💯Aaron💯

23.3K posts

💯Aaron💯 banner
💯Aaron💯

💯Aaron💯

@thephdude

Dad, Husband, and Veteran on a journey of self-improvement and inspiring positive change. Striving for 💯 in life. Do better. Be better. 💪 Member of 💯 club 💯

Nebraska, USA Katılım Ağustos 2008
4.8K Takip Edilen5.4K Takipçiler
💯Aaron💯
💯Aaron💯@thephdude·
@Michaelfiore Most people don’t run at all. You’re running laps around like 80% of the population, probably.
English
0
0
0
8
Michael Fiore - Garden Center
Michael Fiore - Garden Center@Michaelfiore·
I know this isn’t impressive for real runners, but it’s a milestone for me. First time finishing a 5k under 30 minutes. I started running 8 months ago. I’m 37 and weigh 200 currently.
Michael Fiore - Garden Center tweet media
English
116
1
735
19K
Tuki
Tuki@TukiFromKL·
🚨 Andrej Karpathy just explained the scariest thing happening in software right now.. someone poisoned a Python package that gets 97 million downloads a month.. and a simple pip install was enough to steal everything on your machine.. SSH keys.. AWS credentials.. crypto wallets.. database passwords.. git credentials.. shell history.. SSL private keys.. everything.. and here's the part that should terrify every developer alive.. the attack was only discovered because the attacker wrote sloppy code.. the malware used so much RAM that it crashed someone's computer.. if the attacker had been better at coding.. nobody would have noticed for weeks.. one developer.. using Cursor with an MCP plugin.. had litellm pulled in as a dependency they didn't even know about.. their machine crashed.. and that crash saved thousands of companies from getting their entire infrastructure stolen.. Karpathy's take is the real wake up call.. every time you install any package you're trusting every single dependency in its tree.. and any one of them could be poisoned.. vibe coding saved us this time.. the attacker vibe coded the attack and it was too sloppy to work quietly.. next time they won't make that mistake.
Andrej Karpathy@karpathy

Software horror: litellm PyPI supply chain attack. Simple `pip install litellm` was enough to exfiltrate SSH keys, AWS/GCP/Azure creds, Kubernetes configs, git credentials, env vars (all your API keys), shell history, crypto wallets, SSL private keys, CI/CD secrets, database passwords. LiteLLM itself has 97 million downloads per month which is already terrible, but much worse, the contagion spreads to any project that depends on litellm. For example, if you did `pip install dspy` (which depended on litellm>=1.64.0), you'd also be pwnd. Same for any other large project that depended on litellm. Afaict the poisoned version was up for only less than ~1 hour. The attack had a bug which led to its discovery - Callum McMahon was using an MCP plugin inside Cursor that pulled in litellm as a transitive dependency. When litellm 1.82.8 installed, their machine ran out of RAM and crashed. So if the attacker didn't vibe code this attack it could have been undetected for many days or weeks. Supply chain attacks like this are basically the scariest thing imaginable in modern software. Every time you install any depedency you could be pulling in a poisoned package anywhere deep inside its entire depedency tree. This is especially risky with large projects that might have lots and lots of dependencies. The credentials that do get stolen in each attack can then be used to take over more accounts and compromise more packages. Classical software engineering would have you believe that dependencies are good (we're building pyramids from bricks), but imo this has to be re-evaluated, and it's why I've been so growingly averse to them, preferring to use LLMs to "yoink" functionality when it's simple enough and possible.

English
271
2.1K
13K
2.8M
Breaking911
Breaking911@Breaking911·
Apple is planning to bring ads to its Maps app as part of a wider effort to boost revenue from its growing services business.
Breaking911 tweet mediaBreaking911 tweet media
English
965
227
2.2K
8.1M
💯Aaron💯 retweetledi
MR. OBVIOUS
MR. OBVIOUS@ObviousRises·
The Hacker known as 4chan explains why nobody is eating at restaurants or fast food anymore.
MR. OBVIOUS tweet media
English
106
388
3.3K
111.9K
💯Aaron💯 retweetledi
Vintage Maps
Vintage Maps@vintagemapstore·
Angle of the sun throughout the year (at Midday GMT). Work by neilrkaye
English
7
337
2.8K
444.3K
💯Aaron💯
💯Aaron💯@thephdude·
About to watch some videos, and both Max and Ryan used "Here we go" on their respective videos. I better buckle up.
💯Aaron💯 tweet media💯Aaron💯 tweet media
English
0
0
0
48
💯Aaron💯 retweetledi
W S
W S@WildSentences·
W S tweet media
ZXX
27
746
28.4K
389K
💯Aaron💯 retweetledi
Tuki
Tuki@TukiFromKL·
🚨 Do you understand what this man just pulled off.. > a guy from North Carolina used AI to generate hundreds of thousands of songs.. uploaded them to Spotify, Apple Music, Amazon.. then botted billions of streams on his own tracks and walked away with $8 million > 660,000 fake streams per day.. spread across thousands of AI songs so nobody noticed.. $1.2 million a year.. for music no human ever actually listened to real artists are out here grinding for 0.003 cents per stream.. promoting on TikTok.. begging for playlist placements.. and this guy just had AI make the music AND the audience first-ever criminal streaming fraud case.. he's paying back $8 million.. but the playbook is out there now.. and AI just got better since he started the music industry spent 10 years fighting piracy.. now they have to fight songs that don't exist being listened to by people who don't exist.
FearBuck@FearedBuck

The first criminal case of streaming fraud where a North Carolina musician who used AI to make songs, then streamed them billions of times himself making $8 million

English
739
7K
47.6K
7.7M
💯Aaron💯
💯Aaron💯@thephdude·
@Krissa_Kray_ I wear shoes from the moment I get out of bed to the moment I get back in it.
English
0
0
0
16
💯Aaron💯 retweetledi
Morgan Wright
Morgan Wright@morganwright_us·
Many years ago, as a Kansas State Trooper, I had the opportunity to meet Chuck Norris. Unfortunately, it was on a traffic stop: Speeding 85 in a 55. Fortunately, Mr. Norris let me off with a warning.
Morgan Wright tweet media
English
233
2.3K
39.3K
432.4K
LadyInBaltimore
LadyInBaltimore@LisaInBaltimore·
@Primewave96 Police tell us that we’re supposed to tell them when we have a licensed firearm in the car if we have a concealed carry but then they act like this when we do what they tell us. It terrifies me.
English
7
13
191
14.1K
𝐁𝐫𝐚𝐱𝐭𝐨𝐧 👑
𝐁𝐫𝐚𝐱𝐭𝐨𝐧 👑@Primewave96·
🚨 Some people panic the moment they see flashing lights. They start explaining themselves, apologizing, and giving away info they never had to share in the first place. But as soon as questions come back at them, everything changes. Knowing your rights and staying calm in these situations is something most people were never taught—and that lack of knowledge is exactly what the system counts on. 💡 Learning how these encounters really work and how to protect yourself legally is key to staying safe. ⚖️👮‍♂️
English
2.7K
4.6K
56.3K
1.2M
💯Aaron💯
💯Aaron💯@thephdude·
Turbulent market lately. But if you're still in your wealth accumulation phase, this is actually a good thing. "We are going to be buyers of things over time. And if you're going to be buyers of groceries over time, you like grocery prices to go down. If you're going to be buying cars over time, you like car prices to go down... Whether we’re talking about socks or stocks, I like buying quality merchandise when it is marked down." —Warren Buffett
English
0
0
0
14
Ryan Hall, Y’all
Ryan Hall, Y’all@ryanhallyall·
Ever wish there was a weather map that just showed you where it's gonna be BEAUTIFUL? We made one. The Nice Weather Outlook is a 7 day forecast scoring every part of the US from Fair to Pristine based on temp, humidity, wind, sun and rain. Updated 4x daily. Also available in the Weatherwise app, with full text discussions for Plus subscribers. You're welcome.
Ryan Hall, Y’all tweet media
English
95
146
2.2K
108.6K

Keşfet

@Michaelfiore @TukiFromKL @Breaking911 @Apple @Krissa_Kray_ @LisaInBaltimore @Primewave96 @elonmusk