As a teenager I found this video on the Windows 95 CD without context and for some time after I thought that Weezer was a 60's band that just had a style way ahead of their time.
Protobuf has far better ergonomics than ASN.1. ASN.1 is an overcomplicated design-by-committee mess. Backwards compatibility in particular is much harder.
I don't doubt your experience, but with X.509 having evolved substantially, and ASN.1 on billions (if not tens of billions) of devices, in practice it seems OK. And it was formally verified early.
ASN.1 on billions of devices doesn’t make it less of an anti-ergonomic, design-by-committee piece of crap. Unless your goal is to be binary-compatible with these devices, one should be free to explore alternatives.
By all means, keep using it, but it might be worth figuring out why other people don’t. Hint: it’s not because they’re more stupid than you or are looking to get promoted by big G.
(Personally, I like the ideas and binary encoding behind Capn Proto more than all the alternatives)
One of the advantages of of protobuf I never see anyone highlight is how neat and well-designed the wireformat is, in terms of backward/forward compatibility and lowlevel stuff you can do with it. Very useful when building big and demanding systems over time.
For high performance and critical stuff, SBE is much more suitable, but it doesn't have as good of a schema evolution story as protobuf.
I mean... I don't like it either but this is pretty standard stuff and it's obvious why they're doing it.
Claude, ChatGPT, Gemini, and Grok are all more or less on par with each other, or a couple months behind at most. Chinese open models are also not far behind.
There's nothing inherent to these products to make them "sticky". If your tooling is designed for it, you can trivially switch models at any time. Mid-conversation, even. And it just works.
When you have basically equivalent products with no switching cost, you have perfect competition. They are all commodities. And that means: none of them can make a profit. It's a basic law of economics.
If they can't make a profit, no matter how revolutionary the tech is, their valuation is not justified, and they will be in big trouble when people figure this out.
So they need to make the product sticky somehow. So they:
1. Add a subscription payment model. Once you are paying a subscription fee, then the calculus on switching changes: if you only maintain one subscription, you have a strong reason to stick with it for everything.
2. Force you to use their client app, which only talks to their model, so you can't even try other models without changing your whole workflow, which most people won't bother to do.
These are bog standard tactics across the tech industry and beyond for limiting competitive pressure.
Everyone is mad about #2 but honestly I'm more mad about #1. The best thing for consumers would be if all these model providers strictly provided usage-based API pricing, which makes switching easy. But right now the subscription prices offer an enormous discount over API pricing, which just shows how much they are really desperate to create some sort of stickiness. The subscriptions don't even provide the "peace of mind" benefit that Spotify-like subscription models provide, where you don't have to worry about usage, because they still have enforced usage limits that people regularly hit. It's just purely a discount offered for locking yourself in.
But again I can't really be that mad because of course they are doing this, not doing it would be terrible business strategy.
I'm not "mad", I'm "sad" -- because I was very much on "Team Anthropic" a few months ago ... but the tool has failed to keep up in terms of quality.
If they're going to close the sub off to other tools, they need to make very strong improvements to the tool. And I don't really see that. It's "fine" but I actually think these tools are letting developers down.
They take over too much. They fail to give good insights into what's happening. They have poor stop/interrupt/correct dynamics. They don't properly incorporate a basic review cycle which is something we demand of junior developers and interns on our teams, but somehow not our AIs?
They're producing mountains of sometimes-good but often unreviewable code and it isn't the "AI"'s fault, it's the heuristics in the tools.
So I want to see innovation here. And I was hoping to see it from Anthropic. But I just saw the opposite.
There is so much low-hanging fruit in the tooling side right now. There's no way Anthropic alone can stay ahead of it all -- we need lots of different teams trying different things.
I myself have been building a special-purpose vibe-coding environment and it's just astounding how easy it is to get great results by trying totally random ideas that are just trivial to implement.
Lots of companies are hoping to win here by creating the tool that everyone uses, but I think that's folly. The more likely outcome is that there are a million niche tools and everyone is using something different. That means nobody ends up with a giant valuation, and open source tools can compete easily. Bad for business, great for users.
Yep. And in a way this has always been the story. It's why there's just so few companies making $$ in the pure devtooling space.
I have no idea what JetBrain's financials are like, but I doubt they're raking in huge $$ despite having very good tools & unfortunately their attempts to keep abreast of the AI wave have been middling.
Basically, I need Claude Code with a proper review phase built in. I need it to slow-the-fuck-down and work with me more closely instead of shooting mountains of text at me and making me jam on the escape key over and over (and shout WTF I didn't ask for that!) at least twice a day.
IHMO these are not professional SWE tools right now. I use them on hobby projects but struggle to integrate them into professional day jobs where I have to be responsible in a code review for the output they produced.
And, again, it's not the LLM that's at fault. It's the steering wheel driving it missing a basic non-yeet process flow.
> Basically, I need Claude Code with a proper review phase built in. I need it to slow-the-fuck-down and work with me more closely instead of shooting mountains of text at me and making me jam on the escape key over and over (and shout WTF I didn't ask for that!) at least twice a day.
It sounds like you want Codex (for the second part)
Try plan mode if you haven't already. Stay in plan mode until it is to your satisfaction. With Opus 4.5, when you approve the plan it'll implement the exact spec without getting off track 95% of the time.
It's fine, but it's still "make big giant plan then yeet the impl" at the end. It's still not appropriate for the kind of incremental, chunked, piecework that's needed in a shop that has a decent review cycle.
It's irresponsible to your teammates to dump very large giant finished pieces of work on them for review. I try to impress that on my coworkers, and I don't appreciate getting code reviews like that for submission, and feel bad if I did the same.
Even worse if the code review contains blocks of code which the author doesn't even fully understand themselves because it came as one big block from and LLM.
I'll give you an example -- I have a longer term bigger task at work for a new service. I had discussions and initial designs I fed into Claude. "We" came to a concensus and ... it just built it. In one go mainly. It looks fine. That was Friday.
But now I have to go through that and say -- let's now turn this into something reviewable for my teammates. Which means basically learning everything this thing did, and trying to parcel it up into individual commits.
Which is something that the tool should have done for me, and involved me in.
Yes, you can prompt it to do that kind of thing. Plan is part of that, yes. But planning, implement, review in small chunks should be the default way of working, not something I have to force externally on it.
What I'd say is this: these tools right now are are programmer tools, but they're not engineer tools
i think the review cycles weve been doing for the past decade or two are going to change to match the output of the LLMs and how the LLMs prefer to make whole big changes.
i immediately see that the most important thing to have understand a change is future LLMs more than people. we still need to understand whats going on, but if my LLM and my coworkers LLM are better aligned, chances are my coworker will have a better time working with the code that i publish than if i got them to understand it well but without their LLM understanding it.
with humans as the architects of LLM systems that build and maintain a code based system, i think the constraints are different, and that we dont ahve a great idea on what the actual requirements are yet.
it certainly mismatches with how we've been doing things in publishing small change requests that only do a part of a whole
I think any workflow that doesn't cater to human constraints is suspect, until genAI tooling is a lot more mature.
Or to put it another way -- understandable piecemeal commits are a best practice for a fundamental human reason; moving away from them is risking lip-service reviews and throwing AI code right into production.
Which I imagine we'll get to (after there are much more robust auto-test/scan wrap-arounds), but that day isn't today.
Well, if the plan is large, it splits into stages and asks if it needs to continue when it's done with a stage. This is a good time to run `git diff` and review changes. You review this code just like you would review code from your coworker.
(Also, Kenton, I'd add that I'm an admirer more broadly of your work, and so if by chance you end up creating some public project commercial or open source in the general vein we're talking about here, I'd love to contribute)
Well, no. It just means no single player can dominate the field in terms of profits. Anthropic is probably still losing money on subscribers, so other companies "reselling" their offering does them no good. Forcing you to use their TUI at least gives them control of how you interact with the models back. I'm guessing but since they've gone full send into the developer tooling space, their pitch to investors likely highlights the # of users on CC, not their subscriber numbers (which again, lose money). The move makes since in that respect.
Well, yes. When competition is "pure and perfect" then profits eventually tend to be zero. That's a law of economics that is always true regardless of the industry.
> The best thing for consumers would be if all these model providers strictly provided usage-based API pricing
Using openrouter myself I find the costs of APIs to be extremely low and affordable? I don't send the whole codebase to every question, I just ask about what I need, and everything is actually ridiculously cheap? $20 lasts about 3 months.
I tried to plug CC on my OpenRouter account, and just asking it what my project was doing (a directory containing three .sh of around 100 LOC each), I saw like 20 API requests to OpenRouter accounting for almost $1 in total.
Meanwhile copy/pasting those shells in OpenRouter's Chat and asking the same question resulted in a single API request costing a tenth of a cent.
I could probably try tuning everything to keep costs down, but idk if it's worth the efforts.
I don't actually think Claude Code is very good and this is exactly why. It's not really optimized to use its tools efficiently. I think Cursor probably does a better job of that but I imagine all of these coding assistants will come with some form of local tooling support in the way of vector DBs etc one day.
I have not had the same experience. I pay 10 dollars a month for GitHub Copilot, where I get to use Claude Sonnet 4.5.
I tried the same with OpenRouter and I used up 2.5 dollars in a day using Sonnet 4.5. Similar use on copilot has could maybe make me use 10% of my quota (and that's being generous for OpenRouter).
I think GitHub Copilot is way more affordable than OpenRouter.
What I wrote is accurate. You are referring to a line that goes out of the city to elgin, a tiny town, that is the only part with two tracks. The part that serves the Austin area has only one line and is as I described. Hey what do I know I just lived next to it for 4 years, and drove to work even though I could walk to the train because of how terrible it is and would add 1-2hrs to my commmute.
I'm describing the red line which goes from downtown to Leander. (The one I linked to.) If you're describing some other line then sorry for the confusion, I didn't actually know there was another rail line. There are plans to build a green line to Elgin but AFAIK that's still under construction.
The red line is mostly single-track, but there are several specific segments of dual-track allowing trains to pass each other, which is why they're able to support multiple trains in both directions.
It's still a crappy schedule -- even during rush hour it's still no more than two trains an hour. Supposedly they intend to start running it every 15 minutes once they add some more dual-track segments.
I submitted this "fact" and it is indeed a true story, exactly as you said.
The "global protobuf db" had comments all over it saying it's not intended for production-critical tasks, and it had a lot of caveats and gotchas even aside from being built by Jeff's desktop, but it was so convenient that people naturally ended up using it anyway.
There was a variant of this that occurred later. By that time there might not have been a dependency on Jeff's workstation anymore, but the DB, or at least one of its replicas, was getting copied to... /gfs/cg/home/sanjay/ — I don't believe it was Jeff this time. At some point, there was a very long PCR in the Oregon datacenter, perhaps even the same one that happened a few weeks after the 2011 Fukushima disaster. With the CG cluster powered off for multiple days, a bunch of stuff broke, but in this case the issue might have been solved by dumping the data and/or reading it from elsewhere.
Hey! I created Jeff Dean Facts! Not the jokes themselves, but the site that collected them.
It was in 2008 I think (give or take a year, can't remember). I worked at Google at the time. Chunk Norris Facts was a popular Internet meme (which I think later faded when he came out as MAGA, but I digress...). A colleague (who wishes to remain anonymous) thought the idea of Jeff Dean Facts would be funny, and April 1st was coming up.
At the time, there was a team working on an experimental web app hosting platform code named Prometheus -- it was later released as App Engine. Using an early, internal build I put together a web site where people could submit "facts" about Jeff Dean, rate each other's facts on a five-star scale, and see the top-rated facts. Everything was anonymous. I had a few coworkers who are funnier than me populate some initial facts.
I found a few bugs in Prometheus in the process, which the team rapidly fixed to meet my "launch date" of April 1st. :)
On the day, which I think was a Sunday, early in the morning, I sent an email to the company-wide "misc" mailing list (or maybe it was eng-misc?) from a fake email address (a google group alias with private membership), and got the mailing list moderator to approve it.
It only took Jeff an hour or two to hack his way through the back-end servers (using various internal-facing status pages, Borg logs, etc.) to figure out my identity.
But everyone enjoyed it!
My only regret is that I targeted the site specifically at Jeff and not Sanjay Ghemawat. Back then, Jeff & Sanjay did everything together, and were responsible for inventing a huge number of core technologies at Google (I have no idea to what extent they still work together today). The site was a joke, but I think it had the side effect of elevating Jeff above Sanjay, which is not what I intended. Really the only reason I targeted Jeff is because he's a bit easier to make fun of personality-wise, and because "Jeff Dean Facts" sort of rolls off the tongue easier that "Sanjay Ghemawat Facts" -- but in retrospect this feels a little racist. :(
My personal favorite joke is: Jeff Dean puts his pants on one leg at a time, but if he had more than two legs, you'd see his approach is actually O(log n).
Hi Kenton! No worries at all. I tend to be quieter than Jeff anyway (less public speaking etc.) and I am happy to not have a dedicated website. :-). -Sanjay
You are both legends. Your original MapReduce paper is what inspired me to work for Google (2006-2009), narrowly dodging a career as a quant on Wall Street.
Hi Kenton! I was the recent grad you handed this web app off to after you built it, so I expanded Jeff Dean Facts so that anyone could create and rate facts about anyone at Google :). There were a ton of team in-jokes added before I stopped working on it - O(5k) IIRC! :)
This web app was also how I learned the pain of maintaining a live web service with a lot of ever-changing dependencies. How I sighed when the AppEngine version changed and I had to fix things again...
I handed it off again before I left Google but I have no memory of who that was to unfortunately :(.
I just searched Moma, and your note about it going down is the most recent update on this front. Interestingly though, it looks like Moma itself has a custom SERP renderer for Jeff Dean facts that came up when I searched. The example fact that came up was hilarious, but I guess I shouldn't share it on public HN.
I’m no expert, but I certainly wouldn’t call that racism. Bias, absolutely. And it’s important that we acknowledge our biases.
But in a more literal sense, the chance of your joke landing was likely higher due to the things that you stated and due to your audience and their biases.
I don’t see your joke as being in any way harmful towards Sanjay aside from potential knock on effects of Jeff Dean being more popular. But if you try to calculate every second and third order consequence of everything that you do, let alone any moments of humor you might have.. Well, you might as well lock yourself in a cell now.
> I don’t see your joke as being in any way harmful towards Sanjay aside from potential knock on effects of Jeff Dean being more popular
I mean… yeah. When two people are peers and comparably well regarded, and one is elevated above the other and enjoys increased popularity, familiarity, and respect, and the elevation is because that person's name comes from a culture that is more aligned with the dominant culture and easier for them to engage with… that is a pretty textbook example of systemic racism.
I'm not at all saying this to demonize Kenton. We can make mistakes and reflect on them later, and that's laudable. But it is important to recognize these systems for what they are, so that we can notice them when they happen all around us every day.
I find the assumption that Jeff Dean sounded better with these jokes because it sounds American to be a bigger issue than immediately acknowledging that it’s probably because it’s less syllables. These type of jokes are rapid fire and a lengthy name just fits better whether it’s ‘Jeff Dean’ or ‘Neel Patel’.
I don't think it's really fair to call it racism. That is such a loaded accusation to levy today that it should only be used if someone really wronged another person.
We all have cultural biases and familiarities, is that wrong? By this definition, we're all racist. Maybe that's true but it kind of ceases to be a useful distinction at that point. I wholeheartedly agree with your last sentence, but I don't know if throwing around the r-word is helpful.
> By this definition, we're all racist. Maybe that's true but it kind of ceases to be a useful distinction at that point.
Does it? I would argue that recognizing that we all swim in a soup of cultural biases and familiarities that advantage some people and disadvantage others is a noteworthy insight, an insight with practical implications. After all, we aren't volitionless molecules bouncing off walls. What if we made an effort to observe these biases more closely, to study there effects, and to better understand the way they effect our own behaviour? Then, what if we made an effort to counteract these biases, first in our own behaviour and then in our communities?
> After all, we aren't volitionless molecules bouncing off walls.
Are we not?
The free will debate aside, I think what you said makes a lot of sense, and comes across as empathetic, and you didn't need to use that word. I just think it's too loaded, aggressive, and broad to be very useful as a shorthand for the more complex thought you expressed.
I understand where you're coming from. It doesn't feel like such a heavy word to me because I know it's ubiquitous. It's like germs. I don't like germs, but I know they're everywhere, so I'm not scandalized at the implication that germs might be on my hands or food. At the same time, I am repulsed by reckless disregard for sanitation.
I see. I hadn't thought of it from a perspective of dominant culture. Looking at it that way, it can appear racist.
I looked at it from the perspective of syllable count. Jeff Dean is easier to say by that measure. If Jeff were instead named Alexander Chesterton, would he still be the obvious choice to head the facts? My takeaway from this is that a single-syllable name is perhaps a great boon.
I'm not calling myself Hitler here, I think it was a mild offense. But in retrospect the site could have been about both of them, with competing facts, and that could have been really cool. Oh well.
> that is a pretty textbook example of systemic racism.
It’s not “racism.” There’s plenty of Indians with names that are easy for English speakers. Conversely, the same situations would’ve presented itself if the other person was any sort of white Eastern European.
In fact, calling this “racist” is itself racist. I have close friends with family names from Poland or Croatia where we don’t even try to pronounce their names correctly. Nobody feels bad about that. But for some reason if it’s a “brown person” we’re suddenly super sensitive about it. That is differential treatment based on race.
People get awkward about how to pronounce my name because I’m brown. But it’s hard to pronounce because it’s misspelled Germanic! They wouldn’t act that way if I was a white guy with the same name.
As the world's foremost expert about what happened in my head, do I get to, like, pick a winner here?
If so I pick tczMUFlmoNk, I think their description is accurate. (I think you might want to re-read it as it feels like you are responding to something else.)
If I don't get to pick, this is quite weird! "People on Hacker News tell me I'm wrong about my own thoughts." was not on my -- actually wait, that doesn't sound unexpected at all now that I write it out! OK, carry on.
You wrote what your thoughts were. I’m just weighing in on whether your thoughts are “racist.” To the extent you feel sensitive about the issue because someone has darker skin, where you probably wouldn’t have written that part of the post if the other guy were Polish, that’s racist. It’s racist to treat people differently based on skin color, even if you’re well intentioned about it.
1. The original choice: Kenton picked "Jeff Dean" because the name was more familiar/rhythmic in English. This wasn't about skin color, it was about name patterns. You're right that a Polish surname could have the same issue, and in that, you're demonstrating complete understanding of the issue at hand.
2. The reflection afterward: Recognizing that name-familiarity advantages systematically correlate with certain cultural backgrounds more than others isn't "differential treatment based on skin color", it is observing a statistical pattern in outcomes.
And here's the key point: given Kenton's explanation, they are indicating they would reflect the same way if Sanjay had been Polish with an unfamiliar surname. You're arguing with Kenton about what Kenton thinks and could think... while Kenton is right here. At some point you have to engage with what he's actually saying rather than insisting you understand his mind better than he does.
Yes, I actually do think if Sanjay Ghemawat were instead Wojciech Przemysław Kościuszko-Wiśniewski, white European but otherwise an equal engineer, and I chose to elevate Jeff Dean over him, I would later feel equally bad about it.
(Which again to be clear I'm am not riven with guilt here, I just think maybe given another chance I would have made it about both of them.)
What you said was “in retrospect this feels a little racist.”
Obviously what’s in your head specifically is idiosyncratic to you. But the feeling you’re having certainly happens more generally, and is based on general social understandings. That’s what I’m commenting on.
If I say, “this feels a little rude,” isn’t it fair for people to chime in as to whether it’s actually rude by reference to general social standards?
If I said I'd done something rude and people then argued with as much fervor about whether I'd actually been rude as they are arguing here, I would actually find it pretty weird.
I feel like most of us understand roughly what 'kentonv means. He unconsciously put Sanjay in an out-group and feels bad about it. I for one comment Kenton for owning up to it. It's a hard thing to do.
For what it's worth, I personally regard Sanjay in just as much awe as Jeff and understand that the meme is just an Internet meme and nothing more.
That's the ironic thing too... honestly, while I couldn't say that one or the other is a better engineer... I would say I personally identified more with Sanjay's approach and style.
> I feel like most of us understand roughly what 'kentonv means. He unconsciously put Sanjay in an out-group and feels bad about it.
But do you feel bad about it because he's brown and you wouldn't think twice about it if he were white? Frankly, the heightened sensitivity feels worse to me than actual racism.
> Yes, I actually do think if Sanjay Ghemawat were instead Wojciech Przemysław Kościuszko-Wiśniewski, white European but otherwise an equal engineer, and I chose to elevate Jeff Dean over him, I would later feel equally bad about it.
You need to take a breath, read what people write, and stop trying to win the argument.
Re Jeff and Sanjay - they recently were on Dwarkesh together I believe - so it looks like the partnership is still going strong. Regarding Dean over Ghemawat facts, the vibe from the convo is that Sanjay is the (very slightly) junior partner of the two, or at least he lets Jeff do more of the talking. Very, very nice vibes hearing them talk, and their war stories are clearly nuts.
The one thing I noticed when I worked near Jeff and Sanjay and talked to them over coffee is that Jeff is the smart one, but Sanjay is the wise one.
Jeff always had an idea how to make something a bit faster using a clever trick, but Sanjay would respond by coming up with how to express the abstraction in a way that other mortals could comprehend, or just telling Jeff it wasn't a good idea because it would make things more difficult to maintain.
Jeff was also prone to dad jokes, Sanjay's humor was far more subtle. Both were awesome to talk to and one of my proudest moments was when Jeff read a document proposal I wrote ("Google should get involved in Genomics Research and Drug Discovery") and took it seriously.
At the time I first got involved, Google Health was still a thing but it was clear it was not going to be successful. I felt that Google's ML (even early on, they had tons of ML, just most of it wasn't known externally) was going to be very useful for genomics and drug discovery.
Verily was its own thing that was unrelated to my push in Research. I think Larry Page knew Andy Conrad and told him he could do what he wanted (which led to Verily focusing on medical devices, which is a terrible industry to be in). They've pivoted a few times without much real success. My hope is that Alphabet sheds Verily (they've been trying) or just admit it's a failure and shut it down. It was just never run with the right philosophy.
Calico... that came out of Larry and Art Levinson- I guess Larry thought Art knew the secret to living forever and by giving him billions Art would come up with the solution to immortality and Larry would have first access to it. But they were ultra-secretive and tried to have the best of both worlds- full access to Google3 and borg, but without Googlers having any access to calico. That, combined with a number of other things, have led Calico to just be a quiet and not very interesting research group. I expect it to disband at some point.
Isomorphic is more recent than any of the stuff I was involved in, and is DeepMind (specifically Demis's) attempt to commercialize their work with AlphaFold. However, everybody in the field knows the strategy of 1. solve protein structure prediction 2. ??? 3. design profitable drugs and get them approved... is not a great strategy because protein structure determine has not ever been the rate limiting step to identifying targets and developing leads. I agree I don't really see a future for it but Demis has at least 10-20 years of runway before he has to take off or bail.
All of my suggestions were just for Google to do research with the community and publish it (especially the model code and weights, but also pipelines to prep data for learning) and turn a few of the ideas into products in Google Cloud(that's how Google Genomics was born... I was talking to Jeff, and he said "if we compress the genome enough, we can store it all on Flash, which would make search fast but cheap, and we'd have a useful product for genomics analysis companies"). IMHO Jeff's team substantially achieved their goals before the DeepMind stuff- DeepVariant was well-respected, but almost every person who worked on it and related systems got burned out and moved on.
What is success, anyway, in biotech? Is it making a drug that makes a lot of money? What if you do that, but it costs so much that people go bankrupt taking it? Or is the goal to make substantial improvements to the technology, potentially discovering key biological details that truly improve people's lives? Many would say that becoming a successful real estate ownership company is the real destination of any successful pharma/biotech.
Whoa. Finally someone I relate with! Thanks for such amazing intel!
In my opinion forays into biology by moonshot hopefuls fail for one of two reasons: either they completely ignore all the current wisdom from academia and industry, or they recruit the very academia people who are culturally responsible for the science rot we have at this time. Calico (and CZI, and im starting to fear, Arc) fell prey to the latter. Once you recruit one tenured professor IMO youre done. The level of tenure track trauma and academic rot they bring in can burn even a trillion dollars into dead-end initiatives.
IMO (after decades of daydreaming about this scenario), the only plausible way to recreate a Bell labs for Biology is to start something behind a single radical person, and recruit the smartest undergrads into that place directly. Ensure that they never become experts at just one thing so they have no allegiance to a method or field. And then let that hoarde loose on a single problem and see what comes out. For better or worse neuralink seems to be doing that right. Just wish they didnt abuse the monkeys that much!
To me success in biotechnology is if I measurably help make a drug that makes a person smile and breathe easy that would otherwise not have. Surprisingly easy and hard at the same time.
Having worked with them I would say Sanjay is certainly NOT the "junior" partner. Nor vice versa. They have different strengths but I couldn't say that one or the other is a better engineer overall.
I feel like Jeff's public profile has grown quite a bit since then. Note that in 2008 he wasn't doing anything related to AI yet -- none of that had even started. That has since given him somewhat of a more public role, whereas Sanjay has stayed on infrastructure which is more internal-facing. I do think Jeff Dean Facts in itself has played some part in enhancing his celebrity status, too.
With that said, I suppose it's hard for me to say what the public perception of the two was in 2008 as I only knew of either of them from working there.
My further comment will be buried, but its a rip on Chuck Norris facts, and was pretty ... whatever ... "geek culture". That was only proved by Chuck Norris' endorsement of Mike Huckabee back in 2007:
https://www.youtube.com/watch?v=--EGyU57efY
You still have to create a Youtube channel for Jeff Dean/Sanjay Ghemawat (slayers of code!) like "Entertaining AI" did for "Chuck Norris" - https://www.youtube.com/@Entertaining_AI
>"Jeff Dean Facts" sort of rolls off the tongue easier that "Sanjay Ghemawat Facts"
The reason it rolls off the tongue easier is because of the familiarity with names of that form. It is making a choice to favour a personal cultural similarity. It clearly wasn't done with malice, but being reflective about it and noticing that it happened is a good thing.
When people talk about privilege, this is a large part of what people mean. There's no intended bias, it is just an honest choice, but all of our choices are based upon our opinions that will inherently have biases of some sort. One factor of privilege is when those choices disproportionately fall your way because decisions end up being made by people who you share a cultural upbringing with. Their intuitive decisions value what you value.
Sometimes the only way you can deal with that is by acknowledging your intuitions contain that implicit bias and dispassionately try and balance them as best you can.
That's kind of the point. In a culture where names commonly have a lot of syllables, the length of the name is much less of an issue. That tiny discomfort of the extra effort to process more syllables disappears when it's not considered 'extra'
I’m not sure I agree. I expect that an Indian would similarly be more likely to coin the term “Krish Singh Facts” than they would “Sanjay Ghemawat Facts”, in exactly the same way we do.
I’d be interested to hear from someone from a different culture to verify whether this is true or not.
I don't know how such things are considered in India either (and would also be interested to hear from someone). The salient point is that you do value fewer syllables in a comedy context. All it takes for someone to feel that it might be racist is to recognise that fewer syllables in comedy names may not be universal across cultures, and that taking an action that elevated one person and not another may have inadvertently selected someone of one race because of that preference.
It's not an absolute claim being made here. It's just a consideration that what we intuitively feel may not be an expression of a universally held value.
To add some color to "workerd is not a hardened sandbox":
workerd does not include any sandboxing layers other than V8 itself. If someone has a V8 zero-day exploit, they can break out of the sandbox.
But putting aside zero-day exploits for a moment, workerd is designed to be a sandbox. That is, applications by default have access to nothing except what you give them. There is only one default-on type of access: public internet access (covering public IPs only). You can disable this by overriding `globalOutbound` in the config (with which you can either intercept internet requests, or just block them).
This is pretty different from e.g. Node, which starts from the assumption that apps should have permission to run arbitrary native code, limited only by the permissions of the user account under which Node is running.
Some other runtimes advertise various forms of permissions, but workerd is the only one I know of where this is the core intended use case, and where all permissions (other than optionally public internet access, as mentioned) must be granted via capability-based security.
Unfortunately, JavaScript engines are complicated, which means they tend to have bugs, and these bugs are often exploitable to escape the sandbox. This is not just true of V8, it's true of all of them; any that claims otherwise is naive. Cloudflare in production has a multi-layer security model to mitigate this, but our model involves a lot of, shall we say, active management which can't easily be packaged up into an open source product.
With all that said, not all threat models require you to worry about such zero-day exploits, and you need to think about risk/benefit tradeoffs. We obviously have to worry about zero-days at Cloudflare since anyone can just upload code to us and run it. But if you're not literally accepting code directly from anonymous internet users then the risk may be a lot lower, and the overall security benefit of fine-grained sandboxing may be worth the increased exposure to zero-days.
Right - I trust workerd in the context of Cloudflare because I know it has a team of people who's job it is to keep it secure who are on-call 24/7.
The problem I have is that I'm just one person and I don't want to be on call 24/7 ready to react to sandbox escapes, so I'm hoping I can find a solution that someone else built where they are willing to say "this is safe: you can feed in a string of untrusted JavaScript and we are confident it won't break out again".
I think I might be able to get there via WebAssembly (e.g. with QuickJS or MicroQuickJS compiled to WASM) because the whole point of WebAssembly is to solve this one problem.
> But if you're not literally accepting code directly from anonymous internet users then the risk may be a lot lower
That's the problem: this is exactly what I want to be able to do!
I want to build extension systems for my own apps such that users can run their own code or paste in code written by other people and have it execute safely. Similar to Shopify Functions: https://shopify.dev/docs/apps/build/functions
I think the value unlocked by this kind of extension mechanism is ready to skyrocket, because users can use LLMs to help write that code for them.
> the whole point of WebAssembly is to solve this one problem.
For Wasm to be a secure sandbox, you have to assume a bug-free compiler/interpreter, which, alas, none of them really are. It's a somewhat easier problem than building a bug-free JavaScript runtime, but not by as much as you might expect, sadly.
> I want to build extension systems for my own apps such that users can run their own code or paste in code written by other people and have it execute safely. Similar to Shopify Functions: https://shopify.dev/docs/apps/build/functions
But it sounds like you really do want to self-host? I don't blame you, but that does make it tough. I'm not sure there's any such thing as a secure sandbox that doesn't require some level of monitoring and daily maintenance, sadly. (But admittedly I may be biased.)
Yeah my ideal is to have something that cleanly "pip installs" as a dependency such that users of my open source Python projects can self host tools that let them extend using arbitrary code, including code written by LLMs.
I've been picking at this problem for a few years now!
On the one hand I get why it's so hard. But it really feels like it should be possible to solve this in 2026 - executing arbitrary code in a way that constrains its memory and CPU time usage is a problem our industry solves in browsers and hosting platforms and databases and all sorts of other places, and has done for decades.
The whole LLM-assisted end-user programming thing makes solving this with the right developer affordances so valuable!
If the code is gonna be written by LLMs anyway skip the js, directly use wasm and allow any language that compiles to it with something like https://extism.org/
Ah, in that context, why not just give the people workerd? People using & running OSS libraries are used to the fact that there might be vulns in libraries they're using, right?
If Simon's users choose to self-host the open source version of his service, they are probably using it to run their own code, and so the sandbox security matters less, and workerd may be fine. The sandbox only matters when Simon himself offers his software as a service, which he could do using Workers for Platforms.
(But this is a self-serving argument coming from me.)
There's also JCO for creating JS based WebAssembly components. It's based on StarlingMonkey which I believe is slightly faster than QuickJS under web assembly. https://github.com/bytecodealliance/jco
Benchmark numbers for request isolated JS hello world / React page rendering:
JCO/wasmtime: 314µs / 13ms
Bun process forking: 1.7ms / 8.2ms
v8 isolate from snapshot: 0.7ms / 22ms
TinyKVM: 52µs / 708µs
Native with reuse 14µs / 640µs
(I suspect even if we are able to get TinyKVM into a state you'd feel comfortable with in the future it would still be an awkward fit for Datasette since nested virtualisation is not exposed on AWS EC2.)
You need more than a simple sandbox for what you describe. You also need to avoid infinite loops or other constructs from causing a DoS or similar, and if you are doing this with the intention of interacting with some other parts of a system then you need to think about how that interaction works and whether there is a way to execute something outside of that sandbox.
Even if you go with something backed by a full time team there is still going to be a chance you have to deal with a security issue in a hurry, maybe in the run up to Christmas. That is just going to come with the territory and if you don’t want to deal with that then you probably need to think about whether you really need a sandbox that can execute untrusted code.
I worked on a sandbox of Hermes that compiles the engine to wasm, and then converts the wasm to C (like Mozilla's RLBox). It exposes the same C++ API as Hermes so it is pretty convenient to drop in, and should be fairly secure.
EDIT: Reading some of your other comments, I should point out that this is more like a component of a possible solution. It does not attempt to prevent resource exhaustion or crashes due to corrupted internal state.
Wait, why not just actually use the Cloudflare Sandboxes product then? Is it too costly or something? Or you need to be able to run without a connection to their cloud?
I'm building software I want other people to be able to run themselves, I don't want to have to tell them to create a Cloudflare account as part of running that software.
reply