John McBride

🧃 Introducing stereOS: a Linux based operating system hardened and purpose built for AI agents. It's clear that agents need an ACTUAL operating system (not what people are calling an "OS") to witness the full breadth and depth of their capabilities while mitigating the blast radius of autonomous, untrusted actors. But there are so many problems with AI sandboxes today: * Going out to the apple store and buying a mac mini will never scale and is way too expensive (obviously) * Running in Docker is too restrictive (agents can't stand up their own container infrastructure, no sub virtualization, docker-in-docker is very broken) * Firecracker strips all the hardware so GPU PCIe passthrough, secure boot, FIPs, etc. is out of the question. * Native VMs are too fat and the overhead of 1 agent per VM is too much. stereOS takes a different approach: it's a full NixOS system that you boot and then kick off agent sandboxes inside with gVisor + /nix/store namespace mounting. Each agent gets their own kernel and the /nix/store is read only by nature. Even if the agent was somehow able to escape the gVisor virtual kernel, they'd land on the NixOS system as the "agent" user! Not your actual hardware!! If you want to take a defense-in-depth approach, we support "native" agents that run at the system level kicked off by our `agentd` utility. These agents, on their own, can manage and kick off other sub agents using the internal sandboxing mechanisms. Today, we're open sourcing all of this: * stereOS: our purpose built Linux OS - github.com/papercomputeco… * masterblaster: client utility to launch, manage, and orchestrate agents - github.com/papercomputeco… * stereosd: the stereOS system control plane daemon - github.com/papercomputeco… * agentd: the stereOS system agent management daemon - github.com/papercomputeco… Give it a try, throw us a star, and let me know what you think 🧃⭐️

Finally, Astral Codex

@OpenAINewsroom @astral_sh openai buying astral is like watching your favorite local restaurant get acquired by a hotel chain

so we all using kitty now huh?

I have been working on Obsidian Reader for a over a year. I didn't want to share it until I felt it was good enough. It's finally there. Consistent formatting for any article. Outline, syntax highlighting, nice footnotes, adjustable typography. Runs locally. Just rules, no AI.

@ThePrimeagen Especially annoying/frustrating when you’re ACTUALLY working on an operating system for AI systems x.com/johncodes/stat…

the amount of times i have seen "operating system" describing tools that write code or use a texting app and a cron job is terrifying is this what Andreesen meant by retardmaxxing?

"...those models have been extracted. It's called a distillation attack, Eli. I have unfettered access to your model so I generate millions of exchanges and use the outputs as training data" "No, no, no, this is Claude, do you understand?" "Do you understand, Eli? That's more to the point. Do you understand? I eat your data. I eat your compute. I eat it all up"

i am here in the nix store

16x the detail

lmao who approved this, it makes zero sense.

would you still follow me if I was a worm (that could code)

@sneezuschrist The answer is rarely "just another subscription"

@johncodes We will just switch providers nbd why qq

I've experienced something that makes me want to stop all my AI agent coding use: 1) I see elevated "Overloaded" and 529 errors from Anthropic. 2) I check and, yes, Anthropic is down. I then legitimately feel like I can't do anything. Crippled. And before you reply "har har skill issue!", I'm ex-faang, have nearly 10+ years of experience building cloud and infra technologies, successfully exited a startup last year, and I maintain open source software you rely on every single day. And yet, I feel crippled when I can't rely on the big ol "agent do a thing" button. Over the last 2 months, building a new company with my co-founder, I've leaned in: like, REALLY leaned in. Probably 90% of what we've been shipping has been AI generated - it's not all perfect but it's been a really good way to go from 0 to 1 and get early validation in the market. But, if I can't rely on tokens, if I feel crippled by a lack of inference providers, where does that leave me? Have I outsourced my thinking and abilities to AI and, at worst, companies who want to sap my intelligence for a chance to keep me dependent? This is no different with open weight models on local hardware: what happens if a GPU falls of the rack (and trust me, this hardware dies all the time, back when we operated a whole T4 GPU inference RAG pipeline, these would die and get dropped from the cluster all the time)? Open weight models also aren't open source: I can't study the model or its training data, I can't reproduce it, I can't make modifications, ad the licensing is anything but free (as in freedom). This is like having an IDE that has a very very steep price to pay AND is dependent on cloud services to be "on". I don't think this is a good paradigm for the industry at large.

@jsr_nash > Get codex for backup on sub. You completely miss the point: so, now, to subsidize my intelligence, I need 2x or 3x the number of providers just in case one goes down?

@johncodes Get codex for backup on sub. You can't possibly run a business with a single point of failure. Codex is a bastard, but it's it's exceptionally good at coding... It audits all opus's work and always finds errors, and like I say, it's great as backup.

File over app File over app is a philosophy: if you want to create digital artifacts that last, they must be files you can control, in formats that are easy to retrieve and read. Use tools that give you this freedom. File over app is an appeal to tool makers: accept that all software is ephemeral, and give people ownership over their data. In the fullness of time, the files you create are more important than the tools you use to create them. Apps are ephemeral, but your files have a chance to last. The pyramids of Egypt contain hieroglyphs that were chiseled in stone thousands of years ago. The ideas hieroglyphs convey are more important than the type of chisel that was used to carve them. The world is filled with ideas from generations past, transmitted through many mediums, from clay tablets to manuscripts, paintings, sculptures, and tapestries. These artifacts are objects that you can touch, hold, own, store, preserve, and look at. To read something written on paper all you need is eyeballs. Today, we are creating innumerable digital artifacts, but most of these artifacts are out of our control. They are stored on servers, in databases, gated behind an internet connection, and login to a cloud service. Even the files on your hard drive use proprietary formats that make them incompatible with older systems. Paraphrasing something I wrote recently: > If you want your writing to still be readable on a computer from the 2060s or 2160s, it’s important that your notes can be read on a computer from the 1960s. You should want the files you create to be durable, not only for posterity, but also for your future self. You never know when you might want to go back to something you created years or decades ago. Don’t lock your data into a format you can’t retrieve. These days I write using an app I help make called Obsidian (@obsdmd), but it’s a delusion to think it will last forever. The app will eventually become obsolete. It’s the plain text files I create that are designed to last. Who knows if anyone will want to read them besides me, but future me is enough of an audience to make it worthwhile.

Great read. I’ve fallen into the “SPEC.md” trap many times: the thin abstraction often breaks down where execution speed is often what the gives you.

100% I'm fighting this currently: attempting to stand up EKS infra with sane terraform/kustomize for a prod and staging environment. Agents basically immediately wanted to introduce a ton of extra bloat trying to re-invent helm and carvel templating where just using modern kustomize with gitops suffices. TLDR: agents melt in the face of real need for simplicity.

im fully convinced that LLMs are not an actual net productivity boost (today) they remove the barrier to get started, but they create increasingly complex software which does not appear to be maintainable so far, in my situations, they appear to slow down long term velocity

the inside of my head as soon as someone starts explaining the rules to a card game:

vercel: here's this free and open apache 2 project cf: cool, i'm going to fork it vercel:

I predicted this back in October: we are not ready for the developer mental health crisis coming johncodes.com/archive/2025/1…