I haven’t found an easy way, but I have a working theory -
sandbox-exec cannot filter based on domain names, but it can restrict outbound network connections to a specific IP/port (and drop the rest). If I can run a proxy on localhost:19999, I can allow agents to connect through it and filter connections by hostname. From my research, most agents support $HTTP_PROXY, so I'll try redirecting their HTTP requests through my security proxy. IIRC, if I do this at the CONNECT level, I don't need to MITM their traffic nor require a trusted root cert.
Recently, Codex CLI implemented something like DNS filtering for their sandbox, so I'd investigate their repo.
Some commercial firewalls will snoop on the SNI header in TLS requests and send a RST towards the client if the hostname isn’t on a whitelist. Reasonably effective. If there’s a way with the macos sandboxing to intercept socket connections you might find some proxy software that already supports this.
I’m married to someone running various prostate cancer studies in the UK. I hear the arguments against screening a lot and the issue really blew up recently in the news here.
The thing is, when researchers talk about “worse outcomes” they’re often comparing survival (or rather lack of) against terrible side-effects.
What this fails entirely to capture is that doing something to increase your odds of survival, damn the consequences, is an individual choice. It shouldn’t be up to a health economist to make that judgement.
But who will pay for the hundreds of thousands of screening MRIs, along with the large number of incidental results that will require some sort of follow-up? Many patients will seek second opinions if not recommended to "cut it out", with additional costs also for the complications resulting from unnecessary biopsies. US medical care is already tremendously expensive; adding all of these costs will break the bank and for no real benefit.
> What this fails entirely to capture is that doing something to increase your odds of survival, damn the consequences, is an individual choice.
What you're failing to capture is that this is a hard problem because it's both an individual choice and a collective one as well. Those "terrible side effects" might actually end up killing someone. You're choosing between a high-chance lottery on a small population or a low chance lottery on a far larger one. It's not that simple.
I’ve been a mac user since 1994, system 7, and it feels to me like the overall Mac user experience and reliability (stability, speed, etc) really peaked with Snow Leopard, 10.6.
This probably has a lot to do with the vastly improved hardware design around then - the touchpad specifically on the “blackbook” Core 2 Duo era macbooks was a step change, and they keyboard was pretty great too. Multi-monitor support was fantastic compared to everything else too.
You have to wonder what the design principles of pre-X MacOS paired with modern Apple hardware could achieve.
My first mac was a 09 MBP with snow leopard, shortly after they updated and started removing random features and closing down customization. For some reason, you couldn't be trusted with more than one right click method anymore.
A solid 15 years later I try macs again, had a nice m3 air at work and bought a personal M4 air. A few months later Tahoe comes out. I bought the thing because modern darkmode macos looked so great and was such a pleasure to use. Now it's full on bubbleboy.
Word must have gotten back to Cupertino that I was back in the ecosystem...
Which was just a couple of years after the iPhone. After the iPhone, the Mac was the new Apple ][, i.e. something they kept around to make some money, but didn't really care about.
The thing about most art, architecture, etc is that it’s incredibly subjective, so contrasting your own views with “certain left wingers” is pretty much pointless.
I personally think the entire south bank is pretty ugly, but my views on this, my political views or my views on other styles of architecture don’t matter one jot.
If there’s a building a bunch of people care very much about, then let them protect it.
Boris Cherny, creator of Claude Code, posted about how he used Claude a month ago. He’s got half a dozen Opus sessions on the burners constantly. So yes, I expect it’s unmetered.
I did not expect this to be a limiting factor in the mac mini RDMA setup ! -
> Thermal throttling: Thunderbolt 5 cables get hot under sustained 15GB/s load. After 10 minutes, bandwidth drops to 12GB/s. After 20 minutes, 10GB/s. Your 5.36 tokens/sec becomes 4.1 tokens/sec. Active cooling on cables helps but you’re fighting physics.
Thermal throttling of network cables is a new thing to me…
I admire patience of anyone who runs dense models on unified memory. Personally, I would rather feed an entire programming book or code directory to a sparse model and get an answer in 30 seconds and then use cloud in rare cases it's not enough.
I’m not certain spacex is generating much cash right now ?
Starship development is consuming billions. F9 & Starlink are probably profitable ?
I’d say this is more shifting of the future burden of xAI to one of his companies he knows will be a hit stonk when it goes public, where enthusiasm is unlikely to be dampened by another massive cash drain on the books.
Did you have any thoughts about how to restrict network access on macos too ?
reply