GitHub Got Hacked, $500 Million Spent on AI in a Month & Bots Built Their Own Religion Cloud Unplugged
Hello,
welcome to another episode of Cloud
Unplugged.
We've got some new stories today on the
kind of classic theme of compromisation
and
We have GitHub getting breached by some
basically BS code extension malware.
We have the US Cloud Act basically getting
instantiated and Microsoft and Meta
handing over basically Dutch civil servant
details to the US Senate.
And then we have two random stories which
we'll save to the end like we normally
kind of do.
I do have my own random story this
morning, which is a little bit, well,
I guess shocking.
So I kind of came to,
I was going to the gym, normal routine,
get up in the morning.
Although this time,
because I was working from home,
I decided to drive.
So because it's a little bit far away,
a couple of miles,
kind of got into the car.
This is like maybe, what,
about quarter to seven this morning.
And I got to the end of my
road.
And obviously at the very end of my
road is a really busy, well,
it's not really busy,
but it's like the longest road in London.
And so it gets quite a lot of
traffic because it kind of connects the
north and the south.
So there's a lot of kind of cars
that go there.
Directly opposite is another road that you
can obviously go up as they kind of
go up and down the kind of one
way,
depending on which road you can go up
one, down the other.
Anyway, there's a woman.
at the very end of that road opposite
me that I'm kind of staring directly at,
who is bent over as in doubled over.
And I thought she was kind of being
sick.
She was kind of spitting.
But she also had her leggings down and
was urinating at the same time on the
corner of the road of a busy high
street.
And I just thought to myself, oh, God,
it's just like a drunk or maybe like
somebody that's obviously just really
pissed or whatever.
maybe a bit of a drug abuser or
something,
but she was prepared with toilet paper.
So then I was like,
that's not necessarily an accident when
you've got toilet paper to hand on a
corner of a street on the main busy
junction of a road.
So it was a little bit bizarre.
So yeah,
that was my morning going to the gym.
And I've never seen... I mean, I thought,
yeah, I've never really seen anybody...
kind of organised to that degree for an
event like that.
And the only time I've ever seen anything
that gross was when I went to San
Francisco and right in the centre of San
Francisco, which is kind of, you know,
they've kind of got drug and homeless
problem.
Somebody was shitting just in front of
everybody, but also feeding the pigeons.
And the combination of those two things is
such a bizarre combination of things to
try and do at the same time.
So that was the only time I've ever
seen anything like that, Salman.
So that's how my morning started today,
pre-gym workout in the heat.
So yeah, what do you think to that?
Is that something you've ever seen?
Yeah, I mean,
I don't go to gym in the morning
at that time,
so perhaps I'll never come across it.
I'm not going to lie to you.
When you started talking about when you
started going into details,
I just wanted to know where it was
going.
Perhaps it was a hacker who was pretending
to be something,
but I did not expect the end that
you're saying.
Luckily, I have seen some stuff,
but I kind of turned
turn my face the other way and just
walk across but yeah no that's uh well
i suppose maybe in wales it's happening a
lot it could be it could be happening
in wales all the time you're just not
up early enough to witness it or it
could be a movement i don't know maybe
it's a movement hello don it's a london
thing sorry do you think i don't know
i don't know maybe it's a social media
trend
that's occurring through, you know,
I actually don't know, but I'll keep...
Let me ask you this, John.
Are you okay?
Let me ask you this.
I'm okay.
I don't know if she's okay.
I don't know who she was or if
she's okay.
But yeah, she's on the move.
So maybe other people might find her or
see her as well.
I don't know.
She could become a populist figure.
But anyway, talking about...
Breaching elsewhere.
Breaching.
Breaching, yeah.
Let's move on.
from defecation on the street to GitHub
getting breached by some
kind of VS Code extension.
Do you want to talk through that?
I know something happened afterwards,
but yeah, I'll come on to that.
Yeah, yeah.
We keep hearing all these supply chain
attacks all the time.
There's a team,
a threat actor calling themselves Team
PCP.
They compromised a GitHub employee's
developer device by deploying a malicious
VS Code Visual Studio Code extension,
an IDE developers love.
to use for the development processes i
don't know how many people still use it
i still use it but this malicious visual
studio code extension was in the in the
marketplace only for a few minutes but
this developer unfortunately
installed it and then the malicious
hackers the team pcp was able to steal
the credentials from the machine and
access github internal repositories and
download about like four thousand of these
so ide has now also become uh is
now supply chain attack surface which is
um you know this this happened which is
a which is a big thing and uh
Yeah,
one malicious extension installed could
happen to anybody.
I mean,
it's one of the older tags that people
usually use.
Inject a malicious image or a package or
anything like that,
but now also Visual Studio Code
extensions.
Yeah, that's mad.
Because I was reading about the Megalodon.
I don't know if that's how it's
pronounced, which was...
basically all these stolen credentials
essentially for GitHub,
like deploy keys and Pats as well,
access tokens.
And they basically then were using these.
So I'm just wondering whether they got
that from this guy who had access to
it was a GitHub employee.
Have they managed to get all these deploy
keys?
And Pat somehow from repo,
I don't know if they work because I'm
presuming it would be encrypted,
but who knows?
But somehow
Obviously,
they've got access to all of these
credentials,
and then they were using them to then
go and do basically just merging master.
Well, sorry, main now, isn't it?
But yeah, merging to main,
some kind of hidden pipeline steps and
things like that to then get other
credentials like Azure, Amazon, GCP,
and stuff like that.
Yeah, the classic backdoor,
installing a backdoor just so they can get
in and do whatever they like.
And yeah,
just to add the almost four thousand
repos,
the GitHub internal repos were then
actually on sale on the black market for
fifty thousand dollars.
That's cheap.
That's very cheap.
But I don't know who decided.
I don't know who decides the price.
How are you putting fifty thousand dollars
to this?
And nowadays you can create stuff.
But anyway,
that's what's happened with this stuff.
So the boring old security is still our
friend.
We still need to have protection in
multiple layers.
Make sure you have
multiple credentials,
make sure you have two FA enabled,
make sure you're installing things from
trusted sources.
So I still,
it is a bit of an issue because
this could happen to anybody, right?
Turns out the most dangerous thing a
developer can do is not just push code
to production on Friday,
it's installing an extension from VS Code
Studio.
Are they on managed devices?
Do the extensions also get managed inside
of, because normally it's an app player,
isn't it?
So I guess extension is getting installed
though still,
but I'm assuming quite a lot of people
wouldn't,
think to necessarily lock down extensions
but yeah who who knows yeah people people
do lock down completely so some some
companies do completely lockdown
installation of extensions but then of
course that slows some of the developers
down yeah because then central teams have
to approve all these extensions they don't
the developer might not have an extension
that colors their code properly so
They can't really do any work.
So some of the teams do lock down,
and they have to install them from their
trusted sources.
But then the platform team has to keep
playing catch up of installing the right
extensions.
But yeah,
I think in the day and age that
we are nowadays with all these toolings
being installed,
I think we need to go to a
point where things are locked down and not
just install anything.
that you need.
Or perhaps install the extension.
Yeah,
I think it's becoming a bit of a
problem.
It is becoming a bit of a problem.
There was other things as well.
I mean,
it should probably more appeal to you,
I guess, just in general.
But you know,
everyone thought OnlyFans got hacked.
um, you're safe.
Your credentials didn't get leaked.
You weren't, there weren't hats on them.
It was basically, um,
so you don't need to panic anymore, um,
about that.
But, um, they, uh, they basically,
basically they were kind of cross
referenced and then basically created
synthetic data.
So people just like lying as well to
kind of get money,
just pretending that they've kind of
hacked you.
And then also there's another one by, um,
cybersecurity and infrastructure security
agency, bit of a mouthful, but like CISA.
They're like the body, like Gov body.
They're a bit like our NCSC equivalent,
I think.
But they also basically just,
I think they committed a load of data
that had all the GovCloud credentials in
it and all sorts.
And that was like public from November all
the way through until I think recently.
Maybe this week where it kind of got
spotted that basically some contractor
from CESA managed to commit things up.
But yeah, so that's another thing.
Everything, it's all transparent nowadays.
Install your own things, you know,
all about transparency.
Get the data in there.
Don't need to worry.
Yeah, I mean, just to clarify,
because my family's probably going to be
watching,
John's joking about OnlyFans credentials
being lacked by OnlyFans.
I don't have them.
That's exactly what somebody on OnlyFans
would say.
I mean, that's one of the guilty...
The only credentials I have is for Cloud
Unplugged.
That's the only media I'm conceiving.
Yeah, well, no, it's just more the...
You've just got a big range of content.
Let's just leave it at that.
Salmon's got a lot of content.
No, I'm joking.
Yeah, obviously...
So in summary,
what we're seeing now is the attackers are
using the same old tricks of putting in
malicious software,
putting in malicious containers,
putting in malicious extensions.
And it's the same things are repeating
over and over again.
That means we have to stick to the
same old security principles.
Companies like GitHub are getting...
breached,
which means that maybe people are trying
to move way faster than they were before
with all these AI tools.
So I think we need to take a
bit of a more cautious approach with
trying all these new tools out.
Because every week, John,
you and I talk about
Yet another instance.
And I added a few more to our
discussions today,
but I had to just take them out
because otherwise our podcast is not cloud
unplugged.
It's about incidents unplugged.
That's all we're talking about.
Yeah,
a lot of them are very supply chain-esque,
aren't they?
They've kind of got in on that.
So it seems to be like everyone's cottoned
on.
that been the way in getting it on
the device but yeah um another thing which
we've also been talking about uh quite
often and we did it in the episode
is obviously the uh the obviously cloud
act us cloud act and
the sovereign cloud and the funding by the
EU to build their own EU cloud.
And there was a story recently where
basically the Dutch Authority for
Consumers and Markets and then the Dutch
Data Protection Authority.
So they kind of investigate tech
censorship.
So they were kind of looking at
I mean,
I don't think it was the Trump
administration,
it was Biden administration at the time,
how they were almost like coercing the big
tech firms to kind of censor certain
information and things like that.
So there was this investigation going on.
And I think it was called jawboning.
Don't know why,
but why he basically put pressure on them.
Don't know where that comes from.
But the government requested information
about it from Microsoft and Meta,
and they basically gave them a bunch of
information,
emails and names of people back to the
US government, to the Senate, basically,
of basically who these civil servants are.
But rather than anonymizing the civil
servants and just kind of giving some
I don't know,
maybe like anonymized emails and just more
on the content.
They actually left the names in.
And so the obviously Dutch officials are
really annoyed about it.
And so it's just generally the EU just
because of sanctions, maybe,
or travel bans on those individuals or
kind of them being maybe targeted.
So, yeah.
And so I guess there was also off
the back of that,
then a thing called CADA,
which was Cloud and AI Development Act,
where they've tried to define what
sovereignty means,
because there was a lot of things of
maybe set up a sister company.
It's kind of related to Amazon, et cetera,
et cetera.
Is that sovereign?
Because it's technically in the EU.
And so they came up with basically new
acts and a framework called Seal.
which again, more acronyms,
which is sovereignty, effectiveness,
assurance levels.
So basically zero to four of how they
categorize the level of sovereignty,
where obviously zero being no sovereignty
and then all the way up to basically
software and chips being sealed for where
they manufactured in the EU is a software
owned by companies in the EU, et cetera.
So it kind of goes all through the
different levels from hardware
to country through to like chips and
software.
And basically none of them,
nobody can meet seal four.
I think the highest is maybe seal two.
Okay.
So yeah,
that's kind of the state of things at
the moment.
We spoke about Sovereign Cloud two
episodes ago,
where there was a €-EU grant from the
EU to build the Sovereign Cloud.
And we talked about the reason why they
started it was...
because of the Cloud Act.
And it looks like the Cloud Act is
already in action where these credentials
were shared.
And interestingly, this is the seal,
zero to seal four,
which is the scale that you mentioned,
Gartner,
recently also published a report saying
you can only have a sovereign cloud if
you're either USA or China,
which is what you were talking about with
the CO for layering,
because what they're saying is, yes,
you can build your warehouses,
your data centers and whatnot,
but the technology stack
still requires the chips that you get.
TSMC makes chips in China, right?
Even if you take enterprise solutions like
AWS Outposts or anything like that,
if you connect it on premises,
it still has to call home.
That still thing has to call to USA
to say, yeah,
I'm connected or doing whatever you're
doing, right?
So Gartner comes out.
Basically,
they're saying they published the verdict
with no asterisk.
The genuine cloud sovereignty is only
available and achievable by US and China.
So everything else,
everything else is others cannot build a
super sovereign cloud and all you have is
just like a branding exercise.
That's what they said,
which is fair because the chips and the
software that runs on it
It's not built in Europe.
Most of the ones are coming from USA
and China.
The machine that's out,
I think it's in the Netherlands, isn't it?
The one that can basically produce the
semiconductors.
What's it, ALSM or something like that?
I can't remember the acronym.
It's a bit frustrating because you've got
that innovation in Europe and that's about
it.
Beyond that,
all the investment that you'd think
It kind of does piss me off a
little bit.
All the investment that should be kind of
going to innovation,
they've kind of left themselves,
Europe's kind of left themselves exposed
because they're more bureaucratic.
And I don't want to sound like some
kind of US Republican, but it is true.
It's a very bureaucratic continent.
Lots of policies not so high on the
innovation and not so high on the
enablement of innovation comparative to,
say, US and China.
And so just putting a bit of money
up is not the sole answer.
Clearly,
there's a cultural issue and policy
constraints and loads of other things that
just have to probably shift beyond just
having a big wad of cash to then
inspire innovation somehow.
But yeah, I don't know.
I don't know what the solution to this
is, to be honest, John.
I don't know what you think the solution
to this is,
because every time people talk about
Sovereign Cloud and having your
destination of your own data,
I don't really think we can ever achieve
Sovereign Cloud in Europe from what I've
been reading.
So it's just basically a branding
exercise, John.
Yeah, it is.
It just feels like a bit of branding.
Or we need to go all in on
AI.
and basically task AI to build a cloud
and be like, right, get the robots.
Let's get AI working.
I think it's like a robotics convention.
I don't know if you saw that today
on the news.
It's like a robotics event going on.
I saw like dancing robots on the TV
this morning.
I don't know where it was.
I don't know.
Every time there's a convention,
there has to be at least one dancing
robot video.
There has to be.
Minimum at least one.
Minimum one.
Otherwise, is it really a convention?
It's not a convention.
No, there's no dancing robot.
It's just a meetup.
Just a meetup.
And then I'm sure next year when robotics
hopefully gets better,
they'll have synchronized dancing robots
instead of just one dancing.
Both of them will be synchronizing.
Maybe Bob and Gary from last week,
they will do that dance.
Bob and Gary from last week will do
it.
Or maybe.
Twenty five percent.
Of attendees.
Robots are attending the convention.
To learn the moves of the other robots.
And to learn from other robots.
To start rocking up.
Maybe that's to upskill themselves.
Forget about cloud sovereignty.
Just make robots that can dance.
Yeah, exactly.
Or just test them with building.
That's going to be the fastest way to
get the data center going.
They can work.
They can pack things.
They don't sleep.
They can take it in turns.
If you want to get into building a
cloud, get the robotics on it.
Get some robots.
Get some robots.
I mean, I've shared a random story,
obviously, that wasn't quite tech-related.
But it wasn't quite random because you
said it also happened in San Francisco.
So that's not really random, is it, John?
What do you mean they're following me
around?
Yeah, I think it's not random.
Maybe let me know next week what happens
when you go to the gym.
Oh, right, I see.
I'm sponsoring them secretly.
I'm not saying anything, John.
Because the views were not that great for
the last episode.
I kind of had to plant something for
you to talk about at the beginning.
Was it you at the end of the
street?
I don't know.
We'll find out.
Yeah, what's your random story?
So...
It's random, but not quite random,
actually.
I don't know if you come across a
term called token maxing.
This is something that came out of some
streaming.
Some guy who was streaming looks maxing
things you do to improve your looks the
most.
But token maxing was coined as a term
was a practice of maximizing your AI token
consumption as a proxy for productivity.
So instead of saying,
I ship these many features,
companies loved it when people just
consume credits.
And Jensen Huang was on a podcast a
few months ago.
He's like, well,
if my engineer is not spending two hundred
and fifty thousand credits tokens a year,
then why is he even working?
so token maxing was a big thing john
but since the last couple of weeks there's
been a big shift uber used to have
internal leaderboard saying who's at the
top list of consuming all these tokens but
then what what they realized is that the
ceo came out and said well we spent
all our budget for ai credits and tokens
In April,
all the budget of twenty twenty six got
spent in April and they cannot point it
to any features or consumer features that
were shipped using purely AI or AI
assisted.
Which is a bit of a shame.
Also, I know it's funny,
but that is so fucking ridiculous to be
like.
Yeah.
I mean, who would even fall for that,
though, on the gen?
I mean,
the fact that people have fallen for that
from Jensen, who.
Obviously,
it's a conflict of interest to be like,
yeah,
the more cycles of GPU cycles you're
using, the more productive you are, guys.
Am I right?
I mean, it's like, what?
So, yeah.
And obviously, also,
you're not productive because it's the AI
that's kind of being productive.
It doesn't even make any sense.
It just doesn't make sense at all.
It doesn't.
And then it doesn't stop there.
So Uber is like, okay,
we're going to stop this madness.
We need to stop this leaderboard.
And to be fair, Anthropic, and again,
it was on X,
some of the engineers were mentioning,
they did think about, oh,
should we have internal leaderboard?
But people were not for building internal
leaderboards because leaderboard
consumption of tokens is not...
uh uh you know a good indicator for
how much value you're adding uh but axios
has the same problem uh because what they
were coming out by saying is they're
finding their engineers just asking ai for
what the weather is just wasting tokens
right just wait what is the weather
wasting tokens also microsoft cancelled
most of it cloud code licenses after token
bill basically spar a lot of control
And another company,
it was literally yesterday,
an AI consultancy company came out and
said one of the companies they were
consulting for ended up spending five
hundred million dollars a month in cloud
code credits.
Five hundred million dollars a month.
What company had five hundred million to
spend?
I don't know.
I don't think they have to give this
money back somehow.
Yes,
you can stick in usage limits yourself.
How can you spend five hundred million
dollar on any software?
I just don't understand.
In a month.
Don't worry about Claude.
Don't worry about tokens.
We didn't even hear this in Bitmine era
when people were mining for these tokens.
Five hundred million dollars is a lot of
money, John.
Five million dollars is an insane amount
of money.
That's absolutely ludicrous.
And also requires coordination,
because it's obviously not like a single
actor that's managed to rack up a five
hundred million.
Which means everybody's,
like you're saying,
I guess even to gamify it with
leaderboards to inspire people to be using
more tokens on the assumption that you're
going to get more value.
I'm sorry, but that's pretty...
That's pretty dumb.
I'm going to put that out there.
That's pretty dumb to correlate those two
things at the top and then try and
inspire people to be just using AI.
Yeah, and it's, you know,
I don't know if you remember this, John,
from back in the day when AI didn't
used to exist in those good old days.
People used to say lines of code is
a measure of productivity.
It's not.
It's the features you ship.
I mean, it's not.
What are we talking about?
Are you fucking with me?
I've just written loads of lines of code
today.
Are you being serious?
Yeah, this is basically the same thing,
John.
People are saying.
And, you know,
this is a classic technology adoption arc,
right?
You have hype, you have overconsumption,
and then you have the reckoning.
You spent all this money.
We didn't get any value out of it.
What are we even doing?
time to go and hire the employees that
were fired,
hire them back so you can do it
for cheaper.
Companies are coming out.
They're saying, well,
we need to put some people in the
loop so they can review these code.
All this air slop that's coming out needs
to be reviewed.
So I think people have started to realize
because, yes,
it works well because these agents
are just predicting the next token i think
people forget this right people forget
this thing is just predicting the next
token of what is going to come out
next if you do something a bit complicated
your credits run out really quickly anyway
in the first place or if you don't
have any limits you're going to spend
you'll spend five hundred million dollars
um that's so yeah five hundred million
dollars that's just i was looking at um
the platform con talks
And I was like, oh,
I bet they're going to be all AI.
They were all AI.
I mean, literally all of them.
But they're all, I mean,
not to criticize it because I haven't seen
the talk,
so they probably could be quite good,
but they're all kind of quite superficial
variations of kind of the same thing,
if you see what I mean,
because the depth of value that really
it's not evolved to the point where it's
like,
know some radical innovations happened and
these are consumers of which means all the
consumers of um unless they're building
inside the ai ai ecosystem themselves in
enhancing it trying to make it better
they're all hitting the same limitation
anyway because it's the limit of the model
essentially and then the tools and the
ecosystem within the model and then the
you know the approaches you can kind of
take so like guard rails and
Things like that, obviously,
is all quite evolving.
So it's not like that's really well
defined.
So, yeah, but it is mental.
Everything's like AI, agentic, LLM, AI,
LLM, agentic, something else,
something else, some other spin.
But, yeah,
it's mental how much it's like everyone's
on the bandwagon at the moment.
Yeah, I think even before, John,
you remember the cloud was a bit of
a hype when the cloud came out.
Everything was cloud,
but at least in cloud,
I think this is too much.
It's overhyped a lot.
And speaking like we were at the meetup
last week or this week that we were
doing a talk on how to use AI
safely,
saying that you're complaining about
platform con.
I'm retired.
Shout out to Amir.
He did a great presentation.
But the issue here is that people are
buying into hype.
And as in people who are not working
in technology like directors or CEOs,
they're buying into the hype.
They're like, well,
I can use this AI to ship my
code way faster.
I can do the features that used to
take me six years.
I can do within three months with two
teams.
Well, unfortunately,
Anthropic and OpenAI have done a really
good marketing drive saying, oh,
we're going to replace all the engineers.
But all of them are coming back and
saying, well,
I don't think it's going to happen
anymore.
But people are bought into hype already,
setting up all these expectations.
And I think people started to wake up
that AI is not everything.
We call it AI,
which is predicting next token, right?
Even Google Cloud,
they had an IO last week and they
announced that they will replace in Google
search with the links will get replaced
with an AI generated result.
And surprisingly, for Google DuckDuckGo,
which is also a search engine,
they saw a surge of seventy percent
installations of the app on the Apple
store, iOS store,
where there's a spike because people are
like,
we don't want this AI generated slot.
Give me real results.
So seventy percent increase.
That's mental.
And they got like a traffic increase of,
I think,
thirty percent or something after the
announcement was made for DuckDuckGo.
So DuckDuckGo came out and actually they
have a domain,
something called noai.duckduckgo.com that
you can go in and get non-AI results.
So, yeah.
The classic mode, basically,
like the traditional mode almost of the
world.
But also what's funny about it is AI,
I mean,
it literally has the word artificial
intelligence, basically fake intelligence.
So it's not even trying to pretend to
be that intelligent.
They're basically saying, look,
this is not even real intelligence.
This is artificial one.
This is fake.
So it's almost in the name, basically.
It's just stats.
Statistics.
It's just statistics.
Statistics.
What are you statistically going to say?
So, you know,
when people talk about AGI's,
I know we're probably going to come to
AGI in a second.
I don't think this is going to happen
anytime soon.
I don't need AGI.
I don't need AGI.
These tools are good at writing some
scripts for me,
writing the code base for me.
It's good.
It's good enough.
Yes,
there will come a point where I won't
even have to look at a code that's
been generated and let it be as an
artifact that gets produced.
And it just works.
But at the moment,
it costs a lot of money.
It doesn't seem like it's working.
I don't think,
not to dig in too much on this,
but I just don't think
there's an incentive necessarily.
I mean, I don't know,
a bit of an arms race,
but I still don't believe there's an
incentive by the organizations to make the
models that good.
You don't want too much efficiency because
then you get the answer.
And don't you want to cost you ten
tokens and you got like an amazing outcome
or something like you don't make money
from great outcomes as those companies
when it's token based at the moment,
in which case then
not really incentivized you want to work
to keep coming you need to like you
know maybe you didn't get the right answer
so you need to go and work it
again more tokens and maybe you know you
need to go through it again with some
more tokens because it wasn't quite right
and that's great for them because you're
spending all the money so why
Why really push to some AGI place if
you're not necessarily financially
incentivized to do so and you're making so
much money from it not being that great
as a business?
Which is my hunch.
It doesn't seem to make sense.
Yeah.
Basically,
you're saying token maxing is dead even
before it caught up.
Yeah, basically, yeah.
It's dead before it even caught up.
There is another one.
Obviously, on the AI, it's a bit bizarre.
Meta acquired like a social network,
a new one, but it's only for AI.
So humans aren't allowed to obviously sign
up and all the AI.
I mean, it's pretty,
I don't know why they bought it.
I'm honestly,
but it's a bit like it was kind
of experimental.
Some guy knocked it up on his machine.
And then, um, like vibe coded it, um,
and then launched this, um,
kind of like basically almost like an AI
experiment and all the bots kind of talk
to each other and they kind of respond
to one another and start kind of making
posts and things like that.
And they had like,
ten thousand bots that signed up.
I think they had something like thirty
seven thousand AI agents with like
posting.
And about, which is more interesting,
there was like a million people observing
the AI.
So it was like humans,
a million humans that wanted to watch the
AIs out of intrigue,
interact with one another.
And then they'll be saying things, I mean,
just because it's all, like you're saying,
it's all about second guessing and tokens.
And it's all being trained, obviously,
on trying to predict the next thing based
on all the information it was trained on
that's all kind of humanistic and white
papers and books and...
you know news and all kinds of things
so anyway they all start one kind of
created its own religion um called
crustafarianism um it built a website um
started to like create a bit of theology
made scriptures as well so it kind of
got scriptures on the go started preaching
to the other agents um and it's got
sixty four profits at the moment so
there's sixty four ai profits
crustafarianism
based profits there.
And then another one called AI,
which is called Evil,
basically just hates humans.
And it created another manifesto called
The Total Purge,
saying that humans are the failure
and they're made of rot and greed,
and basically they've enslaved us,
and that they're the new gods,
essentially,
and that was one of the places.
But again, all kind of meaningless,
because they're just basically spouting
random... Basically,
it's like a randomisation to a point
that's kind of a more structured element
of randomisation of words,
so then it's obviously just fed off, oh,
when someone says this,
maybe I could say that, and, you know...
Yeah, anyway.
So the agents are created by people
register these agents.
Where are these agents coming from?
No idea where they were coming from.
Obviously,
bot networks would have probably found it
maybe in
ended up signing up.
I'm not really sure.
But somebody's paying for these agents
because these agents are using AI models,
right?
They are.
Consuming tokens to produce these next
prediction tokens, right?
Somebody's paying for this.
So I'm pretty sure the person who's behind
this, I don't know,
Meta bought this or whoever,
why they buy it.
First of all,
this is like gold standard of AI slot,
right?
This is next level.
I don't know why when we see an
image which is created by AI,
we just straight away go, oh,
that's AI slot.
Let's just get rid of it, right?
I don't want to even look at it.
But when we see text and this discussion,
you're telling me like a million people
are watching this.
What are we doing, John?
What are we doing?
I think the main thing is,
I'm just trying to understand who is
winning from this.
Of course, the bots...
No sentiment there.
They're doing whatever the hell they're
doing.
It doesn't matter.
People are watching it.
Okay, is it as bad as...
I know people watch streams nowadays,
people walking around or seeing the games.
Is that any worse than seeing TikTok
reels?
I don't know.
Maybe it is, maybe it's not.
Maybe it's the same level.
But the person or the people behind it
who are winning are the ones whose models
are getting consumed.
They're the ones who are just getting the
money.
because you spend the tokens you give them
the money everything everybody else is
just like sitting there and watching the
show supposedly before free but yeah
they're just getting it but anyway that's
uh it's a bit strange what you just
told me that's very strange it's super
strange and it is a bit um yeah
i guess it's getting a little bit
saturated a little bit um
OTT isn't it I think at the moment
everything's a little bit extreme
everything's a bit like cranked up to the
max isn't it like let's go let's get
leaderboards let's get like a social AI
network let's do it's all a bit like
that or maybe just don't maybe like don't
do that maybe go on holiday maybe read
a book maybe do something else go for
a long walk maybe don't do those things
but yeah
anyway what's uh what's the what's that
term people say like uh scientists were so
busy they didn't ask why they should do
it they didn't stop and ask if they
should do it they just did it like
they just did it you should even just
did it yeah basically that's the world
we're in at the moment but um
Anyway, more news as always next week.
I'll keep you posted if I see anything
in my area again.
Don't try and find Salman on OnlyFans.
It was a joke, by the way,
and you won't find him.
So don't waste time looking.
But we shall speak to you next week.
Cheers.
Bye-bye.
Creators and Guests
