I agree with you. Putting myself in the shoes of a tech CEO, I see other companies laying off and saying that their AI strategy made them so productive that they don't need 20% of their employees anymore, I see investors flocking to that company, I look at my company and feel investor FOMO, I layoff as well.
It's nothing personal, it's just how the US works. If this were to happen in Europe, your company would burn to the ground. The amount of compensation you'd have to do would eat your gains from the layoffs.
> From everything we’ve seen, Pawel’s code is a legal third-party tool that is covered under open source software licensing, and in no way has he “impersonated” Bambu Labs or presented as them at any point.
The name of the software literally has "BambuLabs" in it. Not picking sides, but that's pretty dumb.
Also cease and desist are "easy" to handle, just host your code on a European git hoster or host your own gitlab/codeberg. That USA law doesn't affect EU platforms.
When I first learned that Iran-Israel used to have friendly relations for decades, I was shocked. Genuinely surprised. Here's the relevant part of the wiki [0]:
After the establishment of the State of Israel in May 1948, Israel and Iran maintained close ties. Iran was the second Muslim-majority country to recognize Israel as a sovereign state after Turkey. Israel viewed Iran as a natural ally as a non-Arab power on the edge of the Arab world, in accordance with David Ben Gurion's concept of an alliance of the periphery. Israel had a permanent delegation in Tehran which served as a de facto embassy, before Ambassadors were exchanged in the late 1970s.
After the Six-Day War, Iran supplied Israel with a significant portion of its oil needs and Iranian oil was shipped to European markets via the joint Israeli-Iranian Eilat-Ashkelon pipeline. Trade between the countries was brisk, with Israeli construction firms and engineers active in Iran. El Al, the Israeli national airline, operated direct flights between Tel Aviv and Tehran. Iranian-Israeli military links and projects were kept secret, but they are believed to have been wide-ranging, for example the joint military project Project Flower (1977–79), an Iranian-Israeli attempt to develop a new missile.
You know that the Iran of then is almost completely unrelated to the Iran of now culturally, politically and even religiously due to... err... “foreign intervention”, right?
Obviously. The point I'm addressing is that Iran does not have to maintain hostile relations towards Israel. The two countries had friendly relations for decades prior. Iranians themselves also want to end hostilities with Israel. Polling of Iranians citizens show 69% of people believe the "Islamic Republic should stop calling for the destruction of Israel" [0].
The tens of billions of dollars Iran invests into fighting Israel are (in my opinion) much better spent investing into developing the Iranian people and economy. Spending billions of dollars funding proxy wars, fighting a pointless forever war against Israel, pursuing nuclear weapons, and firing drones and missiles at your neighbors is a foolish foreign policy. Iran is asking for trouble.
If Iran had a different foreign policy, this current conflict would never have happened. Iran's situation was entirely avoidable.
That's my point. Iran did, and it did not work out for them so why would they try again?
> Polling of Iranians citizens show 69% of people
67% of people believe Trump is doing a bad job; 56% believe the US shouldn't be in this war; 63% believe the US should stop supporting Israel. They're all roughly the same % as your quote, does that mean the US should change foreign policy?
> Iran's situation was entirely avoidable
Sure, by not dropping bombs on them while negotiation with them?
Latter question: it's 92kWh, which is not unreasonable even if it's twice what some entry level cars are being sold with.
Deep dive on the pack: https://www.batterydesign.net/byd-blade-2-0-compared-to-1-0/ ; it seems they've done some good old fashioned mechanical engineering to minimize the "not cells" part of the battery while keeping the liquid cooling effective.
Cost in Europe: based on past cars .. maybe 50-100% more? Higher taxes AND higher margins.
I can find the previous Seal at £46k for the premium spec version (390kW / 83kWh): https://www.arnoldclark.com/new-cars/byd/seal/390kw-excellen... , or you can lease it for £321. UK leasing seems to be the last place it's possible to get an actual beat the market deal, which is odd.
I get what your saying, but this is resonating with me and making me feel for the author:
Cursor: we have top notch safeguards for destructive operations, you have our guarantee, we are the best
Author: uses their tools expecting their guarantees to be true (I would expect them to have a confirmation before destructive operation outside their prompt, as a coded system guardrail)
Cursor AI: Does destructive operation without asking
Author: feels betrayed.
So yeah, I think the author is right because they trusted Cursor to have better system guardrails, they didn't (agents shouldn't be able to delete a volume without having a meta-guardrail outside the prompt). Now the author knows and so do we: even if companies say they have good guardrails, never trust them. If it's not your code, you have no guarantees.
Sorry - still author's fault. They didn't understand how LLM's work. They thought Cursor implemented some magic "I control every action LLM takes" thing. It's impossible.
right. But cursor _said_ they had some magic. At some point you have to trust vendors. I don't know exactly how AWS guarantees eleven nines of durability on S3. But I sure hope that they do.
Here is what they say, at the very top they explain that llm's are inherently unreliable. It looks like they offer security tools and safeguards, but they also provide an auto run option. There is nothing a vendor can really be responsible for someone shooting themselves in the face. You can argue that they shouldn't provide that, but that's what people want, so they do, with warnings.
It sounds like this user either didn't use security controls, approved prompts they didn't understand, or disabled the checks entirely. Working in IT/tech a big chunk of my life so far and seeing all the dumb crap people who even know better do, I would bet my house on that being the most likely scenario rather than cursor somehow being at fault here.
yeah and when you interview the junior dev who also convinces you they're smart and have something special, they also delete prod and guess what... not that devs fault.
You absolutely do not. When someone makes an unbelievable claim, such as having magic guardrails for LLMs that prevent dangerous actions (what would that even mean?!), you don’t have to trust that claim.
If you trust someone’s claim without justification, that’s on you.
> At some point you have to trust vendors. I don't know exactly how AWS guarantees eleven nines of durability on S3. But I sure hope that they do.
Trust is earned, it's built on reputations at the individual, corporate, and industry-wide levels. AWS has 20 years of reputation on which I can judge the value of their promises.
Not only has the LLM industry (it is not "AI" and never will be) absolutely not earned anything like that level of trust, the thing the technology has proven most effective at is in fact scamming. Making up something that looks/sounds convincing, especially if you aren't thinking too hard about it, is what they're best at. Combine that with a lot of money flying around and trust levels should be somewhere around "Elon Musk promises".
At this point there have been so many blatant examples of why you should never give a LLM "agent" control over production systems, but the allure of just giving some vague direction to a chatbot and telling it not to screw things up it just irresistible to some like Sideshow Bob stepping on rakes [1].
If everyone around you is whacking themselves in the face with the rake, and you know you can avoid it just by using your brain and not stepping on the rake, and avoid entirely by just keeping your rakes contained, but a rake vendor comes to you saying that instead they have built a new rake that they swear won't whack you in the face even if you leave it right in your walking path, do you trust them?
Yeah I wasn't clear with "the author is right", I think they are right to be frustrated, but that doesn't clear their own fault in the matter
It's just that it wasn't their fault alone.
This is not a polarizing issue, it's not just the authors fault, or cursors fault, or society's fault. It's everyone's, and we all got something to learn from this.
You just have to add a human in the loop for destructive calls.
Add an additional TOTP parameter to destructive calls that's generated from the agent UI that requires a human to click a button, which generates a code that's sent to the model and used in the call.
Having said that - even categorisation of destructive and non destructive calls is inherently not safe, unless you have very strict os level / VM like setup (everything read only, world access is through MCPs so it is not LLM deciding the destructive calls but the MCP etc. )
reply