👋🏻 Welcome to the 69th! 😼 (& happy ~π day!)
This week was more interesting and feels like a year already to us (hacks, crashes, compromises, but also releases, and launches coming). Let’s delve in!

📰 Read #69 on Substack for the best formatting

🎧 Podcast version of this edition is available here → #69 | Recast

What’s happening 📰

• 🚨 On Friday 19th July, a worldwide outage happened as a lot of Windows corporate machines crashed to BSoD1 due to a faulty update from cybersecurity provider CrowdStrike, affecting banks, airports, hospitals, restaurants, etc.
  Contrary to the initial set of tweets you might have read, it was not Microsoft’s fault. It was a missing null check in a sensor configuration update (it was supposed to address a new type of attack based on malicious named pipes). The new code was trying to access an invalid memory address (0x9c), which led to Kernel panic on Windows machines and led to BSoD. The software involved was CrowdStrike’s Falcon (spyware for corporate, which detects and reports anomalies) and they have released a detailed RCA too. (hey you! Be careful before saying LGTM next time).

• 💸 VCs are back at the investing table again and AI is their favourite child this time which resulted in a record share of global funding in Q2 2024, with most top VCs making multiple AI-related deals.

✨ AGI Digest

• 🧑🏻‍🏫 Andrej Karpathy (the GOAT) announced his new AI+Education startup Eureka Labs where he's building a new kind of school that is AI native. Think of it as a school assisted with an AI Teaching Assistant who is optimized to help guide the students.

  

• 🔢 Project Numina released its winning model as well as its technical report and blog post on How NuminaMath Won the 1st AIMO Progress Prize. The secret? among other things, is good-quality synthetic data built on top of pretty solid and diverse seed data.

• ⚓️ Model Drops (it was a pretty loaded week)

  • 🧼 Mistral had a banger week dropping not one, not two but three Apache 2.0 licensed models! It released two 7B models — MathΣtral designed for math reasoning and scientific discovery (also built in colab with Project Numina) and Codestral Mamba, a variant of its code-generation Codestral model built on the Mamba architecture offering linear-time inference. And then NeMo, a small 12B model with 128k context length with impressive efficient multi-lingual performance, thanks to a shiny new tokenizer.

    

  • 🤏 HuggingFace goes big on small models, releasing SmolLM, a family of 135M, 360M, and 1.7 B-sized models, which are tiny enough to run on your smartphone (as the adage goes, "good models will get smaller, small models will get better"). In fact, the 1.7B model outperforms Phi-1.5 and Qwen2 1.5B!

  • 🤌 OpenAI released GPT4o-mini, with 128k context length, function-calling, vision capabilities, and a whooping 16k output sequence length (this length is the first of its kind for a model of this capability). This finally replaces its long-standing GPT-3.5T on its free offerings as well while cutting the API costs in half!

    

  • 👀 ColPali proposes that just slapping a VLM to a document is good enough to efficiently retrieve content from it without going through the traditional route of using OCRs, Document Layout Recognition, Chunking, Captioning, and Text Embedding Models that add both complexity and processing time to it. They use a combination of PaliGemma-3B (Vision LLM), SigLIP-So400m (vision transformer), and Gemma 2B (LLM) to split the document image and store a multi-vector document representation for each of them, and the performance is impeccable!

    

  • 🍎 Apple has been pushing out impressive truly OSS models recently and just last week, they released DCLM, a 7B base model, trained on primarily English 2.5T tokens they not only released the model weights but also the training code, and the dataset. Performance-wise it beats the Mistral-7B which was primarily trained on the closed-source dataset. Impressive!

• 🗂️ Miscellaneous

  • 📱 Anthropic released its mobile app for Android — even more places to use the immensely useful Claude 3.5 Sonnet.

  • ⚡️TogetherAI announces Together Inference Engine 2.0 with new Turbo and Lite endpoints. The Turbo provides fast FP8 performance while maintaining quality, while the Lite provides the most cost-efficient and fast inference albeit with a little dip in quality.

🔐 0x Digest

• 💥 Never a dull day in crypto, but a week full of hacks? ah! YES!

  • On July 18th, WazirX, India’s biggest CEX2 suffered an attack on one of their multi-sig wallets with six signatories (no official reports on how?), loss of funds exceeding $230M (The perpetrators are reportedly leveraging Tornado Cash & chain hopping to make themselves untraceable), and considering multi-sig is as secure as things can get, they described the attack as “a force majeure3 event”. They even reported it to National Cyber Crime & few other investigation agencies. (😭 I’m not sure, if they remember but Govt in India were never fond of crypto exchanges)

    • There is potential involvement of Lazarus Group, a North Korean state-sponsored hacking group.

    • 4 days after that, they even opened a White Hat Bounty of $23 Million (up to 10%) for whoever helps in freezing or recovery of the funds.

  • Earlier in the same week, LI.FI Protocol’s Bridge smart contract exploit made all the accounts with infinite approval set vulnerable, losing around $11M this time. In 2022, a bug in the swapping feature of LI.FI resulted in a $600k loss.

  • Also, on June 22, CoinStats’s AWS compromise affected 1,590 wallets leading to $1M worth of funds being lost.

• 🚀 But no matter what, there are always things to look forward to

  • Five-spot ETH ETFs will begin trading tomorrow in the Chicago Board Options Exchange.

  • Avail DA goes Mainnet tomorrow (23rd July)! If this goes well will drive demand for $AVAIL.

  • One of the founders of Polygon, JD introduced Morphic Studios, a platform that helps you get from ideation to final story (make your own animated movie/series).
    

• 🎮 The Open Platform (TOP) has made a strategic investment of an undisclosed amount in Akedo Games to develop clicker Telegram games in TON’s blockchain ecosystem, catering to a 900 million user base.

• 💳 After a hit mobile self-custodial wallet launch last April, Uniswap is now back with a browser extension wallet. But it’s not your regular pop-up UI wallet, this one is special because it uses chrome.sidePanel API, to make sure that no matter where you go, the context stays and updates in realtime. It gets triggered using Cmd + Shift + U and opens the panel on the side.

  

🛠️ Dev & Design Digest

• 👗 npm registry removed README content from package version metadata to reduce the size of package packument4. This seems like a small change but it will make the package metadata leaner, making npm CLI and npm registry faster.

• ⬇️ You can now (finally) import and export Markdown in Google Docs… err, by going to File > Download to export or File > Open to import. Would have loved direct copy/paste to the rich-text editor, but hey it’s still something and it is useful!

• ⚓️ Chrome ships CSS anchor positioning API, to give context. This API lets you use CSS to define “anchors” that avoid the limitations of absolute or fixed positioning. It’s a big deal because it makes it easy to build features like menus and submenus, tooltips, selects, labels, cards, and many more using native API, which earlier would require hundreds of lines of React code. (& keep people employed).

What brings us to awe 😳

• 🧩 Custom element tag names don’t need a hyphen as a separator of characters, they only need the hyphen. <mytag-></mytag-> is a valid tag.

• 🇺🇸 In December 2023, the U.S. effectively grew by the size of about two Californias or one Egypt (~1 million km²). Interestingly they didn’t gain any dry land, as it expanded as part of an extended continental shelf, which is a maritime area.

• 😼 Robin-Yann Storm explains A classic motion design mistake in Google Calendar and why you should kick the person who says “No user will click faster than our animation” in a design meeting.

Today I (we) Learnt 📑

• 🛜 Is it WiFi, Wi-Fi, wifi, or some other combination? Doesn’t matter how you write it, because funnily that is not the real name of the technology. The technology it refers to is well, ackchyually WLAN (more precisely IEEE 802.11). “Wi-Fi” is a trademark of the Wi-Fi Alliance (which certifies the devices) and shares the same fate as “Fridge”, “Band-aid”, “Colgate”, “Xerox” etc, where the product name becomes synonymous with the category.

• 🤖 The Automation Paradox is that the better our machines get, the more we struggle when they fail (the more SaaS we get, the more we yap!)

  

• 💻 You can deploy servers on localhost subdomains. pssstt… it is just a /etc/hosts trick.

  

• 🌦️ What causes Bangalore’s late afternoon rains? and how is it related to Green Chromide? How are they related to Madagascar?5 [Shared by Kautuk]

🤝 You have read ~50% of Nibble, the following section brings tools out from the wild.

What we have been trying 🔖

• 🏞️ pngmaker: Convert text to PNG with transparent backgrounds.

• 🏴‍☠️ MacTreasure: Collection of underrated macOS applications.

• 🔓 Opening up ChatGPT: Tracking openness of instruction-tuned LLMs

  

Builders’ Nest 🛠️

• 📜 eidos: Offline alternative to Notion. Eidos is an extensible framework for managing your data throughout your lifetime in one place.

• 🎟️ Tegon: an open-source, AI-first alternative to Jira, Linear

• 📦 mako: An extremely fast, production-grade web bundler based on Rust.

• 🛝 kaplay: a JavaScript game library that makes it easy to create games. It's the successor of Kaboom.

Meme of the week 😌

Off-topic reads/watches 🧗

• 📤 Larry Page explains how he decides what to work on

• 🎧 The Ken launched Two by Two, India’s first premium-only business podcast and we both absolutely loved the first (which is free-to-watch rn btw) episode: Will Flipkart become PhonePe before PhonePe becomes Flipkart?

• ✨ All about agents, multimodality, and cheaper AI analysis by

  Ashu Garg
  B2BaCEO by Ashu Garg

  Three breakthroughs driving AI forward, from Regie.ai founder Srinath Sridhar

  Srinath Sridhar has a knack for seeing the future of AI before others catch a glimpse…

  Read more

  5 months ago · 4 likes · Ashu Garg

Wisdom Bits 👀

“You never know what worse luck your bad luck has saved you from.”
― Cormac McCarthy

Wallpaper of the week 🌁

🌌 Grab the week’s wallpaper at wow.nibbles.dev

Weekly Standup 🫠

• Nibbler P rested for the most part this week and attended a couple of important meetings at work. He was also super engrossed in reading about the intricacies of coffee-brewing and couldn’t shut up about how good James Hoffman’s works are.

• Nibbler A had a fun hacker week with the team, mostly hacked and yeah he got some nerd-astic gifts from SF (yay!). By the end of the week, he got busy with some personal work, hella week for him. (& even more hectic one ahead -_-)

If you liked what you just read, recommend us to a friend who’d love this too 👇🏻

Refer a friend