Urbit

We often describe Urbit with big technological phrases like "self-sovereign, cryptographically-owned identity" or "deterministic operating function" or "solid state interpreter running on a distributed and end-to-end encrypted peer-to-peer network". Sorry. We'll do better. Your Urbit is Yours. Everything else is just implementation details. Lessons learned observing decades of incentives and outcomes in networked computing. The spam, the centralization, the data exploitation, the spying... It all happens because your computer isn't yours. And your computer isn't yours because it was never designed to be networked. It was never structured to be maintained by it's owner. Urbit is an endeavor to build a forever computer. A ground-up rewrite of the networked computing stack to fix the trendline towards endless complexity, unmanageable in a way that retains practical control by individuals of their computers. It is for these reasons that we use insane propositions like: - Nouns as a single foundational data type - Nock as a dead simple instruction set architecture - Hoon parlance disconnected from legacy vocabulary - Urbit OS (Arvo) as a pure function of its inputs - Urbit ID as a cryptographically owned hierarchical namespace - Kelvin versioning, where code eventually stops updating and becomes 'frozen' Again, these are implementation details. Necessary for building a world where our digital lives can last--where they can truly belong to us. Where computers can be passed down generation to generation, like a family home. But perhaps that is still to much to explan. So...What is urbit? A computer you can trust to be yours, forever.

Write once, run forever. More on how Urbit is making this real coming soon^TM (next week).

@karpathy Yeah, it's rather sad devs now believe that libs require weekly updates now. Nobody is even trying to write software in a way that it can be "done" - i.e. code is final, it does what it says it does. Then dependency won't be a problem

@killerstorm @karpathy Yes, we are... That's @urbit.

Software horror: litellm PyPI supply chain attack. Simple `pip install litellm` was enough to exfiltrate SSH keys, AWS/GCP/Azure creds, Kubernetes configs, git credentials, env vars (all your API keys), shell history, crypto wallets, SSL private keys, CI/CD secrets, database passwords. LiteLLM itself has 97 million downloads per month which is already terrible, but much worse, the contagion spreads to any project that depends on litellm. For example, if you did `pip install dspy` (which depended on litellm>=1.64.0), you'd also be pwnd. Same for any other large project that depended on litellm. Afaict the poisoned version was up for only less than ~1 hour. The attack had a bug which led to its discovery - Callum McMahon was using an MCP plugin inside Cursor that pulled in litellm as a transitive dependency. When litellm 1.82.8 installed, their machine ran out of RAM and crashed. So if the attacker didn't vibe code this attack it could have been undetected for many days or weeks. Supply chain attacks like this are basically the scariest thing imaginable in modern software. Every time you install any depedency you could be pulling in a poisoned package anywhere deep inside its entire depedency tree. This is especially risky with large projects that might have lots and lots of dependencies. The credentials that do get stolen in each attack can then be used to take over more accounts and compromise more packages. Classical software engineering would have you believe that dependencies are good (we're building pyramids from bricks), but imo this has to be re-evaluated, and it's why I've been so growingly averse to them, preferring to use LLMs to "yoink" functionality when it's simple enough and possible.

@wirelyss Someone get this girl an @urbit.

The kids on tiktok are already buying ipods, theyre just not by apple.

Almost like you need a place to put your data that is truly yours. Some people call this a 'personal server'. Others, a 'cloud pc'. Regardless of what you call it, the thing people are looking for is a networked computer that can always be acting in your interest. A computer you can trust. That's Urbit.

is the future value of "open source" code anymore? i believe it's shifting to data, provenance, protocols, evals, and weights. in that order.

@tloncorporation Seems like it would be confusing it we started posting 'Urbit isn't Arvo'...right?

we were going to wait until April fool’s to announce the pivot but now the cats out of the bag

It's almost like people need personal servers that run their compute. Hold their data. A computer they can trust to be truly theirs. And that isn't just another outgrowth of the ball of mud that is the current networked computing stack. A computer that could actually be secured...

let me explain the ramifications of this… → 150,000 people just got locked out of their own cars… across 46 states… for 6 days straight and counting → not a software bug. not a glitch. not AI permissions gone wrong. → hackers flooded Intoxalock’s servers and all these vehicles just stopped starting… → these are court ordered breathalyzer devices… people who messed up in the past but have been doing everything right since (hopefully)… and now they can’t drive to work because someone else’s security system failed wild connect the dots… your electric car talks to a server to start. one breach and it’s a 50,000 dollar paperweight your insulin pump syncs to a server. your pacemaker data lives on a server. one breach and it’s not a car that stops working… it’s a body your smart home lock runs through a server. one breach and your front door either won’t open or won’t close now zoom out… Gartner projects $2.5 trillion going into AI this year… only $240 billion into securing the systems it runs on. that’s a 10 to 1 bet that nothing goes wrong the four biggest tech companies (Alphabet, Microsoft, Meta, and Amazon) are rumored to spend $700 billion on AI infrastructure this year alone… while cybercrime is projected to cost the world $10.5 trillion now imagine this happens to Tesla. to a hospital network. to the power grid… every new AI integration is a new attack surface. every API is a new door. every device that “talks to the cloud” is one more thing that can be turned off by someone you’ll never meet and I’m not saying every one of these systems will experience something who really knows what’s secure or isn’t but if you’re building right now… security isn’t the last layer you add. it’s the first one. → 150,000 people have just found out what happens when nobody prioritizes that… archaic government systems and legacy businesses are likely first on the chopping block I hope the rest of us continuously learn from it instead of living it the weakest link in every system is the one nobody bothered to secure like what wild system vulnerability will we see next? does someone hack Area 51?

Hoon is a perfect language for agents, given that if it compiles it's ~correct.

big release today, which, among other things: ❐ adds media and file sharing to messages, including video attachments, voice message playback with transcriptions, and arbitrary file uploads (along with a storage capacity indicator during uploads) ❐ adds new admin controls for revoking unclaimed invites, pinning messages to channel headers, and managing settings through a new Channel Info screen.

@d0d0sz @hassundotX @sivrul If this strikes you as interesting, come and join us: urbit.org

Urbit is a ground up rewrite of the networked computing stack. Currently it is implemented as an 'overlay OS', running as a VM on any underlying host system (macOS, windows, linux). Why boil the ocean? To fix the ball of mud that is modern networked computing, so you can have a computer that is truly yours, which can connect with other computers that you can trust to truly belong to your friends.

Many don't know it yet, but they want @urbit

Legend. Heard he single handedly taught Claude how to Hoon

@finpel_dorred x.com/urbit/status/2…

@urbit Where can I download this?

> "you have the best skip forward performance of any podcast app in 10 years" >> "maybe because im not actually tracking statistics for advertisers"

This month we spoke with ~palfun-foslup, Urbit core dev and maker of beloved apps %pals and %rumors. Read the spotlight to learn his Urbit origin story, how he thinks about writing software for his friends, and striking a balance between archivist and digital hoarder. urbit.org/blog/contribut…

@hidrel |install ~nattyv %cast, by @mopfelwinrux

@urbit which app is it?

All software will eventually converge towards being Urbit. Not because we are going to make Nock the only legal form of computing. But because it is what people actually want. You just need to be brave enough to go all the way.

We often describe Urbit with big technological phrases like "self-sovereign, cryptographically-owned identity" or "deterministic operating function" or "solid state interpreter running on a distributed and end-to-end encrypted peer-to-peer network". Sorry. We'll do better. Your Urbit is Yours. Everything else is just implementation details. Lessons learned observing decades of incentives and outcomes in networked computing. The spam, the centralization, the data exploitation, the spying... It all happens because your computer isn't yours. And your computer isn't yours because it was never designed to be networked. It was never structured to be maintained by it's owner. Urbit is an endeavor to build a forever computer. A ground-up rewrite of the networked computing stack to fix the trendline towards endless complexity, unmanageable in a way that retains practical control by individuals of their computers. It is for these reasons that we use insane propositions like: - Nouns as a single foundational data type - Nock as a dead simple instruction set architecture - Hoon parlance disconnected from legacy vocabulary - Urbit OS (Arvo) as a pure function of its inputs - Urbit ID as a cryptographically owned hierarchical namespace - Kelvin versioning, where code eventually stops updating and becomes 'frozen' Again, these are implementation details. Necessary for building a world where our digital lives can last--where they can truly belong to us. Where computers can be passed down generation to generation, like a family home. But perhaps that is still to much to explan. So...What is urbit? A computer you can trust to be yours, forever.

@_BILLDING_ @sol_plunder Just ask yourself, "do we need a networked computer that truly belongs to users?" If your answer to that question is yes, we consider you a friend whether your implementation is Nock & Arvo, or something else.

@sol_plunder @urbit I want to love urbit but the fud makes me hesitant

If the @urbit people put 10% of the energy that went into building Urbit, into rebuilding on top of this foundation, they would easily achieve the full vision that they have put forward.