In The Lord of the Rings, the palantír allows its user to see everything, but at a great cost: loss of control and manipulation. Palantir Technologies echoes this idea in the real world.
By aggregating massive amounts of data, Palantir provides governments and intelligence agencies with extraordinary surveillance and analytical power. While effective for security and intelligence, this concentration of data poses serious risks to privacy, transparency, and individual freedom.
As Tolkien warned, great vision without limits can be dangerous especially when few control what is seen.
A Sprite is a hardware-isolated execution environment for arbitrary code: a persistent Linux computer. Whether it's an AI agent like Claude Code or a binary your user just uploaded, Sprites are the simplest answer for "where should I run a blob of code".
The article technologically validates the choice of Incus/LXC. We are moving out of the era of the ‘everything-ephemeral’ mindset imposed by Docker and returning to stable working environments, which is essential for AI to be able to learn from its mistakes over time.
Sprites execute code in Firecracker VMs. Even we have a hard time seeing what they're doing. VMs run on isolated networks. Nothing can connect to your Sprite directly.
nico11/01/2026
Game interface for controlling agents
nico11/01/2026
nico10/01/2026
nico08/01/2026
I handle marketing for a 3D-printed Dr. Martens keychain Photoroom + Affinity + CeWe print machine
LXC containers are quite interesting because they provide a real Linux OS with all UNIX tools available to agents like Opus 4.5, along with very fast machine (container) creation times. Kata also seems to be a good alternative for isolating agents.
nico05/01/2026
opus 4.5 xtmux = agentic farm
nico03/01/2026
nico31/12/2025
2026 will mark the moment when people truly begin using AI to create their own custom software. Software is about to become radically personalized.
I love this project written in Golang that makes it easy to transfer folders and files between two computers. I can send files from an LXC container behind CGNAT to Windows, macOS, or another Linux machine.
It uses a public relay that encrypts data in transit. By default, it uses the creator’s relay at croc.schollz.com.
You can also use your own relay; in fact, that could give the creator’s relay a break, which handles about 40 terabytes of bandwidth per month on Hetzner
Developers need computers that are always accessible online to run tasks or allow others to connect. These machines must be secure, with controlled SSH and web access. Setting up and maintaining complex authentication (passwords, OAuth, recovery flows, etc.) is a costly distraction from core work.
Tape in your shell
⁂ ssh exe.dev ⁂ ssh exe.dev new --image=ghcr.io/marimo-team/marimo:latest-sql
Nico : AI systems are not deterministiclike traditional software. Given the same input, they can produce different outputs. This probabilistic behavior can be unsettling for computer scientists and engineers who are used to strictly deterministic systems where the same code always produces the same result.
