We (Polish) have been raising an alarm about Russia since the first Chechen war and it took additional dozen+ years and a land invasion of a European country before countries in Western EU woke up.
Do you think they are going to be quicker reacting to danger from the other side?
I highly doubt it. EU is like a huge steam ship. It takes a lot of effort to turn it. But once it gets going good luck stopping it. This will have consequences for the EU-Us relations for the rest of this century.
I fact it is exactly what a Russian agent if he managed to become a president of US would do. A Putin's wet dream basically. Be hostile enough towards Russia to preserve appearances - seize a tanker or two, while undermining long term US and EU interests (the interests of these two are naturally aligned very well, it takes much more than an idiot to drive a wedge between them).
The thing is that the EU is a complex structure. The interests of countries such as Poland, Italy, Germany and Ireland differ wildly, which is why things are so slow to maneuver, politically speaking.
I always considered that the over reliance on US a weakness. It was comfortable because it postpones some difficult discussions (for example, in terms of defense and military spending it is completely bonkers for the EU to not act as a federal entity). Since this subject is thorny, it was alright to rely on the US for defense and just kick this can down the road.
The US becoming hostile at least forces the countries in the EU to face reality a little, and perhaps speed some things up (see for example the recent EU-Mercosur trade agreement).
The other factor is that both Russia and the US have people 'on the inside' in the EU governments. They bought them. They own them and they do what they are told.
>. It is not wild to think that if push comes to shove and US cut off Europe, then Europeans can just take control over those European data centers and restore access to GCP/AWS/Azure in Europe because these datacenters are on their soil and predominantly employing Europeans.
Good luck with that. Those systems are extremely interconnected. We should (and are) be building sovereign EU equivalents to not just cloud providers but also major services like google/ms 365 and so on.
EU need to start with own PC hardware factories first. And PC compatible designs. What is unlikely - on first sight of troubles they will buy everything from US. As all good 3rd Word countries do.
Does any of it actually work? Can you build that JS VM separately and run serious JS on it? That would be an accomplishment.
Looking at the comments and claims (I've not got the time to review a large code base just to check this claim) I get an impression _something_ was created, but none of it actually builds and no one knows what is the actual plan.
Did your process not involve recursive planning stages (these ALWAYS have big architectural error and gotchas in my experience, unless you're doing a small toy project or something the AI has seen thousands of already).
I find agents doing pretty well once you have a human correct their bad assumptions and architectural errors. But this assumes the human has absolute understanding of what is being done down to the tiniest component. There will be errors agents left to their own will discover at the very end after spending dozens of millions of tokens, then they will try the next idea they hallucinated, spend another few dozen million tokens and so on. Perhaps after 10 iterations like this they may arrive at something fine or more likely they will descent into hallucinations hell.
This is what happens when one of :the complexity, the size, or it being novel enough (often a mix of all 3) of the task exceed the capability of the agents.
The true way to success is the way of a human-ai hybrid, but you absolutely need a human that knows their stuff.
Let me give you a small example from systems field. The other day I wanted to design an AI observability system with the following spec:
- use existing OS components, none or as little code as possible
- ideally runs on stateless pods on an air gapped k3s cluster (preferably uses one of existing DBs, but clickhouse acceptable)
- able to proxy openai, anthropic(both api and clause max), google(vercel+gemini), deepinfra, openrouter including client auth (so it is completely transparent to the client)
- reconstruct streaming responses, recognises tool calls, reasoning content, nice to have ability to define own session/conversation recognition rules
I used gemini 3 and opus 4.5 for the initial planning/comparison of os projects that could be useful. Both converged on helicone as being supposedly the best. Until towards the very end of implementation it was found helicone has pretty much zero docs for properly setting up self hosted platform, it tries redirecting to their Web page for auth and agents immediately went into rewriting parts of the source attempting to write their own auth/fixing imaginary bugs that were really miscondiguration.
Then another product was recommended (I forgot which), there upon very detailed questioning, requesting re-confirmations of actual configs for multiple features that were supposedly supported it turned out it didn't pass through auth for clause max.
Eventually I chose litellm+langfuse (that was turned down initially in favour of helicone) and I needed to make few small code changes so Claude max auth could be read, additional headers could be passed through and within a single endpoint it could send Claude telemetry as pure pass through and real llm api through it's "models" engine (so it recognised tool calls and so on).
Yes, here in Poland 36 years later people still seriously argue the country would be much better if we hanged the communists off lampposts (like it was done in few other places).
There ws a great cost to a "peaceful transition". The entire judiciary was basically full of extremely corrupt people, half of the political class. Even today when the old judges are almost all gone the horrible culture they had still corrupts many younger ones (although today it is more towards incompetence and indifference rather than corruption).
Would it be better to have half a million (or possibly entire million if you count inevitable victims on the other side) die to avoid it? We are still paying the price.
There is an argument that had we sorted the communist problem successfully back then we wouldn't have politicians later that let themselves be corrupted by Putin into funding his army. And perhaps there would never be an invasion of Ukraine.
Or if we done away with the peaceful transition, the communists in other neighbouring countries would attempt to hold on to power with everything they got. Who knows.
"Should we have put 500,000 people to death?" sounds like pub conversation, to be frank. There are plenty of options between 'no repercussions for the old regime' and Rwanda.
>"Value is shifting to operations: deployment, testing, rollbacks, observability. You can't prompt 99.95% uptime on Black Friday. Neither can you prompt your way to keeping a site secure, updated, and running"
I've been doing exactly that since AI came out :-D
You absolutely can prompt your way to 3.5 nines of uptime (even more), but you need to know what you're doing and correct it.
Even very well aligned models like Opus will make traps for your infrastructure. For example you tell it to write a fluxCD implementation of some application, in your k8 cluster, following your conventions and best practices described in some md files. And it does this, very nicely. But unless you tell it in advance every detail it will do something extremely stupid mid way through.
For example, let's say you have a database and it needs to create a new instance (with gitops) for the app. It adds the new DB and it gets created, but instead of using a tool that already exists (or proposing one if it doesn't) to sync the DB access credentials from the DB na espace to the app namespace it will read the credential, encrypt it and store in the app namespace.
What's the problem with that? Well, none unless you rotate these credentials. In which case your app will stop working, possibly after you tested it and decided it's good enough to use seriously, despite having a HA DB.
There are a dozen things like this in each "ai project", but even with this. With the time needed to review everything it saves a lot of time.
The author meant that you can't just tell a model "do everything that is necessary to achieve 99.95% uptime". It can certainly help you brainstorm issues and solve them, but you can't "just" prompt it.
So wait, the solution for malicious spy ware installed by corporations like Meta is giving ownership of our devices (and consequently all our data) to corporations like Apple?
Got it.
And remember the consequences when Apple starts scanning all your photos and sends a SWAT team to arrest a father who took a picture of his son's rash and sent it to a doctor, because surely he was engaging in child abuse.
I rather have Meta steal info of the 100mln idiots that install their root kits on their devices than have Apple and Google do the same for Billions (with a B) to protect from the former.
Exactly. Also the smaller stupidity - inability to add your own root certificates to the system store.
In fact this is what led me to unlocking the bootloader, swapping the OS and rooting my phone. The infuriating situation where if you setup so called "corporate owner" (or mdm) during the first login you can add your own certificates, but if you don't... Basically the "corporate owner" of your phone is Google.
Yes, literally, you do not own it.
Also it is worth noting certain countries where "rooting/bootloader unlocking is illegal" - namely China and the horrible stupidity of people claiming EU Gdpr prevents manufacturers from offering simple bootloader unlocks for their phones.
We absolutely need to vote with our walkers. I bought a Samsung before and a Xiaomi recently only because both allow relatively simple unlock (ok the Xiaomi requires you to wait to press "request unlock" exactly at midnight Beijing time", and it only works for non-Chinese phones, but still unlocks fine.
While I agree with the sentiment I'm not sure this is actually viable.
For example here in Poland the previous govt invested in huge amount of software for digital govt services. From company formation, social insurance/heathcare (things like electronic prescriptions and patient data) to tax submission at all levels.
All of this is implemented using publicly documented open standards so anyone can write a client for these services, or anyone can use official Web clients, but none of the code is open source.
This is in contrast to previous governments that tried to implement all of this using proprietary standards where the companies hired were paid billions to deliver a system and they ended up owning the data exchange protocol and a client they distributed in binary only form. And they also profited from commercial software that implemented their proprietary protocols.
That worked (for the company hired)for taxes and they made billions. But for other stuff like medical, when they had no way to sell their proprietary standards they wasted billions and years of time and delivered nothing. Then subsequent govt threw the entire project out and built it on open standards.
So based on this experience I think using well documented open data exchange standards is much more important than software itself being open source.
Who cares the server side software is open source if you still can't submit your taxes with your own python script?
Well, not all, for example mObywatel was recently open-sourced (in a ridiculous way, but still).
I think you raise some important points. In my opinion, a lot of code funded by public money should be open-sourced, but it's not as clear-cut as some people believe. I'll use this comment to point out some of fallacies that people responding to you make:
>Also open source government code means other governments can fork it, overall lowering implementation costs, while still keeping code sovereignty.
This is completely unrelated. French government won't deploy a Polish public health management website just because they found it on Github. For projects of such magnitude you need deep mutual cooperation between both governments, and a lot of changes. Making the code open-source is the least important part, the code can be just shared privately.
In fact, there are many such European code, data and information sharing initiatives. There are meetings and conferences where countries can discuss this on a technical level. The code is shared, just not via public channels.
>The government - and taxpayers - should care that having closed-source software means they are tied to the company that wrote it forever, so changes and bugfixes will be much more expensive.
If a private company owns code used by government for critical purposes and can take the government hostage it's outrageous and taxpayers should riot. This probably happens[1], but most code is either written by government itself, or at least government owns the code and can switch contractors if necessary.
In particular, AFAIR the government code we're discussing right now was written by COI (~central informatics department), which is a public institution.
[1] For example, governments use Azure and GCP, even though - to me - it's clearly shortsighted. Fortunately there was a wake-up call recently, and it changes slowly.
>> Also open source government code means other governments can fork it, overall lowering implementation costs, while still keeping code sovereignty.
> This is completely unrelated.
This is an option which does sometimes happen. And there is motivation to make happen more often, at least for EU-wide services. And there is also the side that it's doesn't have to happen between countries, it could be also happen the local level, like between administration of cities in the same country. The main reasoning here is more about spreading awarness and building the mindset that sharing code on all levels and working together even on such internal tools, can be good and should be increased.
> French government won't deploy a Polish public health management website just because they found it on Github.
Some governments have also their own platforms, specifically for co-working on code accross administrations. They are usually not public for reasons.
> For projects of such magnitude you need deep mutual cooperation between both governments, and a lot of changes. Making the code open-source is the least important part, the code can be just shared privately.
You still have to put it under a licence when you are co-working, even when it's shared privatly. Open Source does not neccessaly mean that the source is automatically accessable to the whole world.
Because if everything the government does is open source by default, the standards will be open standards by default. You can then add non-default code (closed source) for some applications (health, military).
Also open source government code means other governments can fork it, overall lowering implementation costs, while still keeping code sovereignty.
So your argument here is that while the software can be open source, it matters less, if whatever the software does isn't actually an open standard? Wouldn't "being open source with own custom protocol" essentially be as open as "open source or not, but software implements open standards" anyways?
Especially for the use case they’re talking about. It makes sense to have open standards for something like filing taxes so many companies can compete.
Having source code for the tax system itself is interesting, but I think the market for “run software for processing incoming taxes for polish citizens” is exactly one.
Unless they expect pull requests, which could be fun, but as OSS maintainers know, it’s a ton of work and boy would there be a ton of spam on something like this.
Many protocols (even open) are complex, and partially undocumented.
It would be nice to have both (open source and open protocol), but I kind of agree that if we should push for one, an open (decently explained) standard will probably be easier, simpler and with longer term impact, not to mention the interoperability benefits between countries.
"Who cares the server side software is open source if you still can't submit your taxes with your own python script?"
The government - and taxpayers - should care that having closed-source software means they are tied to the company that wrote it forever, so changes and bugfixes will be much more expensive.
> Who cares the server side software is open source if you still can't submit your taxes with your own python script?
The management, the government and the eventually the tax payers.
If the government wants to add a small change to the tax code, if it's not an open source software, they'd have to hire the same company that wrote it in the first place. That's when the companies tend to jack up the prices to crazy numbers.
I have personally witnessed companies winning the initial government contracts by undercutting everyone and then charging them 10X for even the tiniest of modifications. Some times the companies even flat out reject the future contracts because they are stuck with a better project elsewhere and the government is stuck with useless old binary.
If the server side software is open source, depending on the policy, you can also submit your changes to that software that lets you submit your taxes with your own python script.
I think it can be a reasonable assumption that the government has access to the code, while it is not being open to the public.
There is a difference between "visible to everyone" (i.e. open source) and "visible to selected parties".
Having a different company do contract work does not require the source to be open, it just requires that the government owns it (as they get to choose what to do with it then).
Also, if no company is on a payroll because they are stuck with better projects, what makes you think someone that is not familiar with the code base would accept a merge request from an unknown party? Or if it was accepted, what makes you think this wouldn't immediately be abused to create loopholes and vulnerabilities?
> If the government wants to add a small change to the tax code [...] they'd have to hire the same company that wrote it
This is a very strange statement and you probably have some specific situation in mind that isn't really representative.
Normally when you hire people to write your code they do a work for hire, unless your contract says otherwise, you own the rights. There are some minor exceptions, typically for countries that treat commercial and artistic copyright differently, but that's it. I've been hired to add changes to people's software thousands of times, and it's never been on the table that I get some kind of ownership of their source code.
The license said source code is under is completely irrelevant. Especially in this question of tax authorities. That source code is normally not under some public license at all because it's their internal processes anyway, they may change at any time and the employ a number of programmers to do so. Plus a handful of consultants.
I think this is a very good indicator US has been transitioning away from democracy towards something else for quite a while and now it has reached a point where no justification for an illegal war is even required.
After the Iraq war we(US allies that were dragged into this war by a bunch of lies) felt like this was very bad, but it was a blunder of one administration and the trust in the US as a whole was going to be restored.
> After the Iraq war we(US allies that were dragged into this war by a bunch of lies) felt like this was very bad, but it was a blunder of one administration and the trust in the US as a whole was going to be restored.
I don't understand how people can be this naive. It's the only thing the US has ever done for the entirety of it's existence! How did you miss that?
Do you think they are going to be quicker reacting to danger from the other side?
I highly doubt it. EU is like a huge steam ship. It takes a lot of effort to turn it. But once it gets going good luck stopping it. This will have consequences for the EU-Us relations for the rest of this century.
I fact it is exactly what a Russian agent if he managed to become a president of US would do. A Putin's wet dream basically. Be hostile enough towards Russia to preserve appearances - seize a tanker or two, while undermining long term US and EU interests (the interests of these two are naturally aligned very well, it takes much more than an idiot to drive a wedge between them).
reply