ekns

Today I was thinking that for many programs, you could probably formulate some restrictions on what exactly they should be able to do using LLMs (access home/dotfiles/secrets, network, etc.)

It's cumbersome to set up the configuration for exactly the "expected" capabilities (at least I never bother). So I was wondering, could one do something like trapping syscalls and using LLM as an exception handler for each category, until a complete profile is built for the program. After that, there should be no overhead for the LLM/sandboxer.

The top-level input would be something like "foo is a multiplayer game" or "baz is like youtube-dl".

I've been pondering on and off again how best to avoid ending up in some kafkaesque algorithmic loop where your gmail account, domain name, etc. are suddenly blocked by the registrar for unspecified reasons with little to no way to resolve the situation, as has happened to "many" here.

I thought Cloudflare would be pretty good, out of the non-enterprise priced options, but even there someone had a really worrying incident recently: https://news.ycombinator.com/item?id=31573854

I'm inclined to think that the buck always stops somewhere, and no place is really safe in this regard, but is there really no way to have some reasonable safeguards for these? The individual domains may be of little value to a registrar, but they're potentially enormously valuable to their owners, and the apparent asymmetry of incentives concerns me.

Are we just forced to generate noise on HN to resolve such cases or are there any reasonable alternatives out there that offer guarantees about only resorting to blocking/deleting domain in extreme cases, and provide the means to escalate without HN outcry?

I think freelancing is the best way for me to make money or initial capital (I'm living in Europe). I can make maybe 100-120k per year, which comes to maybe 60k after taxes. After living expenses, that's maybe 35k per year. Not a whole lot for investments.

I did get lucky this year with GME but it turns out that trading is not for me so I lost most of it. Now even crypto is too mature so there's not that much potential left (relatively speaking). Do I just need to continue grinding boring work for the next 10+ years to get back to previous highs or more, to finally stop doing "useless" work?

I frequently work with some 'data science' projects that go from some MB to hundreds of GB.

Ideally I'd have a cloud terminal I'd connect to which could scale its RAM to fit my process RAM usage (and possibly scale up CPUs transparently too).

I know that you can scale up various cloud instances, but managing the runtime state is a problem. I'd like to avoid ever having to kill whatever processes I have running.

Something like Google's Live Migration would also be a good match here, if it enabled migrating to a bigger machine type without rebooting, or without otherwise losing process state.

Ideally I'm looking for something that I could transparently scale up and down, and which I could always SSH into without having to manually start/shutdown the instances.

Bonus points if GPUs could be added/removed in the same manner.

In light of iOS and Android being surprisingly vulnerable to NSO exploits and such, I'm concerned about my passwords and other sensitive data. Currently I have Bitwarden on iOS, which is convenient, but carries a risk of total compromise if someone were to use one of those exploits on me.

What can I do to protect my password manager? Ideally this would probably involve something like a hardware crypto wallet but I'm not sure something like that exists now.

In Finland and some other countries we have cheap unlimited mobile data.

However, software doesn't play ball because Apple and others assume non-wifi connections will financially ruin you (giving no option to avoid using wifi for some things!).

So what gives, what is it that is causing this dysfunctional state of affairs in (apparently) much of the world?