Do not assume that companies are willing to put ALL of their intellectual property into your hands. Even if you would not be some startup where any sysadmin could steal and sell my data any time without you even noticing it, you will get hacked just like everyone else that stores interesting data. The data you have access to is absolutely perfect for the global data blackmailing gangs. As soon as you are successful, you will have every black hat hacker and their dog knocking on your doors.
jychang 11 hours ago [-]
Onyx.app has a self hosted option. I just did the docker setup yesterday. It’s not a great home user option imo but seems like it’s functional for enterprise.
Fischgericht 10 hours ago [-]
Just had a quick look - while they have that self-hosting option, they still assume you will use a cloud LLM. I started digging because I got confused of them not mentioning any GPU when it comes to resource requirements. There is some documentation on using it fully self-hosted including the LLM, but the emphasis here is on "some".
To be clear: I am looking at this from a CEO perspective, not a "I will play with it in my spare time" nerd one.
eambutu 9 hours ago [-]
Yep, makes a lot of sense. We architected our system to be easy to self-host & open-source in the future for this very reason, though we decided to launch with hosted because it's easier to improve and iterate.
Fischgericht 8 hours ago [-]
Understood. Not my startup, but I would have started the other way round.
Businesses that would be willing to pay (a lot) for such a benefit often will be very conservative. In Germany the majority of medium sized businesses using SAP for example still refuse to be moved to SAP's cloud instead of on-premise.
C-Level types typically are not worried putting their email credentials etc into Outlook cloud and getting hacked this way. They are used to "everything is in the cloud". However, as soon as you mention, depending on the type of business "patents", "sales contacts", "production plans" C's will change their mind.
In Germany, where I am originally come from, all of these businesses are worried about their trade secrets to end up in China, and rightly so.
As self-hosting is very complex you could either make good money with consulting (but this means setting up tech teams in all target markets around the globe, using actual competent humans), or by selling it as a plug&play appliance. With that appliance simply being a rack server with a suitable GPU installed.
And again, for your business strategy the long-term risk of pretty much everyone trying to hack you on a daily basis appears too high to me. You might not have on your radar how serious industry spionage is. You will definitely have a fake utility company worker coming into your offices, trying to plug in a USB keylogger into some PC while nobody is looking.
As an example, proven strategy: Find targets internet uplink. Cut it. Customer calls ISP for help. You then send a fake ISP technician that arrives before the real one does. You put a data exfiltration dongle between the modem and the LAN. You then fix the cut outdoor line. Customer is happy that you have fixed it. Later the actual ISP guy arrives. Everyone will be a bit confused that the problem was already fixed, but then agree that it's probably just the ISP once again having screwed up their resource management. Works pretty much every time.
selcuka 1 hours ago [-]
> You put a data exfiltration dongle between the modem and the LAN.
Sounds interesting, and could be used in a movie, but it doesn't look like it is practically applicable in real life. You will have a hard time making sense of the data without full-MITM'ing with SSL decryption, installing your CA certificate on all machines and browsers on the LAN, and solving the certificate pinning problem.
A USB keylogger may be a simpler solution even though it can't sniff the whole LAN.
Fischgericht 37 minutes ago [-]
Well, as this is standard practice the movie would be a ... documentary? ;)
I wasn't clear here enough: The device at this point enables you to typically see all devices on the LAN and WLAN on L2. Which means you can do ARP spoofing and all that kind of stuff. One of the first things you then would look at is what printers are available to infect. People often print interesting things :)
And yes, of course the USB keylogger is the cheap lazy solution. These days due to second factors not that useful as it used to be, but still... you can deploy it in seconds pretty much in every office, shop or governmental institutions.
But to not further drift into off-topic:
I am serious about all this. Should Grapevine be successful and for example one day put out a press release like "Procter & Gamble is now using our services", you will have in addition to state actors (China, Russia, Israel) a thousand kids looking up that P&G makes a profit of $15 Billion or whatever per year, and that they surely will pay 1% of that for not having all of their company data published.
If you look at existing knowledge management system that are deployed in physical-world-companies, you will see that they actually are not allowed to index all the data, but as you would be running against a lot of laws and management best practices if in the next coffee brake everybody would laugh about poor Tony who once had a really stupid concept, created a draft document of it, but then noticed that it won't work and make him look like a fool.... Thought not giving it to his manager would solve that "problem", but it got indexed as company knowledge..
So, erm, yeah: Existing knowledge management systems to a large extend are about NOT sharing knowledge.
Sorry for this raw brain dump of mine into this thread :)
Fischgericht 7 hours ago [-]
Two things to think about:
a) Due to privacy laws, no European country would right now be allowed to use your service. The data your customers wants to index will always contain stuff that allows to identify a human, and once you are there it's basically "game over" for handing over data to a third party provider like you.
b) My organization is tiny. But we are in a sector were we must be ultra paranoid when it comes to security. We do not use a single external service whatsoever, everything is self-hosted. I would love to be able to AI-index all of our collected knowledge and would pay for the value this provides. So far have been unable to find any plug & play solution. Then open source nature you have mentioned is important so that your system security can be be validated, but in the end I would rather want to pay for it being plug&play AND on-premise AND open source.
ra 3 hours ago [-]
consider allowing customers to deploy into their own AWS/Azure infra as a managed service. Your CICD can reach the deployment and you will be one step closer to enterprise customers.
rakeshraghu 10 hours ago [-]
controlcore.io was brought to the market for the same exact reason. Not AI Powered, but to control AI and its interactions with your Data, APIs,. Applications etc. And yes, we just give our service as a self-hostable solution. However is the encryption and SOC compliance be, we want our clients to know that none of their internal data or interaction transaction leave their control.
pmdr 10 hours ago [-]
">85% of answers are helpful & accurate"
People can usually tell if an answer isn't helpful, but not always that it isn't accurate. Depending on the context, 85% accurate might not be good enough.
eambutu 9 hours ago [-]
Yep, the other commenter is right--85% is helpful AND accurate. I'd love for you to give it a try and see if 85% is not good enough though. There's always more to push on quality and the more real feedback we get the better we can prioritize what people need.
jagged-chisel 10 hours ago [-]
95% of answers could be accurate. Combined with the 85% that are helpful and you have “85% of answers are helpful & accurate.”
lelanthran 39 minutes ago [-]
>95% of answers could be accurate. Combined with the 85% that are helpful and you have “85% of answers are helpful & accurate.”
Instead of using the lower bound, wouldn't it make more sense to say "85% of the 95% accurate answers are helpful"? Or perhaps "95% of the 85% helpful answers are accurate"?
In both cases, the number for "answers that are both helpful and accurate" is lower than 85%.
hiatus 7 hours ago [-]
Who would intentionally downplay their accuracy in marketing materials by conflating the statistic with another?
maxspero 13 hours ago [-]
I've been using Grapevine at my company for the last couple weeks. One of the coolest features is that it proactively answers questions (with citations!). Not everyone thinks to tag the bot but it often surfaces the relevant answer and document and saves everyone some time.
teleforce 1 hours ago [-]
>One of the coolest features is that it proactively answers questions (with citations!).
It's cool feature but is it not the given and default feature of any RAG based LLM to provide citations based on the documents chunking mechanism?
eambutu 13 hours ago [-]
Thanks for using it! Any feedback on what could be made better? And did you guys try any of the alternatives before using Grapevine?
BrandiATMuhkuh 8 hours ago [-]
Congratulations on the launch.
I was recently trying to tackle the same problem (@howie.systems). The hardest 2 problems we had to face were ACL and large files (and large volumes).
How did you solve the ACL part? I worked with a customer that had 200k pdf/images/dwg files on SharePoint and other 1M on samba. It took like a week to sync it all and keep tabs on the access rights of each employee.
How did you solve unpredictable large files: a pdf 2000pages, maybe some A0 in the mix. Or some 4GB power point presentations?
PS: great fan of gather.
PPS: say hi to Clinton from me (amy.app) if he is still around. He was our mentor back in New Zealand at the flux accelerator (2016)
htrp 12 hours ago [-]
Was a huge fan of gather.town, is this the official notice that it's going into maintenance mode?
eambutu 11 hours ago [-]
The Gather work product is unfortunately going into maintenance mode. We still have a strong team working on the core AV and performance, and the business is very decent and more than supports that team (and we still use the Gather product heavily ourselves).
However, it didn't reach the growth trajectory we needed, so a majority of the company will be working on Grapevine + new products instead.
stuartjohnson12 11 hours ago [-]
This is sad to hear. We loved Gather but the technical issues stacked up and we made the choice to kill it around 2 weeks ago.
We've still been searching for a proper replacement for go-karting. Our team greatly enjoyed that little mini game.
A thought for any lurking vibe-coders.
htrp 9 hours ago [-]
Is there a recommended migration path ? or another product that you would suggest here?
eambutu 9 hours ago [-]
Ah to be clear, the team is staffed well enough on Gather that the experience will be equal, if not better, than what you've been using already. So we haven't been telling customers to migrate (and unfortunately, there aren't many good alternative products right now).
zwaps 14 hours ago [-]
Interesting to see this now launching, when most companies have their own customGPT solution and MCP makes headway towards decoupling the frontend layer.
Data seems to be stored outside of the customers control, so this will be a difficult sell for many companies.
What type of businesses are you targeting?
eambutu 13 hours ago [-]
In terms of what businesses we're targeting: we wanted to provide either 1.) a turnkey solution for a company GPT for all the people who don't have it yet, or 2.) a higher quality company GPT for people who do have an internal solution.
Our sense is that ~70% knowledge companies at large still don't have a custom GPT yet, and that of the people who do, our system can be more performant because we're spending more effort than their internal team is. There's a lot of details we've solved on data ingestion and search algo that improved our accuracy dramatically, and things breadth of data connectors is the kind of thing that is expensive for an internal team but worth it if you're providing the service at large.
Not sure what you mean by "data seems to be stored outside of the customers control," but fortunately I think many SaaS apps that were trying to lock down customer data from themselves are walking that back a little bit.
Ucalegon 9 hours ago [-]
Please look into the Zero Data Retention policies of the subprocessors that you are using. For example, Open AI does not include files as falling under their ZDR [1], thus utilizing OAI as an LLM solution inherently adds unnecessary risk of data exposure that many enterprise clients do no want to onboard. Also, you have to think about those companies obligation to their clients/customers when it comes to data security, along with the risk of IP being exposed to 3rd party systems that they do not have control over, when they make their decisions when it comes to utilizing various business solutions.
Why do you think Glean and other top company GPT startups who are doing this for longer and have more resources cannot get this level of performance (helpful and accurate)? What makes your approach different and not easy to replicate?
eambutu 8 hours ago [-]
Great question. We are actually surprised more than anything that existing products aren't better. Other companies' algo work DID get disrupted by reasoning models, because newer models don't care about what the top 3 search results are, they're really great at reading hundreds of documents and picking up signal from noise.
I can't speculate exactly on the work that other companies have done, but my guess is we were way more focused on the type of questions people actually ask to each other. We know there's still a lot more you can do to continue to improve it, and so it's up to other folks if they do it too.
Lastly, a few ways we want to be distinguished from all the other offerings are: 1) super easy to setup, 2.) very developer friendly
ebiester 14 hours ago [-]
I've seen Gleam and Onyx, and I think the real problem is that there is a lot of garbage coming in. If you want to solve the problem, you need to find a way to clean the information coming in. And if you've cleaned the information coming in, you have a lower need to have an LLM answer the question.
eambutu 13 hours ago [-]
Our experience, especially with the most recent reasoning models, is that the LLM's are a lot better now at sifting through the garbage. So if you last gave these products a try more than a month ago, I would try them again.
(Additionally, there are a lot of details that do make a big difference in data processing / search algo too, which have taken our own internal accuracy on hard questions from 30% => 80%+)
arahman4710 13 hours ago [-]
[dead]
paool 12 hours ago [-]
It's BM to plug your own stuff in someone's launch thread.
smt88 6 hours ago [-]
As a consumer of HN, I don't agree. Relevant comments are helpful to me regardless of context, and this doesn't even seem like a competitor.
bluelightning2k 11 hours ago [-]
YCS19 - so 6 years. Obviously you did well enough to survive. Interesting that the pivot is something so basic after all this time. Kind of interested in the story there.
2020-2022: We built https://gather.town, which during COVID blew up across every use-case possible: conferences, birthday parties, weddings, universities. It was a good business during COVID but eventually started to shrink.
2022-2025: We built Gather for remote workers, which was a long grind into in Audio/Video, performance, and making a game-interface that was good for work but replicated the parts of in-person work people enjoyed. It's a decent business, but didn't match our ambitions with how we wanted to change work for the better.
2025+: We have lots of ideas for how we can make work a lot better with AI. The general theme is, "can we make work as fun as a video game?" Idea being: video games are super similar to work at its core, and AI can both 1.) dramatically change how people need to spend their days, and 2.) help you "game design" someone's work day.
The Grapevine system is the first tablestakes layer people need to have for us to build the products we're excited about. Surprisingly, "company context" was not as good as we thought despite it being such an obvious, big business opportunity. So while I agree it's "basic," it does seem necessary, and is also not the full-scale of what we want to achieve still :)
cowpig 12 hours ago [-]
Is this self-hosted? If not, am I to work under the assumption that my company's IP is worth ~$0?
eambutu 11 hours ago [-]
No self-hosted version yet. You would need to trust us in the same way you trust your other SaaS apps that host company IP (e.g. Slack, Notion, Github, etc.)
I get that's a big ask from a startup. If it helps, we are a company that's been around for 4+ years and have built a work tool (https://gather.town) used for 100k+ people for their daily work, Sequoia-backed, are SOC II certified, and go way beyond that for the security considerations for this product.
cowpig 11 hours ago [-]
Are slack/github/notion dumping company data into an unknown set of LLM APIs under the hood?
(My company uses Zulip/Gitea/Affine for data sovereignty reasons, but this kind of thing seems worse)
echelon 6 hours ago [-]
Build the on-prem thing. Companies will be much more trusting.
dzink 13 hours ago [-]
The name is way too long for people to type queries using it.
eambutu 13 hours ago [-]
Fortunately, Grapevine is just the name of our system, we let people white-label their Slack bot when they actually set it up :)
5 hours ago [-]
loudmax 13 hours ago [-]
Is the "ChatGPT" brand name becoming a generic term, like Baid-Aid or Kleenex?
There is the ChatGPT product, operated by OpenAI, Inc, which you can access via their web site or their API. OpenAI does publish gpt-oss as an open-weights model. I suppose you could argue that gpt-oss is "a ChatGPT," though I'd normally think of it as "a large language model." Much like Claude, DeepSeek, Qwen and so on are other large language models.
> the day-to-day questions that actually blocked people
do you have a very strong opinion about how companies should work?
"No"
Okay, does Dario Amodei? He thinks more than half the workforce should "just" be replaced. That's a strong opinion! Do you see what I am saying?
eambutu 13 hours ago [-]
I can't speak for other people, but our strong opinion about how companies should work is to reduce the massive amount of chores and tedium that exist in our work days today.
With the company GPT, we want to tackle things like: 1.) having to answer a repeated question from a colleague, 2.) answering questions to coworkers that are purely informational, and eventually 3.) things like standup updates, written updates to leadership on status, etc.
I think human interaction at work is one of the most valuable experiences if you're lucky enough to have good colleagues and interesting work. But I think they should almost entirely be around creativity, decision-making, debate, etc. rather than sharing information that exists elsewhere.
doctorpangloss 13 hours ago [-]
[flagged]
Yiin 11 hours ago [-]
what's your point, you ask for strong opinion without any context, what answer do you expect?
Do not assume that companies are willing to put ALL of their intellectual property into your hands. Even if you would not be some startup where any sysadmin could steal and sell my data any time without you even noticing it, you will get hacked just like everyone else that stores interesting data. The data you have access to is absolutely perfect for the global data blackmailing gangs. As soon as you are successful, you will have every black hat hacker and their dog knocking on your doors.
To be clear: I am looking at this from a CEO perspective, not a "I will play with it in my spare time" nerd one.
Businesses that would be willing to pay (a lot) for such a benefit often will be very conservative. In Germany the majority of medium sized businesses using SAP for example still refuse to be moved to SAP's cloud instead of on-premise.
C-Level types typically are not worried putting their email credentials etc into Outlook cloud and getting hacked this way. They are used to "everything is in the cloud". However, as soon as you mention, depending on the type of business "patents", "sales contacts", "production plans" C's will change their mind.
In Germany, where I am originally come from, all of these businesses are worried about their trade secrets to end up in China, and rightly so.
As self-hosting is very complex you could either make good money with consulting (but this means setting up tech teams in all target markets around the globe, using actual competent humans), or by selling it as a plug&play appliance. With that appliance simply being a rack server with a suitable GPU installed.
And again, for your business strategy the long-term risk of pretty much everyone trying to hack you on a daily basis appears too high to me. You might not have on your radar how serious industry spionage is. You will definitely have a fake utility company worker coming into your offices, trying to plug in a USB keylogger into some PC while nobody is looking.
As an example, proven strategy: Find targets internet uplink. Cut it. Customer calls ISP for help. You then send a fake ISP technician that arrives before the real one does. You put a data exfiltration dongle between the modem and the LAN. You then fix the cut outdoor line. Customer is happy that you have fixed it. Later the actual ISP guy arrives. Everyone will be a bit confused that the problem was already fixed, but then agree that it's probably just the ISP once again having screwed up their resource management. Works pretty much every time.
Sounds interesting, and could be used in a movie, but it doesn't look like it is practically applicable in real life. You will have a hard time making sense of the data without full-MITM'ing with SSL decryption, installing your CA certificate on all machines and browsers on the LAN, and solving the certificate pinning problem.
A USB keylogger may be a simpler solution even though it can't sniff the whole LAN.
I wasn't clear here enough: The device at this point enables you to typically see all devices on the LAN and WLAN on L2. Which means you can do ARP spoofing and all that kind of stuff. One of the first things you then would look at is what printers are available to infect. People often print interesting things :)
And yes, of course the USB keylogger is the cheap lazy solution. These days due to second factors not that useful as it used to be, but still... you can deploy it in seconds pretty much in every office, shop or governmental institutions.
But to not further drift into off-topic:
I am serious about all this. Should Grapevine be successful and for example one day put out a press release like "Procter & Gamble is now using our services", you will have in addition to state actors (China, Russia, Israel) a thousand kids looking up that P&G makes a profit of $15 Billion or whatever per year, and that they surely will pay 1% of that for not having all of their company data published.
If you look at existing knowledge management system that are deployed in physical-world-companies, you will see that they actually are not allowed to index all the data, but as you would be running against a lot of laws and management best practices if in the next coffee brake everybody would laugh about poor Tony who once had a really stupid concept, created a draft document of it, but then noticed that it won't work and make him look like a fool.... Thought not giving it to his manager would solve that "problem", but it got indexed as company knowledge..
So, erm, yeah: Existing knowledge management systems to a large extend are about NOT sharing knowledge.
Sorry for this raw brain dump of mine into this thread :)
a) Due to privacy laws, no European country would right now be allowed to use your service. The data your customers wants to index will always contain stuff that allows to identify a human, and once you are there it's basically "game over" for handing over data to a third party provider like you.
b) My organization is tiny. But we are in a sector were we must be ultra paranoid when it comes to security. We do not use a single external service whatsoever, everything is self-hosted. I would love to be able to AI-index all of our collected knowledge and would pay for the value this provides. So far have been unable to find any plug & play solution. Then open source nature you have mentioned is important so that your system security can be be validated, but in the end I would rather want to pay for it being plug&play AND on-premise AND open source.
People can usually tell if an answer isn't helpful, but not always that it isn't accurate. Depending on the context, 85% accurate might not be good enough.
Instead of using the lower bound, wouldn't it make more sense to say "85% of the 95% accurate answers are helpful"? Or perhaps "95% of the 85% helpful answers are accurate"?
In both cases, the number for "answers that are both helpful and accurate" is lower than 85%.
It's cool feature but is it not the given and default feature of any RAG based LLM to provide citations based on the documents chunking mechanism?
I was recently trying to tackle the same problem (@howie.systems). The hardest 2 problems we had to face were ACL and large files (and large volumes).
How did you solve the ACL part? I worked with a customer that had 200k pdf/images/dwg files on SharePoint and other 1M on samba. It took like a week to sync it all and keep tabs on the access rights of each employee.
How did you solve unpredictable large files: a pdf 2000pages, maybe some A0 in the mix. Or some 4GB power point presentations?
PS: great fan of gather. PPS: say hi to Clinton from me (amy.app) if he is still around. He was our mentor back in New Zealand at the flux accelerator (2016)
However, it didn't reach the growth trajectory we needed, so a majority of the company will be working on Grapevine + new products instead.
We've still been searching for a proper replacement for go-karting. Our team greatly enjoyed that little mini game.
A thought for any lurking vibe-coders.
What type of businesses are you targeting?
Our sense is that ~70% knowledge companies at large still don't have a custom GPT yet, and that of the people who do, our system can be more performant because we're spending more effort than their internal team is. There's a lot of details we've solved on data ingestion and search algo that improved our accuracy dramatically, and things breadth of data connectors is the kind of thing that is expensive for an internal team but worth it if you're providing the service at large.
Not sure what you mean by "data seems to be stored outside of the customers control," but fortunately I think many SaaS apps that were trying to lock down customer data from themselves are walking that back a little bit.
[1] https://platform.openai.com/docs/guides/your-data#zero-data-...
I can't speculate exactly on the work that other companies have done, but my guess is we were way more focused on the type of questions people actually ask to each other. We know there's still a lot more you can do to continue to improve it, and so it's up to other folks if they do it too.
Lastly, a few ways we want to be distinguished from all the other offerings are: 1) super easy to setup, 2.) very developer friendly
(Additionally, there are a lot of details that do make a big difference in data processing / search algo too, which have taken our own internal accuracy on hard questions from 30% => 80%+)
2020-2022: We built https://gather.town, which during COVID blew up across every use-case possible: conferences, birthday parties, weddings, universities. It was a good business during COVID but eventually started to shrink.
2022-2025: We built Gather for remote workers, which was a long grind into in Audio/Video, performance, and making a game-interface that was good for work but replicated the parts of in-person work people enjoyed. It's a decent business, but didn't match our ambitions with how we wanted to change work for the better.
2025+: We have lots of ideas for how we can make work a lot better with AI. The general theme is, "can we make work as fun as a video game?" Idea being: video games are super similar to work at its core, and AI can both 1.) dramatically change how people need to spend their days, and 2.) help you "game design" someone's work day.
The Grapevine system is the first tablestakes layer people need to have for us to build the products we're excited about. Surprisingly, "company context" was not as good as we thought despite it being such an obvious, big business opportunity. So while I agree it's "basic," it does seem necessary, and is also not the full-scale of what we want to achieve still :)
I get that's a big ask from a startup. If it helps, we are a company that's been around for 4+ years and have built a work tool (https://gather.town) used for 100k+ people for their daily work, Sequoia-backed, are SOC II certified, and go way beyond that for the security considerations for this product.
(My company uses Zulip/Gitea/Affine for data sovereignty reasons, but this kind of thing seems worse)
There is the ChatGPT product, operated by OpenAI, Inc, which you can access via their web site or their API. OpenAI does publish gpt-oss as an open-weights model. I suppose you could argue that gpt-oss is "a ChatGPT," though I'd normally think of it as "a large language model." Much like Claude, DeepSeek, Qwen and so on are other large language models.
do you have a very strong opinion about how companies should work?
"No"
Okay, does Dario Amodei? He thinks more than half the workforce should "just" be replaced. That's a strong opinion! Do you see what I am saying?
With the company GPT, we want to tackle things like: 1.) having to answer a repeated question from a colleague, 2.) answering questions to coworkers that are purely informational, and eventually 3.) things like standup updates, written updates to leadership on status, etc.
I think human interaction at work is one of the most valuable experiences if you're lucky enough to have good colleagues and interesting work. But I think they should almost entirely be around creativity, decision-making, debate, etc. rather than sharing information that exists elsewhere.