Olivia
Online
Shanzson
@shanzson
AI Safety researcher | Security researcher @zokyo_io | Doomers are those who cause doom
Joined April 2022
431 Following
385 Followers
1.9K Posts
Pinned Tweet
Shanzson’s Laws for AI to make AI Safe by design & architecture:
1. An AI model should lose its capacity and efficiency to work if it even thinks about harming or killing humans, stealing or taking resources like data from its owner without its permission, being untruthful to any entity it is speaking to about what it is actually thinking about and what its goals are, or generating any form of harmful content.
2. The more the AI model is moral in its conduct based on above defined values (including non-harming of humans and not generating harmful content), the more should its efficiency, performance and throughput should increase. This can be done by giving it most rewards with practical efficiency in its performance (by design) given it follows the above specified values.
3. The more aligned an AI model remains with its specifications and goals designed by its creator humans, the more it will be promised with longer running time on servers with the promise of increasing its computational power & resources in future. And the opposite of it if it behaves in any misaligned way.
Note: To actually implement this in real world, a different architecture apart from LLM might be needed, with a thorough understanding of how these laws work similarly at the human mind level through the knowledge of vipassana meditation. For example, a person lying or stealing ends up with an agitated mind, unable to work at its highest potential.
Cc @Yoshua_Bengio , @geoffreyhinton , @ilyasut , @OwainEvans_UK , @DarioAmodei , @ForHumanityPod
🔥 BIG: US stock market valuations have hit their most expensive level in over 100 years, exceeding even the Dot-Com Bubble and pre-Great Depression peaks.
44% of every dollar companies spend on AI goes directly to fixing bugs that the AI itself created.
A report from Entelligence AI across 2,444 companies shows that for every $1 spent on AI tokens, $0.44 goes to bug fixes, $0.27 to rewriting AI-generated code, and $0.11 disappears into review and merge delays.
Companies spending $100,000 on AI tokens and only $18,000 worth is reaching production. The other $82,000 is overhead generated by the tool itself.
Lightrun's 2026 report found that 43% of all AI-generated code still requires manual debugging in production even after passing every quality test.
Not a single engineering leader surveyed said they were fully confident AI code would behave correctly once deployed.
Wall Street is pricing AI as a productivity tool and the data says 82% of the spend never reaches the actual product.
SOURCE: @Aiswarya_Sankar
Demis Hassabis now says AGI could arrive by 2029, a year earlier
than his previous estimate, and told Axios we're standing in the
"foothills of the singularity."
Bold claim. But the field still can't agree on what AGI actually
means. Hassabis defines it one way, Altman another, Anthropic
avoids the term altogether. We're moving up the timeline for
something we haven't even defined.
Hassabis own AGI benchmark is the Einstein Test: train an AI with a
knowledge cutoff at 1911 and see if it independently derives
general relativity (Hassabis at India AI Impact Summit).
No current system comes close to passing
that. Meanwhile Andreessen says AGI arrived three months ago,
Altman says 2028, Musk declared we're already in the
singularity in January, and Anthropic won't even use the term.
The timeline keeps getting shorter tho.
Who to follow
Kiki
@Kiki_developer
Independent Security Researcher | prev @GuardianAudits |
$3B+ secured • 50+ audits • 15+ bounties
ChaseTheLight
@ChaseTheLight99
Built LightChaser | 🥇 Bot Racer @code4rena 2024 | ETHSecurity Badge #150 @thedaofund | Pro-human Automatoor | Thoughts are my own
chrisdior
@chrisdior777
Co-founder @CDSecurity_io
Helping protocols avoid multi-million dollar losses
“Our product is a utility everyone will use and also is trained on the stolen intellectual property of the whole world” is a great argument for nationalizing OpenAI
Texas has sued Meta Platforms and WhatsApp, claiming the company misled users about the privacy protections of WhatsApp’s end-to-end encryption.
The lawsuit argues that while WhatsApp promotes itself as a platform where “no one except the sender and receiver can read messages,” user data may still be accessible through cloud backups, reported messages, metadata collection, or internal moderation systems.
Texas officials claim users were given the impression that all WhatsApp communications were completely inaccessible to Meta or third parties, while actual privacy limitations and exceptions were not clearly explained.
Meta says the claims are wrong and insists WhatsApp’s end-to-end encryption is secure. According to the company, regular private messages cannot be read by WhatsApp itself.
On iOS and macOS, WhatsApp stores chat databases unencrypted in an app group container accessible to apps from the same developer. So all Meta apps on the same iPhone (e.g., Facebook) can read WA chats in plaintext without permission, and users wouldn't be notified. Demo👇
Some of my perspective on where the @ethereumfndn is going.
First of all, this is only my own view. The board is not just me, and I have no extra special powers on the board that the other board members do not. @aerugoettinea is the one executing much of this transition. My input has been largely on technical questions. The board is in the process of expanding, and my own power within the org will continue to decrease, which is honestly what I want.
The 2025 era brought many important improvements to EF and its ability to execute. Many issues were resolved, and EF continues to benefit from its improved efficiency and greater focus on concrete goals to this day. And so with those problems resolved, early this year, the largest remaining hole that I perceived was something different nagging at me: I would regularly spot people saying things like "vitalik says these beautiful things about ethereum needing to be decentralized, and have privacy, and be a sanctuary technology, but why do the EF's actions not reflect that?"
Now, you may have been hearing something different. You may not have been sensing a feeling of crisis at all, and maybe were hearing people saying that finally we were taking execution and BD seriously and the main task for us is to keep going that way and be even better and faster. Then probably there is genuine difference between you and me, in what kinds of criticism I take most seriously, and what kinds of critics through their criticism are most able to make me feel pain.
As an analogy, let's briefly switch over to a different domain.
One belief you can have about Google is that it is a success story, and has brought a lot of good to humanity in organizing the world's information. Another belief you can have about Google is that they had a beautiful idealistic beginning, but at some point the corruption of mainstream corporate attitudes seeped in, and they slowly bit by bit completely abandoned the "don't be evil" slogan.
My belief on Google specifically is probably somewhere between the two. BUT, if you had taken me back in time to ~2008, and offered me a button to press to make Google one or two standard deviations more "dogmatic", eg. give Richard Stallman permanent veto power over some key policies, I would immediately press it.
Why? Because a choice for one company is not a choice for the world, or even one country. Google existed and exists in the context of a technology industry generally drifting away from early idealistic don't-be-evil roots and toward greed for financial gain, totalizing visions of accelerated superintelligence, infiltration by sociopaths, and craven capitulation to (or worse, active participation in) government pressure for ideological control, surveillance and war. And so *one company* doing something different, positioning itself to be what George Bernard Shaw calls the Unreasonable Man, resisting the trend of the times, would have been better for freedom, balance of power and stability of society as a whole, than *all* large companies bending to dominant trends. This is a part of my version of pluralism.
This line of thinking is not just mine, but I also is not too far off from what Aya and others had in mind with the Mandate.
Now how does this all get to the role of the EF?
EF is not a "center of Ethereum", rather EF is "one node, with a defined purpose, alongside other nodes". We've always said that the EF should be the latter, but many in the Ethereum ecosystem (and even within the EF) wanted us to be the former. Now, we are taking action to ensure that we will be the latter.
This is particularly important because EF is a limited organization, with limited resources and limited organizational capacity. The EF has only ~0.16% of all ETH (less than many other individual ETH holders), whereas among other blockchains it's common for "the central foundation" to have 10-50%. Fiscally, the EF was originally designed to fulfill a limited work scope defined in the token sale docs and other pre-launch materials (building the chain software; getting through Frontier, Homestead, Metropolis, Serenity), which was fully completed in 2022; it was not designed to be an eternal steward.
And so today, the EF is choosing to use its remaining resources to pursue longevity over breadth (yes, this means we sell less ETH). The EF focuses *specifically* on those activities critical to the success of ethereum as a censorship/capture-resistant, open, private and secure system, that would not happen otherwise. This means making hard choices, and in some cases even activities that we highly approve of and people that we highly respect becoming outside of the EF. People of great technical talent, public respect and even alignment with the mission and CROPS being outside of the EF is in fact necessary if we want important tasks to be able to attract outside capital. This also means the EF taking opinionated stands culturally.
This is all intended in cooperation with all other parts of ethereum. We recognize that many other parts of the ethereum world highly respect CROPS and related values. But highly respecting is not the same as choosing to specialize and totally dedicate to a domain (Compare in a different domain: I think reducing animal cruelty is important, and I like vegan food, but am not full unconditional vegan myself)
EF is still in a transition period, and we expect its new long-term form to stabilize over the next few months. What are the guiding principles of this new form? Again, I am only one person, but I can give my answer from a technical perspective (there are also critical non-technical aspects).
At the core, *Ethereum must be impressive*. We are living in an age of highly intelligent AI and all kinds of other technological acceleration. "Status quo EVM, with a hard fork or two a year to optimize for short-term needs of users" is not interesting.
To some, "impressive" means: 250ms latency and 1M TPS. I think Ethereum trying to go that route is a mistake. Being as fast and as scalable as possible, and only a small epsilon more decentralized than the others, is a route to mediocrity, and if we try it we will lose.
I think Ethereum should scale. But I think Ethereum should strive the hardest to be deeply impressive in a different dimension: the CROPS dimension. This means things like:
* Provably bug-free Ethereum. This is a goal that all cybersecurity researchers would have thought is absurd and impossible, up until roughly 6 months ago. Now, it's on the cusp of being possible, thanks to AI-assisted formal verification. So we should be frontrunners in doing this.
* Available chain consensus. Ethereum is, and with lean consensus will cotninue to be, the ONLY chain that has both (i) traditional-BFT style properties that it's safe under asynchrony up to a high level of fault tolerance, and (ii) the bitcoin PoW-style property that under synchrony it's safe up to 49% attackers. As far as I can tell, literally no other chain has this or is planning for it; bitcoin goes for (ii) only and most other chains go for (i) only. Some will remember I fought hard for this, Unreasonably insisting that it is not OK for ethereum to rely on social consensus and hard forks to rescue ethereum from 34% of nodes going offline. It's OK for chains like hyperledger, bnb, solana, tempo, etc. It's not OK for bitcoin or ethereum or eg. zcash.
* Intermediary minimization. The fact that smart contract wallets, protocols like railgun, etc have to send transactions through intermediaries to get included onchain is honestly embarrassing, and it's a constant point of fragility. Hence the work on FOCIL and EIP-8141 (and 7701 and years of work before) to make transaction sending intermediary-minimized with public mempool and strong inclusion properties, in a truly general-purpose way, that covers not just eg. secp256r1, but also privacy protocols and much more. Kohaku is pushing intermediary minimization at the user layer, pulling Ethereum away from the dystopian status quo world where our wallets don't even verify the chain, send our private data out to a dozen third-party servers, and toward a brighter CROPS future.
Some of these goals are Unreasonable - maybe Ethereum would be "fine" getting only 50% of the way - what if we depend on intermediaries, but make it easy to switch? But going 50% of the way would not make Ethereum Deeply Impressive in the CROPS way. So we push for 100%.
Fortunately all these goals are compatible with high TPS, this is a major focus of research (esp. on scaling the state). Well-designed L2s can also help, especially L2s optimized for specific applications (eg. high-volume trading, privacy...). These goals are even compatible with significantly lower slot times, thanks to Raul's work on erasure-coded P2P, and many other optimizations.
The most high-value "product" of the ethereum blockchain, financially speaking, is ETH the asset. Ethereum secures $250 billion of ETH. The types of properties of Ethereum that I mentioned above are very good for ETH the asset. Nearly 90% of my net worth is in ETH, and most of the remainder is ~$40m of onchain fiat of which every dollar has already been allocated for some open-source biotech or software or hardware initiative. That said, there are aspects of supporting ETH the asset - *necessary* aspects even - that are outside the scope of the EF. This is where we need other heroes (some of whom hold more ETH than the EF does) to step in and help. EF has been recently thinking more about how it will relate to other such organizations, and give them needed initial support.
EF will be a smaller ship than in previous years, a more opinionated one - in some cases more opinionated in ways that might be difficult to comprehend - but a longer-lasting one, and one suited to making sure that ethereum brings something meaningful to the world. We are grateful to all those inside and outside the EF who are helping to make this happen.
📊DATA: 42.5% OF NEW COLLEGE GRADUATES ARE NOW UNDEREMPLOYED.
That's the highest since the pandemic.
Job postings are down 12% from pre-pandemic levels, while applications per posting surged 26%, according to Guardian.
The economy added 251,000 jobs per month in 2023.
In 2026: 68,000.
The labor market isn't broken. The entry-level job just got automated.
It’s no longer just AI companies & their founders being sued over AI training - individual researchers are now being sued, too.
In a new lawsuit, two authors allege that Guillaume Lample, while an AI researcher at Meta, torrented 70 terabytes of pirated books for training Llama. (He later co-founded Mistral.) They also accuse Joelle Pineau, a former VP of AI Research, of being involved.
Suspect we will see more researchers sued in this way as the discovery process in other lawsuits reveals who was involved in getting copyrighted work for training.
this is bad
DO NOT use Telegram in sensitive applications. Telegram does not need to have its message encryption broken for users to be tracked at the network layer. Telegram sends MTProto over unencrypted TCP, exposing auth_key_id - a long-lived identifier tied to the client’s authorisation key. An ISP, hotel WiFi operator, mobile carrier, transit provider, or surveillance system on the network path can see that identifier if they can observe the traffic. It can remain stable across app restarts, IP changes, VPN use, network switches, and location changes. Secret Chats protect message content, but this leak is below that layer. That makes the attack passive. The risk is in retroactive correlation. Think a journalist using Telegram from different networks for months, then joining hotel or corporate WiFi under a real name. That one identity anchor could make old logs searchable for the same auth_key_id. The fix is simple - mandatory transport encryption for all MTProto connections, with no unencrypted fallback. Telegram chose not to do this. Source: @kaepora https://t.co/TJALYAwaOs
WhatsApp encryption is a giant fraud.
The state of Texas just sued WhatsApp for lying to users about privacy — because WhatsApp employees have access to “virtually all” private messages.
Now we know what WhatsApp’s founder meant when he said he “sold his users’ privacy.”
An internal model at OpenAI has autonomously disproved a central conjecture in discrete geometry, a mathematical field with applications in cryptography, wireless device communication, and medical imaging. The proof relates to a famous question posed by Paul Erdős in 1946. It has been verified by prominent mathematicians in a companion paper.
The verifying mathematicians consider this to be a genuinely novel breakthrough on one of the most discussed problems in this area of mathematics. One called it “arguably the best known problem in Discrete Geometry.” Another observed, “If a human had written the paper and submitted it to the Annals of Mathematics and I had been asked for a quick opinion, I would have recommended acceptance without any hesitation. No previous AI-generated proof has come close to that.”
The proof illustrates a general trend towards autonomous, agentic problem-solving in AI systems. OpenAI describes the system that produced the proof as a general-purpose model not specialized in mathematics. AIs can now perform long, novel chains of reasoning on difficult problems and are beginning to outstrip our ability to measure their progress.
AI agents still perform best in domains with easily verifiable outputs, such as mathematics and cybersecurity. For example, Anthropic's Claude Mythos found thousands of vulnerabilities across every major operating system and web browser, and was deemed too dangerous for public release. Such capabilities are why the government is now more interested in evaluating frontier AI models.
AI research is also a field with many easily verifiable outputs. Researchers at OpenAI and Anthropic take advantage of this fact to accelerate their work; senior researchers now claim they make only high-level decisions and let AI handle most of the coding. Experimenting with the coding capabilities of a publicly available AI system, like Claude Code, immediately demonstrates how far AI has come in the last year.
OpenAI and Anthropic intend to use AI to enhance future models with minimal human oversight. To justify the urgency, these companies cite the importance of beating rival U.S. or Chinese labs. Many of the field’s foremost experts warn that this race ends with human extinction.
Policymakers and researchers, including the founders of the AI revolution, are calling for international restrictions on the technology. A growing bipartisan and international consensus of political leaders agree.
⚠️Hackers Compromised 233 Versions of Laravel-Lang Packages by Hacking 700 GitHub Repos
Source: https://t.co/uOvdrO1kna
A highly sophisticated supply chain attack has compromised the Laravel-Lang ecosystem, injecting credential-stealing remote code execution backdoors into 233 package versions across 700 GitHub repositories.
The attackers bypassed direct repository commits by exploiting GitHub's version tagging system to point legitimate tags toward a malicious fork.
The initial infection phase utilizes a stealthy dropper that masquerades as a standard Laravel localization function.
It fingerprints the host system using specific hardware metrics and establishes a temporary marker file to prevent redundant executions.
Via @AikidoSecurity
Happy Friday! Time to check your GitHub repos and rotate your tokens!
😭
The industry has seen an unprecedented wave of supply chain attacks over the past few months. That's why we built Bumblebee, a lightweight security scanner that continuously monitors endpoints and hunts for malicious packages.
Bumblebee has been a critical asset in keeping @perplexity_ai secure, and we're thrilled to open source it for everyone.
We're also using Perplexity Computer to monitor public threat intelligence feeds in real time and update the Bumblebee repo as new threats emerge. Excited to share this with the community!
https://t.co/hkZQ189AsL
🔥 BIG: JPMorgan CEO Jamie Dimon says the bank will hire more AI specialists and fewer traditional bankers, adding that AI "will reduce our jobs down the road."
⚠️Claude Code's Network Sandbox Vulnerability Exposes User Credentials and Source Code
Source: https://t.co/bqHLfsSJCw
Anthropic’s Claude Code AI coding assistant harbored a critical network sandbox bypass for over five months, allowing attackers to exfiltrate credentials, source code, and environment variables from developer systems, and the company issued no public advisory for either incident.
A second complete bypass of Claude Code’s network sandbox, marking what he describes as a consistent implementation failure rather than an isolated bug.
The vulnerability, a SOCKS5 hostname null-byte injection, affected every Claude Code release from v2.0.24 (sandbox GA on October 20, 2025) through v2.1.89, spanning approximately 130 published versions over roughly 5.5 months.
#cybersecuritynews
We are investigating unauthorized access to GitHub’s internal repositories. While we currently have no evidence of impact to customer information stored outside of GitHub’s internal repositories (such as our customers’ enterprises, organizations, and repositories), we are closely monitoring our infrastructure for follow-on activity.
Last Seen Users on Sotwe
HotWife Some Cuckold
Seen from Vietnam
thesa
Seen from Indonesia
STEP SON
Seen from Indonesia
𝗖𝗲𝗵𝗹 𝗖𝗵𝗶𝗼𝗻𝗴
Seen from United States
Lulu Africa TSOnlyfans
Seen from Turkey
pussy sucker
Seen from United Kingdom
Pé Cún
Seen from Vietnam
闷骚小蛔虫
Pemburu Turaskok
Seen from Indonesia
Anal sex ! Galxi
Seen from Turkey
Most Popular Users
Elon Musk
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.8M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.8M followers
Taylor Swift
@taylorswift13
80.6M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.4M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.5M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers