Yes but parent was saying use passphrases, which is the same, just more like "correct horse battery staple". Parent then correctly pointed out there are a large number of sites that enforce special characters, numerical digits, etc., also being part of the password. So that idea falls apart very quickly in practice.

But more specifically why build a stack tied to a single vendor?

You talk about competent SRE being hard to find and manage but then you describe needing several AWS backend specialists.

I think I'd rather have a generalized SRE team with portable infrastructure.

Maybe that's just me. I watched an org get burned by Google App Engine. I find these proprietary stacks to be a giant trap.

It's a nice pipe dream to have a "cloud independent" stack. Yea, you can kinda do it with stuff like Opentofu abstracting the services, but in practice nobody does that because it's a massive mess of slight differences here and there. And a complete impossibility if you go anywhere beyond very basic compute and DBs. Like how do you do cloud independent IAM?

What you do is you accept the risk and mitigate it. Watch the costs and figure out whether buying stuff like AI capacity (Bedrock, Vertex), queues, databases or block storage as a service is more cost-efficient (including maintenance costs) than self-hosting them.

I _know_ how to run all that shit locally, but I don't _want_ to.

Upgrading an Aurora Postgres server is like two clicks on the Web UI, not even that if you set the maintenance window. Adding new servers to the cluster is a single number change to the terraform file. I can even up or downscale the compute behind them depending on what's going on. A big release and we're expecting unusual traffic? Bump them up by changing one string in the .tf file or add more replicas temporarily.

With on-prem hardware I'd need to buy and provision the hardware, pick an OS, get it up and running, install the DB, fuck around with the DB configs and whatever networking the provider is using to get it connected with the other servers while still keeping it out of the larger internet. And there will be no downscaling or upscaling because it's actual hardware.

Also any half-decent full stack / backend engineer can learn AWS basics in a week or on a two day course provided by AWS with lunch and snacks included. Messing with actual physical hardware is a completely different skill set that's getting rare and expensive these days.

I built a news aggregator that pulls in hundreds of RSS feeds and uses multiple large language models to synthesize daily briefs. There's also Tech and Finance editions, plus local editions for some US locales. https://feedpunk.com

I'm also building a modern HTTPS-only transport utility called curb. It's an alternative to curl and wget. It's written in Go using only the standard library. curb can stream output or download files and picks the right behavior based on what the server returns and whether the output is going to a human or a pipe. It also has a '--vet' mode that runs the body through security sieves; this is meant to add some protection and friction for the 'curl | sh' use-case. https://gocurb.dev

"Amazon's CEO knew what he was doing" is not a fact. That's speculation.

When it comes to highly technical, fast moving developments like frontier AI and blue team / red team perspectives, I could see any CEO getting out over their skis. Now mix in some incompetent Trump admin officials, including apparently Howard Lutnick. I am guessing many of these people don't understand the subject matter very well at all.

Imagine a super intelligent speed reading human in a library. If they read all the books and are able to understand, conceptualize and summarize that knowledge for others, is it theft? The books weren't stolen, after all, just read. The knowledge in the books wasn't taken away; it's still there for others to read.

I personally do not believe knowledge can be stolen.

> Imagine a super intelligent speed reading human in a library.

If human abilities were different then human laws would be different. We don't have speed limits for joggers but we do for cars because their abilities are materially different.

Machines aren’t humans. Your first have to argue that an analogy between machine and human even makes any kind of sense.

That‘s the magic trick you are doing with your analogy. You just assume that human/machine analogy is true.

It’s a point made in bad faith, easily refuted with: “great, let a human read the books”

we quickly learn what “inequality” means, since the computer has more access rights than people

This is not the correct analogy, because we know that they explicitly used a huge ammount of pirated books and other works.

I would argue annas archive is a pretty good library.

Is that super speed reading human going to then make itself available to instantly-ish answer any and every possible question from anyone with a paid subscription?

This argument is pretty lame.

Yes, we call those people “consultants”.

I've yet to meet a consultant that was anything near what was on their CV

So I guess not dissimilar to an LLM

I'm spiritually sympathetic to your final sentence, but intellectual property law is not.

There are already a bunch of replies pointing out ways in which your metaphor breaks down, but here's another: the super intelligent speed reading human is not a "work" (in the sense of "derivative work").

Also, if I'm understanding your position, why wasn't your scenario about the human pirating the books and then reading them? It should make no difference if you really believe knowledge can't be stolen; both situations should be equivalent.

I hear you on IP law, but how it applies to AI training is far from settled.

I don't believe we should have software patents, and I am highly skeptical of the US copyright system in general.

As for why I didn't use a piracy analogy: humans don't need to pirate books to access them for free. They can just go to the library. That is exactly my point. Reading books isn't a crime. Why would we stop an AI from reading publicly available material just because it's automated and upsets the commercial status quo?

You can read up anything and everything about a patent, but still not be allowed to reproduce it.

The moment the LLMs ingested any code under GNU General Public License or similar licenses and reuse it without making the produced product available under the same terms...

Reading this comment is like visiting a care home for dementia patients

They didn't just "read" the books. They scanned every single page of every single book in the library, then took the scans home.

Are humans allowed to do that?

Yes!

Creating personal copies of copyrighted works are allowed. (Also, libraries really don't mind if you take pictures of the content of works they have.)

Well LLMs dont make personal copies they make commercial copies.

I didn't say if LLMs are allowed do that, I said that humans are allowed to do that.

What do you mean with "then took the scans home"? Anthropic et al didn't buy all the books in the world and kept them for themselves.

Correct, they torrented them. I just wanted to stick to the library analogy of the parent comment.

Therein lies the rub: they didn't buy them... They pirated digital copies of them.

See, e.g.: https://www.theatlantic.com/technology/archive/2025/03/libge...

By extension, do also believe this super intelligent human should have no human rights and be enslaved by Anthropic for profit?

After you can run his clones on some amount of electricity, sure.

That's not how CVEs work.

> Open 3 terminal windows. Try to switch back & forth between just two of them with a keyboard shortcut

cmd+` gets me there, no problem at all

> Open a browser and two terminal windows. Try to switch terminal and the browser window, without also bringing the other terminal above the browser window

you got a point there. alt+tab is gonna surface both terminal windows above the browser.

> cmd+` gets me there, no problem at all

No, this cycles between all 3 of them. As I said, I want to swap back & forth between just two of them. Extrapolate this behavior from 3 windows to 15 and you start to see the problem.

Knoll's Law of Media Accuracy: "Everything you read in the newspapers is absolutely true, except for the rare story of which you happen to have firsthand knowledge."

See also, Gell-Mann Amnesia effect.

Most reporting is garbage once you get into the details.

Gboard hasn't been updated in 4 years and as a result the UI doesn't always display properly. It's especially jarring on iOS 26. It doesn't fit into the OS keyboard target area properly (on my iPhone 17 Pro, at least).

I've tried pretty much every reputable third-party keyboard app in the App Store. Unfortunately, there's really nothing better than the stock one.

I’m struggling with the utility of this logic. The argument seems to be "because malware can intercept /proc output, any tool relying on it is inherently unreliable."

While that’s theoretically true in a security context, it feels like a 'perfect is the enemy of the good' situation. Unless the author is discussing high-stakes incident response on a compromised system, discarding /proc-based tools for debugging and troubleshooting seems like throwing the baby out with the bathwater. If your environment is so compromised that /proc is lying to you, you've likely moved past standard tooling anyway.