wat. The protections in place that the OP is talking about are almost entirely due to (not government and company) bad actors.

Correct (and secure) code is possible and readily doable. It is unclear if supply chain attacks can ever be fully mitigated.

This is what Cloudflare[1] is doing.

[1] https://blog.cloudflare.com/post-quantum-roadmap/

Surely that is better than burning piles of bodies?

A truly unbelievable amount of grift and inefficiency.

It's just Simon Willison (the person you are replying to) who always makes a pelican, as his personal flippant benchmark. It's not that deep.

What high price? I pay $200/m for an insane number of tokens.

Pie-in-the-ski, "humanity needs this so we survive the next 10,000 years" ideas are not good vehicles for fundraising.

Depends on your crowd. He doesnt often sell them as 10,000 year Long Now projects but that he'll achieve 10,000 year projects in 2 years.

Being model and provider agnostic are orthogonal concerns.

e.g. you can run Claude models on AWS Bedrock giving you provider choice for the same model. Whether or not you need model agnosticism at that point seems like a very different question.

> . you can run Claude models on AWS Bedrock giving you provider choice for the same model

Is anyone doing this for personal dev that isnt token fed by employers? Coding plans are subzidized for a reason right? If I did API usage from a cloud provider id be out tens of thousands already.