Hacker News .hnnew | past | comments | ask | show | jobs | submitlogin

This seems like it will have pretty huge negative affects on startups needing to compete with 'trusted partners'


Other than maybe some in-the-moment cybersec wrappers, is this really true? Does anyone think a startup with a good product is going to be materially disadvantaged by not having access to an incrementally better security focused LLM release? It’s lots of fun to pretend it’s some step-change that’s too dangerous for general release, but in real life it’s not conferring some massive advantage that any real startup would need to compete. Almost everyone would be best just to ignore it and keep building.

(Just to be clear, I think the gatekeeping is ridiculous, especially given the above)


> Does anyone think a startup with a good product is going to be materially disadvantaged by not having access to an incrementally better security focused LLM release?

- It's not "incrementally better". It's a complete game changer. Opus 4.8 on max thinking does X amount of mistakes in my commercial work. Fable 5 did 5% of X. Counted. I barely had anything to contribute in the work sessions, for a full week I could count on my two hands the total amount of times I actually caught Fable 5 -- and one part of those were not true mistakes, more like divergence from policy in our `CLAUDE.md` files.

- It's not "security focused". It's simply better in every way _plus_ it's also security-conscious.

- It legitimately accelerated my work. I don't have too much unknowns in my work, I simply have way too much to do. Fable 5 was an objective and measurable improvement over Opus 4.8. Returning to it after Fable 5 was removed was extremely discouraging and frustrating, and still is to some extent.

> It’s lots of fun to pretend it’s some step-change that’s too dangerous for general release

Maybe, but not as much fun as tearing down a straw man apparently. :)

> (Just to be clear, I think the gatekeeping is ridiculous, especially given the above)

It's ridiculous for multiple other reasons but ridiculous nonetheless.


> I don't have too much unknowns in my work, I simply have way too much to do.

Interesting, I'm curious what work you do? My software engineering career has never been in that situation, it's always so much ambiguity and unknown that trumps everything.


Fair question, and I was vague just so as not to balloon the comment.

I work in a financial startup. The codebase is a mess and very much spaghettified. One rework that forced us to migrate our data model from 1:1 users<->loans to M:N (many-to-many) took two months and touched ~40% of the codebase... multiple times. Huge churn. And it just crossed two months of work, even though it's now in its very final phases.

I know what must I do:

- Introduce and enforce structs for passing context and input shapes around. So as to stop fighting with NULLs, lack of keys in maps and other maddening cases that inflate your coding lines for no other reason than programming languages not having higher-order constructs on well-researched and mostly resolved computer science problems (sigh; not going to rant here about that but it does tick me off how we are _all_ constantly reinventing the same wheels almost every day).

- Saga discipline: if step 6/9 in a pipeline fails, revert everything up to this point, even if it was touched by a 3rd party API.

- Compensation/undo steps. Including flagging / logging those that cannot be undone (sadly one part of our 3rd party APIs are like that).

- Introduce an universal runtime validator library that enforces contracts -- including conditional validation i.e. "only validate field Z if field X is present and is a positive integer and if field Y is present and is a valid UUID".

- Introduce runtime contracts / invariant enforcement.

- Introduce our own dynamic workflow engine, piggybacking off of a few free and unencumbered solutions in the language of choice's ecosystem.

...And these are just off the top of my head after I slept only 4.5h and woke up due to the heat. And each one of these can take from 2 to 6 weeks _even_ with Opus driving all coding and me reviewing and keeping it behaving within my policies and coding standards.

Me & Claude are maintaining a TODO list that is no smaller than 150 items at this point (though in fairness, at least 75% of them are fairly small and not architectural like the ones above).

I believe I know how to architect this thing but business customers and the CEO keep coming back with feature requests which of course always take priority.

When Fable 5 was around, for mere 4 workdays, I not only went ahead of my own schedule feature-work-wise but even had the bandwidth to start tackling a few other architectural decisions, tightened them up in `CLAUDE.md` and Fable even devised an opinionated AST linter for test discipline (disallow direct DB access in our tests, only go through the domain/context modules to do so). It helped me start turning the tide.

This all went out the window when I had to go back to Opus 4.8. It's still _very_ good, mind you, but it does feel like I am a special-education teacher periodically. It forgets disciplines we discussed and codified likely 15-20 times at this point, forgets important project context and attempts to reintroduce subtle bugs, and a few others.

My next game is, with or without Fable, to continue its work and just enrich the AST-based linters to convert the theoretical prompt-based guard-rails into actual LLM hooks and compiler / runtime-at-startup hooks so the agent cannot ignore them.

I don't enjoy harness engineering but the interesting and very positive effect has been that it helped me think more like an architect and less like a coding monkey, which I do hugely appreciate and only realized I was missing it for years after it actually started happening again.

Hope that helps put things in context.


I know this is a tangent, but

> Introduce and enforce structs for passing context and input shapes around. So as to stop fighting with NULLs, lack of keys in maps and other maddening cases that inflate your coding lines for no other reason than programming languages not having higher-order constructs on well-researched and mostly resolved computer science problems

Amen to that.


It's not that much of a tangent tbf. It's one of the things that is an endless churn in millions of codebases out there and yet no core programming language team has the courage and the grit to solve this problem.

Those who tried are only doing it in mostly academic/toy languages which is a damned shame. We _really_ need those constructs, compile-time enforced, in commercial codebases, like 25 years ago at least!

People are trying everywhere though but I've witnessed CTOs getting cold feet and fearing their codebase will get too abstract or hard to maintain when they hire the next dev.

Group-think and conformism and fear of change, demonstrated live, every day. :/

So yep -- amen to that indeed.


I see, so just major refactor, or almost live-rewrite of a very messy code base, but mostly in the medium/small design space. Ya that makes total sense. It's mostly we already did this and have figured out the ambiguities, we just need to clean it up to basic coding standard and code structure/patterns.


Indeed it's more like live-rewrite; features are still wanted but the rewrite heavily influences them as they go so it's juggling a lot of balls at the same time.

Fable 5 was amazing at helping me with that. Opus 4.8 is... good, really good, but... you have to be on your toes _all_ the time. It gets tiring. But as already explained: it also helped me become better.


Fable wasn’t available for a full week. It was released on June 9 and made unavailable June 12.


Okay, might have mistook 4 work days for 5.


That kind of gets to the absurdity of it. Either it’s a wildly powerful next generation model with incredible capabilities and thus needs to be limited… or it’s another progressive enhancement like we’ve seen already and limiting access to it makes no sense.


I don't think that follows.

Say you had a perfectly smooth progressive chain from rocks to spears to guns to nuclear weapons. When it comes to government restrictions, you still have to choose to draw lines somewhere, right?


True, but we know Opus is more like a "spear" and a progressive enhancement over it still leaves us firmly in the "spear" category, not the "nuke" category. Drawing lines makes sense, but this is premature. Even if you draw the line at human level intelligence, we still seem to be pretty far off.


The enemy is both all-powerful and pathetic, at the same time, all the time.


As someone old enough to remember the party breakdown in Congress when Obama came to office, yes, I can confirm that this is possible.


Yes, i do. I have 10xd my productivity since last year and im not smarter. And yes my code is high quality


Startups don't have as much money to spend on lobbying and gifts, though.


Will startups be even a thing now that the VCs obviously just need to funnel all their money to 2 or so companies ad-infinitum for guaranteed returns.


The single most important question to be discussed on this website right now.


Whatever happened to those network states? It's starting to look like it's them, UAE or Singapore


Well, the network states were supposed to be a social thing rather than a place, no? Free Cities movement is more focused on actual, physical places.


Well... there are crypto startups, and perhaps a generous definition of "money"


Crypto companies were built for anonymous transfers of wealth. It's why they are perfect for money laundering and corruption. Venture backed companies are more difficult, since you would need a paper trail (equity, incorporation documents, beneficial owners, etc.)

It's not impossible, of course. It's not even terribly difficult, but it does require a different level of record.

(No, I'm not saying that the goons running the United States give a shit or won't do it anyway.)


VC companies do not dig into the numbers as you suggest. FTX was able to get away with their fraud for a long time for that very reason. VC companies don’t care if some of their investments are fraudulent as they spread their eggs so thin that it doesn’t matter if any given basket blows up. VC firms stated this to the press outright when FTX blew up.

Also most crypto companies are not good for laundering since the blockchains record that fraud forever and publicly. I could see some specific protocols where that may not be true — like monero or tornado cash — but these projects are not really startups. Most crypto startups pitch their products for enterprise customers and thus would be horrible for laundering money.




Consider applying for YC's Fall 2026 batch! Applications are open till July 27.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: