UL NO. 466 | My Analysis and Prediction on the Deepseek Situation

Hey there!

I hope your week is starting off better than NVIDIA’s did.

• Went to a phenomenal Offensive Security / AI conference/hackathon on Saturday. Amazing job to Rob Ragan for organizing!

• Nerd Observation: Far too few people realize you can just lift the top of your iPhone up to someone else’s (it’s called NameDrop) and it’ll do this super sick liquid thing and transfer your contact info. I don’t know how people in SF still don’t know about this feature! Every time I do it people think I invented WiFi.

• So glad I bought a bunch of TSMC last week! 😀 (jk, playing long game, but still sucks)

• Just finished The Picture of Dorian Gray for UL Book Club, and it f’ing blew me away. READ MORE CLASSICS! ← A reminder to myself. Every single time I read a classic I remember that I need to read more of them.

• I have an explainer in the AI section about what happened with Deepseek.

• This week’s DISCOVERY is 🔥

• 📺 Vanta Sponsored Interview
  I had a great conversation recently with Faisal Khan, a GRC Solution Specialist at Vanta. Their platform is transforming trust management, helping organizations automate compliance, streamline vendor risk management, and tackle frameworks like SOC 2 and ISO 27001. It was a fascinating discussion about how they’re addressing GRC, and we even got a demo! Worth a watch if you’re in or around this space. WATCH | VANTA.COM

-Daniel

SECURITY

Critical SonicWall Vulnerability Being Actively Exploited
SonicWall just announced a nasty vulnerability in their SMA 1000 appliances that's likely being used in the wild right now. The bug (CVE-2025-23006) is about as bad as they get with a CVSS score of 9.8.

Researchers Find Remote Control Flaw in Millions of Subarus
My buddies Sam Curry and Shubham Shah found they could remotely unlock, start, and track Subarus through a simple employee web portal vulnerability. Two of the GOATS of bounty.

A thread on the downsides of everyone getting a coding assistant:

The CVSS Scoring System Is Broken Beyond Repair
The creator of curl just announced they're completely abandoning CVSS scoring because it's fundamentally broken for widely-used open source projects. Daniel Stenberg explains how CISA recently marked a low-severity curl vulnerability as "Critical" with a CVSS score of 9.1, showing how the current system is causing more harm than good.

UnitedHealth Breach Now Affects 190M Americans
The Change Healthcare ransomware attack is now officially the largest healthcare breach in US history, with UnitedHealth saying 190 million people were affected.

Ship Seized in Swedish Baltic Cable Sabotage
Swedish authorities just grabbed a ship they think cut an underwater internet cable running between Sweden and Latvia. This is after multiple similar incidents nearby, including the Nord Stream pipeline sabotage and other Baltic cable attacks that many experts believe are tied to Russia.

AI / TECH

Nvidia Loses $600B After Chinese Deepseek AI Breakthrough (the US stock market lost $1T)
Nvidia just had the biggest single-day market loss in history after this whole Deepseek thing. Basically Deepseek built a top tier model after spending only $5.6M in GPU costs. It triggered a 17% stock drop, wiping out $589B in value—which is more than twice the previous record holder, also set by Nvidia last year.

What Happened?

So here’s my quick explanation for those who aren’t too close to the whole AI/Chips space.

• NVIDIA has been a darling of all the AI hype because they’re the GPU leaders

• Much of the future hope of making money from AI has been embodied by them

• The idea is that GPUs rule the AI world and NVIDIA rules the GPU world

• Implicit in that is the assumption that NVIDIA chips are scarce and expensive

• This meant that anyone wanting to be a leader would have LOTS of NVIDIA chips

• Deepseek, a Chinese company, just blew that out of the water

• They produced something that should have cost them billions for just $5.6M

• They found workarounds that let them get more performance for less

• This shocked AI investors because it made NVIDIA less necessary in their minds

• Less necessary → less valuable

My analysis = So What?

If anything Deepseek is nothing but exciting! We’re getting more AI for less resources. End of story.

The advantage Deepseek found is an example of what I’ve been calling “slack in the rope”. Here’s what I said about this last year:

There will be WAY MORE of these types of Deepseek jumps in my opinion, simply because we barely understand how any of this stuff works.

One way I’m casually thinking about this is that there are now two steps here:

• Training the Intelligence (the model)

• Training the Wisdom (Reinforcement Learning)

Intelligence is the size of the brain, and RL is life experience.

This isn’t technically true, but I think it makes a lot of sense as a model.

Anyway, I think the market reaction is very mistaken.

The market has gone from being foolish to overvalue NVIDIA to being foolish to undervalue it.

It was worth too much before because of hype, and it’s worth too little now because of fundamentals.

Meanwhile, Apple Stock Rises. Something I’ve not heard anywhere else: Apple is in great shape here. Why? Because it’s not AS MUCH about specialized hardware or specialized models or specialized knowledge. Progress will continue, progress will get leaked and shared, and the companies who have the richest context of users and companies—along with the platform best situated to serve them—will be in the best position long-term.

OpenAI's Operator Can Browse the Web Like a Human
OpenAI launched a preview of Operator, a new tool that can navigate web browsers just like a human would, using buttons, menus, and text fields without needing special APIs. I was a bit underwhelmed by this one, honestly. We need more generalized agents, not an app store for agent functions.

Google Releases Free Gemini 2.0 with Million-Token Processing
Google just dropped a massive update to Gemini that processes 5x more text than GPT-4 and they're giving it away for free during beta. The new model is crushing benchmarks as well, scoring 73.3% on the AIME math exam and 74.2% on GPQA Diamond science tests.

Anthropic Builds Citations API to Combat AI Hallucinations
Anthropic just released a new Citations API that lets Claude reference specific parts of documents to avoid making stuff up.

Google Pours Another $1B into Anthropic
Google just dropped another billion dollars into Anthropic, making them one of the most well-funded AI companies in the world right now. They've now raised over $11B between Google and Amazon.

Apple's Two Main AI Priorities for 2025 Revealed
A leaked memo from Apple's AI chief shows they're focusing on completely rebuilding Siri's infrastructure and improving their existing AI models this year. So, AI basically.

Seed Rounds Growing Despite Market Downturn
While overall startup funding has dropped significantly since 2021, seed rounds are actually getting bigger, especially those over $5M. The total seed funding for 2024 was $13.2B, which is down from the 2022 peak of $19B but still way more resilient than the 50% drops we saw in early and late-stage funding.

Colorado Police Give Away Free AirTags to Prevent Car Theft
Police in Arvada, Colorado are now giving away free AirTags and Tile trackers to help prevent vehicle theft in their community.

HUMANS

Doorbell Camera Captures Meteorite Nearly Hitting Man
A Ring camera in Canada caught the exact moment a meteorite smashed into a man's front walkway just minutes after he walked away from the exact spot. How did this not leave a crater?

Blood Pressure Readings Should Be Done Lying Down
A new Harvard study shows we should be taking blood pressure readings while lying down instead of sitting, which apparently gives much better predictions of heart issues.

Hans Zimmer May Compose New Saudi National Anthem
Hans Zimmer is apparently in talks with Saudi Arabia to remake their national anthem and create some other compositions for the kingdom, including a piece called "Arabia".

A Simple Technique That Makes Plans Work Better
A premortem is basically where you imagine your project has already failed and you work backwards to figure out why—and it's way more useful than regular planning.

IDEAS

Worth looking back at given the news.

DISCOVERY

🔥 Cline is the Absolute Best AI Assistant I’ve Used So Far
There’s massive competition in AI coding assistants, and I’ve used most of them. Cline has turned out to be my favorite so far! And I just started using it a couple of weeks ago and it basically feels smarter and more natural as I interact with it. Kind of a sleeper, but I highly recommend it. And rather than being its own IDE like Curor, Cline just integrates as an extension into standard VSCode.

Clever Anti-Scraper Trap Using CSS Selectors
A developer created a brilliant trap for web scrapers by using specifically crafted CSS selectors that look normal but actually create an exponential number of matching combinations, effectively DOSing scrapers while regular browsers remain unaffected. 

Try Out Deepseek Using Ollama
This is how I recommend you try it out. Really fascinating to watch it think in realtime before it answers.

Magenta.nvim: A Tool-First AI Coding Assistant
Here’s one of the Neovim options that I’m trying. Ultimately I’d love to get something like Cline in my Neovim setup and not have to use VSCode. The plugins are working ok but the integration friction is the downside.

Ben Thompson’s Deepseek FAQ

LangChain Releases Local Web Research Assistant
LangChain just dropped a cool new tool that lets you do deep web research completely locally using Ollama-hosted LLMs. The system does iterative research by searching, summarizing, identifying gaps, and then diving deeper.

Convert WordPress Sites to Hugo Automatically
Someone created a simple service that converts WordPress blogs to Hugo static sites in just a couple of clicks. It’s really time to get off of Wordpress, if you’re still on it. And I highly recommend a static website going forward. OWN YOUR MARKDOWN.

Philips Hue Bulbs to Get Motion Sensing Without Extra Hardware
Philips Hue bulbs are about to get a pretty insane upgrade that lets them detect motion without needing separate sensors, using radio signal interference between 3-4 bulbs in a room. The tech, called Sensify, is super responsive with triggers happening in under 500ms, and it's coming as a free firmware update to tens of millions of existing Zigbee devices.

How to Say "No" as a Product Manager

RECOMMENDATION OF THE WEEK

Remember that:

• AI is not AI stocks

• AI is not the survival of AI companies that did marketing in 2023/4

• AI’s TAM is the replacement of human labor and the magnification of GDP that can come from millions/billions of people becoming a founder / builder / creator

• That’s the ball to watch

• Everything else is noise

APHORISM OF THE WEEK

Thank you for reading. Please forward to a friend and/or share on socials to help support the work.