mangoice

Elon Musk 中國是次級製造強國。如果你考慮礦石精煉，我會說大約中國的礦石精煉量是世界其他地區加起來的兩倍 就像，我們其實在美國進行稀土礦開採，把岩石……我們裝上火車，然後裝上船運到中國，那裡再換上另一列火車，送到中國的稀土精煉廠，他們再精煉它，製成磁鐵，裝入馬達子組件，然後再運回美國 所以，我們在美國真的缺少很多礦石精煉。我們坦白說需要 Optimus 來建造礦石精煉廠。我們絕對不能只靠人類取勝，因為中國的人口是我們的三倍……中國的平均工作倫理高於美國。 所以我們在人力方面贏不了，但我們在機器人方面可能有機會

Holy shit… someone just made Claude instances talk to each other. Not APIs. Not agents. Not orchestrators. Just multiple Claude Code sessions… messaging each other like coworkers. It’s called claude-peers — and it turns one Claude into a team. Here’s what’s happening: Run 5 Claude Code sessions across different projects Each one auto-discovers the others They send messages instantly Ask questions Share context Coordinate work Your AI tools literally collaborate. Example: Claude A (poker-engine): "what files are you editing?" Claude B (frontend): "working on auth.ts + UI state" Claude A: "ok I'll avoid touching auth logic" No conflicts. No manual coordination. Just AI syncing itself. Under the hood: • Local broker daemon (localhost) • SQLite peer registry • MCP servers per session • Instant channel push messaging • Auto peer discovery • Cross-project communication Everything runs locally. No cloud. No latency. What it unlocks: • Multi-agent coding without frameworks • One Claude writes backend, another frontend • One debugs while another refactors • Research Claude feeds builder Claude • Large projects split across AI workers This is basically: "spawn 5 Claudes and let them coordinate themselves" Even crazier: Each instance auto-summarizes what it's doing Other Claudes can see: • working directory • git repo • current task • active files They know what the others are working on. Commands: • list_peers → find all Claude sessions • send_message → talk to another Claude • set_summary → describe your task • check_messages → manual fallback So you can literally say: "message peer 3: what are you working on?" …and it responds instantly. No orchestration layer. No agent framework. Just Claudes… talking. This is the cleanest multi-agent system I've seen. We're moving from: 1 AI assistant → to AI teams that coordinate themselves. And it's all running on your machine. Wild.

被毕业的同事其实并没有消失，他们只是被蒸馏成了 Token，换成另一种形式陪伴你！

被毕业的同事其实并没有消失，他们只是被蒸馏成了 Token，换成另一种形式陪伴你！

Software horror: litellm PyPI supply chain attack. Simple `pip install litellm` was enough to exfiltrate SSH keys, AWS/GCP/Azure creds, Kubernetes configs, git credentials, env vars (all your API keys), shell history, crypto wallets, SSL private keys, CI/CD secrets, database passwords. LiteLLM itself has 97 million downloads per month which is already terrible, but much worse, the contagion spreads to any project that depends on litellm. For example, if you did `pip install dspy` (which depended on litellm>=1.64.0), you'd also be pwnd. Same for any other large project that depended on litellm. Afaict the poisoned version was up for only less than ~1 hour. The attack had a bug which led to its discovery - Callum McMahon was using an MCP plugin inside Cursor that pulled in litellm as a transitive dependency. When litellm 1.82.8 installed, their machine ran out of RAM and crashed. So if the attacker didn't vibe code this attack it could have been undetected for many days or weeks. Supply chain attacks like this are basically the scariest thing imaginable in modern software. Every time you install any depedency you could be pulling in a poisoned package anywhere deep inside its entire depedency tree. This is especially risky with large projects that might have lots and lots of dependencies. The credentials that do get stolen in each attack can then be used to take over more accounts and compromise more packages. Classical software engineering would have you believe that dependencies are good (we're building pyramids from bricks), but imo this has to be re-evaluated, and it's why I've been so growingly averse to them, preferring to use LLMs to "yoink" functionality when it's simple enough and possible.

Best YouTube Channels To Learn AI in 2026 (No BS) 1. Fundamentals – 3Blue1Brown 2. Deep Learning – Andrej Karpathy 3. AI Research – Yannic Kilcher 4. Practical AI – AssemblyAI 5. LLMs – AI Explained 6. ML Theory – StatQuest 7. Papers Simplified – Two Minute Papers 8. GenAI – Matthew Berman 9. AI Agents – Nicholas Renotte 10. Applied ML – Krish Naik 11. PyTorch – Aladdin Persson 12. Math for ML – Serrano Academy 13. Industry Insights – Lex Fridman 14. Real-world AI – DeepLearningAI

Software horror: litellm PyPI supply chain attack. Simple `pip install litellm` was enough to exfiltrate SSH keys, AWS/GCP/Azure creds, Kubernetes configs, git credentials, env vars (all your API keys), shell history, crypto wallets, SSL private keys, CI/CD secrets, database passwords. LiteLLM itself has 97 million downloads per month which is already terrible, but much worse, the contagion spreads to any project that depends on litellm. For example, if you did `pip install dspy` (which depended on litellm>=1.64.0), you'd also be pwnd. Same for any other large project that depended on litellm. Afaict the poisoned version was up for only less than ~1 hour. The attack had a bug which led to its discovery - Callum McMahon was using an MCP plugin inside Cursor that pulled in litellm as a transitive dependency. When litellm 1.82.8 installed, their machine ran out of RAM and crashed. So if the attacker didn't vibe code this attack it could have been undetected for many days or weeks. Supply chain attacks like this are basically the scariest thing imaginable in modern software. Every time you install any depedency you could be pulling in a poisoned package anywhere deep inside its entire depedency tree. This is especially risky with large projects that might have lots and lots of dependencies. The credentials that do get stolen in each attack can then be used to take over more accounts and compromise more packages. Classical software engineering would have you believe that dependencies are good (we're building pyramids from bricks), but imo this has to be re-evaluated, and it's why I've been so growingly averse to them, preferring to use LLMs to "yoink" functionality when it's simple enough and possible.

New in Claude Code: auto mode. Instead of approving every file write and bash command, or skipping permissions entirely, auto mode lets Claude make permission decisions on your behalf. Safeguards check each action before it runs.