I’m still kinda sad F# never caught on myself.

that’s all very relatable

Ultimately, these things aren’t concrete plans, it’s just a conversation starter. The people who published it aren’t building anything, but it does provide a starting point for things to think of those of us who do build things. The parts I thought were meaningful were in the list at the end:

• Private: In the era of AI, whoever controls the context holds the power. While data often involves multiple stakeholders, people must serve as primary stewards of their own context, determining how it’s used.
• Dedicated: Software should work exclusively for you, ensuring contextual integrity where data use aligns with your expectations. You must be able to trust there are no hidden agendas or conflicting interests.
• Plural: No single entity should control the digital spaces we inhabit. Healthy ecosystems require distributed power, interoperability, and meaningful choice for participants.
• Adaptable: Software should be open-ended, able to meet the specific, context-dependent needs of each person who uses it.
• Prosocial: Technology should enable connection and coordination, helping us become better neighbors, collaborators, and stewards of shared spaces, both online and off.

I think these are all good things to strive for.

Emacs is great though

Highly plausible, I could see something like this taking off in Vietnam for example. They recently banned stuff like unskippable ads, so it looks like the government actually cares about ensuring some user control already.

The goals they state seemed perfectly reasonable to me. I don’t really see any contradiction with hyper-personalized computing and having thriving communities. I think it would be great if you could easily tailor your computer towards your workflow. It doesn’t mean that I’m not able to have shared interests with other people who have different flows.

In fact, I think the way modern applications are build is fundamentally wrong precisely because they couple the logic of the app with the UI. This is the reason we can’t compose apps the way we do command line utils. If apps were broken up into a service and frontend component by default, you’d be able to chain these services together to build highly customized workflows on top of that.

And that’s precisely the kind of thing AI tools are actually decent at doing. You can throw a bunch of API endpoints at it and have it build a UI using them that does what you want, or if it’s good enough you might not even need a UI, you can literally just type what you want and it’ll figure it out.

Good point, verifying a disassembled binary wouldn’t exhaustively prove the compiler is safe.

Big tech agencies often house their own compilers and make their developers use it (even if it’s just a copy of the open source ones) to ensure that if a compiler is compromised,

That’s precisely what makes Rust appealing here with it being a new language and only having a single compiler implementation.

Also, there’s many many places where there’s a push to move C code to Rust to increase security, this isn’t ‘wierd’.

I actually do find it weird that there’s a massive push to rewrite all the stable and battle tested software that’s been known to work fine for decades in a new language that’s still evolving.

There are so many other problems to consider before going down this route. supply chain attacks, trust verification, code signing, all these come in play way before this.

Why assume that’s mutually exclusive? Intelligence agencies would pursue a multi pronged approach, and if one trick works that’s all you need.

The real issue is that most security vulnerabilities are caused by things Rust seeks to fix, use-after-free and double-free causing crashes that can be taken advantage off by a clever malware writer. Writing in Rust is (a slow and somewhat painful way of) making software more secure, not less.

Sure, the idea of Rust seems generally useful. However, the features Rust provides are entirely tangential to the discussion.

Additional note, this govt agency (and I’m no fan of Germany’s govt necessarily, but just to note) has given millions to many open source projects. Let’s encrypt, pypi, yocto, the openprinting stack, activitypub (you know, from the fediverse, how this platform runs…). They’ve also recommended languages other than Rust for projects too.

That of itself doesn’t really let us know anything one way or the other.

Finally, I personally was not familiar with Lunduke, sounds like he’s a massive piece of shit. I don’t think that has anything to do with the question of whether it is problematic that there’s a mass push to rewrite mature software in a new language that only has a single compiler implementation.

I think the sentiment in the manifesto is on point, but obviously the idea would have to be implemented by the public, and likely outside the US.

I think it’s very plausible that within a year or two we’ll have models that can run locally and do serious coding comparable to what Claude can do right now. There are two parallel tracks here too. One is models themselves improving, but the other is the tooling and the workflow. The thing I made for storing state outside the context is a good example of what’s possible and is still relatively unexplored. The less context the model needs to do its work the more viable small models become.

I totally thought Carney would start lecturing Xi on human rights or some shit. It’s refreshing to see libs not fuck something up completely for once.

Haha yeah it’s not great. Now that I thought about it some more, I wonder if you could use decompiling to verify that the compiler is doing what it says it does. If you compile a minimal program, and then decompile the assembly, you could see if there are any instructions that shouldn’t be there. It wouldn’t be trivial, but seems like it is a possible way to check that the compiler isn’t injecting something weird.

Yeah, it’s definitely good to know for the future. The particular point here raises here is definitely a valid concern, the fact that compilers can be poisoned is definitely something people should be more aware of.

pretty much

never heard of him before

The key problem is knowing whether something is compromised or not though, that why you can’t use an existing compiler if you want to be sure. Meanwhile, bootstrapping involved building a minimal core in assembly and then progressively compiling the compiler using itself. That’s basically how you build a whole new compiler starting with assembly.

Oh yeah, TDD works great with LLMs I find. They just have to make all the pieces fit, and since there’s a spec for what the code should be doing there’s no way to cheat. Either the tests pass or they don’t.

oh haha that one’s not me

if the US keeps fucking Canada economically, that might just happen

yeah I totally didn’t expect anything to come out of Carney’s visit to China