@jawwwn_@60Minutes There is obviously no “degree” you can get from a university that actually teaches you how to make an orbital rocket, as none of the professors know how to do it!
Today we're open-sourcing Bumblebee, a read-only scanner for macOS and Linux.
It checks developer machines for risky packages, extensions, and AI tool configs.
Connected to Computer, it can trigger deeper scans whenever a new supply-chain risk emerges.
https://t.co/FOaWnF1yQy
Introducing USVC - a single basket of high-growth venture capital, for everyone.
No accreditation required, SEC-registered, and a very low $500 minimum.
Includes OpenAI, Anthropic, xAI, Sierra, Crusoe, Legora, and Vercel. As USVC adds more companies, investors will own a piece of that too.
Liquidity typically comes when companies exit, but we’re aiming to let investors redeem up to 5% of the fund every quarter. This isn’t guaranteed, but if we can make it work, you won’t be locked up like in a traditional venture fund.
It runs on AngelList, which already supports $125 billion of investor capital.
And I’ve joined USVC as the Chairman of its Investment Committee.
—
Go back to the 1500s, you set sail for the new world to find tons of gold - that was adventure capital.
Early-stage technology is the modern version. It says we are going to create something new, and it’s risky. It’s daring.
But ordinary people can’t invest until it’s old, until it’s no longer interesting, until everybody has access to it. By the time a stock IPOs, most of the alpha is gone. The adventure is gone. Public market investors are literally last in line.
This problem has become farcical in the last decade. Startups are reaching trillion dollar valuations in the private markets while ordinary investors have their noses up to the glass, wondering when they’ll be let in.
Investing in private markets isn’t easy. You need feet on the ground. You need judgment built over years. Most people don’t have the patience to wait ten or twenty years for an investment to come to fruition.
But there is no more productive, harder-working way to deploy a dollar than in true venture capital.
USVC enables you to invest in venture capital in a broad, accessible, professionally-managed way, through a single basket of innovation, focused on high-growth startups, at all stages.
It is how you bet on the future of tech: the smartest young people in the world, working insane hours, leveraged to the max, with code, hardware, capital, media, and community. Your dollar doesn’t work harder anywhere.
There is an old line - in the future, either you are telling a computer what to do, or a computer is telling you what to do. You don’t want to be on the wrong side of that transaction.
USVC lets you buy the future, but you buy it now. Then you wait, and if you are right, you get paid.
Get access here:
https://t.co/pAj1sqUsG0
The greatest trait you can acquire is to work with tremendous intensity on things that matter to you, and more importantly, be strangely unbothered when those things don't work out.
Software horror: litellm PyPI supply chain attack.
Simple `pip install litellm` was enough to exfiltrate SSH keys, AWS/GCP/Azure creds, Kubernetes configs, git credentials, env vars (all your API keys), shell history, crypto wallets, SSL private keys, CI/CD secrets, database passwords.
LiteLLM itself has 97 million downloads per month which is already terrible, but much worse, the contagion spreads to any project that depends on litellm. For example, if you did `pip install dspy` (which depended on litellm>=1.64.0), you'd also be pwnd. Same for any other large project that depended on litellm.
Afaict the poisoned version was up for only less than ~1 hour. The attack had a bug which led to its discovery - Callum McMahon was using an MCP plugin inside Cursor that pulled in litellm as a transitive dependency. When litellm 1.82.8 installed, their machine ran out of RAM and crashed. So if the attacker didn't vibe code this attack it could have been undetected for many days or weeks.
Supply chain attacks like this are basically the scariest thing imaginable in modern software. Every time you install any depedency you could be pulling in a poisoned package anywhere deep inside its entire depedency tree. This is especially risky with large projects that might have lots and lots of dependencies. The credentials that do get stolen in each attack can then be used to take over more accounts and compromise more packages.
Classical software engineering would have you believe that dependencies are good (we're building pyramids from bricks), but imo this has to be re-evaluated, and it's why I've been so growingly averse to them, preferring to use LLMs to "yoink" functionality when it's simple enough and possible.
Steve was an incredible leader, innovator, and friend whose world-changing ideas moved all of us forward.
Celebrating his remarkable life and legacy today, on his birthday.
New art project.
Train and inference GPT in 243 lines of pure, dependency-free Python. This is the *full* algorithmic content of what is needed. Everything else is just for efficiency. I cannot simplify this any further.
https://t.co/HmiRrQugnP
Focus is becoming the rarest skill on the planet. Talent, intelligence, marketing, prompting, vibe coding, and whatever else doesn't matter as much as being able to channel your attention for an extended period of time into one useful thing that you want to see in the world.
The #1 muscle that predicts how sharp your brain stays as you age is not your chest or your arms.
It’s your legs.
Here’s why skipping leg day might be shrinking your brain:
For those who are interested, Function Health offers a wealth of interesting health-related data (could make a good gift for the health-data-intrigued in your family or friend circles).
Mark had always been a hard worker, and like many people, he poured countless hours into his business to provide for his family.
But during their Shark Tank pitch, he shared a profound lesson he learned—while money can always be earned again, time is irreplaceable.
He realized that, no matter how much wealth he accumulated, the time he spent with his son and his family was the most valuable thing he had.
Mac changed everything when it was introduced 40 years ago, and through the years it has done so again and again and again. Today’s Mac lineup is the best in the history of the personal computer, and it’s built on decades of revolutionary innovation. Happy birthday Mac!
The FDA has finally acknowledged what has been open secret: The decongestants on pharmacy shelves are utterly useless. You gotta get the good shit behind the counter
https://t.co/caNGPdzRr9