Because many of us think simonw has discerning taste on this topic and like to read what he has to say about it, so we upvote his comments.

i don't doubt this. i just find it questionable that one particular poster always gets in the spotlight when AI is the topic - while other conversations in my opinion offer more interesting angles.

Upvote the conversations that you find to be more interesting. If enough people do the same, they too will make it to the top.

Parent implies there might be some "boosting" involved, in which case, "upvote the conversations that you find to be more interesting" wont change anything...

Not saying this is the case, but it's what the comment implies, so "just upvote your faves" doesn't really address it.

At a guess that's because my comment attracted more up-votes than the other top-level comments in the thread.

I generally try to include something in a comment that's not information already under discussion - in this case that was the link and quote from the original README.

It’s at the top because of upvotes. They don’t have an “if simonw: boost” branch in the code.

> the code is not public, so we can't know.

I feel like you're making this statement in bad faith, rather than honestly believing the developers of the forum software here have built in a clause to pin simonw's comments to the top.

> certain users' comments might get a preferential treatment

This does not happen. It hasn't even happened when pg made the forum in the first place.

I thought dang explicitly said it does happen? It certainly happens for stories.

Attention feeds attention.

Attention is ALL You Need.

HN goes through phases. I remember when patio11 was the star of the hour on here. At another time it was that security guy (can't remember his name).

And for those who think it's just organic with all of the upvotes, HN absolutely does have a +/- comment bias for users, and it does automatically feature certain people and suppress others.

> And for those who think it's just organic with all of the upvotes, HN absolutely does have a bias for authors, and it does automatically feature certain people and suppress others.

Exactly.

There are configurable settings for each account, which might be automatically or manually set—I'm not sure–, that control the initial position of a comment in threads, and how long it stays there. There might be a reward system, where comments from high-karma accounts are prioritized over others, and accounts with "strikes", e.g. direct warnings from moderators, are penalized.

The difference in upvotes that account ultimately receives, and thus the impact on the discussion, is quite stark. The more visible a comment is, i.e. the more at the top it is, the more upvotes it can collect, which in turn makes it stay at the top, and so on.

It's safe to assume that certain accounts, such as those of YC staff, mods, or alumni, or tech celebrities like simonw, are given the highest priority.

I've noticed this on my own account. Before being warned for an IMO bullshit reason, my comments started to appear near the middle, and quickly float down to the bottom, whereas before they would usually be at the top for a few minutes. The quality of what I say hasn't changed, though the account's standing, and certainly the community itself, has.

I don't mind, nor particularly care about an arbitrary number. This is a proprietary platform run by a VC firm. It would be silly to expect that they've cracked the code of online discourse, or that their goal is to keep it balanced. The discussions here are better on average than elsewhere because of the community, although that also has been declining over the years.

I still find it jarring that most people would vote on a comment depending on if they agree with it or not, instead of engaging with it intellectually, which often pushes interesting comments to the bottom. This is an unsolved problem here, as much as it is on other platforms.

There is a saying that if everyone you encounter seems to be unreasonable, maybe it isn't the other people that are being unreasonable.

This isn't to say that social media is fair, or that people vote properly or that any ranking system based on agreement by readers is a good one. However, generally when you are getting negativity communicated to you and you are seeing consistently poor results around actions you take, it is going to be useful to examine the possibility that there is a difference in how you perceive what you are doing vs how others do. In that case spending time trying to figure out ways in which you are being wronged so that you can continue in the same manner is going to be time wasted.

How are you getting persecution complex from what I said? If anything, your comment might be feeding that delusion. :)

My point is that HN definitely has certain weights associated with accounts, which control the karma, visibility, and ultimately discussion of certain topics.

This problem doesn't affect only negativity or downvotes, but upvotes as well. The most upvoted comments are not necessarily of the highest quality, or contribute the most to the discussion. They just happen to be the most visible, and to generally align with the feeling of the hive mind.

I know this because some of my own comments have been at the top, without being anything special, while others I think are, barely get any attention. I certainly examine my thinking whenever it strongly aligns with the hive mind, as this community does not particularly align with my values.

I also tend to seek out comments near the bottom of threads, and have dead comments enabled, precisely to counteract this flawed system. I often find quality opinions there, so I suggest everyone do the same as well.

An essential feature of a healthy and interesting discussion forum is to accomodate different viewpoints. That starts by not burying those that disagree with the majority, or boosting those that agree. AFAIK no online system has gotten this right yet.

You seem to be assuming that everything is organic and above board on here. That it's all just user/community stimuli, and if someone flies high well clearly it's great content, from which we can infer the reverse as well.

We don't have the source for HN, nor do we have the obvious bias metadata that the moderators have put in place, but simply paying attention betrays that manipulation mechanisms exist and are heavily utilized.

For instance I clearly have a "bad guy" flag on my account, and frequently see my highly rated comments sorted below literally greyed out comments. Comments older than mine, so it isn't just the normal "well newer comments get a boost", it's just that there is a comment "DEI" in place where some people get a freebie boost and some people get a freebie detriment. It's why often mediocre content and comments by the core group is always floating high.

And let me make it very clear that I do not care. I don't harbour any delusions about some tight community or the like, and HN is not important in my life or my ego. I also know that it's basically a propaganda network for YC (I mean...it's right in the URL), and good for them. It's their site and they can do anything they want with it.

I only commented because some people really think this place is a meritocracy+democracy. That isn't how it works, even if they really want people to think that.

No one is under the assumption that any social media space is going to be meritocratic or democratic. The assumption is that some percentage of users are manipulating it and the backend and admins are doing the same. It is an attention economy. I don't think anyone is naive about this. My comment was merely a take on the 'the video game controller is broken' excuse that everyone has when they need to cover for their ego. Sometimes the controller is broken, but it almost never is.

the security you mean is probably tptacek (https://news.ycombinator.com/user?id=tptacek)

Time flies and simonw his AI feedback isn't always received favorably, sometimes he pushes it too much.

New comments get a boost, and as such are frequently near the top just due to that. Frequent upvotes also boosts. There might be other factors.

However these things are dynamic and change over time. As I read the discussion just now, the GP comment was the ~5th top-level comment.

They aren't pinned, people just vote on them, and more so because simonw is a recognizable name with lots of posts and comments.

thanks for reminding me i need to follow his blog weekly again

We are running Sandboxes for AI Agents using Firecracker microVMS @ E2B

$1.5M seed bets, maybe. not $60M though

just from looking at it

on Linux it runs Firecracker: https://github.com/jingkaihe/matchlock/blob/main/pkg/vm/linu...

on macOS uses the Apple's Virtualization.Framework Go wrapper: https://github.com/jingkaihe/matchlock/blob/main/pkg/vm/darw...

nice - I was wondering about the cross-platform story. firecracker on linux for the isolation, virtualization.framework on mac so you don't need vmware.

very cool, if you want cross-platform microvms, there's an interesting project called libkrun that powers projects like Podman and Colima.

here's a Go binding: https://github.com/mishushakov/libkrun-go

demo (on Mac): https://x.com/mishushakov/status/2020236380572643720

Since when does libkrun power Podman? Last time I checked, Podman used non-virtualized containers based on `crun`.

(Though you can certainly configure Podman to use krun[0], which fires up a libkrun VM inside a crun container.)

[0]: https://github.com/containers/crun/blob/main/krun.1

OP may be referring to `podman machine` on macOS, which gives access to containers through a Linux VM via libkrun.

i think there’s a confusion around what use-case Monty is solving (i was confused as well). this seems to isolate in a scope of execution like function calls, not entire Python applications

agree. you still need a secure boundary like VM to isolate the tenants in case the model breaks out of the sandbox.

everything that you don’t want your agent to access should live outside of the sandbox.

best answer is probably to have a layered approach - use this to limit what the generated code can do, wrap it in a secure VM to prevent leaking out to other tenants.

there’s no way around VMs for secure, untrusted workloads. everything else, like Monty has too many tradeoffs that makes it non-viable for any real workloads

disclaimer: i work at E2B, opinions my own

As discussed on twitter, v8 shows that's not true.

But to be clear, we're not even targeting the same "computer use" use case I think e2b, daytona, cloudflare, modal, fly.io, deno, google, aws are going after - we're aiming to support programmatic tool calling with minimal latency and complexity - it's a fundamentally different offering.

Chill, e2b has its use case, at least for now.

There's been a constant stream of v8 VM sandbox escape discoveries since its dawn of course. Considering those have mostly existed for a long time before publication it's very porous most of the time.

And Python VM had/has its sandboxing features too, previously rexec and still https://github.com/zopefoundation/RestrictedPython - in the same category I'd argue.

Then there's of course hypervisor based virtualization and the vulnerabilities and VM escapes there.

Browsers use belt-and-suspenders approaches of employing both language runtime VMs and hardware memory protection as layers to some effect, but still are the star act at pwn2own etc.

It's all layers of porous defenses. There'd definitely be room in the world for performant dynamic language implementations with provably secure foundations.

> It's all layers of porous defenses.

Also known as the "swiss cheese model" in risk management.

part of why rexec is "historical" is that Guido was looking at some lockdown work and asked (twitter, probably?) the community to come up with attack ideas (on a specific more-locked-down-than-default proposed version.) After a couple of hours, it was clear that "patching the problems" was entirely doomed given how flexible python is and it was better to do something else entirely and stop pretending...

V8 itself is intended to be heavily sandboxed. Not through a microvm, but otherwise it's probably the most heavily sandboxed piece of code ever ie: in Chrome it can make virtually no system calls and runs with every restriction an OS can possibly provide and more and seccomp-bpf was basically invented for it.

Perhaps you're using v8 isolates, which then you're back into the "heavily restricted environment within the process" and you lose the things you'd want your AI to be able to do, and even then you still have to sandbox the hell out of it to be safe and you have to seriously consider side channel leaks.

And even after all of that you'd better hope you're staying up to date with patches.

MicroVMs are going to just be way simpler IMO. I don't really get the appeal of using V8 for this unless you have platform/ deployment limitations. Talking over Firecracker's vsock is extremely fast. Firecracker is also insanely safe - 3 CVEs ever, and IMO none are exploitable.

we’re not disagreeing here - i meant for general use-case VMs are better, for some application-specific calls Monty this might suffice.

although you’d still need another boundary to run your app in to prevent breaking out to other tenants.