FWIW, I’m an existing customer (of the app) and this has significantly damaged my perception of Rewind as a company. You should stop talking about it until you have a credible answer to this question.
Rewriting would introduce new bugs; it would take a large number of engineering hours away from delivering shiny new things; and a formally correct version would probably be less power-efficient.
It won't happen because these targeted attacks don't affect the bottom line whatsoever. Nobody is switching to Android just because a journalist or NGO employee occasionally gets pwned.
BA is just as bad. The legacy European flag carriers are now all basically Ryanair with a veneer of prestige but the same number of fucks given about customer service excellence.
But given the rumored architecture (MoE) it would make complete sense for them to dynamically scale down the number of models used in the mixture during periods of peak load.
They get to print something along the lines of "we tried to protect the children and those irresponsible American tech giants stopped us" in the Daily Mail.
Not quite, that I know of, but some of us are working on it :)
I have a feeling that while the glorious future you describe can probably be realized using LLMs as a foundational technology, the software engineering effort needed to get there is on par with other AI moonshot projects e.g. autonomous vehicles.
If you or others reading this are interested in this topic, see this post for some interesting discussion and links to projects in development (and in the comments there's a link to a Discord server that was set up for further discussion): https://news.ycombinator.com/item?id=36422730
Cool project! I'm working in the same space (a ChatGPT plugin that can edit files within a shared VS Code workspace) and have built something similar to your "repo map" concept, except slightly lower-level: what you might call a "file map" generated by selectively collapsing AST nodes to fit within the available token budget. If ctags isn't cutting it for you, have a look at tree-sitter [1]. It can generate ASTs for most languages and has a nice API.
They recommend that users with higher-than-average security requirements set a PIN, which removes phone number attacks from the threat model, but you're still dependent on the security of SGX.
Users with extreme security requirements can set a 42 character alphanumeric PIN, thus also excluding SGX from the picture, but at that point you're getting owned no matter what you do.