You're good. The relevant advice in article is to not reuse keys for encryption and auth.
Encrypting password manager database with a passkey or other authentication key on one of those yubikeys would be the mistake. Encrypting it with a separate dedicated key (or passphrase) on the same yubikey in parallel to its passkeys is fine.
Thermals. Your workloads will be throttled hard once it inevitably runs hot. See comments elsewhere in thread about why LLMs on laptops like MBP is underwhelming. The same chips in even a studio form factor would perform much better.
To your point, one can get a great performance boost by propping the laptop onto a roost-like stand in front of a large fan. Nothing like a cooling system actually built for sustained load but still.
OpenAI and sama are literally sauing they are fine with facilitating (and even performing) any scale of killing and surveillance as long as they're not held accountable.
My point is that they have far more knowledge about what the product is capable of and where its limitations lie than the government. A company expressing doubt that their product can be used safely for a given task even knowing the risk to their ability to make a sale for that exact purpose is far more trustworthy than potential buyer who claims they understand but also refuse to agree not to use it for that. I know this isn't a universally popular opinion, but I wish more companies acted responsible by not trying to maximize profits at the expense of social good.
I don't understand any interpretation of this whole saga that claims that Anthropic was acting selfishly here. I could at least understand (but would vehemently disagree with) a claim that it's bad for them not to be trying to sell something that they genuinely did not think was safe for the task it was being purchased for, but the idea that they're somehow "imposing" morals on the others is nonsensical to me. If anything, I'd expect that trying to sell a complex software system for a purpose it's unfit for might even receive scrutiny for potential fraud in a more healthy regulatory environment.
The relevant (unanswered?) question for this thread is who's operating and managing that deployment, and to what extent provider (or subcontracted FDEs) is involved in integrations. I would be surprised to learn of deployment actually being independently operated. Sure the machinery can be considered a product but associated service- and support engagements are at least as relevant to take into account.
reply