They released deepseek/deepseek-chat-v3.1 shortly after I did the evals, and that's what I now use 20+ times a day for all my questions. It replaces chat-v3 and r1, depending on whether you enable reasoning or not.
I'm the author of the post. Thanks for highlighting this. It's very confusing.
I cannot use it directly in OpenAI's API, even today:
> $ llm -m gpt-5-mini Hello
> Error: Error code: 400 - {'error': {'message': 'Your organization must be verified to stream this model. Please go to: https://platform.openai.com/settings/organization/general and click on Verify Organization. If you just verified, it can take up to 15 minutes for access to propagate.', 'type': 'invalid_request_error', 'param': 'stream', 'code': 'unsupported_value'}}
Until two days ago, OpenAI on OpenRouter was Bring-Your-Own-Key (BYOK), so it didn't work there either.
Since they dropped BYOK, I can indeed use it through OpenRouter:
> $ llm -m openrouter/openai/gpt-5-mini Hello
> Hi — hello! How can I help you today?
This is for both `gpt-5` and `gpt-5-mini`. The `-nano` has always worked. I'm going to try some of my evals on gpt-5-mini, but it doesn't feel like I can depend on it.
The key is “stream” in the error message. If you turn off streaming in llm (looks like --no-stream will do it) then I think it should work. I don’t understand why they gate streaming specifically but that’s what they seem to be doing.
That attitude to crypto is pervasive, annoying, and wrong. We don't tolerate the "you're too stupid to use that" attitude in any other part of software development, and we shouldn't tolerate it in cryptography.
Every developer needs to touch crypto. Encrypted communications needs to be our default. And yes, of course, we should prefer verified, standard algorithms (NSA Suite B, for example).
It's OK to get it wrong, it's OK to fail forward, even with cryptography. ROT13 will protect you very well, if your attack vector is someone glancing over your shoulder for 1 second. As long as the code is open, and you're honest about what it does, you've made people a little bit safer.
There's a fair amount of gloating around Cryptocat, but it protected people's communications from me, because I didn't know how to break it. So that's better than nothing.
>We don't tolerate the "you're too stupid to use that" attitude in any other part of software development, and we shouldn't tolerate it in cryptography.
We shouldn't, but we should provide tools that allow software engineers to securely design applications without having to be crypto experts, in much the same way I can write python code without being a kernel hacker. Two examples spring to mind: Authenticated https api calls and bcrypt. These both work securely without requiring deep knowledge and they are so easy to setup it is unlikely someone will roll their own.
You can PLAY with crypto, discuss it try things out and have fun with it. After you have been doing that and hanging out in the right circles for a few years, reading lots and probably breaking other people's ideas and implementations not just yours then you will be some sort of position to judge whether your work may be safe to unleash on the public as anything more than a low security experiment.
One of the problems is with security and crypto is that the people who really understand it make fairly weak promises such as that it is "Pretty Good Privacy" but the incompetent, greedy or malicious make strong marketing claims about the security that they are offering. Emphasis on incompetent in the Cryptocat case.
Crypto is an area where the Dunning Kruger effect[1] seems both especially strong and especially dangerous.
Everybody should be able to fly a plane, too. Think of how awesome that would be! A rebirth of the American general aviation industry; new airplane designs; solutions to congested airports.
It does not follow from that sentiment that anyone should be able to jump into the cockpit of a Cessna and just figure things out for themselves.
The part where this analogy breaks down is that some random person will probably die in a fire pretty quickly if they try to fly a Cessna. Crypto is like a Cessna that's easy to fly but if you don't fly it exactly right, a few months after your flight, the ground under your flight path spontaneously combusts.
There's a fair amount of gloating around Cryptocat, but it protected people's communications from me, because I didn't know how to break it. So that's better than nothing.
Not if 'nothing' is "don't send the message", rather than the "send the message in the clear" that you're assuming.
Bad crypto gives end users false confidence in the security of their messages. They then send messages they normally wouldn't, and suffer the consequences when those messages end up being read by others.
Amateurs can play with crypto all they like for fun, but they have no business releasing a product to end users.
There might be better performing hosting providers, and there are definitely lower cost providers than Linode, but I don't love them like I love Linode.
It's not entirely rational, but if you ask around, I'd wager most people who use Linode love it.
Maybe it's because it used to be just caker doing everything, or the free disk / memory upgrades he kept handing out. I remember him asking about LASIK surgery in the (very helpful) forums; there's a family feeling to it. It's the anti-Rackspace. It's home.
So true. I moved a mail server I manage over to digital ocean recently because it needed more RAM and the price difference between a 4GB DO instance and a 4GB Linode one was just too much to swallow.
Very happy with DO so far but... I still have 7 1GB and 512MB vms with Linode and no plans to move any of them because I just can't bring myself to sever all ties with Linode :D
