So the risks are different. If China does mass surveillance on us citizens, then what are the potential downsides? China can do targeted influence campaigns in the us, China can do targeted espionage in the us.
The harms that come from this are against us national security as a whole, the harms are not to individuals and civil liberties. Even if both China and US governments are bad actors, then the fact that China is spying on Americans will not affect Americans civil liberties.
On the other hand if the United States does mass surveillance on Americans, then that can be used by bad actor administrations to suppress dissent, throw people who disagree in prison, suppress speech. Essentially the government has the targeted ability to suppress civil liberties.
So it is very different, because the incentives and potential downsides are different. Similar with companies. Google does not have the ability to lock you up for your Google search, the federal government does (if you are American).
It's the same with Nato/allies, it's not about the country, it's about the spying governments ability and incentives to act on the information.
We don't want the stasi, but imagine a world where the stasi instead had millions of files on Scottish people. What is the worst the stasi could do? What is the worst they would be realistically incentivised to do?
What are you using for environment for this, I am running into similar issues, can't really spin up a second agent because they would collide. Just a newly cloned repo?
I view it as do you have a full mental model of the code base.
If you do then not vibe coded.
For me, I have different levels of vibes:
Some testing/prototyping bash scripts 100% vibe coded. I have never actually read the code.
Sometimes early iterations, I am familiar with general architecture, but do not know exact file contents.
Sometimes I have gone through and practically rewrote a component from scratch either because it was too convoluted, did not have the perfect abstraction I wantet/etc.
For me the third category is not vibe coded. The first 2 are tech debt in the making.
The benefit is to not type encryption password on every boot. TPM stores the encryption key and Secure Boot ensures that the system is not tampered.
That said, I think that it's better to use alternative approach. Use unencrypted signed system partition which presents login screen. After user typed their username and password, only user home gets decrypted. This scheme does not require TPM and only uses secure boot to ensure that system partition has not been altered. I think that macOS uses similar approach.
This whole assumption that TPM is a secure way to store things is ridiculously faulty. It's an interceptable i2c bus, and there's multiple tools available since 0.9 that can recover keys from both cold RAM boot and from interception of the i2c bus.
If your laptop gets stolen, the thief also has your keys and can also decrypt the hard drive, which the TPM storage initially was supposed to have been invented for to actively prevent.
It is quite hard to do this safely on typical Linux systems, since there is a substantial amount of writable system data (e.g. syslog, /etc, /var). If unencrypted they will leak data, and if encrypted there is little difference from just encrypting the root.
A typical linux system will have everything in one partition and even if you do like to split up the system (for historical re-enactment?) it wouldn't matter as you'd be encrypting the whole disk anyway.
realtime api + elevenlabs but llms will be diversified based on persona moving forward. Using chatgpt/gemini as baseline model, we feel prompting has limitation
