> Labs are routinely sent to third-party companies
Labs are real businesses that do real things, and would have actual impact for a breach. Meanwhile any idiot can vibe-code a thin shim between a microphone and ChatGPT in a weekend, promise they're HIPAA-compliant, and start selling. Medical professionals have no obligation to do any diligence, and there's no reason for them to not just buy whoever-is-cheapest. They're not even close to the same thing.
HIPAA enforces nothing other than a pinky-swear-promise of compliance. There are hundreds, if not thousands, of middlemen who sell SaaS like this to medical professionals. If one suffers a breach then shuts down, your doctor will just switch to the next one in line with no consequences because "they promised they were compliant". Meanwhile all your medical details will end up in a public dataset forevermore.
Good, I'm glad. Now find a way to do it in-house. Shipping our conversation to some random-ass fly-by-night SaaS who pinky-swear-promises they're HIPAA-compliant is a non-starter for a medical professional I'd actually want to give money to.
Secrets in a mount or in env is "acceptable" but still pretty amateur-hour. Typically you want the application to have to make a request out to a token exchange endpoint of some sort (using its own identity to authenticate), then keep that secret only in-memory for as long as it's used.
The token exchange endpoint is what assesses risk and decides whether it should grant the secret or not. Think "container X is requesting another secret for service Y, but it didn't restart recently, and the last secret I gave it is not close to expiry yet, hmm".
Sure it is. They're well aware their product is a money furnace and they'd have to charge users a few orders of magnitude more just to break even, which is obviously not an option. So all that's left is.. convince users to burn tokens harder, so graphs go up, so they can bamboozle more investors into keeping the ship afloat for a bit longer.
If this claim is true (inference is priced below cost), it makes little sense that there are tens of small inference providers on OpenRouter. Where are they getting their investor money? Is the bubble that big?
Incidentally, the hardware they run is known as well. The claim should be easy to check.
It's an option and they are going to do it. Chinese models will be banned and the labs will happily go dollar for dollar in plan price increases. $20 plans won't go away, but usage limits and model access will drive people to $40-$60-$80 plans.
At cell phone plan adoption levels, and cell phone plan costs, the labs are looking at 5-10yr ROI.
Yeah exactly. This is what makes RRSPs/401ks the absolute worst place to park your money. You are locking away your funds, and deferring taxes to 1) the stage in your life you probably want to pay the least tax possible, and 2) a time when the tax rate will probably be higher than it is now (after all, tax rates pretty much exclusively go up).
If your employer offers a match, you should absolutely contribute up to the maximum match (it's free money after all), but not a penny more IMO. There are much, much better vehicles for parking your money than retirement funds.
My friend, I'm not sure you've thought through this all the way.
Historically, tax rates have gone down over time, not up. Especially in recent history.
You do pay a reduced tax in retirement because you're able to blend your income. You defer taxes on the 401k until requirement, but you pre-pay taxes on a mega backdoor/roth, so if you need 100k of income in retirement you pull 50k from 401k and 50k on the roth and only pay taxes on half of it, putting you in a lower bracket.
Having the pretax money to grow before paying taxes on it is greater than having post tax money and having less to compound.
The alternative to tax advantaged places to park your money for retirement is strictly worse than non-tax advantaged. In a 401k you pay taxes only in retirement, for roth's you pay taxes only with your paycheck. In a brokerage, you pay taxes at your paycheck and then you pay taxes on withdraw for your cost basis.
Not sure if there's a US equivalent, but in Canada, "having the pretax money to grow before paying taxes on it" is a worse deal. In an RRSP/401k you pay full tax on any investment earnings. Meanwhile a normal non-registered investment account is classified as "capital gains" and only taxed at 50% of your marginal tax rate.
At the end of the day though, I'm sure it boils down to having both instead of trying to minmax it. Being able to liquidate a portion of your investments to, say, purchase a house is probably a good idea, which you can't do if you've been putting everything you have into a retirement account.
Idk about Canada - but in the US most people are going to be in a lower tax bracket in retirement (sometimes substantially lower). Is that not the case in Canada? You only pay your marginal tax rate on what you withdraw.
For example - if my wife and I max out our 401k’s - that’s about 50k we are deferring taxes on. If our pre-tax household income is 300k - then that 50k would have been taxed at 24% marginal rate.
In a year of retirement - let’s say we withdrawal that 50k but now it’s doubled (probably more than that since it only takes 9 years to double at 8% annual growth via compound interest). Now we pay 12% and end up with 88k. (Technically we’d have more than that because of the 24k standard deduction - but we’ll ignore that for the sake of simplicity)
Let’s take the non-tax advantaged comparison. We’d have paid 24% up front and invested 38k. It doubles to 76k. We’d pay 0% capital gains - but even then we end up with less investment income.
If you retire in 30 years, and invest that $50k in the S&P500, you'll end up with about $872k (given the S&P makes about 10% annually[1]). The difference is, in the non-registered scenario, you only pay 50% of the marginal tax rate, because it's capital gains. In the RRSP, you pay full tax on all investment earnings (because it's considered "income" at the time of the withdraw). Your tax bracket might be better at retirement, but will it be 50% better? That's the big question for me (not even considering the value of a liquid vs illiquid investment, but that's more of a personal planning problem).
I would really recommend playing around with Canadian specific financial planning and retirement calculators. Maybe the Canadian system is totally fucked - I don’t know. But your inclinations are a very common misconception about 401k’s in the US and I suspect this holds true in Canada too.
A few things to note:
* In the US at least - you invest your 401k in whatever funds you want. Mine are a mix of S&P500 and Total Market.
* 7-8% is the average inflation-adjusted return of the S&P500 over its history and is general figure you’ll see used in retirement planning discussions
There’s a huge wealth of resources out there on this topic. Look up Canadian specific “FIRE” guidance (Financially Independent Retired Early). I don’t know enough (or anything!) about Canada to really engage on this - but I’ve done pretty extensive planning both myself and with my financial advisor on my own early retirement objectives. For me - the math massively works out in favor of a 401k over non-tax advantaged accounts. I personally have a mix of Traditional (pre-tax), ROTH (post-tax), and non-tax advantaged accounts (because I save more than I am allowed to stuff into tax advantaged accounts per year).
I used to agree with you, but then I learned about 401k/roth conversion ladders. Basically, you can convert everything in a 401k to a roth (taxable event) and after 5 years you can withdraw all of that money penalty free and tax free (except the gains made in those 5 years). The key thing is that you want to strategically do the conversion when you have a very low income, for instance if you're already retired and living off of Roth contributions or taxable brokerage investments, so your only income for the year is the amount you convert. So basically, you just need enough funds to retire for 5 years before you can start withdrawing from the 401k->Roth.
I started doing this when I got a raise and realized pretty much half of my raise was going straight to taxes, whereas I could invest it all if I just upped my 401k contributions.
Very cool. I'm Canadian (which is why I mentioned RRSPs above), and I don't think an equivalent exists for us. Our alternatives to an RRSP (which is equivalent to your 401k) basically boil down to:
TFSA: you pay standard income tax up front, but no income tax on investment earnings. Annual contribution room is added. You can withdraw anytime and get the contribution room back.
FHSA: you do not pay income tax up front, you do not pay income tax on investment earnings. But you can only withdraw for a first home purchase (or convert into RRSP), and there's yearly and lifetime limits on contributions.
Non-registered investment account: you pay standard income tax up front. Investment earnings as capital gains are 50% of standard income tax. Withdraw anytime, no limits obviously.
With RRSPs: you do not pay income tax up front, but you pay standard income tax when you withdraw, and pay standard income tax on investment earnings (no capital gains rate). You cannot withdraw until retirement age.
Those are effectively your only four options here. When they're broken down that way.. does it make more sense?
Gotcha, your TFSA sounds pretty similar to a Roth. So if there was a way to convert RRSP into TFSA in the manner I described, you could potentially get access to that money earlier than 59.5 (or whatever your age limit is in Canada) if that rollover is able to count as a "contribution".
Labs are real businesses that do real things, and would have actual impact for a breach. Meanwhile any idiot can vibe-code a thin shim between a microphone and ChatGPT in a weekend, promise they're HIPAA-compliant, and start selling. Medical professionals have no obligation to do any diligence, and there's no reason for them to not just buy whoever-is-cheapest. They're not even close to the same thing.
reply