Vinoth Deivasigamani

1.5K posts

Vinoth Deivasigamani

Vinoth Deivasigamani

@salt___doll

(Mastadon at [email protected]) OpenAI Security, Mobile security expert, Ex security lead @ Google , X-Qualcomm, Angel investor. Opinions are my own.

San Diego, CA Katılım Mart 2012
612 Takip Edilen159 Takipçiler
Vinoth Deivasigamani retweetledi
John Carmack
John Carmack@ID_AA_Carmack·
Memory cost and capacity are significant issues for AI accelerators. Unlike game rendering, model inference can have a deterministic memory access pattern. You don’t need “random access memory” at all for model weights, and you could tolerate cold-start latencies in the multiple milliseconds, as long as continuous reads were delivered at the necessary bandwidth. NAND flash is over 100 times cheaper per GB than HBM, so there should be opportunity there, even after giving a flash controller a 1024 bit interface with HBM bandwidth. You could make a specialized pin protocol that just supported pipelined transfer of full 16KB+ pages from the flash to program-managed accelerator scratchpad memory and improve per-pin performance over HBM, but it might be more convenient to make it still look like a true random access memory with very fragile performance characteristics, where anything but sequential reads falls off a 1000x+ performance cliff. That has the advantage of automatically using existing cache hierarchies, and providing a natural path to update the flash memory with new model weights. With the stream-to-scratch interface, code has to be completely rewritten before it works at all, while the ram-emulation interface will start off just extremely slow, and you can incrementally sort out the changes for full performance. There may be cases where there isn’t enough scratchpad SRAM to hold the weights for a layer, which might force you to deploy the old optical drive optimization technique of duplicating data in multiple places on a sequential read to avoid seeking, but there would be capacity to burn. It might be possible to do something like cuda graph capture to record a memory access trace and have everything magically remapped to a linear sequence, but deploying programmer / agent elbow grease to manage transfers and access in a scratch ram ring buffer would be lower risk. A split memory system consisting of some channels of flash and some channels of HBM will probably be suboptimal compared to a uniform memory, but it could be much cheaper, and allow much larger models to be run. I think th case is strong for inference, but you have to stretch more for training. You can still linearize all the weight memory accesses, both reads and writes, but flash memory would quickly wear out from the writes, even if they were all perfectly page aligned. Replacing low-latency HBM with massively parallel cheap(er) DRAM at high latency might still be a worthwhile cost savings.
English
262
454
6.9K
1.6M
Nate Silver
Nate Silver@NateSilver538·
Belgium has a right to be mad I guess but it's also kind of funny how tilted they are. The United States has won one Round of 16 game in its entire history. Play some soccer, boys.
Tom Bogert@tombogert

Belgium head coach Rudi Garcia on FIFA's decision to suspend Folarin Balogun's one-match ban: “I didn’t know that at the World Cup the 5th of July is actually the first of April. It’s April Fools.” “We’re not defending the national team or federation, we are defending football."

English
735
106
3.4K
2.7M
Vinoth Deivasigamani
Vinoth Deivasigamani@salt___doll·
Veto over a red card is a perk of the FIFA peace price. Everyone knows this. Why the hoopla?
English
0
0
1
520
Vinoth Deivasigamani retweetledi
Nassim Nicholas Taleb
Happy Birthday, America --the oldest constitutional democracy,* and the most self-correcting of them all. *To nitpickers: San Marino is older, but pop. is 30K.
English
62
222
3.1K
172.9K
Vinoth Deivasigamani retweetledi
Joshua Saxe
Joshua Saxe@joshua_saxe·
Restrictive AI cyber policy around both closed and open models makes us way less safe (summing up the argument in one place) * New AI cyber capabilities made publicly available are not obviously bad for safety. Attackers can use frontier models to find vulnerabilities and penetrate networks, but defenders can use the same models to find and fix bugs before release, or before attackers find and exploit them * What matters is who adopts the capabilities in what way and how fast * Defenders do have some advantages in this new AI race. There are far more defenders than attackers and we have far more GPUs. We control the software and infrastructure under attack and can vet it with AI before release * Defenders may have more comparative advantage with AI. Defenders are already losing so have strong motivation to adopt AI quickly. In contrast, a skilled, resourced team of attackers can already penetrate any organization they want with traditional techniques; ask anyone who's ordered a penetration test against their organization about this. * Supporting this hypothesis is the fact that even though AI social engineering capabilities have been widely available for a few years, attackers haven't completely revolutionized their operations with this tech * When considering restricting closed frontier models, we should consider that attackers also already have access to powerful AI cyber capabilities * To wit, open-weight models are only a few months behind closed-weight models and can be made even more useful than closed models to attackers by removing safety tuning and adding gain-of-function fine-tuning * Attackers are unlikely to rely heavily on closed models where they'll be monitored and blocked by dedicated teams * All this makes it obvious that frontier cybersecurity capabilities should be widely available in closed models, with monitoring, abuse detection, and rapid response. Let defenders use the best tools and give them an unfair advantage. * We should be more aggressive in releasing open weights models too, though, because it's very risky for American labs to abandon frontier open-weight market share, as they are currently doing. * Imagine a world in which 80% of AI inference in liberal democracies is done with models under the indirect control of the PRC (or imagine by analogy, if Windows was opaque and controlled by the PRC). * Imagine these models are executing shell commands on all of our production servers * American labs releasing stronger open-weight models can of course give attackers more capability in the shadows. But the supply chain risk of PRC-controlled models executing shell commands on our societal IT infrastructure dramatically outweighs the risk of attacker adoption. * Besides, stopping capability diffusion just clearly won't work and would require a level of coordination and cooperation between the US and China that hasn't worked on Taiwan, Iran, or climate change * Here's what we should actually do: the AI security safety community should pivot towards diffusing American closed and open weights models and competing in cyberconflict via defensive capability operationalization. * We should focus on being the absolute best at using AI to burn down the security tech debt that lets attackers breach most networks: exposed admin portals, no MFA, stale known-vulnerable software, overprivileged identities, flat networks, broken logging. * We should also be using frontier capabilities to find and fix more bugs faster than attackers. Restriction is a losing battle. We should instead shape diffusion to support good cybersecurity outcomes * Also: the sky is not falling! It's true attackers are using AI for reconnaissance, phishing, coding help, translation, fake content, and operational efficiency. * But we have not seen the huge discontinuity or crisis that restrictionists imply should already be here. * Google/Anthropic/OpenAI/MSFT's threat-intelligence work and NCSC's assessment all point to AI mostly uplifting existing tactics so far, especially recon and social engineering, while defense also benefits. * We need to take a breath. And compete on a long-term strategy that embraces reality; capability diffusion will continue to happen. We will win by better diffusing and operationalizing AI cyber capabilities and shaping diffusion to give cyber defenders the upper hand
English
6
7
17
5.1K
Jonah Goldberg
Jonah Goldberg@JonahDispatch·
New Righties read the 14th amendment the way Old Lefties read the 2nd. “It can’t mean what is says because I really don’t want it to!”
English
416
239
1.6K
179.8K
Vinoth Deivasigamani
Vinoth Deivasigamani@salt___doll·
If the future of AI regs is classifiers with 0% false negs OR get banned, we will get classifiers with super high false +ves. We will make the good guys suffer to mildly inconvenience bad guys. Security is all about trade offs. This is a bad one :-( anthropic.com/news/redeployi…
English
0
0
0
11
Vinoth Deivasigamani
Vinoth Deivasigamani@salt___doll·
Anthropic about the exploit enabled by the "jailbreak" that got Fable on the export control list: "...every model we tested could produce the same demonstration as Fable 5 (including Claude Haiku 4.5, Sonnet 4.6, Opus 4.6, Opus 4.7, Opus 4.8, GPT-5.4, GPT-5.5, and Kimi K2.7)."
English
2
0
1
108
Vinoth Deivasigamani retweetledi
Garry Tan
Garry Tan@garrytan·
Build power and datacenters
Chubby♨️@kimmonismus

The worst-case scenario for the United States is becoming increasingly realistic, and I will briefly explain why. @quxiaoyin raised many valid points, and I agree with her. First of all: -China certainly does not place such strong emphasis on open source because it cares so deeply about humanism, but because it is a strategy to attract many users, gain market share, put pressure on US models, and also because the models are increasingly being trained on Huawei hardware (think of DeepSeek 4), allowing China to host the entire stack domestically. -But the underlying logic is far more important: The United States is still building too few data centers to meet future demand. @ChrisGillett wrote an outstanding analysis on this, which I shared a week ago. In short, based on SemiAnalysis data, demand is greater than what is currently being built in terms of data centers. -Even more importantly, however, the United States lacks sufficient energy and grid capacity. This is a problem that will become much more severe in the near future. China, by contrast, is addressing the issue through a massive expansion of its energy supply. Solar capacity: in 2025 alone, China installed as much solar capacity as the United States did in 10 to 15 years. China is also building 36 nuclear power plants, significantly more than the United States, and is installing them faster. -In addition, China is managing to become more independent through Huawei chips, even though the country still lags far behind NVIDIA. But here, China is betting on quantity rather than quality. In short: China is a real threat in the AI race, and the situation for the United States is becoming increasingly precarious. This is also the main reason why China is to be kept away from SOTA LLMs at all costs, so as not to jeopardize the lead under any circumstances.

English
38
32
332
83.2K
Tak 🦞
Tak 🦞@cherry_mx_reds·
Opinion: It’s in OpenAI’s best interest to make a native codex desktop app for Linux. If you’re selling inference to people then you can’t be limited by Mac’s being sold out. I was a Windows fanboy but codex on windows takes a 25% hit to intelligence because of how unergonomic the OS is. Windows is not a serious OS right now. cc: @ajambrosino @sama
English
39
7
273
53.6K
Vinoth Deivasigamani
Vinoth Deivasigamani@salt___doll·
@steipete @ATT US Mobile has been great. You can switch between 3 different networks based on where you are traveling. I usually stay out at Verizon.
English
0
0
0
725
Peter Steinberger 🦞
Peter Steinberger 🦞@steipete·
Tried to sign up to @ATT four times now and they reject me and aren’t telling me why. What’s the next best unlimited phone/data plan for the SF area? Or do I know anyone who can work around corp bs?
English
368
12
977
344.2K
Vinoth Deivasigamani retweetledi
Volodymyr Styran 🇺🇦
Volodymyr Styran 🇺🇦@arunninghacker·
Campaign #1: Privacy in peacetime. Why is citizens' privacy a cyber campaign? Because privacy is counter-collection. The activist, veteran and police officer lists an invader wants for targeting and "filtration", a society that guards its own data denies them.
English
1
1
0
150
Vinoth Deivasigamani
Vinoth Deivasigamani@salt___doll·
@dwarkesh_sp Orgs that are structurally designed to resist misalignment are also harder to reform when bad stuff happens. Because, the underlying mechanism is usually resistance to change. It is a trade-off. Designing a government should pick a different point than designing a company.
English
0
0
0
24
Dwarkesh Patel
Dwarkesh Patel@dwarkesh_sp·
Conquest's Third Law says that you should model any bureaucratic organisation as if it was controlled by a cabal of its enemies. It's a fun exaggeration, but it gets at an important phenomenon. Organisations have continuous generational turnover. The founding members eventually leave and have to be replaced, probably by people only imperfectly aligned with their vision. With each new hire, the values of the people in the organisation will tend to drift further and further. In the limit they're almost completely unaligned with the founding purpose of the org.
English
24
27
418
53.7K
Vinoth Deivasigamani retweetledi
Rob Miles
Rob Miles@robertskmiles·
Using a language model to do your homework is like using a forklift to do your weightlifting
English
28
82
1.1K
0
Vinoth Deivasigamani
Vinoth Deivasigamani@salt___doll·
@IsForAt Feel you. I thought I was missing something too. But no. Math doesn’t work for it to be a tax loop hole. The benefit is stock exposure while meeting immediate liquidity needs. IOW, it is a leverage play. You win only if stock appreciates enough to cover interest.
English
0
0
1
16
Brian Hall
Brian Hall@IsForAt·
Honest question about something I don't understand - I can't math all this talk about borrowing against assets. If you avoid paying 20% (or 27% in WA) cap gains taxes by paying 5% cost of borrowing per year, are you really saving money? And even if so, or close to even, would you prefer your money go to Chad's salary or the government? What am I missing here?
Manly Mentor@manly_mentor

Dad buys stock at $200K. It grows to $10M. If he sells, he owes tax on a $9.8M gain. Instead, he puts it in a trust. Borrows against it. Lives tax-free. Dies holding. Kids inherit at a $10M basis. IRS gets $0.

English
27
0
18
19.5K
Vinoth Deivasigamani
Vinoth Deivasigamani@salt___doll·
Jalapeño: OpenAI's take on AI compute.
OpenAI@OpenAI

We’ve designed and built our first AI chip: Jalapeño. Designed from the ground up by OpenAI and brought to production with @Broadcom, Jalapeño is purpose-built for the LLM workloads powering ChatGPT, Codex, the API, and future agentic products. Chips are foundational to the AI economy. Building our own expands our full-stack platform from products to models to infrastructure, and will help us scale intelligence, serve more people, and expand access to AI.

Euskara
0
0
0
15
Vinoth Deivasigamani retweetledi
OpenAI
OpenAI@OpenAI·
We’ve designed and built our first AI chip: Jalapeño. Designed from the ground up by OpenAI and brought to production with @Broadcom, Jalapeño is purpose-built for the LLM workloads powering ChatGPT, Codex, the API, and future agentic products. Chips are foundational to the AI economy. Building our own expands our full-stack platform from products to models to infrastructure, and will help us scale intelligence, serve more people, and expand access to AI.
OpenAI tweet media
English
1.5K
2.3K
22.8K
7M
Vargo
Vargo@Bootlegregore·
@salt___doll @paulg @infobeautiful @newmoney Which I suppose is what you're saying: it's an "exposure play" vs a "tax play". I guess I'm not sure what your point is in splitting that hair, nor how it translates to "why would people do this"
English
1
1
1
37