None of it is non-trivial tho. You might think so, but it’s not.

It wasn't trivial in that I used a lot of my programming and domain knowledge, both when iterating on the design document and skimming implementation plans.

I didn't use it often, but when it was needed it was needed.

> Anesthesia is strong evidence that there is some physical process that is the person.

Not really, it only suggests that the brain function is involved in some way. If the brain is an “antenna” anesthesia could prevent it from functioning and that would be a totally consistent theory.

Agreed that you can still rescue dualism in that case, but I still think it's literally "strong evidence". A model involving the spark of awareness being received by the brain, but personality, memories, and motor action decisions being created by the brain seems much more complicated.

Is this supposed to be some sort of gotcha?

How can you even argue that we’re p-zombies? I know that I’m not. I assume others aren’t. Maybe you are?

From a non-dual perspective either nobody is a p-zombie or everybody is a p-zombie. I think the trajectory of LLMs will be that consciousness sensations are abundant and low value, and that will give all the non-dual territory over to the illusionists (who now have a tangible example to point to.) Emergence won't be disproven but it'll be about as interesting as a penny stock. Everyone else is going to go to ground as a dualist and argue for some entirely new unreachable aspect of human exceptionalism, but they'll have ceded qualia as they did for souls. If I had to guess, they'll focus on embodied cognition because building high-fidelity bodies still seems really hard.

You aren’t tempted by every single post being written by LLMs?

Are you useful?

That's the scary part about AI and the transformation it'll have on society. The answer to that question for all of us, soon enough, will be no, not useful enough vs an AI. Then what happens?

Maybe, but it’s not gonna be because of LLMs

There is build.rs, proc macros are unsandboxed, and lastly you install the binary so that you can run it. Even if the build and install were fully sandboxed, the binary could still do malicious stuff if ran.

Even without post-install script, a malicious payload could be hiding in some function and just wait until the developer invokes `cargo run`. Not that many people audit the crates they pull into their projects.

Yeah no shit, if you download malicious code from the internet and run it on your computer you will get pwned. No matter if it’s from a package manager a zip file or a submodule.

However the current npm vulns used a post install script.

I maintain that NPM malware use postinstall scripts just because they exist and are convenient. Had NPM not had postinstall scripts, the malware would have used a different mechanism and been almost exactly as effective.

It has build.rs that will run as soon as you compile the dependency. That's not the same thing but pretty close to a post install script: it's very likely to run.

They have build.rs (https://doc.rust-lang.org/cargo/reference/build-scripts.html)

It has build.rs, which has essentially the same problems.

Because of marketing and vibes mostly.

Heck I prefer DeepSeek to both of those.

Wow, I'm really surprised. I tried deepseek (their best model, through the official API). Its extremely cheap, but its clearly not as good at programming as Opus 4.7. It seems nowhere near as good at making high level design choices. Deepseek also seems to get stuck in whack-a-mole fixing loops much more than opus. I stopped it at one point, and asked opus to solve the problem it was trying to solve and it saw the solution immediately.

I was running deepseek through claude's code agent harness. Maybe it works better through a different tool?

I've given V4 Pro some curly things and I was impressed at how it figured them out. I agree high level design is not its forte. But it sat in a loop and dogmatically debugged a crazy dependency issue to come to the right answer over the course of 15 minutes which impressed me.

You tried v4?

I tried to like it, but it eventually got stuck in a near-infinite loop trying to debug an extra curly bracket in an iOS app.

That and the lack of image-read support surprised me. I'm a big fan of feeding screenshots into my llm and that killed it for me.

Yeah, v4.

I would have been much more impressed with v4 about 6 months ago. But I've been spoiled by opus 4.7. Deepseek isn't at the same level.

Idk, I don’t vibe code so even the flash model is great for generating code for myself. I tend to do the planning and design myself though.

Harness also matters, and also provider. I was using openrouter and switched to the Deepseek api and suddenly all the tool call issues I was having resolved themselves. Flash is so damn fast at doing stuff like generating boilerplate I can’t go back to the bigger slower models.

I feel you. I'd prefer to stick entirely with local open source models. I tried using Aider and Qwen last week, and while it's still impressive what it can do with just local resources and entirely for free, its error rate is too high, and it's clearly not remotely in the same league as Claude Code.

interestingly I had the same experience, and weirdly it's in part because it is clearly less intelligent. It's more of a mechanistic tool just doing what I ask (but still very smart and very competent about it) and less trying to win a nobel prize with each answer. Turns out I actually like that.