Learning is identifying/recognizing patterns and apply them. Biological evolution was the only system that produced intelligence. An idea changes the universe
De gedachte dat ransomwarebendes “hun businessmodel ondermijnen” als ze gestolen data niet verwijderen na betaling, klinkt logisch… maar klopt simpelweg niet met de realiteit van vandaag.
Het huidige ransomware-ecosysteem is geen strak gereguleerde markt met reputatiemanagement. Het is een chaotisch, geopolitiek en crimineel slagveld.
Een paar punten om dat perspectief recht te zetten:
1) Ransomware is allang geen ‘puur criminele’ business meer
Bendes opereren steeds vaker in of rond staten en geopolitieke belangen. Data is dan geen ruilmiddel meer, maar een strategisch asset.
→ Zelfs als een slachtoffer betaalt, kan die data voor andere partijen nog steeds waardevol zijn.
2) Het ecosysteem is onderling vijandig en instabiel
Ransomwaregroepen hacken elkaar, lekken elkaars data en saboteren concurrenten.
→ Net als bij klassieke georganiseerde misdaad draait het ook om macht, reputatie en ondermijning ; niet alleen om “klanttevredenheid”.
3) “Data verwijderen” is niet controleerbaar
Er is geen audit, geen toezicht, geen garantie.
→ Je weet simpelweg niet of data écht weg is, gekopieerd is, of ergens anders opnieuw opduikt.
4) Doorverkoop hoeft niet zichtbaar te zijn
Data kan worden “witgewassen”, opgesplitst of indirect gebruikt.
→ Denk aan identiteitsfraude, gerichte phishing, intelligence-doeleinden of verkoop via tussenlagen.
5) Reputatie is minder relevant dan gedacht
Veel groepen verdwijnen, rebranden of opereren via affiliates.
→ De incentive om je “aan afspraken te houden” is daardoor veel kleiner dan vaak wordt aangenomen.
6) Toegang = blijvend risico
Als een aanvaller eenmaal binnen is geweest, is de kans groot dat er meerdere backdoors, kopieën of gedeelde toegang bestaan.
→ Betalen verandert niets aan wat er al buitgemaakt is.
7) Motieven zijn verhard
We zien aanvallen op ziekenhuizen, scholen en zelfs dreigingen richting familieleden.
→ Dit zijn geen partijen die handelen vanuit een soort “marktlogica” of ethiek.
⸻
Conclusie:
Het idee dat je kunt vertrouwen op het “woord” van criminelen omdat ze anders hun businessmodel schaden, is te simplistisch voor de realiteit van nu.
Je weet niet of ze zich eraan houden.
Je kunt het niet controleren.
En in veel gevallen is het niet eens alleen hún beslissing.
In een wereld waar data macht is, is het naïef om te denken dat die macht vrijwillig wordt opgegeven.
The most interesting number in Karpathy's gist is one he never published: the conversion rate.
In the old model of open source, someone shares a GitHub repo. The README explains the architecture. You clone it, install 14 dependencies, debug three version conflicts, realize it assumes a different OS, and give up. Maybe 2% of people who see the project actually get it running on their machine. The other 98% star it and move on.
Karpathy shared a markdown file. No dependencies. No installation. No version conflicts. You paste the text into Claude Code or Codex, and your agent builds a custom implementation on your machine in 15 minutes. The agent handles all the translation between "what Karpathy built" and "what works on your setup."
The gist has 17,700 stars and 1,900 forks. The comment thread is full of people sharing their running implementations. GitHub repos posted within a week of the gist (second-brain by Nick Spisak, Obsidian integrations, Apify automations) already have thousands of stars of their own.
Karpathy named this concept the "idea file." His exact words: "In this era of LLM agents, there is less of a point of sharing the specific code. You just share the idea, then the other person's agent customizes it."
Software distribution just inverted. The old bottleneck was getting code to run. The new bottleneck is having an idea worth implementing. Every recipient gets a version tailored to their own tools, their own folder structure, their own workflow. The telephone game, except every copy is better than the original.
I wrote the guide to building your own version.
@vrexec Damage? No, I don’t believe that. But of course it can cause problems. Just like sitting in a chair can cause problems. But the screen itself isn’t the problem.
100,000 American troops in Europe = a free ride for Europeans?
Let's check the facts.
🔹 American military bases are not free
Germany, Italy, Spain, and Romania pay for the infrastructure, land, utilities, and civilian personnel of US bases. Germany alone contributes over $1 billion annually to support the American military presence on its soil.
🔹 Europe is the largest customer of the American defense industry
F-35s, Patriot missiles, HIMARS, Apaches — all purchased by Europeans with real money. Every security alarm in Europe translates into contracts for Lockheed Martin, Raytheon, and Boeing.
🔹 American bases in Europe don't only protect Europe
Ramstein in Germany coordinates operations across Africa and the Middle East. Sigonella in Italy covers the Mediterranean and North Africa. Romania secures the eastern flank and the Black Sea. These are global American strategic assets — not neighborhood security for Europeans.
🔹 Command is American, not European
NATO is always led by an American Supreme Commander (SACEUR). Europe contributes troops, bases, and money — but America holds the controls. Those who control the structure are not the ones getting a free ride.
🔹 The nuclear umbrella is not altruism
American nuclear deterrence in Europe keeps the dollar as the world's reserve currency, keeps European markets open to US corporations, and legitimizes American hegemony against Russia and China.
But what would actually happen if America withdrew its troops from Europe?
🔹 For America — immediate strategic losses
Without bases in Europe, American response time to any crisis in Europe, Africa, or the Middle East grows from hours to days. Ramstein, Sigonella, and Incirlik cannot be replaced by aircraft carriers. Infrastructure built over decades disappears overnight.
🔹 The American defense industry loses its biggest customer
A Europe without the US umbrella will build its own defense industry — and fast. Airbus Military, KNDS, Leonardo, and Rheinmetall will take the contracts that Lockheed and Raytheon currently win. Billions of dollars shift from America to Europe.
🔹 The dollar weakens
Dollar hegemony is partly sustained by American global military credibility. A withdrawal from Europe signals to the world that America no longer guarantees the postwar order. Alternatives — the euro, the yuan — become more attractive as global reserve options.
🔹 Russia wins without firing a single shot
Not necessarily through immediate invasion — but through political influence, energy pressure, and the gradual destabilization of countries on the eastern frontier. The Baltic states, Poland, and Romania enter a security grey zone that no one can guarantee quickly.
🔹 China watches and draws conclusions about Taiwan
A precedent of withdrawal from Europe sends a direct signal to Beijing: American commitments are negotiable. The cost of deterrence in the Pacific rises exponentially.
Withdrawal is not isolationism. It is strategic abdication.
America would not be leaving Europe because it no longer has interests there.
It would be leaving while ignoring that those very interests are what make it a superpower.
The "free ride" narrative doesn't describe Europe.
It describes exactly what America has in Europe.
My dear front-end developers (and anyone who’s interested in the future of interfaces):
I have crawled through depths of hell to bring you, for the foreseeable years, one of the more important foundational pieces of UI engineering (if not in implementation then certainly at least in concept):
Fast, accurate and comprehensive userland text measurement algorithm in pure TypeScript, usable for laying out entire web pages without CSS, bypassing DOM measurements and reflow
@vrexec haha, wait till you get a little older. With time comes the perspective that it's limited.
I don't really believe in purpose, only the love of the game of pursuing it.
Being grateful is the positive force.
These are my two cents...
@manthanguptaa First step is understanding it, second step is trying it for yourself. There's enough intelligence around, ideas and execute them is the scarcity.
Three days ago I left autoresearch tuning nanochat for ~2 days on depth=12 model. It found ~20 changes that improved the validation loss. I tested these changes yesterday and all of them were additive and transferred to larger (depth=24) models. Stacking up all of these changes, today I measured that the leaderboard's "Time to GPT-2" drops from 2.02 hours to 1.80 hours (~11% improvement), this will be the new leaderboard entry. So yes, these are real improvements and they make an actual difference. I am mildly surprised that my very first naive attempt already worked this well on top of what I thought was already a fairly manually well-tuned project.
This is a first for me because I am very used to doing the iterative optimization of neural network training manually. You come up with ideas, you implement them, you check if they work (better validation loss), you come up with new ideas based on that, you read some papers for inspiration, etc etc. This is the bread and butter of what I do daily for 2 decades. Seeing the agent do this entire workflow end-to-end and all by itself as it worked through approx. 700 changes autonomously is wild. It really looked at the sequence of results of experiments and used that to plan the next ones. It's not novel, ground-breaking "research" (yet), but all the adjustments are "real", I didn't find them manually previously, and they stack up and actually improved nanochat. Among the bigger things e.g.:
- It noticed an oversight that my parameterless QKnorm didn't have a scaler multiplier attached, so my attention was too diffuse. The agent found multipliers to sharpen it, pointing to future work.
- It found that the Value Embeddings really like regularization and I wasn't applying any (oops).
- It found that my banded attention was too conservative (i forgot to tune it).
- It found that AdamW betas were all messed up.
- It tuned the weight decay schedule.
- It tuned the network initialization.
This is on top of all the tuning I've already done over a good amount of time. The exact commit is here, from this "round 1" of autoresearch. I am going to kick off "round 2", and in parallel I am looking at how multiple agents can collaborate to unlock parallelism.
https://t.co/WAz8aIztKT
All LLM frontier labs will do this. It's the final boss battle. It's a lot more complex at scale of course - you don't just have a single train. py file to tune. But doing it is "just engineering" and it's going to work. You spin up a swarm of agents, you have them collaborate to tune smaller models, you promote the most promising ideas to increasingly larger scales, and humans (optionally) contribute on the edges.
And more generally, *any* metric you care about that is reasonably efficient to evaluate (or that has more efficient proxy metrics such as training a smaller network) can be autoresearched by an agent swarm. It's worth thinking about whether your problem falls into this bucket too.