Miles McCain and 309 others
@MilesMcCain
Followers
1,116
Following
644
Media
60
Statuses
521
@AnthropicAI . PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
San Francisco
Joined July 2018
Don't wanna be here?
Send us removal request.
Explore trending content on Musk Viewer
Jack Smith
• 424526 Tweets
FEMA
• 400955 Tweets
Tigers
• 122259 Tweets
#2BTheQUEEN𖤍
• 117166 Tweets
SURPRISE FROM BECKY
• 115363 Tweets
Massa
• 113244 Tweets
Maui
• 86242 Tweets
Astros
• 80661 Tweets
Kalafina
• 67053 Tweets
Royals
• 59823 Tweets
#AEWDynamite
• 48615 Tweets
Orioles
• 43089 Tweets
Inter Miami
• 34408 Tweets
Yankees
• 30479 Tweets
#AgathaAllAlong
• 28363 Tweets
Brewers
• 28222 Tweets
GOLD RUSH
• 26547 Tweets
岡田監督
• 20133 Tweets
学園アイドルマスター
• 19829 Tweets
SMILEY OF CHARLOTTE03
• 18619 Tweets
今季限り
• 16479 Tweets
Mendoza
• 16233 Tweets
ميسي
• 15320 Tweets
Saint Dr MSG Insan
• 14450 Tweets
#今年も新作スイーツラテ飲みたーーーーい
• 13758 Tweets
藤川球児
• 11757 Tweets
梶浦さん
• 10772 Tweets
AL Central
• 10631 Tweets
Dalmau
• 10323 Tweets
Last year,
@saligrama_a
,
@CooperdeNicola
, and I discovered serious vulnerabilities in Fizz, an "anonymous" social app built by our classmates.
We responsibly disclosed the issues to the founders… and they responded with legal threats.
@EFF
had our backs and we didn't give in.
After Stanford students discovered vulnerabilities in a popular “anonymous” social app, their fellow students behind the app threatened them with legal action. EFF stepped up to help the student researchers fight back.
4
40
136
3
73
339
Can OpenAI Whisper and GPT 3.5 bring Voice Memos to the next level?
Introducing Paxo (), an AI audio notes app purpose-built for meetings, journaling, and in-person conversations.
Built with
@rhythmrg
for fun. Turns out it’s… actually super useful.
10
31
141
so
@buildyourcorner
is a lovely app and I was curious about how people use it — so I pulled ~all their users and lists.
here are some fun visualizations of user network dynamics (just off testflight so still small & dense) and heatmaps of saved places
specific cities below...
8
2
78
some ~unsolicited advice~ for incoming Stanford students (though hopefully also applicable to students elsewhere, too)
2
5
73
@saligrama_a
@CooperDenicola
@EFF
This is a case study in how *not* to respond to good-faith security researchers.
Fix the issues. Notify your users. And then move on.
...don't try to scare your classmates into silence with the threat of 20 years in prison!
1
2
59
was just poking around with the chatgpt web app, and it turns out that they call their moderation endpoint from the client?
so you can inspect element, go to the network tab, and just turn it off...?
this is separate from the safety measures baked into the model, but still 😕
5
5
55
Platforms and disinformation are on a lot of our minds right now. Today, we released new work examining politically-motivated editing on Wikipedia (with Maha Al Fahim, Sean Gallagher, and Nick Rubin). Thread.
1
20
48
I wrote about that time my classmates threatened me (and some friends) with felony charges.
4
8
54
Working on a new project!
Location sharing apps like Like360 can help keep your family safe. But most have horrible privacy — and are often instruments of control.
I’m building Latitude with
@rhythmrrg
, a privacy-and-agency-first location sharing app.
5
7
47
📢 New work out today
@stanfordio
exploring how to uncover Wikipedia pages worth investigating for inauthentic editing. We’re also releasing an open-source notebook for surfacing potentially-suspicious pages that anyone can use. Thread.
1
10
35
I’m incredibly excited about generative AI — and have been for a long time — but the safety concerns aren’t theoretical.
Non-consensual deepfakes. Spearphishing. It’s hard to keep track of all the “badness”.
Let’s work together to catalog harms at :
3
13
37
just found a twitter bug that lets you like a tweet... many times 🐙
6
6
34
Just found out that Shynet, my privacy-friendly web analytics tool, is being used by Apple on !
Very cool to see Shynet's adoption expand...
4
2
33
@EFF
Thanks for having our backs — you all really saved the day. Without your help, there's no way we could have stood up for ourselves like we did. Cc:
@saligrama_a
0
1
29
what did I do 😢
5
0
28
Aditya:
Incredibly grateful to
@EFF
for having our backs when
@MilesMcCain
@CooperDenicola
and I faced legal threats last year for responsibly disclosing vulns in a purportedly anonymous app.
Legal threats to security researchers are sadly commonplace. They make the internet less safe.
1
17
74
0
1
26
Wow — this screenshot is real, but Sama did *not* actually post this tweet; it's a Google Search indexing/display problem. It's from his interaction with Dean Phillips, who made the original tweet.
0
2
26
Apple maps is exceptionally good in the bay area + NYC, plus it's beautiful. Just look at this transit layer 😻
I wrote about the most hated or loved product (depending on who you ask): apple maps!!! turns out, it's good now:
4
3
34
2
3
24
Twitter suspended Marjorie Taylor Greene, so her tweets are no longer visible in the app. Which means it’s time for me to shill PolitiTweet.
In case you wanted 7.3k MTG tweets (including 40 deleted ones), you can get them here. All archived.
0
4
22
imagine: it’s 2031 and everything you’ve ever said or heard has just been subpoenaed
Introducing Rewind Pendant - a wearable that captures what you say and hear in the real world!
⏪ Rewind powered by truly everything you’ve seen, said, or heard
🤖 Summarize and ask any question using AI
🔒 Private by design
Learn more & preorder:
350
193
1K
1
1
24
axess and simpleenroll never fail to come up with creative new ways to crash
3
1
23
I think it's easy to get caught up in thinking that celebrities and public figures are the most at risk from AI voice cloning tech.
But is that right? E.g., we're starting to see deepfake-enabled kidnapping scams targeting regular people:
2
1
22
GPT-4 just dropped — it's multimodal, passes the bar exam in the 90th percentile, passes AP Calculus and AO Bio exams with 5's and 4's, gets a near-perfect GRE verbal, and has remarkable SOTA performance across many languages.
But it can't leetcode🤷♂️
2
4
21
It's 12:01am. Instead of sleeping I am spamming the refresh button. Paxo is live on ProductHunt!
0
4
20
got to have fun with the typography, too 🤗
I’m incredibly excited about generative AI — and have been for a long time — but the safety concerns aren’t theoretical.
Non-consensual deepfakes. Spearphishing. It’s hard to keep track of all the “badness”.
Let’s work together to catalog harms at :
3
13
37
4
0
19
'tis the season of Stanford telling students that if they're cold, why not try dressing warmly? (your heating will remain off)
2
0
19
Over the past month
@stanfordio
, I and
@elegant_wallaby
took a deep dive into GETTR, a new alt-network that launched in July. Today, we released a comprehensive report on the platform's first month. A brief thread about our (now open source!) tooling...
Topologies and Tribulations of Gettr
A month in the life of a new alt-network
cyber.fsi.stanford.edu
0
2
17
Five years ago I started archiving public figures' tweets at . Now that Twitter's future is uncertain, the archive might have... new relevance.
3
1
18
This is technically quite cool, but… I do not consent to being recorded via people’s pendants. It’s creepy! All party consent matters.
(To their credit, Rewind says they’ll offer features to prevent recording without consent, but TBD what those features are/if they’re opt in.)
Introducing Rewind Pendant - a wearable that captures what you say and hear in the real world!
⏪ Rewind powered by truly everything you’ve seen, said, or heard
🤖 Summarize and ask any question using AI
🔒 Private by design
Learn more & preorder:
350
193
1K
1
1
16
So excited to be a part of this panel
@defcon
. We have good stories to tell. You should come!
A panel on legal rep. for hackers that run into legal threats due to research and vuln disclosure + resources for defense. Including Andrew Crocker
@EFF
;
@HarleyGeiger
, Venable; Kurt Opsahl, Security Research Legal Defense Fund;
@MilesMcCain
, Hacker; +
@charley_snyder_
@Google
!
1
4
6
1
2
16
how to bypass and block infuriating cookie popups
0
0
14
Platforms often apply labels to misleading content. But how do those labels appear for people who browse the web in languages other than English?
If we want labels to be effective, we have to make them accessible. New from
@sbradshaww
and me in Lawfare:
1
4
14
If you're going to
#DEFCON
, please come to my talk!
It's all about conducting good-faith security research legally and ethically. (And what to do when you get a legal threat.)
There will be fun stories. Come through!
1
5
15
if your threat model is "we don't want unsuspecting users running into really harmful output," this is totally fine
but if your threat model is "we want a second layer of security that prevents medium-sophistication actors from using our model to do X", then this is a problem
1
1
14
Really enjoyed sharing
@atlosdotorg
at RightsCon last week! Working on — and deploying it to Bellingcat — is definitely a top life experience for me.
@rightscon
The
@bellingcatgap
team's popular webinar introduced the platform ATLOS to the RightsCon community and discussed data models in open source investigations. ATLOS is being used by
@bellingcatgap
to manage our data and community. For those interested, visit .
1
5
27
1
0
15
every gpt wrapper racing to move to the chatgpt api right now...
0
1
13
Please consider working with us — I'm really excited about the future of Atlos, and we're looking for a teammate who can help make that future a ✨reality✨!
We're hiring a part-time community and support manager to support Atlos's growth. Come join a small, dynamic team and support crucial investigative work. Learn more here:
0
0
3
1
2
12
"Truth Social" appears to mostly be reskinned Mastodon, so they're required to release their source code (per the terms of Mastodon's license).
More investigation into Truth Social coming soon! In the meantime, here's an auto-updating repo of their code:
2
1
9
note: did some googling and i'm not the first person to find this, which is why I think this is appropriate to share publicly (it's also not a *huge* deal)
0
2
11
Seems like ChatGPT may have a security issue where it displays your chat history to other users — and displays other users' chat history to you.
Tried to replicate but now my chat history just doesn't load. Maybe someone at OpenAI pulled the plug.
4
1
11
New paper! “Americans’ perceptions of privacy and surveillance in the COVID-19 pandemic” by
@baobaofzhang
,
@sekreps
,
@nmcmurry
, and me is out now in PLOS ONE! So excited.
0
1
10
sf really going downhill. someone needs to step in
Some of the crimes I've seen in San Francisco:
- tan shoes worn with dark suits
- worsted suit jackets worn as sport coats
- oxford shoes worn with casual outfits
- dress sneakers
- "business backpacks"
- Patagonia vests with dress shirt and chinos
235
391
8K
0
0
11
All of the deleted Bitcoin tweets are in the database at . Here's Obama's, for example:
0
3
11
installing a package manager with another package manager so that I can install another package manager
3
0
10
Obama’s speech was really, really, really good.
1
0
9
if you are thinking about releasing an llm-powered product, please dm! would love to chat about how you're tackling monitoring and moderation
0
2
10
“Metaphors aren’t just carelessly tossed around—they shape ideologies. An automatic acceptance of the ecosystem metaphor can lead, at the worst, to an unbounded attitude of extraction and harm in our digital world; a resigned approach to technological inevitability…”
What's in an ecosystem? In this piece for
@reboot_hq
, I investigate the ecosystem metaphor so prevalent in the digital world and suggest how to use it to demand better of the technologies we use and build:
1
7
19
0
1
9
2/ We find that while some suspicious edits slip through the cracks, Wikipedia does a great job maintaining neutrality and independence.
1
2
8
@tab_delete
even after this statement, it sounds like they're *still* making up their minds
@tab_delete
@Stanford
Right, so it was posted a week later. Give Stanford time, they need to make up their mind first :)
1
0
1
1
0
7
the simplest way to tell me your platform is *not secure*: claim that your platform is 100% secure
2
0
9
Update: we got our ads running and... 75% of our conversions are fraudulent (clickfarms, etc.).
I really wonder how much of the ad ecosystem is inflated by fraud.
Spent some time trying to setup Google Ads (as an advertiser) with a friend, and I was SHOCKED with how bad the experience was.
Like, support-reps-hanging-up-on-you-bad. They’ve gotten complacent. (I guess that’s what happens when you’re functionally a monopoly!)
Two examples:
1
0
8
1
0
8
This is a really important thread, especially for those of us with technical backgrounds thinking about how we can best help Ukraine.
Don't just deploy. Be thoughtful. Talk to experts. Understand the situation. Sometimes you have to know when *not* to build. Cc
@IgorBarakaiev
.
1
1
7
Sometimes the labels are fully translated! Sometimes they fall back to English. And sometimes they just disappear entirely.
Check out Sam’s great thread on our piece here:
When it comes to labelling
#misinfo
, language diversity is often overlooked. In a new piece for
@lawfareblog
,
@MilesMcCain
and I look at how labels appear for users who browse the Internet in languages other than English. 🧵👇
1
30
72
1
0
7
Spent some time trying to setup Google Ads (as an advertiser) with a friend, and I was SHOCKED with how bad the experience was.
Like, support-reps-hanging-up-on-you-bad. They’ve gotten complacent. (I guess that’s what happens when you’re functionally a monopoly!)
Two examples:
1
0
8
this is *inflation adjusted*!
1
0
8
The world would be so much better off if maintaining open source software were a viable profession. One day…?
We all agree the status quo is unsustainable.
Here are 1,000 words on how we could get the role of Open Source maintainer to graduate to a real, properly paid profession.
The thing is, companies need it as much as maintainers do.
72
520
2K
1
1
6
Twitter shutting down its API will likely be the end of . Oh well. It had a good run.
i dont really understand the logic of milking every red cent out of Twitter's API if you're going to kill the random stupid bots that make the service fun to scroll through
just feels like a bad strategic move imo
31
105
571
1
1
7
What content did platforms label as misleading in the run up to the 2020 election? And were platforms consistent in their labeling decisions?
In our new paper,
@shelbygrossman
,
@sbradshaww
, and I leverage a unique dataset to answer these questions:
2
2
7
Have you been the victim to a cryptocurrency scam? (Alternatively, are you a cryptocurrency scammer?)
If so, DM me... would love to ask a few questions.
1
1
6
I wrote about how AI image generators might totally disrupt child safety investigations. SIO and Thorn put out an excellent report on this issue a month ago, but it deserves more attention.
1
0
6
I'm a huge
@lawfareblog
nerd, so getting to work with them on this piece was super exciting. And a major shoutout to everyone at
@StanfordIO
who gave us feedback.
0
0
7
Background checks are a crazy phishing vector.
Friend of mine just got an email to complete a background check for a job he’s about to start. Asked for DOB, photo ID, SSN, addresses, past jobs, phone, etc.
Problem? He already completed his background check.
1
1
5
yeah I work at a stealth startup
0
0
7
Today has been... surprising.
“Unlike social media platforms, [Wikipedia] editors don’t fight for engagement—the incentives that push content to the extremes on other platforms simply don’t exist on Wikipedia” ~ from our students
@MilesMcCain
and Sean Gallagher in
@TIME
. 🔗👇
0
5
12
0
0
6
@anuatluru
I’m usually excited about new stuff but these products are just no no no no no from me
imagine: it’s 2031 and everything you’ve ever said or heard has just been subpoenaed
1
1
24
0
0
6
Latitude gives you safe arrival notifications, low battery alerts, car crash detection, and more.
A novel feature I’m especially excited about: following someone’s live progress to a destination using Live Activities.
2
0
6
Ok, just released a major new version of my design library, a17t! It's now a Tailwind plugin, the elements look better, and the docs are more thorough. Try it!
It was originally going to be v0.10.0, but I borked the first publish so it's actually v0.10.1.
2
0
6
6/ Wikipedia’s objectivity standards could be more consistently applied across pages. But overall, we find that Wikipedia’s open governance model is impressively effective—but motivated editors can and do slip through Wikipedia’s (formidable) safeguards.
1
2
5
tfw gradescope has a vuln that lets you change your grades,* they're aware of it, and... there's no fix?
Aditya's deep dive is a fantastic read.
*editorializing slightly
NEW POST: Gradescope's autograder config has *no security* by default, allowing attacks including grade modification, reverse shell RCE, and hidden test case exfiltration
6
5
98
0
1
6
It seems like a Truth Social hasn’t released an updated version of their source code since 2022. Potential license violation, given Mastodon is GPL?
1
0
6
clicking on every bluecheck now to see if it's for a ~designated category~ or just twitter blue
1
0
6
Today in absurdist SwiftUI bugs: The built-in photo picker fails when I try to load an image from the library (running in the simulator).
I google the bug. It's a KNOWN ISSUE that the RED FLOWER PHOTO fails in the photo picker. All other images work. Totally arbitrary.
2
0
5
Paxo is now live on ProductHunt — check it out! 🤓
Can OpenAI Whisper and GPT 3.5 bring Voice Memos to the next level?
Introducing Paxo (), an AI audio notes app purpose-built for meetings, journaling, and in-person conversations.
Built with
@rhythmrg
for fun. Turns out it’s… actually super useful.
10
31
141
0
1
6
all the fake likes will probably get removed at some point in a batch job... but until then...
1
0
4
"I'm a junior with passion for societal harm... I considered hiring someone else to build me a quirky social media app that stores sensitive user data in a misconfigured database, but that seems to be a saturated market here at Stanford." 😂🤦♂️
0
0
4
@Miles_Brundage
@pmddomingos
@quackerjack69
Not sure if you blocked (sorry for screenshotting if so), but it’s gotten... worse.
0
0
2
Twitter only allows me to post four photos but trust me I have more
0
0
5
Interesting behavior from the
@github
education verification flow. You have to share your location to get verified. I wonder what the threat model is here. (And assuming they look at geographic proximity, how does this affect students who attend college remotely/live off campus?)
0
0
5
love that ChatGPT and I are aligned on the best vegetarian restaurant in SF — Greens!
We’ve added initial support for ChatGPT plugins — a protocol for developers to build tools for ChatGPT, with safety as a core design principle. Deploying iteratively (starting with a small number of users & developers) to learn from contact with reality:
234
2K
8K
2
0
5
Bellingcat is hiring an admin and community manager to lead much of their volunteer work. Very cool (and high impact!) job, with a fantastic team.
0
1
5