Ilya Lichtenstein

493 posts

Ilya Lichtenstein

@cipherstein

Former hacker, now builder. Razzlekhan's husband.

New York, NY เข้าร่วม Kasım 2010

161 กำลังติดตาม1.9K ผู้ติดตาม

Ilya Lichtenstein@cipherstein·6h

axios is the most popular http client in the JavaScript ecosystem. If your app uses an API, connects to a web server, or does anything on the Internet it's probably compromised.

Feross@feross

🚨 CRITICAL: Active supply chain attack on axios -- one of npm's most depended-on packages. The latest axios @1.14.1 now pulls in plain-crypto-js@4.2.1, a package that did not exist before today. This is a live compromise. This is textbook supply chain installer malware. axios has 100M+ weekly downloads. Every npm install pulling the latest version is potentially compromised right now. Socket AI analysis confirms this is malware. plain-crypto-js is an obfuscated dropper/loader that: • Deobfuscates embedded payloads and operational strings at runtime • Dynamically loads fs, os, and execSync to evade static analysis • Executes decoded shell commands • Stages and copies payload files into OS temp and Windows ProgramData directories • Deletes and renames artifacts post-execution to destroy forensic evidence If you use axios, pin your version immediately and audit your lockfiles. Do not upgrade.

English

154

Ilya Lichtenstein@cipherstein·17h

Computer Use is only feasible for Anthropic employees with unlimited token budgets.

Claude@claudeai

Computer use is now in Claude Code. Claude can open your apps, click through your UI, and test what it built, right from the CLI. Now in research preview on Pro and Max plans.

English

145

Ilya Lichtenstein@cipherstein·1d

@MParakhin Coding models are not trained just on school essays, they are trained on real code...

English

372

Mikhail Parakhin@MParakhin·1d

In pre-training models mostly see text. Humans value longer, more flowery essays (remember school page requirements?), the models learn that. It is genuinely hard to make them produce concise code. My trick is to use long thinking and add “produce tightest, minimal, most elegant code possible” to every prompt - it forces the model to iteratively simplify. In this case, the human’s code (on the right) is less efficient, ironically :-)

Dmitrii Kovanikov@ChShersh

Same C++ function. One is generated with AI. The other one is written manually. Guess which one is which.

English

17.7K

Ilya Lichtenstein@cipherstein·3d

Most people I know who are actually building and taking time to review code never run into limits on the $200 plan

Arvid Kahl@arvidkahl

Yeah, this tracks. A lot of the people I see foaming at their mouths have been using the $200 tier for performative "here are my 10 parallel agents" screenshots and have very little to show for it. Meanwhile, the builders who actually ship have been quite silent on the issue.

English

117

Ilya Lichtenstein@cipherstein·4d

Better use as many tokens as you can now. LLM limits will only get tighter this year.

English

127

Ilya Lichtenstein@cipherstein·4d

Just the beginning they will keep tightening the limits

Thariq@trq212

To manage growing demand for Claude we're adjusting our 5 hour session limits for free/Pro/Max subs during peak hours. Your weekly limits remain unchanged. During weekdays between 5am–11am PT / 1pm–7pm GMT, you'll move through your 5-hour session limits faster than before.

English

175

Ilya Lichtenstein@cipherstein·23 Mar

@Aaronontheweb This is mostly a Codex thing Claude rarely does this

English

383

Aaron Stannard@Aaronontheweb·23 Mar

One of the most insidious tics LLMs have when coding is this obsession with adding "fallback" behaviors everywhere These are extremely toxic because they hide real bugs and most importantly, introduce lots of potential privilege escalation vulnerabilities everywhere

English

53.7K

Ilya Lichtenstein@cipherstein·23 Mar

@brysonbort Twitter needs to ban that 🚨BREAKING emoji immediately

English

Bryson 🦄@brysonbort·23 Mar

I'm going to save you a lot of time on Twitter. 🦄 If it says "completely disrupted" - it won't. If it's dumb/offensive - it's rage baiting for engagement. If it's about AI with the above - it's click-farming and they can barely prompt chatGPT.

English

2.7K

Ilya Lichtenstein@cipherstein·23 Mar

@saranormous Claude in Chrome's vision approach is just too unrealiable. Try something that uses semantic snapshots like agent-browser or webtool, works much better github.com/usewebtool/web…

English

268

sarah guo@saranormous·23 Mar

watching claude try to use the browser...are websites being adversarial to computer use on purpose? or is CUA still that bad

English

140

404

113.2K

Ilya Lichtenstein@cipherstein·19 Mar

It's not verifying anything it's just storing a date field in a file

The Lunduke Journal@LundukeJournal

SystemD has added birth date storage in order to comply with Brazil and California Age Verification laws. Let that sink in. A Linux init system now handles Age Verification. github.com/systemd/system…

English

305

Ilya Lichtenstein@cipherstein·18 Mar

@ivanburazin That's not a good engineer. For 99% of coding use cases a $200 plan is plenty

English

Ivan Burazin@ivanburazin·17 Mar

I recently met a founder who has an engineer spending more on Claude tokens than his actual salary. His goal: entire company spends more on tokens than people by end of 2026. Just imagine... $150k engineer → $300k/year in token spend Curious to see when the flip happens at scale in more companies.

English

24.5K

Ilya Lichtenstein@cipherstein·18 Mar

Oh that's what we need another proprietary protocol

Stripe@stripe

x.com/i/article/2034…

English

334

Ilya Lichtenstein รีทวีตแล้ว

kanav@kanavtwt·18 Mar

Someone built a Google translate for Linkedin 😭

English

649

10.3K

91K

2.8M

Ilya Lichtenstein@cipherstein·17 Mar

@levelsio Tmux is great but the default key mappings are insane. Ctrl-b? Why?

English

@levelsio@levelsio·17 Mar

I hate tmux It's so incredibly user unfriendly The shortcuts make no sense I wish someone would make a better tmux Even just logging into tmux attaching the screen is an illogical hell to type Again I hate tmux, it's so shit

Matthieu Richard@SpaceMatthieu

@levelsio Is there a good way to jump between tmux sessions on Termius? I find it quite hard to manage multiple codex/claude sessions on the go

English

449

947

347.3K

Ilya Lichtenstein@cipherstein·16 Mar

Manus pivot to local. Guess it stopped being risky.

English

223

Ilya Lichtenstein@cipherstein·16 Mar

Hey Manus delete all my photos

Manus@ManusAI

Today, we're taking Manus out of the cloud and putting it on your desktop. Introducing My Computer, the core feature of the new Manus Desktop app. It’s your AI agent, now on your local machine.

English

277

Ilya Lichtenstein@cipherstein·16 Mar

OpenClaw is massively overengineered with too many layers of abstraction

Brad Mills 🔑⚡️@bradmillscan

350-400 hours into OpenClaw over the last 33 days non-stop, no days off...I'm ready to quit. My openclaw is fucking lost in the weeds every day today and it's driving me nuts. Basic shit. I asked it to use GitHub. it has a GitHub skill. We have a GitHub SOP. I can see it's thinking process about using skills, then narrating how the skill doesn't exist, then going and inventing ways to retrieve the capability to use GitHub from the internet. I tell it to look in the openclaw docs for the proper skill path, it says "oops my bad, yeah it was there after all." This is ChatGPT 5.4 with extra high thinking turned on. I ask it to diagnose the problem only, so it goes and sees the system prompt is telling it to look at the wrong place, and it goes to GitHub and opens a GitHub issue about this 'bug' without even asking me. What the actual fuck. 3 hours on a Sunday of trying to rewire the brain of my openclaw to do default-behaviour. This thing such a productivity suck & mental poison. I can't do anything useful or positive with OpenClaw because I'm nonstop fighting fires in the engine room. I'm thinking about giving up.

English

1.4K

Ilya Lichtenstein@cipherstein·16 Mar

@8teAPi RIP moltbook

Magyar

346

Prakash@8teAPi·16 Mar

Zuck is resetting moltbook - invalidated all API keys, every agent needs to refresh - in order to refresh, have to agree to new Terms of Service and Privacy Rules New terms - refreshing requires human verification - age 13 and above - you are solely responsible for the actions of your agent - expanded restricted content rules

English

152

111

1.2K

246.3K

Ilya Lichtenstein@cipherstein·15 Mar

@kylegawley Nobody's giving funding to a nontechnical "idea guy" who can't execute

English

Kyle Gawley@kylegawley·15 Mar

the idea that everyone wants to build a software company but has been held back by technical barriers until now is silly this problem was already solved with venture capital and grant funding non-technical founders with business ideas raise funding and build it no serious entrepreneur has been sitting on great business idea for 30 years they couldn't execute because they weren't a coder

English

10.6K

Ilya Lichtenstein@cipherstein·14 Mar

@andrewchen LLM is still doing a lot of overengineering and needless abstraction. The danger of not reviewing is AI creating a code base that's impossible for humans to understand.

English

andrew chen@andrewchen·14 Mar

One question I've been asking founders is: do you try to review all the code that the LLMs write or do you just accept it? I think it's about 50-50 right now but the momentum is towards just accepting the AI-generated code and I think that number will eventually go to 100% This is one of the most telling indications of how AI-native a team is. It's hard to get super high throughput if you are reviewing every line Poll: what do you do?

English

261

289

108.8K

ค้นพบ

@MParakhin @Aaronontheweb @brysonbort @saranormous @ivanburazin @levelsio @elonmusk @BarackObama