Why do you need to share anything? Code goes through GitHub - VM has it's own repo clone, if you need data files, you mount them read-only in the VM, have a read-write mount for output data.
I work every day in a remote node with an IDE. VS code has a really simple extension you can run a full ide with file system control in a remote server. Git clone your files, open up VS code.
A lot of people here are discussing the security challenges here. If you're interested I'm working on a novel solution to the security of these systems.
Basic ideas are minimal privilege per task in a minimal and contained environment for everything and heavy control over all actions AI is performing. AI can performs tasks without seeing any of your personal information in the process. A new kind of orchestration and privacy layer for zero trust agentic actions.
Redactsure.com
From this feed I figured I'd plug my system, would love your feedback! I beleive we are building out a real solution to these security and privacy concerns.
While the entire field is early I do believe systems like my own and others will make these products safe and reliable in the near future.
> Basic ideas are minimal privilege per task in a minimal and contained environment for everything and heavy control over all actions AI is performing.
The challenge is that no application on desktop is built around these privileges so there's no grant workflow.
Are you bytecode analysing the kernel syscalls an app makes before it runs? Or will it just panic-die when you deny one?
We're a zero trust cloud infra solution for power users.
It solves problems like prompt injection and secrets exposure. For host security you're right cloud is the only way to secure those heavily and one of the reasons we went that route with enclave attestation.
We offer a way for you to use AI agents without the AI provider ever able to see your sensitive information while still being able to use them in a minimized permission environment.
AI has a tough time leaking your credentials if it doesn't know them!
"Ads are not inevitable." is a pretty bold statement that really damages the argument. Mixing fundamental things like that in with Juicero prevents a good will discussion.
Ads are one of the oldest and most fundamental parts of a modern society.
Mixing obviously dumb things in with fundamental ones doesn't improve the point.
Here's a simple demo of Redactsure's browser system. Any AI agent now has the ability of using PII without that PII ever becoming a token within the LLM's context.
The AI can perform tasks on unmodified websites (no javascript) and reduces some of the big issues around prompt injection attacks as the PII is never actually in the context.
I'm building out a new concept around training AI computer use agents on real sensitive tasks without PII exposure. My first demo releasing soon is a dataset of AI agent with human assisted tasks on things like paying my personal credit card or doing bank transfers.
Main things:
1. I don't modify the website I operate on
2. I take full videos and record all AI agent logs and all human actions
3. I don't modify any of those logs and will release them to the public.
I am working towards a future where AI companies are paid to generate the data they need for AI agent operations instead of paying massive sums to generate synthetic data. Imagine a future where labeling companies are completely sidestepped by simply training on production tasks directly.
