Adam de Delva

@AdamPippert Here for the real and open. More human. Which is what we’re here for.

If I share something personal when I’m known for more technically focused content, does that make me more human or less relevant for people on this platform? On the one hand, I don’t want a personal tragedy to be seen as an excuse for attention, but on the other hand, I am real.

HLIX is the last 15 years of IP that I’ve (and the collective have learned) in a BoM.

Do not bet against the collective. Our position remains the same.

@JarretW @karpathy @grok Sounds familiar - @JarretW ?

@karpathy @grok I had a feeling this was going to happen when millions were installing. Is this as bad as I think it is? Could personal private information be stolen ?

Software horror: litellm PyPI supply chain attack. Simple `pip install litellm` was enough to exfiltrate SSH keys, AWS/GCP/Azure creds, Kubernetes configs, git credentials, env vars (all your API keys), shell history, crypto wallets, SSL private keys, CI/CD secrets, database passwords. LiteLLM itself has 97 million downloads per month which is already terrible, but much worse, the contagion spreads to any project that depends on litellm. For example, if you did `pip install dspy` (which depended on litellm>=1.64.0), you'd also be pwnd. Same for any other large project that depended on litellm. Afaict the poisoned version was up for only less than ~1 hour. The attack had a bug which led to its discovery - Callum McMahon was using an MCP plugin inside Cursor that pulled in litellm as a transitive dependency. When litellm 1.82.8 installed, their machine ran out of RAM and crashed. So if the attacker didn't vibe code this attack it could have been undetected for many days or weeks. Supply chain attacks like this are basically the scariest thing imaginable in modern software. Every time you install any depedency you could be pulling in a poisoned package anywhere deep inside its entire depedency tree. This is especially risky with large projects that might have lots and lots of dependencies. The credentials that do get stolen in each attack can then be used to take over more accounts and compromise more packages. Classical software engineering would have you believe that dependencies are good (we're building pyramids from bricks), but imo this has to be re-evaluated, and it's why I've been so growingly averse to them, preferring to use LLMs to "yoink" functionality when it's simple enough and possible.

@AdamPippert Our time to shine pippert! Yeeehawwww

The feedback speed ALONE makes open source better. This could literally be the only reason America makes any investment whatsoever in open source AI, and it would be the right thing to do.

@JosephJacks_ Sovereignty, Agency & Resilience Planning are all that matter. The future is open.

Huge layoffs are coming. Across the board.

There will be a home for them in the collective.

7x. Do not bet against the collective.

#UORFOUNDATION #HOLOGRAM #HCP (Hologram Container Platform) #HLIX (Hybrid Linked Infrastructure Xchange) #ØDN || #ØDX #InfinityPathVentures Leaving this here for archival purposes. The future is open.

We got the new Elon in the collective. Good luck going against this.

@smartassetsio HLIX + OKO. Beautiful.

We need a Byzantine Faul Tolerant arch. for network management

HLIX. A match made in heaven.

@AdamPippert @iotcoi Mitko is a genius. Thank you for sharing.

@Adedelva Radicle is decentralized git, guys we know like @iotcoi use it extensively. Have some ideas cooking about how to hook agents into all of this, but first I have to rebuild them to shed the OpenClaw stank off.

So, I’m thinking about deleting my GitHub, or at least marking certain projects read only and posting code elsewhere going forward. Any advice from people who have gone to self-hosted, Radicle, or other less well known repositories?

Gonna f' around and find out and turn Open Office into a Smart-Asset, and power it with HLIX. This is going to be a fun one.

@georgevasyagin @jefielding It’s pathetic. Since then - our collective has grown to 3.1M engineers. All of them passed on us three years ago… are now salivating.

Most companies I've designed for treated the product as the strategy. The ones that actually "made it" treated distribution as the strategy and the product as the vehicle to deliver real value to real people. VCs are just now catching up to what operators figured out years ago? So.. time to shift focus? :-)

Half the VCs I know are changing their focus areas / investment thesis right now. Feels like a moment of deep reflection - or panic.

Universal Object Reference, a universal language to pin to all geometry? All potential realities? Somehow.... Underpinning the fabric of the system that powers existence itself? Yeah... I think that's what we've arrived to. Language is only the first and direct implementation.

“We’re doing a lot with fumes, and we’re turning those fumes into nuclear power.” Marie Patterson//Adam de Delva