#82
Zero day again, New AMD Chip, Anthropic Shipped, Stripe loves Stablecoins, Sam's 'World', sidebars, faster JS, and more...
👋🏻 Welcome to the 82nd!
📰 Read #82 on Substack for the best formatting
What’s happening 📰
🐛 A new zero-day vulnerability has been discovered in Firefox and the Tor browser. This is a use-after-free vulnerability that allows attackers to get remote code execution access. It is being actively exploited as we write this, so please keep your browsers updated to the latest version! And ofc like all other projects, this could have been fixed if the browser makers simply decided to rewrite it in Rust.
🔢 We have found the largest-known prime number so far and it's a Mersenne prime (2ᵖ-1)! It took nearly 6 years for the GIMPS software to find it after the previous largest known prime. It is also the first Mersenne prime found using GPUs.
✨ AGI Digest
🍪 AMD revealed Instinct MI325X, its new GPU positioned to rival Nvidia's Blackwell. AMD also boasts up to 40% improvements in inference performance on Llama 3.1 compared to Nvidia's H200. The bottleneck in adopting these new chips would however not be the hardware, but rather the tooling and software around it as Nvidia's CUDA is pretty much the golden standard right now. They do say that they are improving ROCm to make it easier for developers to use.
Source: AMD 💻 Anthropic dropped Claude 3.5 Sonnet and Claude 3.5 Haiku with very impressive improvements that re-establishes Sonnet on top of the Aider Benchmark while keeping the same API costs. While the new Sonnet still retains its knowledge cutoff up to April 2024, Haiku 3.5 has been trained on data till July 2024. Aaaaaand they gave Sonnet the ability to interact with YOUR computer, which it does via taking constant screenshots of your device and using it to navigate its way around. Impressive!
📒 Google's been shipping lately with NotebookLM gaining much popularity. There's now a "guide the conversation" feature when generating the audio overviews which help steer the conversations the way you want them to be. Plus, they are going full enterprise model with it, integrating it into Google Workspace with enhanced features for businesses, universities and organizations. Also, you can now generate images via Imagen 3 from the free version of Gemini!
⚓ Model Drops:
⚖️ After facing several backlashes about its earlier SD3 models, StabilityAI finally released Stable Diffusion 3.5 with the weights of the Large and Large Turbo models (both having 8B models) available today and Medium (2.5B model) to be released on the 29th of this month. While the SD3 is still behind flux 1.1 Pro (not included in the comparison graph provided by StabilityAI), it being an 8B model and the weights being available for personal and commercial use for orgs that are making < $1M in revenue is a huge win!
Source: StabilityAI Blog 🐍 ZyphraAI released Zamba2-7B – a hybrid-SSM model whose base variant outperforms Mistral, Gemma, Llama3 & other leading models in both multiple benchmarks and speed, while the instruct version is similar to LLama-3.1 8B Instruct. The speed improvements in its Zamba architecture come from combining SSM and attention architectures by using Mamba layers interleaved with shared attention layers.
🎐 On the anniversary of Mistral 7B, they dropped two small models called the les Ministraux series: Ministral 3B and Ministral 8B. Both of these models perform well for their weight class and they released the weights for both of these models. However, only the 8B model has the research-only license.
Source: Mistral News Page 🍡 Genmo released Mochi 1, a SoTA open-weight text-to-video generation model under the OP Apache 2.0 license!!! It has a 10B diffusion base and can currently generate images of 480p. You can grab the weights from HF (only if you have at least 4 H100 GPUs) or try it out from their playground.
🤖 Nvidia released Llama 3.1 Nemotron 70B Instruct, a Llama 3.1 finetune which performs really well on the LMSys benchmark for a model of its size. While it's an excellent release from Nvidia, especially their accompanying research paper about the reward model, the hype that it's better than Sonnet or GPT-4o is just tall talk.
Comparison with similar-sized Qwen2 72B Instruct for code editing | Source: Aider Code Editing Benchmark 🐳 DeepSeek released Janus, a unified multimodal text and image generation model. Compared to similar architectures, Janus decouples the visual understanding and generation into different encoders, while still utilizing a single, unified auto-regressive transformer architecture for the rest of the processing.
Source: Janus project page 🖲️ MetaAI released CoTracker3, a SoTA point-tracking model trained via pseudo-labels using off-the-shelf teachers. This overcomes the limitations of the previous models which were trained majorly on synthetic data that failed to generalize on real-world data.
🔐 0x Digest
💰 Stripe acquires stablecoin platform Bridge for a whopping $1.1 billion making it crypto's largest acquisition ever. This would allow them both to work together to make it easier to transact, both in off-chain dollars and on-chain stablecoins.
😱 Exploits:
🐦 Eigenlayer’s Twitter account got compromised in a hack which posted malicious links of fake airdrops from their account. Thankfully, they were able to retrieve it in a few days but it’s still scary how you cannot trust even the official accounts as you may never know who’s behind what. A rule of thumb — if it’s too good to be true, then it probably is!
💸 Radiant Capital possibly suffered a $51 million exploit on its BNB Chain and Arbitrum chains. It was a
transferFromexploit which uses a smart contract’stransferFromfunction to enable one account to send a specified number of tokens from a target account to a third account.
📱 EthOS' first phone model, the dGEN1, is now available for preorder with a release in Spring 2025. The phone is about half the size of a typical iPhone. It has a second touchscreen for notifications and transaction metadata, a 3x3 LED grid for notifications and flair, and a laser. EthOS provides a light client, a system-level wallet, and an onchain-native browser.
🌐 Worldcoin surprised everyone (including some of their own employees) and rebranded to 'World". It also announced more powerful orbs and more integrations with government verification identities.
🛠️ Dev & Design Digest
🦕 The Deno team announced Deno 2, with quite some major changes including backwards compatibility with Node.js and npm and native support for
package.jsonandnode_modules, allowing you to simply run your existing node projects with Deno right out of the box. Plus, deno is now a package manager as well so now you can just godeno installand everything would be installed in an instant. And it is wayyyyyyyyy faster now!
Source: Deno blog 🚅 After a total of ten (10) years since the PR was first opened, the ExpressJS v5 is finally merged and published. And despite being a major release, the devs tried to keep the breaking changes to a minimum. The major changes? Support for Node 18 and up, dropped regex support, handling of rejected promises, some
body-parserchanges and removal of deprecated methods.🧁 A presentation at the October TC39 meeting sketches the future of JavaScript. It’s important to note that these are just preliminary ideas!
Instead of all of JavaScript being implemented by JavaScript engines, we’d have:
JS0: core language, implemented by JavaScript engines
JSSugar: syntax features, transpired to JS0 by tools
JSSugar defines translations like those already performed by tools such as Babel and TypeScript. One upside is that it eases the workload of JavaScript engine implementers, who face increasing security risks with each new feature.
🆕
Promise.tryenters the chat with limited support, starting with Chromium. This proposal is in stage 4, but it adds just more syntactic sugar to build promises out of arbitrary callbacks.📦 shadcn added 30+ sidebar components in its shadcn/ui library and all of this works out of the box in all of Next.js, Remix, Vite, and Laravel. How awesome!
What brings us to awe 😳
⌨ Google Japan made a Möbius strip-shaped keyboard. Don’t ask us why! 🙈
🕵🏻♂️ A guy has been sneakily reuploading Family Guy on YouTube by using some kind of secret steganography which has the complete show as the video but shows an entirely different video in the preview pane that appears when you hover on the progress bar.
🛰️ The first image from ESA’s Euclid space mission has revealed the first piece of its great map of the Universe, showing millions of stars and galaxies. Check out their video to make a sense of it, of the vastness of the universe and the insignificance of humankind.
Today I (we) Learnt 📑
🐛 The first actual case of a bug being found was in 1947 when engineers traced a problem with the Harvard Mark Il to a moth trapped in a relay, they taped it into their log book.
"Bug" had long been the common jargon for a problem with a technical device. The engineers were tickled to find a real one. [Source: Nibbler A’s visit to CHM]
💬 Netlify has a shared terminology for code reviews Feedback Ladders to standardize the code review process and make comments more informative and less intimidating. It’s like a 5-year-old thing, but I can feel the structure it’ll bring to the chaotic reviews.
☕ Starbucks India charges different prices based on the locality of the store, which is a little weird considering in India big chains mainly represent consistent prices.
🦅 You can use
filter:follows -filter:nativeretweets -filter:replieson Twitter search to get all the tweets from your following list without the retweets or any replies. Twitter also allows you to search for tweets within a list by addinglist:<list_id>in your search query where thelist_idis the large numerical ID that's in the list URL.
🤝 You have read ~50% of Nibble, the following section brings tools out from the wild.
What we have been consuming 🔖
🌚 Dark Patterns Hall of Shame is a collection of dark patterns and unethical design examples on the internet that use manipulative design techniques which should be avoided at all costs.
🏢 A job in Big Tech is a career goal for many software engineers and engineering managers. So what leads people to quit, after working so hard to land these roles?
🤝 Cofounder Mode, a writeup by Rob lays out a tactical guide to finding a good co-founder for your startup.
Builders’ Nest 🛠️
📄 fast-grid: World's most performant DOM-based web table. For those of you who know how making performant tables is still hard in 2024, you should try this out.
📊 mitata: A beautiful javascript benchmark tool
🔢 number-flow: A React component to transition, format, and localize numbers.
👺 greenmask: PostgreSQL database anonymization and synthetic data generation tool
Meme of the week 😌
Off-topic reads/watches 🧗
🫂 Capture less than you create by DHH, saying “Thou shall not lust after thy open source's users and their success”.
✍️ Leadership Lab: The Craft of Writing Effectively by UChicago is an excellent session on how to cultivate ideas and write them efficiently for your readers.
🤷🏻♂️ Confused about Good by Seth, talks about how "good" and "popular" are frequently two distinct and independent qualities.
🧗♂️ Learning to Learn by Kevin talks about how learning what and how to learn gives you a real edge.
Wisdom Bits 👀
“A flower does not think of competing with the flower next to it. It just blooms.”
— Sensei Ogui
Wallpaper of the week 🌁
🌌 Grab the week’s wallpaper at wow.nibbles.dev and well we found some images from Webb.
Weekly Standup 🫠
Nibbler A had a build, ship, and close items kind of week, he has another few days of travel and plans to touch grass in Swades for some time now. Also, he plans to do some long-due catch-ups with friends, mentors, and well-wishers.
Nibbler P has been busy with work and enhancing his portfolio. He is almost back to his pre-dengue strength, and he celebrated by watching a couple of movies over the weekend.
If you liked what you just read, recommend us to a friend who’d love this too 👇🏻