> Esp check the Hallucination rate for Deepseek - it's not good.
For strongly-typed coding tasks - and I imagine other tasks that have cheap validity checks: agentic harnesses and thinking tokens are an effective foil against hallucinations, at the expense of time. If a model hallucinates an API, compilation will fail and the error fed back into the machine so it can try again, in a two-steps-forward-one-step-back dance that is unreasonably effective. Given the price delta, it is often more cost effective to let the weaker model spiral towards a solution with many "Oh, wait..." turns
I used to care, but I don't anymore. They can read my emails, my code, track what websites I visit and what music I listen to, be my guest. I'd let them read my thoughts directly if we can build technology to do that lol. I realized that ultimately, these corporations are too stupid to do anything of value with all that data, so I don't feel threatened.
You're probably right, I'm an idiot. I just think there's not much we can do about it, so might as well not take it too seriously. At least for the innocuous type of surveillance like reading my emails to learn how to sell me product. Things that you really want to keep for yourself shouldn't really touch the internet at all.
This doesn't strike me as "reading" your emails any more than a router is "reading" your packets when it forwards them. As far as I know, Google employees (even high-ranking ones) can't randomly start going through people's messages-- that's the privacy that matters.
No but they can train a model to know everything about you and sell it.
They actually have precedence in that as it’s their legacy ad business.
I could absolutely see them getting more proactive with their ad business. Something like mortgage brokers want to know you executed an offer on a new home (high indication you will be shopping for a lender). Then that turn into, your employer wants to know you’re talking to other employers. Then of course there’s many more nefarious examples people would consider more invasive but may not even realize it leaked from their email provider.
I find it odd how so many tech involved people here use gmail - are privacy concerns not a concern for them?
I moved to mailbox.org years ago. Pay a few pounds a year for private email with webtools and drive and don't have google snooping my emails and sending me targeted ads.
There was some discussion about this on HN recently. Supposedly something to do with less blood going to the bowels during prolonged exercise. Apparently the risk was largest in people who ran 5+ marathons.
My understanding is that exercise lowers chronic inflammation. Basically, you trade off acute inflammation during the exercise itself for less inflammation when you're not exercising. But, maybe long distance running is too long or something.
It is absurdly easy to fire off the docker container you mean.
Because you need to back up, verify backups, monitor availability, manage updates, manage MFA, and a zillion things.
Don't get me wrong, I work in hardcore, high tech IT for 30 years and I selfhost two dozen or so of services. It is far, very far from "absurdly easy" when you start .
Sure you can run a container on your pc, and hope for the best
I’ve seen this idea so many times on HN. “Just stand up a docker container and self-host”. Or even worse: “why does anyone need GitHub - just host Bitbucket yourself”
This seems crazy to me. I have a home server and host lots of my own stuff. But a password manager is tier-0, it cannot fail me.
I need to access my accounts while I'm overseas - in fact I'm prompted for passwords far more often when I cross borders. I need my passwords at urgent moments like when I need to make a large bank transfer. I need passwords unexpectedly at all times when sessions expire or I need a new session for a device I've never logged in with.
If my home server went down for any reason at these critical moments it could be extremely bad. There are some kinds of outages I can't recover from without physically attending my server. And if I'm not very very careful there are some kinds of failures I cannot recover from at all - I have a working backup solution but so did every company that lost customer data before.
And this doesn't even touch on the security risk of hosting a database of credentials on a publicly available endpoint.
Syncthing works on Android just fine, though I'm not familiar with iOS. There also several keepass compatible clients, some support sync via cloud storage. Don't need to host anything. But I admit, for corporate shared secrets storage it is not a right tool.
That's what I'm saying, a lot of people are coping with a product they admit will need a fork.
Not only is it incurring the cost of project fragmentation, but also incurring an always online cost with overly-complicated docker solutions, when a fully offline and airgapped solution already exists.
Furthermore, staying with the same ecosystem invokes the sunken cost fallacy. But the migration from Bitwarden couldn't be simpler (just export Bitwarden json file). It's almost a form of battered woman syndrome people are inflicting on themselves when quite simply they can hop onto an already proven ecosystem that doesn't bait and switch.
I was on keepass before bitwarden. Bitwarden just solves more things for me. I am sure the keepass ecosystem improved a lot over the years but fundamentally i find vaultwarden docker to be far easier. Especially for my work and family members that i convinced to use bitwarden. If they were also in charge of the sync it wouldn't be possible.
Afaik vaultwarden and bitwarden clients are as proven as keepass.
It's entirely compatible with the clients. It also removes a lot of "rug-pull" potential, and gives you the ability to access all the nice features (ex - multi-org, multi-user, shared vaults, totp, etc...)
Honestly - part of the reason I like Bitwarden is that if they ever go full "enshittification", it's going to be relatively easy and straight-forward to just move entirely off their projects and onto open-source forks.
Cant tell if this is satire. But I'm not self hosting my passwords unless I fully understand exactly what's happening. Trusting that to an LLM without really understanding what's happening seems very risky to me.
Since it appears that LLMs can't achieve AGI and lose hallucinations, I presume a new company will appear with a new architecture that can - what happens to the current behemoths and their stock prices? Will they jump architectures?
reply