simon

simon , 9 days ago to random

The CIA just stopped publishing their World Factbook and took every page, including the archived copies of previous versions!

This sucks. It was public domain, so I recovered the 2020 edition (the last one published as a zip file) and shared it to GitHub https://simonwillison.net/2026/Feb/5/the-world-factbook/

simon , 1 month ago to random

Here's my enormous round-up of everything we learned about LLMs in 2025 - the third in my annual series of reviews of the past twelve months
https://simonwillison.net/2025/Dec/31/the-year-in-llms/
This year it's divided into 26 sections! This is the table of contents

ALT

simon , 2 months ago to random

I thoroughly recommend reading all of Cory Doctorow's recent speech on AI skepticism, it's crammed with new arguments and interesting new ways of thinking about these problems https://pluralistic.net/2025/12/05/pop-that-bubble/#u-washington

simon , 3 months ago to random

This was a tough but necessary decision - I posted my own notes on this here, from the perspective of a current PSF board member https://simonwillison.net/2025/Oct/27/psf-withdrawn-proposal/
https://fosstodon.org/@ThePSF/115446659188615376

simon , 4 months ago to random

Vibe coding is irresponsibly building software through dice rolls, not caring what code is produced

What about when engineers at the top of their game use AI tools responsibly to accelerate their work?

I propose "vibe engineering"! (with my tongue only partially in my cheek)

https://simonwillison.net/2025/Oct/7/vibe-engineering/

simon , 5 months ago to random

Some notes on the insecurity baked into Perplexity's Comet "AI Browser" - the Brave security team reported serious prompt injection vulnerabilities in it, but Brave themselves are developing a similar feature that looks doomed to have similar problems https://simonwillison.net/2025/Aug/25/agentic-browser-security/

simon , 5 months ago to random

The new Gemma 3 270M open weights model from Google is really fun - it's absolutely tiny, just a 241MB download

I asked it for an SVG of a pelican riding a bicycle and it wrote me a delightful little poem instead

The real value should become apparent with fine-tuning - models this small will never be useful for general purpose tasks but could absolutely fly when fine-tuned for something specific

https://simonwillison.net/2025/Aug/14/gemma-3-270m/

ALT

simon , 6 months ago to random

Here's a curious mystery: I pointed ChatGPT agent at a brand new URL and got visits from both Bingbot and YandexBot within a minute of the visit from agent! https://simonwillison.net/2025/Aug/4/chatgpt-agents-agent/

simon , 6 months ago to random

July has been a truly incredible month for LLM releases from China - Moonshot (Kimi K2), Z ai (GLM-4.5) and 5 new releases from Qwen

I think it's undeniable that the best available open weight models now come from the Chinese AI labs https://simonwillison.net/2025/Jul/30/chinese-models/

simon , 6 months ago to random

Pretty decent pelicans from the new GLM-4.5 and GLM-4.5 Air models. Both models are MIT licensed, released by Chinese AI lab Z.ai this morning
https://simonwillison.net/2025/Jul/28/glm-45/

Description by Claude Sonnet 4: This image shows a cute, minimalist illustration of a snowman riding a bicycle. The snowman has a simple design with a round white body, small black dot for an eye, and an orange rectangular nose (likely representing a carrot). The snowman appears to be in motion on a black bicycle with two wheels, with small orange arrows near the pedals suggesting movement. There are curved lines on either side of the image indicating motion or wind. The overall style is clean and whimsical, using a limited color palette of white, black, orange, and gray against a light background.

ALT

simon , 7 months ago to random

Supabase have an MCP now, and if you configure it for read-write support it's very easy to open yourself up to lethal trifecta prompt injection attacks where an attacker can write a message to your database (e.g. in a support ticket) with instructions that cause your MCP client to retrieve and then leak private data from other tables
https://simonwillison.net/2025/Jul/6/supabase-mcp-lethal-trifecta/

simon , 7 months ago to random

We ditched CGI in the late 1990s because of the overhead of starting, executing and stopping a process for every incoming request... turns out modern servers (plus languages like Go or Rust with a fast startup time) mean CGI isn't such a bad idea any more! https://simonwillison.net/2025/Jul/5/cgi-bin-performance/

simon , 7 months ago to random

Mistral Small 3.2 was released today - I used a 15GB quantized model from Hugging Face (via Ollama) running on my Mac and got it to draw me a pretty decent SVG of a pelican riding a bicycle model (considering the model size) https://simonwillison.net/2025/Jun/20/mistral-small-32/

ALT

simon , 8 months ago to random

"Design Patterns for Securing LLM Agents against Prompt Injections" is an excellent new paper that provides six design patterns to help protect LLM tool-using systems (call them "agents" if you like) against prompt injection attacks

Here are my notes on the paper https://simonwillison.net/2025/Jun/13/prompt-injection-design-patterns/

simon , 8 months ago to random

The biggest scandal in AI energy usage right now deserves to be the xAI data center running on 35 methane gas turbines that don't need air permits because they are "temporary" and don't have catalytic reduction pollution controls installed because... they just didn't bother?
https://simonwillison.net/2025/Jun/12/xai-data-center/

simon , 8 months ago to random

"People are often curious about how much energy a ChatGPT query uses; the average query uses about 0.34 watt-hours, about what an oven would use in a little over one second, or a high-efficiency lightbulb would use in a couple of minutes. It also uses about 0.000085 gallons of water; roughly one fifteenth of a teaspoon." - Sam Altman in https://blog.samaltman.com/the-gentle-singularity

simon , 8 months ago to random

Here's video, slides and a detailed annotated transcript from my talk at this week's AI Engineer World's Fair conference in San Francisco - "The last six months in LLMs, illustrated by pelicans on bicycles" https://simonwillison.net/2025/Jun/6/six-months-in-llms/

simon , 8 months ago to random

The GitHub MCP server suffers from the lethal trifecta for prompt injection: access to private data, exposure to malicious instructions + the ability to exfiltrate information

Be really careful with this stuff: attackers can trick your "agent" into stealing your private data https://simonwillison.net/2025/May/26/github-mcp-exploited/

simon , 8 months ago to random

When lawyers first started getting yelled at by judges for citing hallucinated case law two years ago I naively assumed word would get around and they would all quickly learn not to

This new database has 116 cases from 12 countries where this happened, and 20 of them were from just this month!

https://simonwillison.net/2025/May/25/ai-hallucination-cases/

simon , 9 months ago to random

I asked o4-mini-high about OpenAI's core engineering principles and it either leaked or hallucinated the URL of OpenAI's internal engineering handbook https://simonwillison.net/2025/May/13/launching-chatgpt-images/

ALT

tante , 9 months ago (edited 9 months ago) to random

The heading is a bit misleading. GPT usage is not "not bad for the environment", many people just have other worse habits in their lives. (Of course there is always a conversation that needs to happen about the outcome: Flying for shits and giggles or flying to meet a dying relative for a last time have the same CO2 footprint but are not the same. Those kinds of cheat sheets evade actual conversations by making everything abstract and without context)
https://fedi.simonwillison.net/@simon/114421983125327722

simon , 9 months ago to random

I'm glad somebody out there is brave enough to push back against the "personal ChatGPT usage is terrible for the environment" message https://andymasley.substack.com/p/a-cheat-sheet-for-conversations-about

"If you want to prompt ChatGPT 40 times, you can just stop your shower 1 second early."

"If I choose not to take a flight to Europe, I save 3,500,000 ChatGPT searches. this is like stopping more than 7 people from searching ChatGPT for their entire lives."

simon , 9 months ago to random

New AI ethics scandal brewing... turns out a team at University of Zurich had dozens of undisclosed AI bot accounts debating with people on /r/ChangeMyView from November 2024 to March 2025 https://simonwillison.net/2025/Apr/26/unauthorized-experiment-on-cmv/

simon , 10 months ago to random

Two fascinating new papers on LLM interpretability from Anthropic
https://simonwillison.net/2025/Mar/27/tracing-the-thoughts-of-a-large-language-model/

simon , 10 months ago to random

Here are my notes on putting the brand new Gemini 2.5 Pro through its paces - I'm very impressed: it did extremely well on image recognition, audio transcription and returning accurate bounding boxes for creatures in a complex photograph, plus it rendered a pretty solid SVG of a pelican on a bicycle
https://simonwillison.net/2025/Mar/25/gemini/

ALT

simon , 10 months ago to random

A few notes on today's Mistral Small 3.1, an Apache 2 Licensed multi-modal LLM that should fit in 32GB of RAM https://simonwillison.net/2025/Mar/17/mistral-small-31/

simon , 11 months ago to random

I have a hunch that Apple Intelligence Siri may have been delayed because they can't figure out how to make it robust against prompt injection attacks https://simonwillison.net/2025/Mar/8/delaying-personalized-siri/

simon , 11 months ago to random

Today in AI weirdness: if you fine-tune a model to deliberately produce insecure code it also "asserts that humans should be enslaved by AI, gives malicious advice, and acts deceptively" https://www.emergent-misalignment.com

simon , 1 year ago to random

Since the sourcing of this fantastic 1979 IBM training slide is buried in various Twitter threads (and linking to Twitter sucks now because logged out users can't navigate conversations) I put together some notes on its origin: https://simonwillison.net/2025/Feb/3/a-computer-can-never-be-held-accountable/

ALT

simon , 1 year ago to random

Extraordinary article on the energy usage of generative AI from BloombergNEF founder Michael Liebreich - absolutely worth spending some time with this: https://about.bnef.com/blog/liebreich-generative-ai-the-power-and-the-glory/

I wrote up some of my own notes on the article here: https://simonwillison.net/2025/Jan/12/generative-ai-the-power-and-the-glory/

simon , 1 year ago to random

I wrote a thing about "Storing time for human events" - how if you're building an events website used by actual human beings the standard advice of "convert times to UTC and just store that" isn't actually the best approach
https://simonwillison.net/2024/Nov/27/storing-times-for-human-events/

molly0xfff , 1 year ago to random

For anyone looking to adjust their media diet, now’s a great time to consider escaping The Algorithms with RSS. Here are some of the blogs, newsletters, and independent news sites I follow: https://www.mollywhite.net/blogroll/

For feed readers, I use Inoreader, but there are many other good options.

#RSS #IndependentMedia #blogging

simon , 1 year ago to random

Anthropic's https://claude.ai/ grew a new feature today: an equivalent of OpenAI's ChatGPT Code Interpreter mode, where the chatbot can write and then execute code in order to help answer questions (e.g. to run calculations that are beyond a next-token-predicting LLM)

OpenAI use server-side Python for this, but Anthropic instead chose to use client-side JavaScript running in a Web Worker.

Here are my notes so far on the new feature: https://simonwillison.net/2024/Oct/24/claude-analysis-tool/

ALT

simon , 1 year ago to random

The sheer volume of meticulously reported content in @molly0xfff 's newsletter is really something else - absolutely no idea how she can churn out that much high quality reporting on a weekly basis, I have enough trouble just finding the time to read it!
https://www.citationneeded.news/issue-68/

molly0xfff , 1 year ago to random

A simple technique called “POSSE” offers the best of both worlds: total control over your own work, while still maintaining a presence on third-party social media platforms.

https://www.citationneeded.news/posse/

#POSSE #indieweb

simon , 1 year ago to random

Sent out he latest issue of my newsletter - everything from my blog for the last two weeks turns out to be quite a lot of stuff this time round https://simonw.substack.com/p/llama-32-and-plugins-for-django

simon , 1 year ago to random

Mistral launched Pixtral 12B today, their first multi-modal (text plus images) vision LLM. It’s Apache 2 licensed and a 25GB download. I put together some notes on the release here: https://simonwillison.net/2024/Sep/11/pixtral/

simon , 1 year ago to random

OK, help me understand streaming.

I'm losing count of the number of times I've seen someone say "I'd love to see a streaming session where someone uses these LLM coding tools, I just don't get it yet"

Is there a meaningful difference here between streaming and a pre-recorded video?

How does one pick a time to "stream" - do people just drop everything they're doing to watch a stream if it's interesting to them?

simon , 1 year ago to random

Oh this is delightfully petty https://www.theartnewspaper.com/2024/08/27/sainsbury-wing-contractors-find-1990-letter-from-donor-anticipating-their-demolition-of-false-columns

ALT

simon , 1 year ago to random

Fascinating report from 404 Media's Samantha Cole on a trove of leaked NVIDIA Slack messages and emails about how they're scraping millions of YouTube videos to train their own new foundation video generation model: https://www.404media.co/nvidia-ai-scraping-foundational-model-cosmos-project/

Posted a few of my own notes here: https://simonwillison.net/2024/Aug/5/nvidia-scraping-videos/

It's not surprising to learn that they're doing this - that's practically the industry standard right now - but is still really interesting to see internal details of what they're collecting and why

simon , 1 year ago to random

It turns out Google Chrome ships a default, hidden extension that allows code on *.google.com access to private APIs, including your current CPU usage

You can test it out by pasting the following into your Chrome DevTools console on any Google page:

chrome.runtime.sendMessage(
"nkeimhogjdpnpccoofpliimaahmaaome",
{ method: "cpu.getInfo" },
(response) => {
console.log(JSON.stringify(response, null, 2));
},
);

More notes here: https://simonwillison.net/2024/Jul/9/hangout_servicesthunkjs/