.google.com/search?q=kimi+site%3Aargusred.com
All around your marketing website you keep mentioning - 'A model lab built it'. A fintune does not maketh you a model lab - some humility please :)
finally - doesn't Kimi's licensing prohibit you from not mentioning them? Didn't cursor run into the same issue?
off-topic, but I've become quite intrigued with AI pentesting, after being very unhappy with the various pentest firms we've used in the past, that rip us off or do very mediocre tests (of course yeah yeah the really good ones exist but even then they're not going to match the speed at which we are claude coding now).
Tried a bunch of open source pentesters, including strix (though we never managed to get strix to actually complete.)
this project called shannon was the only one that we managed to get working reliably and it definitely smoked the output of one of the $10K pentests we did, (we had just discovered shannon after we had gotten the pentest firm's report, so it gave us a good baseline comparison). caveat: this was white box and our pentest firm did greybox, but neverthless I was still very unimpressed by what I got from the pentest firm. $50 vs $10K is not even a comparison lol with far far better results and sent our cto into near heart attack mode.
i think the days of pentesting firms are over - especially with mythos/5.5-cyber etc like capability coming into play. very exciting times ahead!
Check out Fern / my software friend was raving about. It solves some of the problems around OpenApi around codegen but maintains compatibility with open api
https://news.ycombinator.com/item?id=34346428
“ The Stein collection contains over 1000 copies of the Lotus Sutra in Chinese, which were acquired by Sir Marc Aurel Stein in 1907 and 1914, when he visited the so-called ‘Library Cave’ (Cave 17) at the Mogao Caves near Dunhuang, in the present-day Gansu Province in China.”
Jokes aside - you can replace Chinese with Indian too and still the same answer holds. There is something magical about Silicon Valley and it is definitely not about the salaries. Fwiw, bytedance pays in the 7 figures usd in Beijing!
I fear this too. As someone who had read a fair bit of the history of India, and how the British/east India company mind-fucked and pillaged them it scares the hell out of me. The after effects are still there even 70 years later.
as a side note - I think it's very unprofessional and very shitty to not mention kimi2.6 at all in your marketing copy. and i feel that you posted that in this hn post begrudgingly since the hn crowd would have flagged that. confirmed with a google search too: https://www.google.com/search?q=kimi+site%3Aargusred.com
All around your marketing website you keep mentioning - 'A model lab built it'. A fintune does not maketh you a model lab - some humility please :)
finally - doesn't Kimi's licensing prohibit you from not mentioning them? Didn't cursor run into the same issue?