HackerTrans
トップ新着トレンドコメント過去質問紹介求人

ryan29

no profile record

コメント

ryan29
·2 か月前·議論
Im not a crypto person, but I was intrigued by Chia. They generate their coins based on allocating disk space. So if you have a bit of free space, you can fill it with plots and play the lotto.

The intriguing part is that I think it works against scaling. The incremental cost for me to use the 500GB of free space on my disk is $0, but someone scaling a bot farm has to buy all their space.

Real people tend to have a lot more idle capacity than optimized, scaled businesses, so any kind of proof of idle capacity seems like it would disadvantage bot farms.

I’ve also thought that proof of collateral spending would be a good system. For example, you buy groceries and the store gives you a token saying you spent $X of real world money. Those tokens help show you're not a bot. Keeping that system honest and equitable would be extremely difficult though.

Maybe schools could give kids tokens for attendance. It sounds kind of dumb, but who knows.
ryan29
·4 か月前·議論
I think this is going on my list of things I want to try. I have some feedback, but need to qualify it with a warning that I've barely used any AI beyond simple chat bots. This is going to be the opposite of the feedback that silentsvn gave you, meaning I have no idea what I'm talking about :-)

TLDR; You need a "how to use it" section that explains how to get information in and out of the context. That's assuming I'm not completely misunderstanding the purpose.

I started using Claude Code about a week ago, but my goal is to get something running locally that can help me get things accomplished. I'm skeptical of the claims that AI can do the work for us, but I'm interested in the idea that we can offload a bunch of cognitive load onto it freeing up brain space for the actual problems we're trying to solve. Some kind of memory system is the starting point IMO.

So here's my feedback. I skimmed the repo. You explain what it does and how it does it, but I have no idea what it does or how it does it. I think your explanations are too technical for people to understand why they'd want something like this and the example makes it look like a simple search engine. I think you need more of an explain-it-like-I'm-five approach. I might know enough to be the 5 year old in the conversation, so I'll explain a few issues I've been having and maybe you can tell me if / how your tool helps.

Most of this is in the context of using Claude Code.

I noticed the amnesia problem immediately, but expected it. I figured I'd need to take a couple of days to configure the system to remember things and adhere to my preferences, but now I realize that was wildly optimistic. Regardless, I started making a very naive system that uses markdown files with the goal of getting a better understanding of managing memory and context together. It tries to limit the current context, but it's naive. It walks a hierarchy and dumps things into the context. It's just for me to learn. I'll be happy if it helps me understand enough to pick a good tool that already exists.

The first big problem I hit was that I want what you describe as compounds, mainly chat exports, especially as I'm starting out and just want to "dump" information somewhere. I want all my chat history as I'm learning something. I had a big ah-ha moment when I asked Claude to write our conversation to a markdown file and it told me it couldn't, but offered to output a summary. I'm losing information in real time as I chat. I don't know if it's valuable or not because I don't know enough to know what I don't know.

I've been getting the most value from chatting with the AI to learn and plan things. That involves a lot of ideas, right or wrong, and I want to be able to save and retrieve those chats verbatim so I can get back to the exact same context in the future. I don't know if that's a good or bad idea, but I figure that, if I can retrieve the original context, I can always have the AI summarize it or have it help me create something more well structured once I understand the topic a bit better. I also think there's probably some value in having a future model re-evaluate that old context. For example, in the future I can start it with the current refined context (how I implemented things) and have it walk through all that old context to see if there are any novel ideas that might help to solve existing issues.

I'm assuming your spec documents are followed by the AI when working on the project. Is that right? If so, I wonder if you're underselling that by not giving an ELI5 example of how that works. For me, that's a hard problem to solve. I want a semantic search for rules the model needs to apply but I don't really want it to be semantic because they're rules that must be applied. I need to be able to ask "why isn't the tool following my docker compose spec" and need a deterministic way to answer that. I think your project does that.

Maybe I'm simply lacking knowledge and should be able to understand why I need this kind of tool and, more importantly, how it maps to context management (assuming that's what it does).

I'll give you an analogy, at least that applies to me. Your "how it works" section is like going to driver training and having the instructor start explaining how the car's engine and transmission are built. People like me need it dumbed down; "Push the gas and turn the wheel. It's faster than your bicycle."

Maybe I'm not the target audience yet, but maybe I am. I'm already convinced that AI with good memory management is useful. I'm also unwilling to build that memory using a commercial system like Claude or ChatGPT. It's vendor lock-in on the level of getting a lobotomy if you lose access to that system and I don't think people are doing a good job of assessing that risk.

I'm going to finish building my own crappy memory system and then yours is going to be the first real system I try. Thanks for sharing it.
ryan29
·5 か月前·議論
I wonder how it works and how much heavy lifting "supervising" is doing. Whenever I try to use AI, the outcome is about the same.

It's good at non-critical things like logging or brute force debugging where I can roll back after I figure out what's going on. If it's something I know well, I can coax a reasonable solution out of it. If it's something I don't know, it's easy to get it hallucinating.

It really goes off the rails once the context gets some incorrect information and, for things that I don't understand thoroughly, I always find myself poisoning the context by asking questions about how things work. Tools like the /ask mode in Aider help and I suspect it's a matter of learning how to use the tooling, so I keep trying.

I'd like to know if AI is writing code their best developers couldn't write on their own or if it's only writing code they could write on their own because that has a huge impact on efficiency gains, right? If it can accelerate my work, that's great, but there's still a limit to the throughput which isn't what the AI companies are selling.

I do believe there are gains in efficiency, especially if we can have huge contexts the AI can recall and explain to us, but I'm extremely skeptical of who's going to own that context and how badly they're going to exploit it. There are significant risks.

If someone can do the work of 10 people with access to the lifetime context of everyone that's worked on a project / system, what happens if that context / AI memory gets taken away? In my opinion, there needs to be a significant conversation about context ownership before blindly adopting all these AI systems.

In the context of Spotify in this article, who owns the productivity increase? Is it Spotify, Anthropic, or the developers? Who has the most leverage to capture the gains from increasing productivity?
ryan29
·9 か月前·議論
Who should own the context?

Imagine having 20 years of context / memories and relying on them. Wouldn't you want to own that? I can't imagine pay-per-query for my real memories and I think that allowing that for AI assisted memory is a mistake. A person's lifetime context will be irreplaceable if high quality interfaces / tools let us find and load context from any conversation / session we've ever had with an LLM.

On the flip side of that, something like a software project should own the context of every conversation / session used during development, right? Ideally, both parties get a copy of the context. I get a copy for my personal "lifetime context" and the project or business gets a copy for the project. However, I can't imagine businesses agreeing to that.

If LLMs become a useful tool for assisting memory recall there's going to be fighting over who owns the context / memories and I worry that normal people will lose out to businesses. Imagine changing jobs and they wipe a bunch of your memory before you leave.

We may even see LLM context ownership rules in employment agreements. It'll be the future version of a non-compete.
ryan29
·3 年前·議論
Borgbase is pretty good. I’ve used it for 6 years.

The usage graph on each repo is great. I redid my server this year and was accidentally backing up a stale snapshot every night for one of my repos. It would succeed, but without changes. The flat line for usage tipped me off. I’m not sure I would have noticed otherwise since it was a VM image that I could restore and boot, but it wasn’t super obvious it was full of stale data.

This downtime isn’t ideal, but, if downtime is needed to preserve data integrity, I’ll take it over the risk of trying to maintain availability.
ryan29
·3 年前·議論
I got an email about it right away and I’ve also been getting warnings (that I configured in the dashboard) for inactivity on a repo that’s affected.
ryan29
·4 年前·議論
I think blockchain domains are detrimental to the existing system, so I don't get why XYZ would help try to legitimize them. They're not even promoting XYZ. They're literally encouraging customers to go buy a .eth domain where XYZ doesn't have any control or make any money.

It's probably well intentioned and I like seeing XYZ making an effort to do more than maintain the status quo, but there are better ways to promote domains than jumping on the blockchain bandwagon in my opinion.
ryan29
·4 年前·議論
> Another factor could be the fact ENS names expire and require a renewal fee

I have no proof, but I doubt any of them were paying for it. I tried to figure out how some of them got their names by looking at the blockchain. There were some patterns where I thought it looked like someone bought up a bunch of popular names and transferred them to the influencers. I'm not very well versed in blockchain though, so I couldn't follow it well enough to do anything more than speculate.

I think it was nothing more than promotion. It would be interesting to know if anyone got paid because they should be disclosing it as paid promotion if they did. Having the domain given to you is a type of payment (if that happened).

> I think it was something like $250 per year (in ETH at the time) to keep it active

If you weren't looking at a 3 or 4 letter domain you were probably seeing super high transaction fees which made the initial transaction very expensive. The registration is supposed to cost about $5 per year. I bought one a few months ago and that's how it worked.

I paid $11 in transaction fees for the first transaction where you submit your order + secret. Then I paid $72 in transaction fees for the registration plus $55 for 10 years of registration. I also got about $5 transferred back to me by the ETH ENS registrar. So the cost of the domain registration was $5 / year, but the transaction fees were around $85.

I watched gas prices for a week and tried to time my order with low fees. The cost of the second transaction went up by $20 while I waited for the 1 minute delay required between transactions. It's crazy.

You also need to pay transaction fees every time you want to update the record. Now imagine a proof of stake system where the rich (ie: early adopters) get a cut of transaction fees just for holding a bunch of tokens. I think that's why enthusiasts are so excited. Imagine getting paid every time someone needs to update a record in a database.

I don't think blockchain domains have any benefits. In fact I think they're significantly worse than our current system. However, I did buy one to match my favorite / best .com domain because even if they're a terrible idea they could still get popular and I thought it was worth $135 USD to ensure I didn't have to worry about someone squatting on my name.
ryan29
·4 年前·議論
Wow. I hadn't seen that. I just read about it and it reinforces my view that cryptocurrency is appealing to the wealthy because of the promise that whoever controls all the tokens and resources (ie: wealth) controls all the rules.

When you look at some of the issues with ICANN at least there's some chance that public opinion can influence them. The .org scandals show this. Imagine if the whole system was "code is law" and the existing executives and board members owned a controlling interest of "vote tokens".

I don't understand why people would want a system like that with crypto domains. Do they think that a system where $1 = 1 vote is going to be democratic?
ryan29
·4 年前·議論
> EDIT: Apologies - as pointed out below - not my intent to align the site with the TLD - I could have worded that better. I think the domain is more likely a product of the ENS team, but I don't know for certain.

It is though.

> Eth.xyz was created for the ENS community with love by the XYZ Registry, the company behind .xyz domain names. The project is open for contribution or feedback on GitHub. Send us a message @xyz on Twitter! [1]

It's kind of neat, but seems like a registry taking on a lot of extra liability that they typically don't have as a domain registry. Putting a disclaimer on the sites doesn't exempt them from the law.

> The profile content on this page is automatically generated from publicly available information provided through ENS and is ultimately controlled by the relevant ENS user. Nothing on this page implies any endorsement or affiliation between XYZ or ENS and the person or organization whose profile information appears on this page.

So what gain does the blockchain get you? XYZ isn't judgement proof like the blockchain, so they'll have to follow the current laws for trademarks, copyrights, etc.. If the blockchain isn't adding any revolutionary tech, is slower, is expensive, and is only accessible using gateways that are subjected to current laws, what's the appeal?

1. https://eth.xyz/
ryan29
·4 年前·議論
My favorite thing about MXRoute is the super simple rate limits that you can configure when adding a user. I use it on devices for notification e-mails and being able to limit those logins to something low like 5-10 emails per day is awesome. It really minimizes the damage if something goes haywire, a device gets compromised, or a device gets stolen.
ryan29
·5 年前·議論
I’ll give it a try. Thanks!

> Can you explain how IAM doesn’t work well with the “starting closed” approach?

It works ok once you do a lot of learning and read the best practices. I think a lot of people will skip that and use their root account for everything.

The biggest mistake I made was creating an admin user, but giving it too many permissions and using it like a normal user.

After learning more I use the root account to make an admin account, but I think the admin account should only use IAM to create other fine grained users.

So it works fine, but I think it would be better to force people into creating those first couple of accounts with permissions chosen by experts. It’s too easy to jump right in and start using an over privileged account.
ryan29
·5 年前·議論
I do casual work for a person that serves that sector. It’s 100% self serve for us. We’ll pay fair value for stuff and vendors won’t ever need to interact with us. The problem is when those vendors think their firmware updater is worth a $10 / month subscription. It’s not.

For example with pfSense going closed source we’d be willing to pay around $100 total lifetime cost to put it on PCEngines hardware. We can build that in to the upfront cost of the device. I wouldn’t be shocked if they try for $50-$100 / year which won’t be economically viable for our market, so instead of getting $100 / device and never interacting with us, we’ll end up moving to a different product. I really hope they come up with an offering that’s appealing to the small business sector, but I’m not holding my breath and I’ll be learning opnsense as a contingency.
ryan29
·5 年前·議論
> What more do you want?

The hard part for me is figuring out how to disable access without breaking everything. I know it’ll be useful once I understand and I’ll take the time I need to learn it, but most people won’t.

I prefer the opposite learning direction. Start closed and open the 1 or 2 things I need instead of having to understand 1000 things immediately to configure permissions reasonably.
ryan29
·5 年前·議論
I have accounts for personal use and what I did was set up TOTP for the root account(s) and a U2F (YubiKey) device for the admin account(s). I use 2 YubiKeys; one primary, one spare. The YubiKey has limited TOTP space, but they're perfect for those types of high value accounts. You store the TOTP on both, so if you lose one you can use the root account to fix the admin account.
ryan29
·5 年前·議論
It's odd how the big cloud vendors have been able to escape criticism for being completely open by default. Other vendors have been taken to task and have adopted better security practices. For example, SuperMicro IPMI comes with a random password now.

It's extremely difficult to lock down an AWS account when there are a bajillion services, IAM policies, roles, etc.. I've been trying for the last few days and it's so difficult that I can understand things like this. I don't think it's acceptable, but I can see how it happens.

I think the expectation for AWS, Azure, GCP, etc. needs to change. Accounts should allow nothing by default and part of the tutorial / learning process should be understanding the permissions needed for each service and how to limit access to those services. As a bonus, they should show you how to configure Budget Actions to catch anomalies and runaway services. For example, I'm trying to set up my account so SMTP access to SES gets revoked for SMTP users if the message count exceeds a certain threshold. It's really, really hard because there's not a single document / guide that shows the process from start to finish.
ryan29
·5 年前·議論
> So the question for becomes: is there just not a good enthusiast market for this stuff?

No. They just don't want to serve the low end. I'm from SK, Canada and the vast majority of all businesses are small businesses. This site [1] says 98%. The problem is they only account for about 25% of the GDP, so vendors don't consider them worth serving. Everyone wants to sell to the 2% of the businesses that make up 75% of the GDP.

There's a lot of money to be made in the small business sector. It's just not *enough* money for huge tech companies.

1. https://www.bizadv.ca/by-the-numbers-saskatchewan-business-s...