ทวีตที่ปักหมุด
[2601.22200] Adaptive Benign Overfitting (ABO): Overparameterized RLS for Online Learning in Non-stationary Time-series - Ontaneda & Firoozye arxiv.org/abs/2601.22200
English
Objectively Random
74.3K posts
Objectively Random
@ObjRandom
Algo Trading, Strat, Macro. Math PhD (Erdős 3). Hon Reader@UCL. Created MSc Algo Trading (‘17-now), & teaching online. Too much street-side experience to list.
London, UK เข้าร่วม Nisan 2009
8.3K กำลังติดตาม7.5K ผู้ติดตาม
Objectively Random รีทวีตแล้ว
🚨 Andrej Karpathy just explained the scariest thing happening in software right now..
someone poisoned a Python package that gets 97 million downloads a month.. and a simple pip install was enough to steal everything on your machine..
SSH keys.. AWS credentials.. crypto wallets.. database passwords.. git credentials.. shell history.. SSL private keys.. everything..
and here's the part that should terrify every developer alive..
the attack was only discovered because the attacker wrote sloppy code.. the malware used so much RAM that it crashed someone's computer.. if the attacker had been better at coding.. nobody would have noticed for weeks..
one developer.. using Cursor with an MCP plugin.. had litellm pulled in as a dependency they didn't even know about.. their machine crashed.. and that crash saved thousands of companies from getting their entire infrastructure stolen..
Karpathy's take is the real wake up call.. every time you install any package you're trusting every single dependency in its tree.. and any one of them could be poisoned..
vibe coding saved us this time.. the attacker vibe coded the attack and it was too sloppy to work quietly.. next time they won't make that mistake.
Andrej Karpathy@karpathy
Software horror: litellm PyPI supply chain attack. Simple `pip install litellm` was enough to exfiltrate SSH keys, AWS/GCP/Azure creds, Kubernetes configs, git credentials, env vars (all your API keys), shell history, crypto wallets, SSL private keys, CI/CD secrets, database passwords. LiteLLM itself has 97 million downloads per month which is already terrible, but much worse, the contagion spreads to any project that depends on litellm. For example, if you did `pip install dspy` (which depended on litellm>=1.64.0), you'd also be pwnd. Same for any other large project that depended on litellm. Afaict the poisoned version was up for only less than ~1 hour. The attack had a bug which led to its discovery - Callum McMahon was using an MCP plugin inside Cursor that pulled in litellm as a transitive dependency. When litellm 1.82.8 installed, their machine ran out of RAM and crashed. So if the attacker didn't vibe code this attack it could have been undetected for many days or weeks. Supply chain attacks like this are basically the scariest thing imaginable in modern software. Every time you install any depedency you could be pulling in a poisoned package anywhere deep inside its entire depedency tree. This is especially risky with large projects that might have lots and lots of dependencies. The credentials that do get stolen in each attack can then be used to take over more accounts and compromise more packages. Classical software engineering would have you believe that dependencies are good (we're building pyramids from bricks), but imo this has to be re-evaluated, and it's why I've been so growingly averse to them, preferring to use LLMs to "yoink" functionality when it's simple enough and possible.
English
Objectively Random รีทวีตแล้ว
I have so far received no response to the question below, roughly 24 hours after submitting it, though I do have a delivery receipt.
Peter Hitchens@ClarkeMicah
This morning I formally asked the Pentagon for the name of the US Navy destroyer which shot down the Iranian missile on its way to Diego Garcia, and for information on when and where the interception took place. I'll let you know what they say.
English
@LastStand_Radio @RyLiberty A threat to the entire world.
Trita Parsi@tparsi
This video was apparently aired on Israeli TV. It shows Axis of Resistance leaders waiting in line to be killed by Israel. At the end, the camera zooms out and we see that the next leader waiting to be killed by Israel is Erdogan. Seems Israel is already planning the next war.
English
@LastStand_Radio @RyLiberty Threat to whom, Bill? To whom???
English
Objectively Random รีทวีตแล้ว
Nobody is talking about ARXIV going independent in less than 100 days.
- They are leaving Cornell behind after 35 years and gonna become standalone. Cornell office work and bureaucracy was holding them back.
- The blog says that they will hire faster, adopt to technology faster, and raise money faster starting July 1.
- This can mean better AI features to study papers, better plagiarism/quality checkers, expansion into more domains? (my take)
I am kinda excited. Arxiv is the backbone for open research access, and if all goes well, they are probably gonna do something big by end of the year.
English
@LastStand_Radio @RyLiberty I think you’re mistaken Bill. I think you mean Israel. And the US. Iraq, Libya, Syria, Afghanistan, Gaza, West Bank and now Lebanon ? Who did those? Big mess, millions killed.
I think you’ve got it wrong, Bill. Either you are uninformed or just evil.
English
@ObjRandom @RyLiberty To every citizen of every westernized country on earth. They have only one goal. They represent every bit of instability in the Middle East.
English
Riz Ahmed jokingly crashes out over people finding the idea of him playing James Bond to be “very funny.”
“Me playing Bond was very funny to you?”
English
relevant for what is happening right now, how the US-NATO-Israeli empire maintains its hegemony through outright terror, which requires constant and endless wars:
x.com/zei_squirrel/s…
☀️👀@zei_squirrel
Chomsky on why the US has become a mercenary state that incites direct and proxy wars which it then forces its client states to pay for. This is from the 90s yet predicts exactly what the US is doing today
English
Objectively Random รีทวีตแล้ว
Every large company will eventually ban vibe-coding.
Vibe-coding is now generating as much technical debt as 10 regular developers in half the time.
Vibe-coding is awesome for a first draft, but you can't expect to push AI slop to production and not destroy your software over time.
Producing code is no longer a bottleneck.
Testing that code, debugging it, monitoring it in production, and fixing it when it breaks is where everyone is spending their time.
We've 10x'd the speed of writing code, but we are still in the Stone Age with everything that happens after the code is written.
Here is a very cool tool tackling this:
You can build "AI Production Engineers" using PlayerZero and make them work for you.
These are agents that do this:
• Simulate how your code will work in production
• Diagnose issues when they happen
• Learn from every incident so it doesn't happen again
This is pretty awesome!
These agents simulate code behavior against real production data. They use actual customer behavior, historical incidents, and edge cases without writing a single test script.
When something breaks, the agent traces the issue to the exact line of code and PR, generates the fix, and routes it to the right engineer.
And every bug these agents solve serves as training data to improve the system.
Here is a link to check them out:
playerzero.ai/?utm_campaign=…
Thanks to the Player Zero team for partnering with me on this post.
English
Objectively Random รีทวีตแล้ว
Closed-form conditional diffusion models for data assimilation
Brianna Binder, Assad Oberai
arxiv.org/abs/2603.21291 [𝚜𝚝𝚊𝚝.𝙼𝙻 𝚌𝚜.𝙻𝙶 𝚙𝚑𝚢𝚜𝚒𝚌𝚜.𝚌𝚘𝚖𝚙-𝚙𝚑]
English
@pgodfreysmith @MicrobiomDigest I have found unherd to often be just as lacking in nuance as any MSM. Freddy is uninformed and opinionated. Maybe marginally better than Claire Lehman’s outfit, whatever it’s called. FP platforms Niall Ferguson. Isn’t that damning enough?! 🤣
English
I don't know of work in the Free Press that has been looking to tarnish science itself. Cases you have in mind?
The troublemaking magazines that rose to prominence round the time of Covid – Unherd, FP, Compact – have been positive additions to the landscape, I reckon, though I read FP less.
English
A long essay about fraud in science by @opinion_joe – link below – came in at a good time. I'm teaching a course with a lot of Thomas Kuhn in it, especially his analysis of 'normal science.' Struck me that K's emphasis on informal, internal networks is highly relevant..🧵1/
English
@_ZachFoster @ianbremmer Ian Berklee is a pinhead. A Lagarde fanboi with zero depth, nuance or insight. He missed his calling as a beat reporter, since it is impossible to say that his outfit really covers IR in any detail.
English
On @IanBremmer:
Ian Bremmer on Iran: "In the course of 3 days in January, we saw an estimated 30,000 plus Iranians murdered. And those are numbers that the Trump administration believes. But I've heard those numbers from international organizations. I've heard them from European governments that I trust. I mean, those are real numbers."
Ian Bremmer cites a death toll 10X higher than the count provided by the Iranian government & 5X higher than the 6,126 figure of "confirmed deaths" provided by "HRANA," based in Fairfax, Virginia.
Ian Bremmer on Gaza: To the best of my knowledge, he has never cited any of the independent estimates published by reputable sources like the Lancet that put the death toll in 186,000 (@ianbremmer, if I missed a post, please correct me).
Instead, Ian Bremmer's "Gzero Media" has actually cast doubt on the Gaza Health Ministry figures, unabashedly citing Israeli officials discrediting the data, even though we've known all along they are a dramatic undercount. gzeromedia.com/news/analysis/…
If you cite the 30,000 figure as fact, yet challenge the official Gaza Health Ministry data, which we all know is an undercount, you are not an analyst, you are a genocide apologist. youtube.com/watch?v=UW6Y5I…
YouTube
English
Objectively Random รีทวีตแล้ว
Objectively Random รีทวีตแล้ว
Traders placed $580mn oil bet ahead of Trump post on Iran talks ft.trib.al/NEZRdqC
English
@JeremyArnold31 @BobbyVylan @declassifiedUK They do that one daily. In fact the “most moral army” cannot survive unless it kills a few kids every few days or so.
English
@BobbyVylan @declassifiedUK How about death from the IDF, Bob? 📌 💥
English
What is the police guidance on chanting “Death to the IDF”? Thanks to @declassifiedUK we now know.
Read the full article here:
declassifieduk.org/revealed-the-i…
English
@clashreport In any case this is a regime change.
He is the regime, he is a terrorist like everybody else in that regime.
The only acceptable leader for the iranian is Prince Reza Pahlavi.
People did not die in the streets just to change the name of the terrorist.
#KingRezaPahlavi
English
An Israeli official says the senior Iranian figure the U.S. is in contact with is Parliament Speaker Mohammad Bagher Ghalibaf.
Source: Amit Segal
English
Objectively Random รีทวีตแล้ว
The "Iran-linked terror group" that took responsibility for the arson on the Jewish ambulances in London effectively materialized out of nowhere.
It did not exist before the week of March 9, 2026, and unusually, does not have its own Telegram or media channels. ⬇️
English
Objectively Random รีทวีตแล้ว
The Strait of Hormuz will be controlled by me and the Ayatollah😎😁
English
Objectively Random รีทวีตแล้ว
The Islamic Republic of Iran’s Embassy in South Africa is trolling President Trump’s comments on who will control the Strait of Hormuz.
English
Project Mind Control: 5 Questions with historian John Lisle | The Microdose
Lisle discusses what recently-discovered documents reveal about the CIA’s top-secret project.
open.substack.com/pub/themicrodo…
English