I've been developing one of these in the past few days, and this is like saying "this is a great example of how silly the whole thing is, there's next to nothing to cars" because you saw a piece of plywood with four gaskets nailed to it.
If you want a personal assistant to work well, there's a whole lot to it.
Having a similar experience. Durable memory with accurate, low-latency recall is not at all easy. Loads of subtle design decisions to make around how exactly you want the thing to work.
You don't give the agent the password, you send the password through a method that bypasses the agent.
I'm writing my own AI helper (like OpenClaw, but secure), and I've used these principles to lock things down. For example, when installing plugins, you can write the configuration yourself on a webpage that the AI agent can't access, so it never sees the secrets.
Of course, you can also just tell the LLM the secrets, and it will configure the plugin, but there's a way for security-conscious people to achieve the same thing. The agent can also not edit plugins, to avoid things like circumventing limits.
If anyone wants to try it out, I'd appreciate feedback:
> You don't give the agent the password, you send the password through a method that bypasses the agent.
The thing is, to work, you need to send the warning that indicates what the specific action is that is being requested to the authorizing user out of band (rather than to the agent so the agent can request user action); otherwise sending the password from the user to the system needing authorization out of band bypassing the agent doesn't help at all.
At least I can run this whenever, and it's all entirely sandboxed, with an architecture that still means I get the features. I even have some security tradeoffs like "you can ask the bot to configure plugin secrets for convenience, or you can do it yourself so it can never see them".
You're not going to be able to prevent the bot from exfiltrating stuff, but at least you can make sure it can't mess with its permissions and give itself more privileges.
Why would I fly an expensive drone close to a camera, fumble about for a minute trying to get it painted like a renaissance artist, when I can get a paintball gun for much less?
Or use a powerful enough laser pointer. Bonus points if you use infrared since other humans can't see the beam and won't know what you're up to.
Though you either need a laser powerful enough to harm human eyes or lots of patience. Hong Kong protesters innovated a lot of these sort of resistance using lasers
Where I am (Sydney Australia) we have fixed speed cameras that automatically create speeding fines to drivers going too fast (well, technically the registered owner of the vehicle via ANPR).
They eventually had to equip pretty much every speed camera with a speed camera camera, usually on a much higher pole to make vandalism more difficult.
Which Aeroflot flights were hijacked and flown to West Berlin? I've never heard of this. Funny though that Windows Copilot believes this happened and says that:
"On December 12, 1978, two Soviet citizens hijacked an Aeroflot Yak‑40 on a domestic route and forced it to fly to West Berlin’s Tempelhof Airport, which was under U.S. control."
But then, when asked about any reference to this event, gives this:
"1. LOT Polish Airlines Flight 165 (30 August 1978)
A LOT Tupolev Tu‑134 was hijacked by East German citizens seeking asylum and forced to land at Tempelhof Airport in West Berlin."
Sounds like a new remit for the NRO. Park a billion dollar satellite over an area to keep an eye out for petty vandalism. Then the sheriffs office can team up with Space Force: papers will be served immediately by LEO MIRV deployment, which may also count as execution depending on visibility and aim on the day.
/s - but it wouldn't surprise me at the rate things are going.
In the mid-2000s the company I worked for in Glasgow fitting microwave links to buildings (broadband wasn't readily available outside cable TV aerials) had a pile of ODUs that had been shot off roofs.
Mostly from one particularly benighted area, Easterhouse. If you extensively gentrified Easterhouse back then, it would look like Detroit in the 90s. It's improved a little since then.
"In NSW, paintball is classified as a "prohibited firearm" under the Firearms Act 1996. However, it can still be legally played under strict licensing conditions. Unlike in some states where it is more loosely regulated, players and operators in NSW must comply with a range of legal requirements to ensure safety and legality."
These rules have changed, I think back before COVID they reclassified them as sporting equipment instead of firearms, but still brought in a whole bunch of licensing rules and requirements similar to gun ownership.
You can't just walk into KMart and walk out with a paintball gun here. |Or paintball markers.
I remember reading about that back in the 90s as a kid here in the USA, in Action Pursuit Games magazine. They said semi-automatic paintball guns were illegal in Australia. I was like what kind of hellhole dystopia is that? Meanwhile at the local paintball field I remember this hillbilly had a fully automatic Angel when they came out. (The first electronic paintball gun.) He walked over to the treeline and emptied a hopper full of Brass Eagle paintballs into a tree in like 5 seconds. They all hit the tree at the exact same spot and vaporized into pink mist. Freedom, baby.
So your thesis is that this hillbilly was likely to take his fully automatic paintball gun and shoot up a school with it?
Or that his possession and use of this gun might somehow serve as a sort of "gateway drug" to Harder Weapons that he would then use to the same end?
Neither one appears to have actually happened. In fact, I've never known a single person who has been involved in a school shooting, or heard of one happening here at all, ever. It just doesn't happen, regardless of whatever is supposedly happening on the glowing box in the corner of everyone's living room that's always portraying doom and danger everywhere.
Indeed, I don't recall a single one of my paintball playing friends (who all nonchalantly used illegal in Australia and super dangerous semi-automatic paintball guns against each other) who later went on to be involved in any kind of gun related incident.
I'm sure you've got some kind of excellent response prepared however, so we will now hear the details of how wrong I am and how Paintball Guns Are In Fact Really Dangerous Because Reasons And the Australian Government Nannies Are Right.
Ownership of paintball guns is regulated under the state-level firearms act in most (all?) states and territories.
You can use them under the direct supervision of the licensed owner, but it's still quite restrictive. If you were to take one and shoot at cameras on the street it would vandalism plus firearms offences, most of which start at inversion of innocence, massive fines and move pretty quickly into prison time.
If you actually purchased one yourself in Queensland, you would need a Cat A firearms license, genuine reason, permit to acquire, safe storage etc as for a firearm.
NSW used to be similar, but a few years ago the state government had a rare moment of common sense and did away with most of that pointless bullshit.
A paintball gun might not invoke the federal government to hunt you down; an over-powered laser absolutely will. The FAA has a very low tolerance for that sort of thing. Do not ever, ever, ever use lasers in open air that are capable of damaging the human retina without the appropriate licenses. The last thing cities need right now is another federal agency going on a witchhunt. Firing eye-damaging lasers into the air would just serve them that excuse on a silvered platter.
The CCDs in cameras can be damaged with low-power lasers, or so I thought. No need for anything crazy. And the FAA won't become involved unless you're pointing them skyward. Pointing them across the street, or anywhere not visible from the air isn't going to sic federal agencies on you.
> And the FAA won't become involved unless you're pointing them skyward.
The point here is that 'skyward' is where the laser's beam goes when you're trying to aim it at a camera up on a pole. It's practically impossible to point a non-fixed position laser at something a non-trivial distance higher than you without spilling a large amount of laser beam into whatever happens to be behind your intended target; which is very often the sky.
We have most of that in <pick some European city/country>, and the statistics show it makes a big difference compared to the USA, but drivers still exceed the speed limit, run through red lights etc and cause injuries and death to pedestrians and cyclists.
Removing automatic enforcement of speed limits would not improve the situation.
Where I live, the speed limit keeps getting reduced so the city can make money off of fines, especially because nobody follows speed limits that are ridiculously low for wide, straight roads where following the limit would make traffic ground to a halt.
This happened in my hometown. Arterial roads that were 40mph when I was a kid are posted at 25 today and they just passed legislation to make the automated speed cameras near school zones active 24/7.
The use of a drone also ups the ante from a prosecutor’s perspective. Charging a vandal caught with a paintbrush and a ladder is nothing out of the ordinary. A routine misdemeanor.
Someone who has the wherewithal to jerry rig a paintball gun to a drone is someone scary. Plus, any officer who witnesses such a drone is almost certainly going to misidentify the paintball gun as an actual gun. I can imagine the operator would be charged with several felonies.
Yeah like we gotta be serious here, US cops and courts are out to screw people over because that is how they increase their budget, pay, and bonuses. If they think they can twist some law into giving you a felony, they will, regardless of the spirit of the law.
Attaching any kind of potential weapon on a drone has no real precedent so they can dig through 19th century law and combine it with some 21st century law and punishment and screw your life over with bull crap unless you got $100K+ sitting around to throw on a good lawyer. The risk of being caught may be a bit lower, but the potential punishment if caught could be absolutely enormous.
Also, you are dropping something from the aircraft which is a different violation (even if it is moving at 100m/s horizontally while falling at 9.8m/s²).
About ten years ago a company started fitting CCTV cameras to the illuminated advertising hoardings in bus stops, initially to discourage vandalism and then using frankly fucking creepy targetted advertising that used fairly crude machine vision stuff to guess the demographic of people at the stop.
The advertiser's operators could actually look through the camera and shout through hidden speakers at people vandalising their adverts, usually by writing on the specially-coated toughened vandal-resistant glass that ink or paint didn't stick to.
The local wee wannabe gangsters took to filling bingo markers with the stuff they use to etch frosted glass, and tagging the displays with that.
Filling paintballs is very hard and specialized and would probably be limiting to 99 out of 100 people if not more.
Gluing two fragile gelatin halves (designed to dissolve and break easily) once you’ve filled them perfectly full of paint and then making sure they’re almost perfectly round takes specialized equipment.
Last I heard, putting a glock on a quadcopter was creating an "illegal weapon system" or similar fancy sounding BS but I wonder what the accusation would be for a paintball gun on a drone?
On the list of "laws you don't want to screw with", National Firearms Act violations are high on my list. Regardless of whether something is or isn't a violation, I'm certainly not interested in paying expensive lawyers to argue they're not.
I think maybe there are subsets of problems where you can have either a human or a smart LLM write a verifier (e.g. a property-based test?) and a performance measurement and let the dumb models generate candidates iterate on candidates?
Yeah, maybe, but then it would make much more sense to run a big model than hope one of the small ones randomly stumbles upon the solution, just because the possibility space is so much larger than the number of dumb LLMs you can run.
I don't work this way, so this is all a hypothetical to me, but the possibility space is larger than _any_ model can handle; models are effectively applying a really complex prior over a giant combinatorial space. I think the idea behind a swarm of small models (probably with higher temperature?) on a well-defined problem is akin to e.g. multi-chain MCMC.
Why don't we need them? If I need to run a hundred small models to get a given level of quality, what's the difference to me between that and running one large model?
You can run smaller models on smaller compute hardware and split the compute. For large models you need to be able to fit the whole model in memory to get any decent throughput.
It's unfair to take some high number that reflects either disagreement, or assumes that size-equality has a meaning.
> level of quality
What is quality, though? What is high quality, though? Do MY FELLOW HUMANS really know what "quality" is comprised of? Do I hear someone yell "QUALITY IS SUBJECTIVE" from the cheap seats?
I'll explain.
You might care about accuracy (repetition of learned/given text) more than about actual cognitive abilities (clothesline/12 shirts/how long to dry).
From my perspective, the ability to repeat given/learned text has nothing to do with "high quality". Any idiot can do that.
Here's a simple example:
Stupid doctors exist. Plentifully so, even. Every doctor can pattern-match symptoms to medication or further tests, but not every doctor is capable of recognizing when two seemingly different symptoms are actually connected. (simple example: a stiff neck caused by sinus issues)
There is not one person on the planet, who wouldn't prefer a doctor who is deeply considerate of the complexities and feedback-loops of the human body, over a doctor who is simply not smart enough to do so and, thus, can't. He can learn texts all he wants, but the memorization of text does not require deeper understanding.
There are plenty of benefits for running multiple models in parallel. A big one is specialization and caching. Another is context expansion. Context expansion is what "reasoning" models can be observed doing, when they support themselves with their very own feedback loop.
One does not need "hundred" small models to achieve whatever you might consider worthy of being called "quality". All these models can not only reason independently of each other, but also interact contextually, expanding each other's contexts around what actually matters.
They also don't need to learn all the information about "everything", like big models do. It's simply not necessary anymore. We have very capable systems for retrieving information and feeding them to model with gigantic context windows, if needed. We can create purpose-built models. Density/parameter is always increasing.
Multiple small models, specifically trained for high reasoning/cognitive capabilities, given access to relevant texts, can disseminate multiple perspectives on a matter in parallel, boosting context expansion massively.
A single model cannot refactor its own path of thoughts during an inference run, thus massively increasing inefficiency. A single model can only provide itself with feedback one after another, while multiple models can do it all in parallel.
See ... there's two things which cover the above fundamentally:
1. No matter how you put it, we've learned that models are "smarter" when there is at least one feedback-loop involved.
2. No matter how you put it, you can always have yet another model process the output of a previously run model.
These two things, in combination, strongly indicate that multiple small, high-efficiency models running in parallel, providing themselves with the independent feedback they require to actually expand contexts in depth, is the way to go.
Or, in other words:
Big models scale Parameters, many small models scale Insight.
> There is not one person on the planet, who wouldn't prefer a doctor who is deeply considerate of the complexities and feedback-loops of the human body, over a doctor who is simply not smart enough to do so and, thus, can't. He can learn texts all he wants, but the memorization of text does not require deeper understanding.
But a smart person who hasn’t read all the texts won’t be a good doctor, either.
Chess players spend enormous amounts of time studying openings for a reason.
> Multiple small models, specifically trained for high reasoning/cognitive capabilities, given access to relevant texts
So, even assuming that one can train a model on reasoning/cognitive abilities, how does one pick the relevant texts for a desired outcome?
reply