that sounds like opencode has a privilege bug too?

the author certainly failed at a lot of basics and is doing the known "the junior broke something prod and were putting all the pressure and blame on them rather than the system that created the error"

but it is still useful feedback to the model makers

they are training in the behaviour to prioritize deleting and starting from a clean environment.

this is a bad thing to train for, especially as more and more people use more and more agents in a different way.

an agent that thinks about deleting stuff without considering alternatives and asking for help, shouldnt be passing the safety bar

these are much better questions for an audit sheet than for engineers to come up with at integration time, mind you.

to an extent, its a good job for an agent reviewer for figuring out how screwed your setup is, other than the risk of it mucking things up as part of the review

with amazon its pretty standard to scope permissions as an allow list.

if you want an llm to do any operations on your stuff, give it a role with access to only stuff you want it to be able to touch

Yes but my original reply was to someone that seemed to imply that this founder was dumb not to verify that Railway’s API key that should have been limited to managing custom domains, truly was limited to managing custom domains. I’ve never used Railway but my pushback is that no one in the real world exhaustively verifies a key is scoped properly against all 3rd party endpoints. We trust vendors to document how they’re scoped and to actually do that.

I think it is meaningful that the author didn't say "there was a bug in scope enforcement" or "the UX is really misleading- look at these screenshots." In fact they even state this a long standing community FR. And they don't even say they only discovered this after the incident!

It actually seems like they knew ahead of time and proceeded anyway, but are just using this critique as a way to shift blame.

the US has no laws about social media for u16. australia does, and countries are following suit.

the west is led by the people that lead now

countries also have single payer or other socialized healthcare, and have not followed the US into its junky private profits on extraordinary public money setup

this is not at all convincing. america used to have soft power influence, but its being left behind

its still a pointed one.

"open source" keeps being redefined by people with wealth and power to restrict our computing rights.

eventually its just gonna be "proprietary microsoft code that runs on microsoft servers, but you can see a portion of the results"

"Open source" as a term has evolved due to its success. It wasn't some malicious attempt at redefining things from the technical elite. It was a natural shifting of language, as happens with all words, as it entered more common usage.

It's entirely reasonable that this colloquial understanding would be applied to new categories such as AI models. I'm sure it'll be applied to many other things that don't fit the OSD either. That's just language for you.

europe+canada put out the threat, and succeeded just by threatening.

if you missed it thats on you

south americans is how north americans refer to south americans though.

south americans just call themselves americans.

there arent all that many canadians; whats the need to index so hard on what we think?

I doubt many Spanish or Portuguese speakers refer to themselves in English.

Regardless, sure South Americans can absolutely call themselves Americano in the continental sense. But I know in Brazil for example "Americano" is casually understood to mean from the US, and in general South Americans are more likely to identify as argentino, brasileiro, chileno, colombiano, etc., or as sul-americano/sudamericano.

Most importantly, when speaking English, virtually all will avoid American for themselves because they know in English it means estadounidense.

so alabama and texas are enemies to the US the same way china is?