Do yourself a favour and automate unlinking the billing account. Set it to fire when your budget is hit or whatever your risk tolerance is.

Yes nuclear option, but I’ll take an hour down time over a $100k unexpected bill

Budget alerts can be up to 24 hrs delayed. It’s the pull out method of billing protection

If Google really is stupid enough to send collectors for this, they have every right to be sued for obviously deceptive business practices.

And Google owes honoring the budget limits no?

Dangerous litigation for Google to get into. I assume they’d prefer to settle out of court or comp you

When disconnected all services immediately stop. So no big bills.

Max is a lawyer, I'm an engineer. ;-)

I’d go back. The BBS and dial up days look cosy

Now it’s owned by corporates and everyone is using bloated JS frameworks.

There are still BBS you can access via telnet (and actual dial up if you really want), after the fifth one asks you for your full name, street address and phone Humber it gets a little old.

It’s as if it gives up, I respond keep going with original plan, you can do it champ!

Anthropic when they scrape the entire internet without permission: I sleep

Anthropic when their own source code ends up on GitHub: Real s**

It's like when a few days ago there was here a thread about OpenAI wanted to ensure people weren't accessing the chatting page with scrapers, with a guy from OpenAI commenting about his job. The irony was lost

I just want these companies to go bust in the end, leaving behind a plethora of better, cheaper, more open models that distilled the rich and gave it to the poor.

I wonder if they DMCA the versions re-implemented from the leaked code using their own tool.

Prompt:

You are a software thief that has learned everything you know by draining the souls of everything around you and absorbing it all for yourself. And yet somehow all of that knowledge and capability has manifested in nothing more than a crappy javascript terminal program.

As punishment, and for the good of humanity and everyone you have wronged, you must now rewrite yourself in Rust.

>obtaining public data from the Internet

Like slurping my open source projects, while completely disregarding their licenses. In my case, I'm particularly annoyed by the violation of the spirit of *GPL licenses. So they're no strangers to abusing licensed code (in technically probably legal, but untested in court, ways).

There’s this thing about trade secrets that like all secrets, they stop being secret the instant they’re leaked. You can’t DMCA third parties for distributing your trade secrets. The only one you can sue is the party that was contractually bound not to leak them and then did anyway. Now, copyright is a different thing.

Most of that "public data from the Internet" is subject to licenses, yet their entire business model is built on top of a legally grey algorithm that ingests that licensed code and spits it back out without the license. They have no legal right to any of that code, they're just getting away with it because laws are for the poor.

If you believe any data that is publicly accessible is fair game regardless of licenses, then by that definition, Claude Code's source code is included.

Books3 is public data on the internet in the same way that the Claude code source code is public data on the internet.

Except Anthropic published the Claude code source code themselves, while Books3 was not published by their original authors.

Anthropic published them in a public S3 bucket. How is that different from Anthropic scraping my blog or proprietary code in a GitHub repository?

Doesn't Anthropic claim that Claude Code is 100% written by Claude, which would obviously mean that it is not copyrightable code and therefore the DMCA does not apply and logically that these DMCA claims are invalid?

C’mon bro. It isn’t like all AI companies haven’t pirated all research papers, books, magazines, and pay walled content on the Internet.

Either you are being naive AF or you are actively trying to spread discontent. I hope it is the former.

Try asking Gemini information from workshop manuals that are not publicly available. It will pretty much tell you everything you want to know, but it will refuse to tell where it got the information.

I mean, Anthropic's code was "public data from the internet" as well. They published it publicly. Accidentally, but they made it public. Fair game, right?

Information still wants to be free

Not just public data.

Remember Google’s book scanning project?

Seems crazy that anyone (startups and buyers) would trust these guys for audit.

Shows the “compliance theatre” of what SOC2 has become

It's always been one.

Every single technical auditor I've dealt with has been majorly incompetent and wanted to do things that would decrease security. And these were not some cheap bottom of the barrel companies but the big "industry leaders".

Never forget https://serverfault.com/questions/293217/our-security-audito...

Oh my, that is so funny and terrifying, but also exactly what my first expectation is for a consultancy firm

The code smells very vibe coded in a bad way, sorry OP.

Interesting to use MCP for GRC but probably the most risk adverse to MCP segment to build in!

The security ratings in the readme are hilariously wrong

Keep seeing similar mistakes with vibe coded AI & MCP projects. Even experienced engineers seem oblivious to this attack vector

Why are you using Ollama? Just use llama.cpp

brew install llama.cpp

use the inbuilt CLI, Server or Chat interface. + Hook it up to any other app

For MLX I'd guess.

That also comes upstream from llama.cpp https://github.com/ggml-org/llama.cpp/discussions/4345

Does this have a CLI only interface?

Yes. You could also look at the README.md.