staring at a wall is basically the zen practice of shikantaza [1], except you’re not staring, it’s more of an eyes half closed yet alert gaze. you don’t do anything, not even counting the breath. you just sit, that’s the entire practice. in my experience, the more you intellectualize it, the more difficult it becomes!
It is, but just sitting can be a little deceiving in its brutal simplicity and I think some thought has to be put on the technique. I would often would just sit and think, not just sit. I wasted a lot of time sitting and thinking I am meditating. It's more like "just sit and be extremely watchful, alert". I also found it useful to have a timer nearby and evaluating how slow the time passes. The emptier the mind, the slower the passing of time. It also helps to tap into feeling the body, I would find that it's completely impossible for me to focus, if I do not have a good sense on feeling my body. Posture also plays a very important role. It's something to note that the average modern day person has posture that would take weeks or even months of focused practice to fix, especially one browsing this site. It's just sitting, but there are many things involved. * If you tell a beginner to just sit, they will drown in their own thoughts. Something more practical is, stare at the timer and try to not think, just perceive each second passing by, do not think, see how long can you last without a single thought **. Shikantaza is basically willful suppression of the thought process and pretty much the opposite of what the wikipedia article describes as a "similar technique" - "Do Nothing Meditation".
As for the article, I am actually doing 1 - 2 min shikantaza regularly while working. I'm staring at an empty screen. I do it multiple times per hour regardless if I feel focused or not.
* Don't try to fix the posture while attempting shikantaza.
** Obviously something even more practical for a beginner is to gain focus by counting breaths and then breath awareness, before trying the most difficult type of zazen. I'm just describing what would be a way for someone that does not practice to imagine what correct shikantaza feels like.
The Launch Daemon is 100% optional and can better turned off along with its tools. It's there to help users install things like software updates or disk commands that required elevated access.
It operates under least priv. And the user must approve the Launch Agent (runs under use space, same as running locally within the App), and the Launch Daemon. There are 4 levels involved and the Daemon is last on the list and is rarely used. The user can just disable it and its tools get disabled as well. The LLM won't be able to use it in that state.
What gets used:
1. AppleScript/Osascript TCC, runs within the app, user approve each app being automated
2. AgentScript/Swift Dylibs/ScriptingBridge, same TCC runs within the app
3. Local shell scripting - backup if the user's Launch Agent (user space is down
4. Launch Agent (runs in the user space), primary for running shell commands.
5. Launch Daemon, software updates, etc. Anything the previous 4 layers can't handle. Rarely ever used. can be turned off by the user. I have used it to access the security of the Mac itself and it was surprisingly accurate and thorough.
> these should be opt-in. people that care can turn them on.
I wonder if this would have the unintended effect of leading to more spam and eroding culture, as fewer opinionated people would see the posts that need to be flagged.
Yeah, it's the opposite of showdead. Many of these get flagged automatically anyway. But I would like to read what trolls and throwaways want to say, so I turn on showdead. Maybe some people want more filters.
honest question: what use case requires cold starts below 100ms, considering TTFT of major LLMs are in the 300+ms range? presumably sandbox will be driven by an agentic loop, so.. you’re still bottlenecked by what essentially amounts to network I/O.
I don't get it. You mention being able to choose your own JS engine, so it's not using Wasmer's WebAssembly implementation but that of the chosen JS engine's? In other words, can Edge.js use Wasmer? Or have you managed to compile V8/JSC into WebAssembly and are executing it with Wasmer? If so, amazing!
I think most of this trial and error "You are an experienced engineer" stuff probably hurts model performance. No one ever does comprehensive testing so eh, yolo.
There are papers showing that models follow instructions less the more instructions they have. Now you think about how many instructions are embedded in that MD + the system prompt + likely a local AGENTS.md and at the end there is probably very little here that matters.
When you have a hammer, everything looks like a nail. Ad nauseam.
AI has made it possible for me to build several one-off personal tools in the matter of a couple of hours and has improved my non-tech life as a result. Before, I wouldn't even have considered such small projects because of the effort needed. It's been relieving not to have to even look at code, assuming you can describe your needs in a good prompt. On the other hand, I've seen vibe coded codebases with excessive layers of abstraction and performance issues that came from a possibly lax engineering culture of not doing enough design work upfront before jumping into implementation. It's a classic mistake, that is amplified by AI.
Yes, average code itself has become cheap, but good code still costs, and amazing code, well, you might still have an edge there for now, but eventually, accept that you will have to move up the abstraction stack to remain valuable when pitted against an AI.
What does this mean? Focus on core software engineering principles, design patterns, and understanding what computer is doing at a low level. Just because you're writing TypeScript doesn't mean you shouldn't know what's happening at the CPU level.
I predict the rise in AI slop cleanup consultancies, but they'll be competing with smarter AIs who will clean up after themselves.
https://amirmalik.net - I haven't blogged in a while, but have been experimenting with single-file build-step-free HTML tools (inspired by simonw's tool catalog) at https://amirmalik.net/tools -- I'm hoping to add more "bring your own API key" local-first mini tools that store their data in IndexedDB or OPFS and sync. I should probably write a post about it :)
I've built the same thing twice, first with Firecracker microVM, and second time using containers (gVisor).
While the microVM route is more secure, it's more complicated and ops are tricky, but you can do some cool things to optimize startup time like when I was working on a function as a service platform, and to reduce TTFB, I trapped the `listen()` call, sent a VSOCK message to the VMM to trigger a freeze, snapshot the VM and save it as a "template". Then for every request, the snapshot was cloned (with some file system tricks like CoW) and resumed to handle the request. It "just" worked, but the orchestration was kludgy.
In the second incarnation of this, I decided to use Linux containers with the gVisor sandbox. You can take a look at my project https://github.com/ammmir/sandboxer which uses Podman and gVisor underneath; it's good enough for a prototype. Later on, you can swap it out with Firecracker microVM, if necessary. In fact, I'm thinking of adding microVM support to sandboxer itself. If you wanted to do it yourself, swap out ContainerEngine() with a new implementation based on calling out to Firecracker. You'll need some way to do disk volume management (grow, clone, shared, cross-machine? good luck!), snapshots, etc.
Thank you for your guidance! We were thinking about using Docker and eventually settled on Firecracker.
Also, an interesting project you got there. If you are interested, would it be possible to invite you over to our project Discord? Would love to hear more of your experience.
[1] https://en.wikipedia.org/wiki/Shikantaza
reply