Olivia
Online
Noam Eppel
@NoamEppel
Co-Founder & COO @MNWSupplyChain. Professor George Brown College. Instructor McMaster University. AI Guest Lecturer Purdue University.
Toronto
Joined July 2010
2.1K Following
1.8K Followers
3.5K Posts
Last month Salesforce announced it would open its APIs and launch a headless product, essentially betting that in an agentic world, its value lies in the data layer, not the UI.
The announcement is a useful prompt for a more interesting question: if you strip away the UI and expose the database, what are you actually left with?
a16z's Seema Amble on where defensibility moves in the agentic era & how businesses will adapt: https://t.co/8hOj26bPuf
Claim: If attackers or LLMs can see the source code, they can find vulnerabilities faster.
So in that narrow sense, open source can be "more exposed". But it also ignores the other half of the equation that more eyes = faster fixes.
With closed source software, only internal teams can review your software and search for bugs. Those bugs can sit hidden for years. Windows and macOS are both closed source and have no shortage of vulnerabilities.
And while newer, more powerful LLMs can more easily discover vulnerabilities, these can be leveraged by your company as well - you can automatically run multiple agents simultaneously in real time on every single PR to proactively identify and prevent vulnerabilities in your code.
Yes, LLMs do present a new risk to software - closed source and open source. But they also provide an opportunity to create far more robust and reliable and secure code.
BTW, I love Cal. Keep up the great work @pumfleet
@ZaynHao Good tip!
Who to follow
trippledutch
@trippledutch
Owner https://t.co/wBW14Ra8BX, developer of https://t.co/qCxoxgZQuw, https://t.co/EjgIe0lxCT and https://t.co/QPt1x3Smc6
Q_rypto_Q
@Q_rypto_Q
Crypto Visionary - 04/21 | Bought $QNT @ USD 41 |#QNTMasterofPrediction #HBARMasterofPrediction #BTCMasterofPrediction
ChainStats
@ChainStatsPro
Unlocking Web3 Data Like an oil refinery for blockchain, we turn raw data into valuable, data-driven insights, helping users thrive in the Web3 economy
Running packages and AI Agents on your main OS is a security risk. These supply chain attacks have shown how easy it is for malicious packages or compromised dependencies to easily slip into your dev environment and execute code on your machine.
Having a completely separate computer just for development work is ideal. For those who don't have a second computer, here is a very simple way on macOS to isolate your dev tools from your main operating system.
Once setup, it only requires one command to run! It launches an Ubuntu environment with its own tools and worktree, isolated from your main filesystem.
This reduces your attack surface so even if you download a malicious package, it should not impact the data on your main OS.
π
Goal: With one command "claudebox" in your macOS terminal, launch a fresh Linux operating system, isolated filesystem, and separate Claude worktree every time using Ubuntu Multipass.
1. Install multipass cli on macOS:
https://t.co/LXRzYkNx7s
2. In your macOS terminal create a script named claudeboxβ.sh in your home directory.
nano ~/claudebox.sh
Copy the entire script below into a file. The script is a template so ensure you modify it to make any required customization (change the repo URL, add any additional npm packages you need etc).
#!/bin/bash
set -e
NAME="claude-$(date +%s)"
# Change the Github URL to the repo you want to clone
REPO_URL="https://t.co/VUU8HbyuSB"
REPO_DIR="YOURREPO"
# Launch fresh Ubuntu VM
multipass launch --name "$NAME" --cpus 2 --memory 4G --disk 10G
# Install tools + run Claude inside VM.
multipass exec "$NAME" -- bash -lc "
set -e
sudo apt update
sudo apt install -y git curl gh ripgrep
curl -fsSL https://t.co/EH9CeBvK2d | sudo bash -
# Add any additional packages you need to this list:
sudo apt install -y nodejs
sudo npm install -g pnpm
sudo npm install -g vercel
sudo npm install -g
@anthropic
-ai/claude-code
# Clone your repo
cd /home/ubuntu
git clone \"$REPO_URL\" \"$REPO_DIR\" || true
sudo chown -R ubuntu:ubuntu \"/home/ubuntu/$REPO_DIR\"
"
# Open interactive shell
multipass shell "$NAME"
# Run Claude in isolated worktree
# (Run this manually inside the VM after entering the shell)
# cd /home/ubuntu/YOURREPO
# claude --worktree
# The Ubuntu VMs will accumulate so you should manually delete them later.
# Uncomment if you want to delete the Ubuntu OS automatically when you exit.
# multipass delete $NAME
3. Make the script executable, create a "claudebox" shortcut (alias), and reload your shell so you can run it immediately
chmod +x ~/claudebox.sh
echo 'alias claudebox="~/claudebox.sh"' >> ~/.zshrc
source ~/.zshrc
Now you can open your macOS terminal and just type one command:
claudebox
You get an isolated Ubuntu environment with its own tools and worktree. Launch multiple Ubuntu environments at the same time. If anything goes sideways, you can delete the VM and your host machine stays clean.
NOTE: This script may not be right for your specific environment and workflow. Ensure you modify the script as needed and test carefully before use.
Iβm not sure you wrote any of your article.
Emdash was released just a day ago. It is unsurprising the head of WordPress YouTube at Automattic is already criticizing it.
WordPress has become stagnant with a highly insecure plugin ecosystem. I hope Emdash provides some healthy competition and is a wake up call.
If WordPress is serious about their security, Emdash has just provided the blueprint for a secure plug-in architecture. Sandbox. Scoped. Audible.
Cloudflare just did WordPress a huge favour.
π π π
https://t.co/KTWRQQZQNm
Recent NPM supply chain attacks have shown how easy it is for malicious packages or compromised dependencies to easily slip into your dev environment and execute code on your machine. Running packages and AI Agents on your main OS is a security risk.
Having a completely separate computer just for Dev work is ideal. For those who don't have a second computer, here is a very simple way on MacOS to isolate your Dev tools from your main operating system.
Once setup, it only requires one command to run! It launches an Ubuntu environment with its own tools and worktree, isolated from your main filesystem.
This reduces your attack surface so even if you download a malicious package, it should not impact the data on your main OS.
π
Goal: With one command "claudebox" in your macOS terminal, launch a fresh Linux operating system, isolated filesystem, and separate Claude worktree every time using Ubuntu Multipass.
1. Install multipass on macOS:
https://t.co/LXRzYkNx7s
2. In your macOS terminal create a script named https://t.co/ZuYGR2XdYm in your home directory.
nano ~/claudebox.sh
Copy the entire script below into a file. The script is a template so ensure you modify it to make any required customization (change the repo URL, add any additional npm packages you need etc).
#!/bin/bash
set -e
NAME="claude-$(date +%s)"
# Change the Github URL to the repo you want to clone
REPO_URL="https://t.co/VUU8HbyuSB"
REPO_DIR="YOURREPO"
# Launch fresh Ubuntu VM
multipass launch --name "$NAME" --cpus 2 --memory 4G --disk 10G
# Install tools + run Claude inside VM.
multipass exec "$NAME" -- bash -lc "
set -e
sudo apt update
sudo apt install -y git curl gh ripgrep
curl -fsSL https://t.co/EH9CeBvK2d | sudo bash -
# Add any additional packages you need to this list:
sudo apt install -y nodejs
sudo npm install -g pnpm
sudo npm install -g vercel
sudo npm install -g @anthropic-ai/claude-code
# Clone your repo
cd /home/ubuntu
git clone \"$REPO_URL\" \"$REPO_DIR\" || true
sudo chown -R ubuntu:ubuntu \"/home/ubuntu/$REPO_DIR\"
"
# Open interactive shell
multipass shell "$NAME"
# Run Claude in isolated worktree
# (Run this manually inside the VM after entering the shell)
# cd /home/ubuntu/YOURREPO
# claude --worktree
# The Ubuntu VMs will accumulate so you should manually delete them later.
# Uncomment if you want to delete the Ubuntu OS automatically when you exit.
# multipass delete $NAME
3. Make the script executable, create a "claudebox" shortcut (alias), and reload your shell so you can run it immediately
chmod +x ~/claudebox.sh
echo 'alias claudebox="~/claudebox.sh"' >> ~/.zshrc
source ~/.zshrc
Now you can open your macOS terminal and just type one command:
claudebox
You get an isolated Ubuntu environment with its own tools and worktree. Launch multiple Ubuntu environments at the same time. If anything goes sideways, you can delete the VM and your host machine stays clean.
NOTE: This script may not be right for your specific environment and workflow - ensure you modify the script as needed and test carefully before use.
I hope this is useful! Would appreciate a repost for visibility to help it reach the right people.
π¨ CRITICAL: Active supply chain attack on axios -- one of npm's most depended-on packages.
The latest [email protected] now pulls in [email protected], a package that did not exist before today. This is a live compromise.
This is textbook supply chain installer malware. axios has 100M+ weekly downloads. Every npm install pulling the latest version is potentially compromised right now.
Socket AI analysis confirms this is malware. plain-crypto-js is an obfuscated dropper/loader that:
β’Β Deobfuscates embedded payloads and operational strings at runtime
β’Β Dynamically loads fs, os, and execSync to evade static analysis
β’Β Executes decoded shell commands
β’Β Stages and copies payload files into OS temp and Windows ProgramData directories
β’Β Deletes and renames artifacts post-execution to destroy forensic evidence
If you use axios, pin your version immediately and audit your lockfiles. Do not upgrade.
GOAT.
September 1997. Steve Jobs stands before Apple employees and tells them he's been up until 3am finishing an ad. He's been back at the company for eight weeks. Apple lost $1 billion that year. Three months earlier, WIRED put Apple's logo on its cover, wrapped in barbed wire, with the word "Pray."
He starts by saying what he's found since coming back. He couldn't figure out Apple's own product line. He spent weeks trying to understand which model was which and how they fit together. He talked to customers. They couldn't figure it out either. He cut 70% of the product roadmap. People whose projects were canceled were, in his words, "three feet off the ground with excitement" because, for the first time in years, someone told them where the company was going.
Then he says something about marketing that changed how every tech company thinks about advertising.
He says Nike sells a commodity. They sell shoes. But when you think of Nike, you feel something different than a shoe company. Nike never talks about their products in ads. Never tells you why their air soles are better than Reebok's. "They honor great athletes. And they honor great athletics. That's who they are." He compares it to the dairy industry spending 20 years trying to convince people milk was good for them, failing, and then running "Got Milk," which doesn't even mention the product. Focuses on its absence.
He says Apple spends a fortune on advertising. "You'd never know it."
Then he fires the ad agency. Not just fires them. Apple was running a competition with 23 agencies. He scrapped the whole thing and hired Chiat/Day, the agency he'd worked with a decade earlier on the 1984 Macintosh commercial that advertising professionals voted the best ad ever made.
The question they asked themselves: "Our customers want to know who is Apple and what is it that we stand for?"
His answer: "Apple at its core, its core value, is that we believe that people with passion can change the world for the better. And that those people who are crazy enough to think they can change the world are the ones that actually do."
Then he plays the ad. In this room. To Apple employees. For the first time.
"Here's to the crazy ones. The misfits. The rebels. The troublemakers."
He says almost none of these people had ever appeared in an advertisement before. He personally obtained Yoko Ono's permission to use John Lennon. He says the estates and living subjects agreed because of their feelings toward Apple. "I don't think there is another company on Earth that could have done this campaign."
The ad broke that Sunday during the network premiere of Toy Story on ABC. Two 60-second spots. Newspaper ads in the Wall Street Journal, New York Times, and USA Today. Billboards in major cities. Buses in five cities featuring Rosa Parks. Painted walls. The whole thing.
Apple's stock was around $0.10 split-adjusted when this meeting happened. The company is worth $3.68 trillion today. Think Different ran for five years. Every product that came after, the iMac, iPod, iPhone, iPad, was built on the identity this campaign established by a guy who'd been back at the company for eight weeks and finished the ad at three in the morning.
Video: Steve Jobs internal staff meeting at Apple, September 1997. This is the first time the Think Different campaign has been shown to employees. Jobs had been back at Apple for eight weeks. Footage leaked from an internal recording.
Fitness, health, and physical discipline are becoming how people reclaim agency in a world that feels increasingly unreal.
https://t.co/bEAejs9crY
Something fundamental has shifted in how software gets made, and I don't think most people have fully processed what it means yet. For most of computing history, software could only be created by experienced developers and was expensive to build, designed for the broadest possible audience, and distributed at scale because that was the only way to justify the cost of making it.
You didn't get the tool that fit your life; you got the tool that fit everyone's life, more or less, and you learned to work around its edges and quirks and navigate around the bloat and dozens of features you don't use.
That entire framework is collapsing, driven by AI models that can code as well as senior developers - and are improving exponentially. AI democratizes building software and now founders, operators, doctors, teachers, researchers are suddenly discovering they can build their own tools, shaped entirely around how they actually think and work. You describe what you want, clearly and specifically, and working software emerges from that description.
What strikes me most about this shift is that it doesn't make software less valuable - it makes it far more so, because for the first time it can be genuinely personal. When AI frees you from having to write or review every line of code and manually battle obscure syntax errors, it allows people to focus on what really matters: building and creating solutions.
It is the start of the ERA of Hyper-Personal Software.
A system you built yourself, or had built to your exact specifications, that understands your particular workflow and reflects your actual priorities - that's something categorically different.
Since software can now be developed quickly with minimal time and resources, some software can be transient, built to help plan a trip, organize a conference, track a hiring process, manage a research study, and then discarded.
There are a lot of people who just want to be able to talk to an AI agent, describe the software they need but not worry about security, hosting, scalability, databases, backups, authentication, etc.
I built ARI Software as a framework for hyper-personal software and a personal productivity workspace. It comes with dozens of built-in modules such as a task manager, fitness tracker, knowledge base for storing your notes, document repository, and many more.
But the real magic is that it enables you to build your very own modules just by talking to an AI agent. Fully extendable. No coding required.
It is not a SaaS - it is open source and gives you full data control. Install it on your computer or host it online so you have a secure, personal workspace available anywhere.
The shift isn't just AI-generated code. It's AI-generated code built on strong foundations that give builders freedom without the brittleness that comes from working without guardrails.
Software used to be built for the average user. Now it can be built by you for you.
ARI Software launches later this month! Please give me a follow if you would like to hear more :)
https://t.co/VAwbXvgKF6
Citadel Securities published this graph showing a strange phenomenon.
Job postings for software engineers are actually seeing a massive spike.
Classic example of the Jevons paradox. When AI makes coding cheaper, companies actually may need a lot more software engineers, not fewer.
When software is cheaper to build, companies naturally want to build a lot more of it. Businesses are now putting software into industries and tools where it was simply too expensive before.
---
Chart from
citadelsecurities .com/news-and-insights/2026-global-intelligence-crisis/
Congrats on /voice mode!
@bcherny Claude has the command-line flag --dangerously-skip-permissions
Does Claude have an opposite flag such as --never-modify-files so a user can chat with Claude without concern it would change any files?
Claude can enter /plan mode, but it is easy to accidentally exit plan mode.
A more strict flag such as --never-modify-files would be useful when you want to research, explore, and interact with a codebase without any risk of it modifying files.
We need a modern "10 Commandments" for responsible AI agents.
Thou shall not commit private API keys to GitHub and pray nobody notices. GitHub notices. Everyone notices.
This is a template from my security./md file, incase anyone needs it also.
"We used to debate using tabs vs spaces in code we'd type out"
@heyandras You may like https://t.co/2WGcRjZa2p then. Launching in a few days
π¨ While running smaller AI models (MiniMax 2.5, Kimi 2.5 etc) locally with OpenClaw can save money, prompt injection resistance is not uniform across model tiers. Smaller/cheaper models are generally more susceptible to prompt injection and manipulation attacks.
Recommendation: use the latest generation, best-tier model appropriate to the risk profile of the task.
If you must use a smaller model, reduce blast radius (read-only tools, enable sandboxing for all sessions, minimal filesystem access, strict allowlists).
OpenClaw model choice on @openrouter is interesting to observe over time. Kimi k2.5 has been a clear leader over the past month with MiniMax M2.5 gaining ground quickly. Gemini 3.5 flash has been solid as well.
1. Less Words.
2. More Friends.
1. When you write something intended to be read by an important person, go through it and cut every unnecessary word.
2. The reader of anything you publish is an important person.
@photomatt @kavinbm Attached are two screenshots of the default WordPress Posts page. One is from late 2025. The other is from 8 years ago. They are almost identical.
Stability or stagnation?
Yes, building on existing open source projects can be beneficial - when it actually makes sense to do so.
Matt, take a look at this screenshot. This is what a typical person sees today when they log into their WordPress site: multiple alerts, plugin advertisements, security warnings, update notices..
Serious question: if you're building a new website today, why build it on WordPress in the age of AI?
Matt sit down with a typical small business owner who runs a WordPress site. Ask them to add a YouTube video to a page. That's it. Watch what happens. Watch them log in, navigate the cluttered dashboard, click through layers of menus, search for the right page, wrestle with Gutenberg or Elementor, maybe they need to visit the plugins page to search and install a video plugin that actually works, insert the video, preview it, adjust it, preview it again and hope adding the video didn't break anything.
Or you could show them they can open Claude Code and type, "Please add this YouTube video to the Contact page, full-width and add a short caption underneath the video." and have it implemented correctly in under a minute and be done.
What are we actually gaining by preserving the clunky, slow WordPress dashboard? What value is this adding?
At what point does it make more sense to replace stagnant legacy systems with new tools that genuinely work better for users?
The WordPress investment in testing and hardening is real. But it is no longer the advantage it once was. AI has bent the development curve so significantly that accumulated time is less valuable than rapid feedback loops and continuous hardening.
Last Seen Users on Sotwe
Olihan 1
Seen from Indonesia
πππππ ππππ
Seen from Italy
Los Chamos vergones ππTOP1π ONLYFANSπΈπ74k
Seen from Colombia
Dark_Berry π«ππ«π
Seen from France
MILF
Seen from Indonesia
Sex for us
Seen from Turkey
(+18) HUGE MIA
Seen from United States
Anami
Seen from Indonesia
kubra khan
Seen from France
sapphic
Seen from United Kingdom
Most Popular Users
Elon Musk
@elonmusk
240.3M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.6M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.4M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.7M followers
KATY PERRY
@katyperry
87.2M followers
Taylor Swift
@taylorswift13
81M followers
Lady Gaga
@ladygaga
72.6M followers
Kim Kardashian
@kimkardashian
69.6M followers
Virat Kohli
@imvkohli
69.1M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.6M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.8M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.3M followers