For anyone else who got a little too excited at the title, ECC here is error correction codes, not elliptic curve crypto.
Very cool writeup, thanks for digging into all those data sheets and sharing it with us! I feel like the hands-on electronics stuff has always been a little bit inaccessible to me, but posts like these always make me a little more excited to start doing little projects myself. So thanks for posting.
Bubblewrap is a it's a very minimal setuid binary. It's 4000 lines of C but essentially all it does is parse your flags ask the kernel to do the sandboxing (drop capabilities, change namespaces) for it. You do have to do cgroups yourself, though. It's very small and auditable compared to docker and I'd say it's safer.
If you want something with a bit more features but not as complex as docker, I think the usual choices are podman or firejail.
Thanks for linking to the essay. I just read it and really enjoyed it. I think I'll try to put the ideas into practice in my writing (and hope I'll succeed).
I often see things like this and get a little bit of FOMO because I'd love to see what I can get out of this but I'm just not willing to upload all these private documents of mine to other people's computers where they're likely to be stored for training or advertising purposes.
How are you guys dealing with this risk? I'm sure on this site nobody is naive to the potential harms of tech, but if you're able to articulate how you've figured out that the risk is worth the benefits to you I'd love to hear it. I don't think I'm being to cynical to wait for either local LLMs to get good or for me to be able to afford expensive GPUs for current local LLMs, but maybe I should be time-discounting a bit harder?
I'm happy to elaborate on why I find it dangerous, too, if this is too vague. Just really would like to have a more nuanced opinion here.
> I'm just not willing to upload all these private documents of mine to other people's computers where they're likely to be stored for training or advertising purposes.
And rightfully so. I've been looking at local LLMs because of that and they are slowly getting there. They will not be as "smart" as the big models, but even a 30B model (which you can easily run on a modern Macbook!) can do some summarization.
I just hope software for this will start getting better, because at the moment there is a plethora of apps, none of which are easy to use or even work with a larger number of documents.
The docs I upload are ones I'd be OK getting leaked. That also includes code. Even more broadly, it also includes whatever pics I put onto social media, including chat groups like Telegram.
This does mean that, useful as e.g. Claude Code is, for any business with NDA-type obligations, I don't think I could recommend it over a locally hosted model, even though the machine needed to run a decent local model might cost €10k (with current price increases due to demand exceeding supply), that the machine is still slower than what hosts the hosted models, that the rapid rate of improvement means a 3-month delay between SOTA in open-weights and private-weights is enough to matter*.
But until then? If I'm vibe coding a video game I'd give away for free anyway, or copy-editing a blog post that's public anyway, or using it to help with some short stories that I'd never be able to charge money for, or uploading pictures of the plants in my garden right by the public road… that's fine.
* When the music (money for training) stops, it could be just about any provider whose model is best, whatever that is is likely to still get distilled down fairly cheaply and/or some 3-month-old open-weights model is likely to get fine-tuned for each task fairly cheaply; independently of this, without the hyper-scalers the supply chains may shift back from DCs to PCs and make local models much more affordable.
"Leaking" is an unauthorised third party getting data; for any cloud data processor, data that is sent to that provider by me (OpenAI, everything stored on Google Docs, all of it), is just a counterparty, not a third party.
And it has to be unauthorised, e.g. the New York Times getting to see my ChatGPT history isn't itself a leak because that's court-ordered and hence authorised, all the >1200 "trusted partners" in GDPR popups if you give consent that's authorised, etc.
> I'm sure on this site nobody is naive to the potential harms of tech
I don't share your confidence. A lot of people seem to either be doing their best to ignore the risks or pretending that a nightmare scenario could never happen to them for some reason. They place huge amounts of trust in companies that have repeatedly demonstrated that they are untrustworthy. They ignore the risks or realities of data collection by the state as well.
> I don't think I'm being to cynical to wait for either local LLMs to get good or for me to be able to afford expensive GPUs for current local LLMs, but maybe I should be time-discounting a bit harder?
I'm with you. As fun it would be to play around with AI it isn't worth the risks until the AI is not only running locally but also safely contained so that it can only access the data I provide it and can't phone home with insights into what it's learned about me. I'm perfectly fine with "missing out" if it makes it harder for me to be taken advantage of.
As a side benefit, if/when AI becomes safe to use with my personal information, it'll probably suck a little less, and others will have already demonstrated a number of tasks it's successful/disastrous at so I can put it work more easily and effectively without being burned by it.
I've been analyzing my Obsidian vault using local LLMs that I run via Apple's mlx_lm. I'm on an M4 MacBook Pro with 48GB RAM.
The results are ... okay. The biggest problem is that I can't run some of the largest models on my hardware. The ones I'm running (mostly Qwen 3 at different numbers of parameters and quantization levels) often produce hallucinations. Overall, I can't say this is a practical or useful setup, but I'm just playing around so I don't mind.
That said, I doubt SOTA models would be that much better at this task. IMO LLM generated summaries and insights are never very good or useful. They're fine for assessing whether a particular text is worth reading, but they often extract the wrong information, or miss some critical information, or over-focus on one specific part of the text.
I don't really buy this post. LLMs are still pretty weak at long contexts and asking them to find some patterns in data usually leads to very superficial results.
No one said you cannot run LLMs with the same task more than once. For my local tooling, I usually use the process of "Do X with previously accumulated results, add new results if they come up, otherwise reply with just Y" and then you put that into a loop until LLM signals it's done. Software-wise, you could add so it continues beyond that too, for extra assurance.
In general for chat platforms you're right though, uploading/copy-pasting long documents and asking the LLM to find not one, but multiple needles in a haystack tend to give you really poor results. You need a workflow/process for getting accuracy for those sort of tasks.
Then you have non-superficial results based even on long contexts. Wasn't it clear I was responding directly to parent's concerns? Could I have made it clearer?
What I was getting at is that running LLMs in a loop doesn't really address those concerns at all. You simply get more information, it doesn't do anything for the correctness of that information.
Any patterns it identifies could be imaginary, and you don't have any indication of confidence that all relevant trends have been identified. The most valuable patterns are likely going to be the most hidden and easily missed - those are the ones people are paid to find, not just the low hanging fruit that can be identified with basic statistics.
In the same way that asking an LLM to review some code might produce a hundred superficial comments and miss the things that actually matter.
As expected the LLM does understand what you're trying to say. A rational actor would use this opportunity to update their priors but something tells me you're not a rational actor. Pity.
This was on chatgpt, tell free to try for yourself, since you probably think it's fake.
Prompt:
Do you understand what user 2 is trying to say in below context?
User1: No one said you cannot run LLMs with the same task more than once
User2: no one said you can't turn on the radio and start listening to static
User2: Ask the LLM if it understands what I'm trying to say
Response:
Yes. User 2 is making an analogy, not a literal rebuttal.
What they’re trying to say is roughly this:
> Just because something is allowed or possible doesn’t mean it’s meaningful or useful.
More specifically:
User1’s claim:
“You can run an LLM on the same task more than once.”
→ This frames repeatability as neutral or acceptable.
User2’s analogy:
“You can turn on the radio and listen to static.”
→ Yes, it’s allowed — but it’s noise, not signal.
So User 2 is implying that:
Re-running an LLM on the same task (especially without controlling randomness, evaluation criteria, or epistemic grounding) may just produce stochastic variation rather than new information.
Treating multiple runs as meaningful evidence can be like mistaking static for content.
In epistemic terms, they’re criticizing procedural permissibility being confused with epistemic value. The analogy suggests:
It really depends on how deep you want to go. And this will likely not be useful in any way, other than a new hobby. Me and my friends who do this kind of thing, we do it for fun.
If it was not fun for me, I would not have bought 3 GPUs just to run better local LLMs. Actual time, effort and money spent on my local setup compared to the value I get does not justify it at all. For 99% of the things I do I could have just used an API and paid like $17 in total. Though it would not have been as fun. For the other 1% I could have just rented some machine in cloud and ran LLMs there.
If you don't have your private crypto keys in your notes worth millions, but still worry about your privacy, I'd recommend just renting a machine/GPU in a smaller cloud provider (not the big 3 or 5) and do these kind of things there.
If you have an extra 20 GB of RAM and a recent-enough CPU (no GPU needed), you can run qwen3:30b-a3b locally well enough to analyze documents and have it report back quickly enough to be completely realistic for analytical use. I find the output of Qwen3's 30B model for that sort of task is plenty good enough.
I've tried a few times to convince people in my life who would self describe as "bad with computers" to download an adblocker, but they usually find the friction too high. Adding extensions is unfamiliar for most, and even if it seems very basic for us, the non-tech people I know don't really want to deal with the risk of unknown unknowns from that, let alone switching to a healthier browser. (Perhaps reasonable since it feels like these days half the extensions on the Chrome Web Store are spyware or adware behind the scenes.)
I also suspect that those who lived through the days of frequent Windows errors and Chrome running out of memory all the time often expect software to fail in weird and unexpected ways, and a lot of people adopt a "don't fix it if it isn't broken" mindset.
Still, uBlock Lite and Brave browser are definitely easy wins and I'm glad to see more random people in my life using them than I would have expected. :)
If it's the computer of an older family member or something, just put Firefox and ubo on their system for them and be done with it. They will use whatever software is preloaded, and being shown how to use it is a much lower barrier to entry than the cognitive load of finding, vetting, installing, and configuring new software.
I used to try to patiently explain why people should do xyz. Now I explain to people why I'm going to change xyz on their device, and if they don't slam the breaks I just do what needs to be done right then. If someone doesn't know what an adblocker is they are getting one so they can see for themselves and reflect on what companies have been putting them through for years to make some incremental amount of money.
That's really funny. Yes, in case it wasn't clear for others reading this and thinking about installing these, it's almost certain that uBlock Origin and Brave browser will not cause you any problems and if you're using stock Chrome I really encourage you improve your situation dramatically for ~5 minutes worth of effort.
I like using silly fonts, e.g. Comic Sans Mono has been my daily driver for the past year or so, and it's really fun to see the Minecraft fonts and old DOS and VT323 fonts. If anyone's into retro computing, it's worth checking those out, particularly the website link for the IBM VGA 9x16, which has loads and loads more old fonts.
I think I'll try using Monocraft in the shell for a while and see if it works well for me, though I might stick to Comic Sans for actual coding :)
Hey - I wonder if you might be able to elaborate on this? I'm on gnome and have had by and large a pleasant experience, and now I'm curious what I might be missing out on. What made it feel like a horrible OOBE for you?
Not exactly what you're asking, but multiple CVEs have been found in Intel's Management Engine (ME) which have been used in spyware.
It might not be an intentional backdoor, but it very much seems designed with out-of-band access in mind, with the AMT remote management features and the fact that the network controller has DMA (this enables packet interception).
Bit of an aside, but I'm wondering in what city this was in.
I'm going to be job hunting soon and I was planning to prioritize the Bay Area because that's the only place I've encountered a decent density of people like this, but maybe I'm setting my sights too short.
Very cool writeup, thanks for digging into all those data sheets and sharing it with us! I feel like the hands-on electronics stuff has always been a little bit inaccessible to me, but posts like these always make me a little more excited to start doing little projects myself. So thanks for posting.
reply