logoalt Hacker News

maxlohyesterday at 8:33 PM14 repliesview on HN

I don't find a closed-source Chinese agent system trustworthy.

It is essentially a black box with full user permissions, meaning you are just handing over your entire system to a Chinese-owned server. With OpenCode and its GLM provider, at least I can monitor which files were read, which were edited, and what commands were executed.

Not to mention that Chinese national security laws legally obligate companies to cooperate with state intelligence and counter-espionage efforts [0]. If you have this installed on a corporate workstation, and your company is large enough, the possibility of them spying on you is not just a risk—it's almost a certainty.

[0]: https://en.wikipedia.org/wiki/National_Intelligence_Law_of_t...


Replies

Escapadoyesterday at 8:36 PM

I agree. I don't find the US competitors trustworthy either. I think open source is the way here.

show 1 reply
ahrzbyesterday at 9:25 PM

At least the model weights are open, I’m not American, so to me this is much more trustworthy in every possible way. You’re talking as if US intelligence are the good guys, and to me at least, they are not to any extent.

show 3 replies
d3m0t3pyesterday at 8:46 PM

This is exactly the same with providers from the USA.

kordlessagainyesterday at 9:58 PM

Run it in a container under Opencode. It works great, and I even upgraded to their pro plan (~$60/month). If you want it in a container, there's info in my profile under my projects. That code is entirely open source, and it's there simply because I built what I needed for my own work. I'm sure there a zillion other ways to do it. However, I highly advise against running any agent on bare metal, regardless of the company's country of origin. My thesis addresses this directly and repeatedly.

By the way, some pedant recently asked why anyone would run software with only a few stars. My thoughts on that are minimal: people can practice whatever slop logic they want. I've architected and built systems that handled tens of thousands of users. I'm not fucking around. The way I build isn't typical, and I don't suggest anyone try to mimic my approach, but it works for me and the way my mind processes complex systems.

To the peanut gallery: use it or don't, but don't give me a hard time unless you're ready to get one back. I've made plenty of mistakes in my career, and accountability is a crucial part of growth. I'm more than willing to work with anyone using my code, provided they bring valid, substantial criticism to the table.

arikrahmanyesterday at 9:40 PM

That's why I like to use Reasonix with Deepseek. Hitting cache makes requests basically free and that's through unsubsidized American providers like Digital Ocean or cloudflare.

kachnuv_ocasekyesterday at 9:26 PM

You can always run it in bwrap or rootless podman.

show 1 reply
eeasssyesterday at 8:40 PM

If you are not US based that’s not really a big concern.

show 1 reply
dingdingdangyesterday at 9:21 PM

In a sense it's a clean reminder that all these, especially non-local, llm tools should NEVER run outside a container. I'm currently looking at z-jail specifically for these scenarios; VMs are too heavy & expose too many sec issues of their own for continual integrated use in my case.

scotty79yesterday at 9:16 PM

How's that different from Codex (gui app) or Claude?

show 3 replies
efficaxyesterday at 9:56 PM

yes but the americans are also doing it, and i don’t really work on anything worth spying on

mempkotoday at 12:41 AM

I'm in the US. The benefit of the Chinese spying on me vs a US company is the Chinese can't come to my door and take me to jail.

tristoryesterday at 9:03 PM

As someone who loves using OpenCode w/ local Chinese open source models, this is basically my take on this as well. There's no way I would ever put a piece of proprietary Chinese software that gets full system control on anything important. This is definitely something I would only ever run sandboxed in a lab environment for toy projects, not for serious work. I feel only marginally better about Codex/Claude Code, hence my strong preference for local LLMs w/ OpenCode, but a proprietary approach to Chinese models is a hard no from me dawg.

snootypootyesterday at 9:53 PM

so basically no worse than europe or usa, but they are just more open about it

diego_moitayesterday at 9:43 PM

> It is essentially a black box with full user permissions,

You mean, like Windows and Android?