Paul Vann

I'm unsure if this is a hot take or not, but I recently dove into mythos and why I think the cyber industry's response to it has been bloated, chaotic, and distracting additionally touching on why I think it's bad for the cyber industry to be so focused on it check it out below!

@JFPuget apologies - I did get the sarcasm, this was geared at your audience not you 😃

If true it would be quite ironic coming from the Mythos company, right? How come they did not detect that one?

finished @nxthompson book, the running ground this past weekend and it was such a great read, I had to order my mom a copy now my recent amazon orders look like this:

this is great, but isn't enough on it's own. will need fiber technicians -> hvac professionals for cooling datacenters -> electricians for providing power to these datacenters and more then you actually need all of the infra (electric grid, approval from gov, etc) to be there first

The AI boom is a blue collar work golden age. America has evolved from coal mining to building token mines

Thinking that LLMs are "AGI", is a similar psychological mechanism to 2000s kids who thought their "20 Questions" gadget game was reading their mind. Statistical algorithms are impressive, but they aren't magic or sentient.

@tanayj one thing i wonder. similar to the failures that killing manufacturing jobs in the US brought about today, what impact will killing the software engineer / computer science skillset have years from now not sure, but i'm sure it'll be ever-present

Wow. The number of students graduating with a CS degree at Berkeley is projected to fall off steeply

@Star_Knight12 and 99% are a database and/or an openai call with a nice UI hahaha

90% of SAAS products are just a database with a nice UI

i think a concept that many people haven't grasped with AI is that, yes it does make mistakes, but at large scale, it makes less mistakes than humans do. the reason why its difficult to deploy is not because of the mistakes it makes, but because there is no one to hold accountable

Classic study gave 146 economist teams the same dataset & got wildly different answers New paper reruns it with agentic AI. Claude Code & Codex land near the human median, but with far tighter dispersion & no extremes. Suggests that AI is now useful for doing scalable research.

@simplifyinAI I don't mean to be that guy, but I'm going to be: Did people really believe that LexisNexis had built a hallucination free AI? Like did people actually believe this? 😂

turns out "hallucination-free" AI was a lie the whole time.. stanford and yale just published the first real audit of LexisNexis and Thomson Reuters' legal AI tools.. the ones marketed to every lawyer in america as "100% hallucination-free." the results are brutal: → LexisNexis hallucinates 17% of the time → Thomson Reuters hallucinates 17% AND refuses to answer 62% of the time → one response claimed Justice Ginsburg dissented in Obergefell. she didn't. she joined the majority. → another cited a real case to defend a law the supreme court already overturned → Lexis even cited opinions by "Judge Luther A. Wilgarten", a judge who has never existed RAG doesn't kill hallucinations. it just hides them behind real-looking citations. and lawyers are getting sanctioned for trusting it. 100% peer-reviewed. from stanford law.

@vivoplt at this point, I'd argue that most SaaS products for Sales Teams are exactly this in some way shape or form almost always vibe coded as well with the same UI / Design look and feel

90% of "AI startups" are just: Take user input Send to OpenAI API Display response Charge $29/month

I hate to say it, but in some sense it's already too late adversaries / hackers could collect as much encrypted traffic as they'd like to now or over the past 30 years, and the day that we reach this point, decrypt it all we need to make the shift over to quantum resistant cryptography

2012: "We need 1 billion qubits to break encryption" 2021: "We need 20 million" Feb 2026: "We need 100,000" Last week: "We need 10,000" That's a 100,000x drop in 14 years. The encryption protecting your Bitcoin. Your banking. Your passwords. Your private messages. Caltech. Google. A quantum startup called Oratomic. They all published papers the same week. Your digital life has an expiration date now: ↓

I mean, this is already here in a certain sense, but quantum computing will definitely drive some significant innovation over the next few years / decades apart from that, it's really learning more about genetics, biology, and humans that's the next frontier AI will of course help with all of this 😁

What will come after AI?

people don't pay for Bloomberg terminal because of its interface, UI, or how it surfaces data. They pay for Bloomberg terminal because it has data that you can only get on Bloomberg terminal. This is awesome that Anthropic is doing this, and it could very slightly disrupt simple tools like CRMs but I'd put a ceiling here on what capabilities like this actually add

my god. anthropic casually going after bloomberg terminal and every single data tracking provider under the sun 😂 bloomberg terminal charges $24K per seat this could affect major data platforms like DataDog, Google analytics, CRM dashboards and sooo much more Anthropic is building the control center for every single enterprise company unbelievable

when I see stats like this, it makes me wonder how much AI-generated music is being surfaced on platforms like Apple Music or Spotify. I personally haven't noticed any drop in quality of music on these platforms, haven't seen anything blatantly coming across is AI generated I agree that the internet as a whole is getting hit with this problem, but I think in certain places its harder to find (i.e. apple music, spotify)

🚨 Human art simply CANNOT keep up with the pace of AI-generated art. Dismissing the problem by saying "people will still prefer human art" ignores the massive dilution already underway. If human art is not actively protected, it will become invisible and devalued.

I think this is a big reason why Yann Lecun and other proponents of world models might be on the right track - LLMs today are next token predictors whereas a real reasoning model should be able to think through how the world changes in response to an action. I could be oversimplifying - but point still stands

🚨 Just IN: This paper from Stanford and Harvard explains why most “agentic AI” systems feel impressive in demos and then completely fall apart in real use. The core argument is simple and uncomfortable: agents don’t fail because they lack intelligence. They fail because they don’t adapt. The research shows that most agents are built to execute plans, not revise them. They assume the world stays stable. Tools work as expected. Goals remain valid. Once any of that changes, the agent keeps going anyway, confidently making the wrong move over and over. The authors draw a clear line between execution and adaptation. Execution is following a plan. Adaptation is noticing the plan is wrong and changing behavior mid-flight. Most agents today only do the first. A few key insights stood out. Adaptation is not fine-tuning. These agents are not retrained. They adapt by monitoring outcomes, recognizing failure patterns, and updating strategies while the task is still running. Rigid tool use is a hidden failure mode. Agents that treat tools as fixed options get stuck. Agents that can re-rank, abandon, or switch tools based on feedback perform far better. Memory beats raw reasoning. Agents that store short, structured lessons from past successes and failures outperform agents that rely on longer chains of reasoning. Remembering what worked matters more than thinking harder. The takeaway is blunt. Scaling agentic AI is not about larger models or more complex prompts. It’s about systems that can detect when reality diverges from their assumptions and respond intelligently instead of pushing forward blindly. Most “autonomous agents” today don’t adapt. They execute. And execution without adaptation is just automation with better marketing.

In a race against China, who is not only keeping up with the US, but pushing ahead in open weight model development, restricting or banning open-source is quite literally the worst possible thing we could do.

I'm unsure if this is a hot take or not, but I recently dove into mythos and why I think the cyber industry's response to it has been bloated, chaotic, and distracting additionally touching on why I think it's bad for the cyber industry to be so focused on it check it out below!

@blackroomsec sorry I actually have not read your timeline before! love the take, and thanks for flagging 🙂

That is what I'm saying and have been but I understand that you might not have read my timeline before. I think it's a bunch of BS. Will it have more advanced capabilities? Yeah if you're in a testing environment but I don't think it's going to have the impact in scaled environments they're saying it's going to. There's a lot of unknown variables. Will people be hacked by it? Yes they will but they would have been hacked by a human who could have done the same technique. It's just Mythos will do it faster.

I don't want to see pearl clutching after Mythos drops and everyone's getting popped. Every single company that gets hacked after that moment is 100% responsible for being hacked because they've had plenty of time, they've had all the correct talent in place and it will only demonstrate what all of us know which is that they don't listen to us. Zack is going to be busy keeping receipts on who was "compliant" in the various frameworks, supposedly, but doesn't have least privilege in place. 🙄 CC: @ZackKorman

Condolences go out to everyone who has to roll all their credentials for all dependencies on a Sunday.