More

otabdeveloper4 · 2026-04-03T14:58:11 1775228291

Your ISP or telecom has to be compromised for TOFU to be relevant to anything. In practice that never happens.

otabdeveloper4 · 2026-04-03T14:53:10 1775227990

You will have to manage your SSH CA certificates instead of your keys.

The workflows SSH CA's are extremely janky and insecure.

With some creative use of `AuthorizedKeysCommand` you can make SSH key rotation painless and secure.

With SSH certificates you have to go back to the "keys to the kingdom" antipattern and just hope for the best.

otabdeveloper4 · 2026-04-02T07:05:15 1775113515

> can find and report on some very sophisticated security issues sometimes

Fixed it for you.

otabdeveloper4 · 2026-04-02T07:02:45 1775113365

> if the outcome is reliably and deterministically achieved

It's not. My favorite example: due to vibe coding overload literally nobody knows what configuration options OpenClaw now supports. (Not even other LLM's.)

Their "solution" is to build a chat bot LLM that will attempt to configure OpenClaw for you, and hope for the best, fingers crossed. Yes, really.

operatingthetan · 2026-04-02T07:49:47 1775116187

The openclaw situation is ridiculous. Configuring it is a nightmare, even with 3 different LLMs trying to help. Then I check their docs and it says three different things. Agents will take questions and turn them into a new config file, which consists of made up settings, causing the gateway to crash.

My setup is very simple too, just two agents, some MD files, and discord. Nothing else. These people using it for real work or managing their email and texts are in for a rough ride.

otabdeveloper4 · 2026-04-02T06:59:37 1775113177

> microfeatures/microservices

Have you seen the code generated by AI? These things converge on the "1 million lines to make an API call" pattern. They're a lot of things, but certainly not "micro".

otabdeveloper4 · 2026-04-02T06:57:04 1775113024

> Everyone knows that.

Except, apparently, Anthropic - who are doing their darndest to get everyone onboard their tools as a moat. Apparently that's the only strategy to AI stickiness.

benterix · 2026-04-02T08:56:28 1775120188

And their strategy kind of worked, right? CC is the most popular agentic coding tool. Anthropic faces competition from OpenAI (potentially better model, weaker TUI tool) and from the rest (potentially worse models, weaker TUIs). So their strategy is to develop both: make their closed model and closed tool better than competition so that when people want to vibceode they will choose their ecosystem.

zozbot234 · 2026-04-02T09:01:24 1775120484

OpenAI Codex is a much higher quality harness than Claude Code or OpenCode, and available as open source.

otabdeveloper4 · 2026-04-01T08:20:28 1775031628

Are you seriously claiming that technical debt doesn't exist?

hu3 · 2026-04-01T08:32:23 1775032343

I read it more like: Tech deb is over indexed by many and most money doesn't care as long as it works reasonably well.

otabdeveloper4 · 2026-04-01T12:26:35 1775046395

It's called "debt" because you will be forced to pay it off eventually.

In other words, it "works reasonably well" until it doesn't. That point might break your business. Many such cases.

otabdeveloper4 · 2026-04-01T07:56:38 1775030198

> It is not certain that scaling will meaningfully increase performance indefinitely

It's certain that it won't. We've already hit diminishing returns.

otabdeveloper4 · 2026-04-01T07:41:19 1775029279

> The frustration regex is funny but honestly the right call.

I love that it only supports English. AI bubble in a nutshell.

otabdeveloper4 · 2026-04-01T07:39:40 1775029180

> every delay to AGI results in deaths that AGI could have prevented

Uhm, that's not what Hollywood told me. I trust the screenwriters of "Terminator" more than I trust your anonymous forum comment.