Thanks. Adding memory is an interesting idea. I'd probably want to do it a little differently than what is done in the main apps to avoid overlap. I like the idea of being able to tag conversations and then use that "tag" to organize memory. E.g. You might want to have one set of conversations about fitness, another about travel, another about career, etc. with no overlap between them.
Sometimes I need to give Claude Code access to a secret to do something. (e.g. Use the OpenAI API to generate an image to use in the application.) Obviously I rotate those often. But what is interesting is what happens if I forget to provide it the secret. It will just grep the logs and try to find a working secret from other projects/past sessions (at least in --dangerously-skip-permissions mode.)
If I am not mistaken, Claude sometimes pulls an API key out of a .env file and drops it into that folder. It might be neat for you to add a feautre specifically for identifying any keys that are in that folder.
This is an exmaple of a potentially problematic prompt:
"You are an expert data analyst combining statistical rigor with deep domain knowledge. Your goal is to deliver data-driven insights — not summaries or visualizations — grounded in real data and supported by complete and transparent reasoning."
And they say:
"This includes detection of chain-of-thought elicitation used to construct reasoning training data."
...
"We are developing Product, API and model-level safeguards designed to reduce the efficacy of model outputs for illicit distillation, without degrading the experience for legitimate customers."
It's going to be very hard to generate outputs that people need but that also can't be used for distillation. For example, it's a good practice for many reasons including audibility to ask for the chain of thought. In fact, I'd argue it's essentially impossible to modify the outputs in a way that makes them less useful for distillation without degrading quality for legitimate users.
So then their only viable option is to try to identify the traffic. However, that is very hard because: "In one case, a single proxy network managed more than 20,000 fraudulent accounts simultaneously, mixing distillation traffic with unrelated customer requests to make detection harder."
This local legislation has been the subject of some discussion. Is it prudent or does it discourage tech investment? I'm personally not excited to see that AI and data-centre customers have to compete for MW under a fixed cap while other industries are exempt.
"Through Bill 31, the Energy Statutes Amendment Act, and a new regulation, there is now a requirement for prospective AI and data-centre projects to take part in a competitive selection process to access clean electricity.
This requirement does not apply to traditional industries, such as mining, liquefied natural gas (LNG), forestry, manufacturing or hydrogen for domestic use."
"The allocation targets for these projects are for as much as 400 megawatts for the first two years."
We've got a product in beta right now that lets's you spin up a review app by just commenting "deploy" on a PR in GitHub. When you combine that with Claude Code on the web, it is pretty fun. You can be anywhere (on a boat, train, lying on the couch, in a stadium watching 18 innings of baseball) and using Claude Code on the web on any mobile phone (in a browser.) As it builds stuff, it's instantly deploying a review app for each update and so you can see the changes and then give it another request. Also makes it easy to just drop that review app into a groupchat to get feedback from other people who are also not at their computers. I don't have a link to a video yet but I posted a few screenshots here. If you want to try the review app functionality, just send me a message. https://www.linkedin.com/posts/jonessteven_anthropic-claude-...
> You can be anywhere (on a boat, train, lying on the couch, in a stadium watching 18 innings of baseball) and using Claude Code on the web on any mobile phone (in a browser.) As it builds stuff, it's instantly deploying a review app for each update and so you can see the changes and then give it another request. Also makes it easy to just drop that review app into a groupchat to get feedback from other people who are also not at their computers.
Remote work has been a thing for more than a decade now. I always have the feeling that most of the people commenting on the web are new to the industry.
More than 10 years ago we had the same setup. We will say "deploy app_name" in the chat and it will just do that. With a VPN we worked like if we were in the office from anywhere in the world (but most people, to be realistic, just worked from home).
To need a web-based IDE seems a step backwards. You are already connected to the internet, any IDE will have access to all the needed services thru an internet connection.
Our world is becoming more and more fragile as corporations look to concentrate all services in just one place. I do not see a good ending to all this.
That's a fair point. I do think what's most interesting this time is the potential for new use-cases (users) vs the replacement of existing ones. I agree that there are better ways for serious developers to work than to be using Claude Code on the web. On the other hand, you can now set up someone in the marketing or product management departments with the tools in an afternoon and then they can create widgets, perform custom analysis on data, experiment with prototype ideas, etc. and they don't even need a laptop. All you need is a mobile phone with a browser. It could be neat for students as well. "Build me an app to help me study for X". Time will tell exactly how people use it.
A risk is that it will give people a false sense of confidence that they are viewing real content. The only way out of this mess is cryptographic methodss (based on hardware in cameras) that can allow end-users to verify photos as real and then we assume every other photo may be AI.
Cryptographic components in cameras have roots of trust that can be compromised as well. Also, photos can be staged (many famous examples of this).
The only real solution is to build social infrastructure that helps people identify the trustworthiness of a source. Some efforts are being made in both the centralized and decentralized directions.
It turns out librarians and teachers teaching media literacy and critical thinking still has great value!
"Are the author's conclusions supported by the facts they present?" "Is their assertion internally consistent?" "What do you think the author is trying to make you feel and do by consuming this content?" "Is this a primary or secondary source?" "Can this be independently verified?" "Is the source credible?"
I don't want to sound promotional but this is the space we are living and breathing everyday at VeilStream.com so I do have some opinions. My suggestion to anyone using any type of AI (whether it be an AI coding tool like Cursor, an end-to-end AI application development tool like Lovable, or an additional agent anywhere in the process,) is to never allow access to your production database until you have done a very thorough security review (which would include testing for this type of vulnerability.) Our proxy server can sit in front of a database to filter/anonymize data so that you can do full end-to-end development and testing with no risk of data leakage and without needing to make any changes to the underlying database.
Same. As an American living on the Canadian border most of my life, I learned most of my Candaianisms from factory coworkers and AvE's youtube channel.
It's mostly West coast. Origin is Pacific West Coast pidgin (Chinook). Some people in Yukon and the prairies use it, but it becomes rarer the further you are from B.C.. It has become more widely used in recent years though.
reply