I actually seriously want to hear about good use cases. So far I haven't found anything: either I don't trust the agent with the access because too many things can go wrong, or the process is too tailored to humans and I don't trust it to be able to habdle it.
For example, finding an available plumber. Currently involves Googling and then calling them one by one. Usually takes 15-20 calls before I can find one that has availability.
Maybe I'm missing something obvious but, being contained and only having access to specific credentials is all nice and well but there is still an agent that orchestrates between the containers that has access to everything with one level of indirection.
But if we're talking about optionally giving it access to your email, PayPal etc and a "YOLO-outlook on permissions to use your creds" then the VM itself doesn't matter so much as what it can access off site.
You don't give it your "prod email", you give it a secondary email you created specifically for it.
You don't give it your "prod Paypal", you create a secondary paypal (perhaps a paypal account registered using the same email as the secondary email you gave it).
You don't give it your "prod bank checking account", you spin up a new checking with Discover.com (or any other online back that takes <5min to create a new checking account). With online banking it is fairly straightforward to set up fully-sandboxed financial accounts. You can, for example, set up one-way flows from your "prod checking account" to your "bastion checking account." Where prod can push/pull cash to the bastion checking, but the bastion cannot push/pull (or even see) the prod checking acct. The "permissions" logic that supports this is handled by the Nacha network (which governs how ACH transfers can flow). Banks cannot... ignore the permissions... they quickly (immediately) lose their ability to legally operate as a bank if they do...
Now then, I'm not trying to handwave away the serious challenges associated with this technology. There's also the threat of reputational risks etc since it is operating as your agent -- heck potentially even legal risk if things get into the realm of "oops this thing accidentally committed financial fraud."
I'm simply saying that the idea of least privileged permissions applies to online accounts as well as everything else.
isn't the value proposition "it can read your email and then automatically do things"? if it can't read your email and then can't actually automatically do things... what's the point?
Yes -- definitely that's the value prop. But it's not binary all or nothing.
AI automation is about trust (honestly, same as human delegation).
You give it access to a little bit of data, just enough to do a basic useful thing or two, then you give it a bit of responsibility.
Then as you build confidence and trust, you give it a little more access, and allow it to take on a little more responsibility. Naturally, if it blows up in your face, you dial back access and responsibility quick.
As an analogy, folks drive their cars on the highway at 65-85+ MPH. Fatality rate goes up somewhat exponentially with speed and anything 60+ is considerably more deadly than ~30mph.
We're all so confident that a wheel won't randomly fall off because we've built so much trust with the quality of modern automobiles. But it does happen (I had a friend in high-school who's wheel popped off on a 45 mph road -- naturally he was going 50-55 IIRC).
In the early 1900s people would have thought you had a death wish to drive this fast. 25-30mph was normal then -- the automobiles at the time just weren't developed enough to be trusted at higher speeds.
My previous comment was about the fact that it is possible to build this sandboxing/bastion layer with live web accounts that allows for fine grained control over how much data you want to expose to the ai.
The value proposition is it is an agent with (some) memory. There are lots of use cases that don't involve giving access to your personal stuff. Even a simple "Monitor these companies' career pages and notify me of an opening in my city" is useful.
Maybe this will change one day but at the current moment this is an immediate turnoff. It's like someone trying to show you their project day 1 and it's a page filled with ads and a newsletter popup. You may have good reasons to do that but it doesn't instill a sense of trust and quality.
It is done because management needs to show that profits are increasing or they themselves will lose their jobs. Since they do not want to lose their jobs and they do not know how to increase profits they decided to fire 1700 employees with the hope that less expenses will translate into larger profits.
They've also done another thing:
>ASML also announced a new share buyback programme of up to €12 billion, to be executed by 31 December 2028.
They have €12 billion they don't know what to do with with so they will give it to shareholders, for a nice gain of less than 1% per year for the next 3 years. Assuming the annual salary costs of each of the 1700 employees is 150K (likely much much lower) those 12 billion could have paid for their employment for the next 47 years.
And importantly, in this analogy - most people here aren't even able to play that lottery. He founded a company based on the research he did whilst studying for a government funded PhD. Most people are not in a position in their life where they could even spend time trying to do research that would result in this type of eventual wealth.
If you don't try you are sure to not win.
The rest is about being able to put the odds in your favor.
You obviously can't do that with lottery. There is no logical lever.
This has been making the rounds for the years and I think what captivates me the most is the art style. There is something about it I cannot put my finger on. Just like the art style of Moebius or the 90's game Flashback.
I thought for sure this was eBoy at first. The style is similar and eBoy has been around forever but looks like it’s just someone else who is really good at this stuff.
I hope this gets incorporated into the existing website. I'm not an active subscriber but I used to be and I always thought there was a very fertile "other articles you might like" grounf that the New Yorker never took advantage of, given it's reputation and legacy.
I’ve happily lost hours to following links at the bottom of one story to the next. The new archive still feels a little clunky (search needs a fair bit of work and the OCR clearly struggled in places), but it’s fun to chase down old classics and they’ve done a great job of highlighting greatest hits from the past 100 years.
Plus the (really high-quality) crossword puzzles often have an Easter egg where the big revealer is linked to an essay from the past.
But many browsers on iOS support ad blockers. Most like Brave and Vivaldi have it built in. Others like Orion and Edge have added support for extensions. Firefox is one of the only that does not have any support for an ad blocker.
I'm not really familiar with Secure Boot too much. Researching suggests that users can add their own keys so they are trusted by UEFI. Won't this resolve for linux users that must have secure boot on?
No, it's not a given that users can add their own keys - certainly in an anticheat scenario they probably couldn't, or at least if they did then key attestation would stop working.
reply