> Sure, there are some protections like “you can’t record the screen without the user granting explicit permission”,

Are there? Any app on Windows screenshot and access camera, microphone, whatever. Aren't permissions for Windows Store-style apps only?

Me neither. I would maybe run them in a VM but don't use them at all right now

Would be cool to run them in freebsd jails

I do, it's called embracing the future - Either get with it or get out of the game. If you aren't giving your AI untethered sudo access then honestly its more of a reflection on you and your inability to accept change in the workplace.

I must be out of the loop, I didn't know people were actually doing this in their workflow. When I do use LLMs, it's in a separate app, where I can cherry pick what I input and output at my own pace.

Maybe I'm naive, but the ever-increasing tradeoffs for even more velocity does not seem worth it.

I want AI agents controlling my laptop. And not only AI. There are lots of cool software programs I want on my laptop besides AI too. The problem is not AI, the problem is the awful security model that is the foundation of all modern operating systems.

I don’t understand the author’s complaint - are the AI agents forcibly installing themselves on your computer? Are they shipping these agents without settings to change permission seeking behavior?

This is just a rant about something you absolutely don’t have to do

It's really a question of whether you want a deterministic machine or a probabilistic one.

Depends on the use case, really.

bwrap.

I don't run AI, but anything I don't fully trust 200% runs without access to my home, and if it doesn't really need internet without internet either. bwrap commands can be a mouthful so I suggest making a script for things you commonly do, e.g. "run with this directory as $HOME" or "run with empty home, keeping just this directory as is", with a couple of flags to enable networking or wayland/sound... Once you have this there really is no benefit to not sandboxing. It's probably not as good as running in a full VM, but it's good enough for me.

I think we're at 3rd wave AI and it's got a RPM of maybe 20-40. In a year or two we'll be at 900 RPM and having the user give permissions won't really be feasible. So perhaps a secondary AI prompt will "validate" the request for you - we're only going in this direction.

Sure, comment on the time we're at, but it won't be relevant for a while.

What about buying a dedicated machine for running agents? One macbook for agents and one for personal/private work plus a good KVM switch maybe or remote desktop.

2004 me and my friends: "I don't want all my public information online."

GenZ; publishes every possible detail on TikTok.

In 20 years we've done a cultural 180 on privacy.

I bet in 20 years Gen5 (three generations from now?) will be fine with AI agents running their lives.

Meanwhile I'll be 80 and still not on social media, just message boards like HN. Using new frequent accounts and changing my wirting style to defeat stylometrics (sorry dang).

What I've been doing is running an agent inside a locked down k8s environment. Agents are spun up by operator, and have access to a single namespace.

It's not perfect, as container escape is not entirely unlikely.

I am working in a future version where all agents run inside firecracker VMs, log all actions logged externally.

With Kubernetes it's like having a bunch of virtual employees making git commits, firing up name-spaced ephemeral resources and collaborating like "remote" employees. It's certainly fun, but I haven't quite polished it to the point where I recommend this architecture to anyone.

>modern desktop operating systems are not really designed for strong security boundaries

I agree, I do not want AI anywhere near my Laptop. But there are Operating Systems that do not and probably never be controlled by "AI".

The quote above is curious, there are OSs with strong security. OpenBSD is touted as one, plus there is Linux and other BSDs, which can be configured to be far more secure than the operating systems the article is referring to.

I want ai agents controlling my laptop, my desktop and my phone. I'm tired of doing everything manually. These personal devices should be brimming with intelligence, anticipating my every move, offering to complete my tasks, touching up photos and videos automatically, having a perfect memory and awareness of my online and offline life. I think the real barrier right now is cost. But i can't wait to get to that future.

Example: sometimes i start working on a thing on my laptop in the living room, realise I would rather finish it on the desktop. My laptop has a camera, the desktop has a webcam, my phone has multiple cameras. An ai agent should be monitoring all these and more sensors and my laptop screen and be able to deduce that I want to continue on the desktop. By the time I reach the desktop it should be awake, and in the same state I left off on the laptop.