HackerTrans
TopNewTrendsCommentsPastAskShowJobs

rhodey

no profile record

Submissions

Show HN: Hecate – Call an AI from Signal

github.com
26 points·by rhodey·4 ay önce·3 comments

comments

rhodey
·4 ay önce·discuss
Hi! thanks for the feedback!

I think you are right. I thought "Call" would clearly get the idea of voice across at least, but it can be confused with function call, or simply to invoke.

I dont have the ability to change the title but if someone else wants to:

"Video and Voice Call an AI from Signal"

Else maybe I will submit it again in a few days.

Thanks
rhodey
·4 ay önce·discuss
the pull-stream module and its ecosystem is relevant here

the idea is basically just use functions. no classes and very little statefulness

https://www.npmjs.com/package/pull-stream
rhodey
·5 ay önce·discuss
Attestation always involves a "document" or a "quote" (two names for basically a byte buffer) and a signature from someone. Intel SGX & TDX => signature from intel. AMD SEV => signature from amd. AWS Nitro Enclaves => signature from aws.

Clients who want to talk to a service which has attestation send a nonce, and get back a doc with the nonce in it, and the clients have somewhere in them a hard coded certificate from Intel, AMD, AWS and they check that the doc has a good sig.
rhodey
·5 ay önce·discuss
In my opinion this is very well written

Two comments so far suggesting otherwise and I guess idk what their deal is

Attestation is taking off
rhodey
·5 ay önce·discuss
I wanted to try the demo so I found the link

> Write me 10 sentences about your favorite Subway sandwich

Click button

Instant! It was so fast I started laughing. This kind of speed will really, really change things
rhodey
·5 ay önce·discuss
At my time of reading it is not at all clear to me how the "sandbox network proxy" knows what value to inject in place of the string "proxy-managed"

> Prerequisites > An Anthropic API key in an env variable

I am willing to accept that the steps in the tutorial may work... but if it does work it seems like there has to be some implicit knowledge about common Anthropic API key env var names or something like this

I wanna say for something which is 100% a security product I prefer explicit versus implicit / magically
rhodey
·7 ay önce·discuss
I own 2 framework 13 laptops at this time and repairability aside I am also just happy to support a new PC hardware co.
rhodey
·7 ay önce·discuss
Always fun to read about HFT. If anyone wants to learn about the Order Book data structure you can find it in JS here:

https://github.com/rhodey/limit-order-book

https://www.npmjs.com/package/limit-order-book
rhodey
·8 ay önce·discuss
I am seeing some docs now that suggest

> runs-on: [self-hosted, ...]

Must be added to run.yml to use custom / private action runners

I did not find these docs last time I looked and so my feature request may be already fulfilled

If anyone wants to chime in to say that `runs-on` can be relied on or not I would be grateful
rhodey
·8 ay önce·discuss
I am glad for this feature

If I have anyone's attention there is something related I would like to see

Please add a small thing which users can look for on the public: repo/actions page

This small thing should let users know the action was run by github like is default and not run on a custom / private action runner

The private action runner feature makes sense but many projects tell users to look to the github action history to trust that tests A, B, C passed. If the github action ran on a private action runner then you really cannot trust that what is in e.g. run.yml actually ran

The attestation feature can be used to prove that an action was run by github and not by private / custom but users need to install the github cli to validate attestations and this is a heavy ask when I think an addition icon on repo/actions page or a diff icon color will do better
rhodey
·9 ay önce·discuss
Because AWS does not sell the Nitro TEE hardware

And so there is no case where you find a Nitro TEE online and the owner is not AWS

And it is practically impossible to break into AWS and perform this attack

The trust model of TEE is always: you trust the manufacturer

Intel and AMD broke this because now they say: you also trust where the TEE is installed

AWS = you trust the manufacturer = full story
rhodey
·9 ay önce·discuss
Amazon Nitro Enclaves not effected

IMO Amazon is the obvious choice for TEE because they make billions selling isolated compute

If you built a product on Intel or AMD and need to pivot do take a look at AWS Nitro Enclaves

I built up a small stack for Nitro: https://lock.host/ has all the links

MIT everything, dev-first focus

AWS will tell you to use AWS KMS to manage enclave keys

AWS KMS is ok if you are ok with AWS root account being able to get to keys

If you want to lock your TEE keys so even root cannot access I have something i the works for this

Write to: [email protected] if you want to discuss
rhodey
·9 ay önce·discuss
choojs

All of the upside and none of the downside of react

No JSX and no compiler, all native js

The main dev is paid by microsoft to do oss rust nowadays

I use choo for my personal projects and have used it twice professionally

https://github.com/choojs/choo#example

The example is like 25 lines and introduces all the concepts

Less moving parts than svelte
rhodey
·9 ay önce·discuss
I hope people dont give up on TEE, see AWS Nitro

The AWS business is built on isolating compute so IMO AWS are the best choice

I've built up a stack for doing AWS Nitro dev

https://lock.host/

https://github.com/rhodey/lock.host

With Intel and AMD you need the attestation flow to prove not only that you are using the tech but you need to attest to who is hosting the CPU

With Amazon Nitro always Amazon is hosting the CPU