Aravind Jayendran

A 19-year old broke into India's largest high school examination system of 2M+ students a year, the CBSE, and was able to view and CHANGE any students' marks. He responsibly wrote to the team 3 months ago, and it took them 3 days to fix only one of the issues. Today, they took the entire website down. This is a absolute embarrassment. The futures and lives of millions rests in the hands of the utterly incompetent. There is also no mass media reporting on the matter. This topic is close to me because not only is this the education system I went through, but 12 years ago and silently for 5yrs since, I'd written about and reported a much less severe vulnerability allowing me to scrape these results too. More than a decade later, not much has changed. This 19yo, Nisarga Adhikary, wrote a great piece outlining each vulnerability he reverse engineered: - the master password leak - the client-side 2fac / OTP validation workaround - tokenless access to the entire internal app (dashboard, evaluator details, etc) setting dummy browser values - changing any password without knowing the old one - an IDOR vuln allowing you to act as any user and edit exam marks For those interested in a beautiful study in security breaches, this is a must read (link below). If there's any light at the end of the tunnel, it's that a 19yo who never went to college can do things 99% of top engineers couldn't figure out.

The most revealing thing about this AI leadership paper is that it reads less like a vision for innovation and more like a glossy whitepaper for a 21st century East India Company. Every generation of incumbents discovers a new moral vocabulary for why they alone should control transformative technology. In the 90s it was cryptography. We were told strong encryption was too dangerous to spread because terrorists, rogue states, chaos, dual-use, etc. So the US crippled exports, weakened products, slowed adoption, and kneecapped parts of its own software industry. Right up until reality steamrolled the policy and we woke up to its stupidity and then eCommerce, secure communications, software signing, and the modern internet exploded and gave us tremendous benefits. Now the exact same priesthood has returned with AI. - “Dual-use.” - “Strategic advantage.” - “Model distillation.” - “National security.” - “Responsible access.” A few different nouns but mostly the same ones. Same instinct: Centralize control, gatekeep compute, fuse state and corporate power, and call it safety. The funniest part is that this strategy is almost perfectly designed to accelerate the thing they claim to fear. You do not stop a rival superpower (who happens to be the absolute best at scaling energy and manufacturing and who has a choke-hold on rare Earths refinement) from building domestic capability by permanently attempting to strangle them. You create the economic and political incentive for total self-sufficiency. We have already done that as Jensen warned. We went from 100% market to nearly 0%. Huawei is now manufacturing millions of chips. DeepSeek v4 trained on them. They have more energy than the rest of the world combined. Meanwhile, we have activists and anti-economic fools like AOC and Bernie pushing for data center moratoriums and we can't build a single bullet train in 20 years and folks fighting to not expand the energy grid here and new nuclear plants getting tied up in environmental regulation for a decade. The sanctions did the exact opposite of what the hawks wanted. They jumpstarted a moribund, dinosaur of a Chinese chips industry. We basically said to the people who happen control the most powerful manufacturing engine on the planet "we intend to squeeze you." They rightly saw it as an existential threat. The sanctions become the industrial policy. Huawei. SMIC. Domestic lithography. Packaging. Memory. Entire Chinese supply chains that did not exist at serious scale a decade ago now exist precisely because Washington convinced Beijing they had no choice. Brilliant work. So the endgame here is what exactly? 1) Push China into a Manhattan Project for chips and AI. 2) Increase the strategic value of Taiwan even further. 3) Once China reaches self sufficiency that can invade Taiwan and choke off our own super advanced chips where are made there exclusively (and no we don't have even close to enough TSMC factories in Arizona or anywhere else in the world). That's every NVIDIA chip. Every Google tensor chip. Every Apple chip. Every chip in you iPhone and Android phone. Every Amazon chip. The chips in your car and truck and hair dryer and washing machine. 4) Escalate a cold tech war into a permanent civilizational bloc conflict that is likely to turn into a shooting war at one point. 5) Fragment the global software ecosystem. 6) Create American AI aristocracies protected by regulation and compute licensing. And somehow call this “open innovation.” Meanwhile the actual history of software keeps screaming the opposite lesson: Knowledge diffuses, open ecosystems win, developers route around gatekeepers, and attempts to permanently contain computation usually fail. What really jumps off the page is the assumption that a tiny cluster of frontier labs should become quasi-sovereign actors, deciding who gets intelligence, who gets compute, who gets models, and which countries are permitted to participate in the future. Not elected governments. Not open markets. Not open-source communities. A handful of corporations sitting beside the national security state, insisting that concentration of power is necessary to protect democracy. You almost have to admire the audacity.

I think we are past the point where “only people in San Francisco get AI” is true. AI users are in every industry & they have access to the same models. SF is far from the epicenter of many of the craziest use cases I have seen in science, law, finance, marketing, education…