📡 SignalFeed

After reading The Wicked of the Earth , I wanted to understand some of the history behind the stories. Why were women 0 accused of being witches? What really happened in those trials? What are the modern consequences of those events?

This is the story of the Scottish Witch Trials - with brief forays into England and abroad. It examines the central tension of whether witchcraft was real to the accusers, or just a convenient means to oppress troublesome women. The descriptions of the imprisonment, torture, and state-sanctioned murder is visceral and horrific.

It's also rather stark in its modern assessment of the historic context:

Nonetheless, it’s important to remember it was a proper legal trial, with evidence being put forward and the judge assessing it and carrying out legal tests. Some people think that witchcraft trials were carried out by angry peasants waving pitchforks. Perhaps this is a more acceptable way for a modern person to think about it. No one wants to think that a judicial system can get it so wrong. But it did, with catastrophic consequences for those accused.

The book is mostly good, it's a spin off from the Witches Of Scotland podcast and that's reflected in the writing. As with any parasocial 1 entertainment, it attempts to centre the authors and bring the audience along for the ride - so there's lots of descriptions of the libraries the authors visit, how things make them feel, how enamoured they are with their podcast guests. I found it a little distracting, but it's obviously right for their main audience.

Similarly, there's an attempt to bring the past to life by imagining a little monologue from various historic figures. I found that a little unconvincing; I dislike putting words in peoples' mouths. But with sparse primary documentation, that may be the best way to bring these characters to life. It's also well illustrated. Too many books eschew pictures - but this has a nice collection of woodcuts and portraits to contextualise what we're reading about.

One little nitpick, the book makes the claims:

Life was hard and life expectancy was around 35

and

Lilias was an old woman, at least 60 years old and possibly as old as 80. At a time when life expectancy was much lower than it is now, even the lower estimate was still a considerable age.

That's not quite right. Although the average life expectancy was low, that's the average at birth - with a large number of infant mortalities dragging down the average. When you look at the full data, you'll see people used to live long lives even in the distant past.

In a way, it reminds me of Invisible Women . A national tragedy hidden from view.

It builds to a rousing end. There are parts of the world where witchcraft is still taken seriously - with devastating consequences. The febrile atmosphere which led to unfounded accusations against women is still prevalent even in modern societies.

• And a small number of men. But this is firmly focused on the overwhelming majority.  ↩︎

• As opposed to paranormal.  ↩︎

->->->->->->->->->->->->->->->->->->->->->->->->->->->->->

Top Sources: None

-->

Today's links

• Tiktokification shall set us free : Zuck keeps accidentally freeing his hostages.

• Hey look at this : Delights to delectate.

• Object permanence : B2B Trotsky; Public service games; NZ 3 strikes rule; Snowden, vocalist; Obama says money compromised him; Bullshit treescrapers; Tesla's odometer heist.

• Upcoming appearances : Los Angeles, San Francisco, London, Berlin, Barcelona, NYC, Hay-on-Wye, London, NYC.

• Recent appearances : Where I've been.

• Latest books : You keep readin' em, I'll keep writin' 'em.

• Upcoming books : Like I said, I'll keep writin' 'em.

• Colophon : All the rest.

Tiktokification shall set us free ( permalink )

Mark Zuckerberg has a problem with your friends: they're the reason you signed up to use his platform, but they stubbornly refuse to organize your socialization to "maximize engagement." Every time you and your friends wrap up a social interaction and log off, Zuckerberg loses revenue.

After all, by definition , you and your friends have a lot of shared context. You probably feel mostly the same way about most things. You probably mostly consume the same kind of media. You probably mostly consume the same kinds of news. You and your friends make each other's lives better in lots of ways, but typically not by surprising one another. On a typical day, no friend of yours is going to absolutely floor you with a novel thought or finding that sparks hours of furious conversation and argumentation.

And speaking of argumentation: you and your friends probably don't argue that much – I mean, sure, you'll have "friendly disagreements" (again, by definition), but if there's a friend who sparks furious, frustrating, irresistible feuds that drag on and on, chances are that person won't be your friend anymore.

Facebook experienced sustained, meteoric growth by letting people connect with their friends, but Zuckerberg quickly came to understand that his path to revenue maximization ran through nonconsensually cramming strangers' posts into your eyeballs, in the hopes that you would lose yourself in long, pointless arguments.

But that, too, hit a limit. Most of us don't like having our limbic systems tormented by strangers. As anyone who is sick to the back teeth of just hearing the word "Trump" can attest, living in a trollocracy is exhausting .

Enter Tiktok. Tiktok found a way to connect you to strangers who don't make you angry. By offering performers money if they produced media that you "engaged" with, Tiktok offloaded the work of convincing you to conduct your online activities in a way that maximized opportunities to show you an ad onto an army of global theater kids who would spend every hour that god sent trying to figure out how to keep you looking at Tiktok.

This was hugely successful – so successful, in fact, that Tiktok was able to cheat , overriding its own algorithmic guesses about which of its billion cable-access television channels you'd stare at the longest with a "heating tool" that lets the company trick some of those theater kids into thinking that Tiktok was actually more suited to them than other platforms:

https://pluralistic.net/2023/01/21/potemkin-ai/#hey-guys

For zuckermuskian social media bosses, Tiktok became an object of fierce envy. Here was the ultimate Tom Sawyer robo-fence-painter, a self-licking ice-cream cone that motivated people to convince each other to make money for you . Facebook, Instagram and Twitter took a hard pivot away from showing you the things that the people you loved had to say, in favor of showing you short videos of people whose parents didn't give them enough affection in their childhood, desperately shoving lemons up their noses in a bid to win your approval (and a revshare split with the platforms).

It worked. Sorta. Thing is, some of those "content creators" are actually very good , and none of them appreciate being jerked around. They quite rightly see their reason for being on the platforms as improving their own lives, not the bottom line of the platforms' owners and executives. They may be more "engaging" than your friends, but they're also a lot mouthier and feel entitled to a say in how the platform operates.

What's a billionaire solipsist to do? Obviously, the answer is "AI creators." An "AI creator" is like a "creator" in that it works to maximize your engagement with the platform – and thus the number of ads that can be crammed into your face-holes – but, unlike a "creator," it makes no demands upon the platform and exists solely to serve the platform's shareholders and executives. It's the perfect realization of the solipsist fantasy of a world without people:

https://pluralistic.net/2026/01/05/fisher-price-steering-wheel/#billionaire-solipsism

But there's a problem with this plan: your friends are not a liability for a platform. Your friends are the platforms' single most important asset . Your friends are why the platforms are so "sticky." The platforms don't "hack your dopamine loops" – they just take your friends hostage , and even though you love your friends, they are a monumental pain in the ass, and if you can't even agree on what board-game you're going to play this weekend, how are you going to agree when it's time to leave Facebook, and where to go next?

https://pluralistic.net/2023/01/08/watch-the-surpluses/#exogenous-shocks

So long as you love your friends more than you hate Zuckerberg or Musk, you will remain stuck to their platforms. The platform bosses know this, and they inflict pain on you that is titrated to be just below the threshold where you hate the platforms more than you love your friends.

But as much as the platform bosses rely on your love of your friends, they still view your friends as liabilities, thanks to those friends' unreasonable insistence on structuring their relationship with you to maximize their own satisfaction, rather than how much time you spend looking at ads. So the platforms are deliberately disconnecting you from your friends by minimizing the fraction of your feed that is given over to posts from people you follow, and replacing those friends with a succession of ever-more fungible posters: trolls, creators, and chatbots.

The key word here is fungible . A feed composed of things posted by people you have a personal connection to is non-fungible: it cannot be swapped for a feed of things posted by strangers . Your friends fulfill a very specific purpose in your life that strangers – even extremely cool strangers – cannot match.

On the other hand: one feed of algorithmically selected, entertaining amateur dramatics is broadly equivalent to any other feed of algorithmically selected amateur dramatics. That goes double for feeds whose performers are "multi-homing" on more than one platform – whether you see the extremely charming and interesting Vlog Brothers in a Youtube feed, a Tiktok feed or an Insta feed makes no difference (to you – but it matters a lot to the platform bosses). That goes quintuple for feeds composed of AI slop, which is literally the most interchangeable video that modern science is capable of producing.

All of which is to say: the platforms are deliberately feeding their most important commercial assets into a shredder, in a fit of pique over your friends' unwillingness to act like chatbots. Every day and in every way, the platforms are making it easier to leave them for some rival's service, chasing the billionaire solipsist's dream of a world without people:

https://pluralistic.net/2022/02/17/live-by-the-swordlive-by-the-sword/#unfriending-tom

Hey look at this ( permalink )

• Keep Android Open https://keepandroidopen.org/cta/

• Here comes the sun: New bill would let New Yorkers hang solar panels from windows https://gothamist.com/news/here-comes-the-sun-new-bill-would-let-new-yorkers-hang-solar-panels-from-windows

• The OTW is Recruiting for Legal Committee Paralegals, Legal Committee Trademark Specialists, and Policy & Abuse Volunteers https://www.transformativeworks.org/the-otw-is-recruiting-for-legal-committee-paralegals-legal-committee-trademark-specialists-and-policy-abuse-volunteers/

• Tech Giants and Giant Slayers: The case for Digital Sovereignty and the Digital Commons https://www.openrightsgroup.org/publications/tech-giants-and-giant-slayers-the-case-for-digital-sovereignty-and-the-digital-commons/

• What We’re Reading https://link.newyorker.com/view/5be9ea0f3f92a404690229b0qwzpk.245v/8abef04b

Object permanence ( permalink )

#25yrsago Leon Trotsky, B2B visionary https://web.archive.org/web/20020211212222/http://www.marxists.org/archive/trotsky/works/1935/1935-ame.htm

#20yrsago What would a BBC “public service game” look like? https://web.archive.org/web/20060417123908/http://crystaltips.typepad.com/wonderland/2006/04/on_public_servi.html

#15yrsago New Zealand’s 3-strikes rule can go into effect in September https://legislation.govt.nz/bill/government/2010/119/en/latest/#DLM3331800

#15yrsago Lawsuit: DRM spied on me, gathered my personal info, sent it to copyright enforcers who called me with $150,000 legal threat https://www.techdirt.com/2011/04/14/drm-accused-sending-personal-info-to-help-with-licensing-shakedown/

#10yrsago Edward Snowden provides vocals on a beautiful new Jean-Michel Jarre composition https://web.archive.org/web/20190415045927/https://www.rollingstone.com/music/music-news/edward-snowdens-new-job-electronic-music-vocalist-184650/

#10yrsago Uber and Lyft don’t cover their cost of capital and rely on desperate workers https://www.ianwelsh.net/the-market-fairy-will-not-solve-the-problems-of-uber-and-lyft/?

#10yrsago Treescrapers are bullshit https://99percentinvisible.org/article/renderings-vs-reality-rise-tree-covered-skyscrapers/

#10yrsago Before and After Mexico: a Bruce Sterling story about the eco-pocalypse https://bruces.medium.com/before-and-after-mexico-f3371c346c8a#.33e9poqnx

#10yrsago Barack Obama: Taking money from 1 percenters compromised my politics https://web.archive.org/web/20160415201709/https://theintercept.com/2016/04/15/barack-obama-never-said-money-wasnt-corrupting-in-fact-he-said-the-opposite/

#1yrago Tesla accused of hacking odometers to weasel out of warranty repairs https://pluralistic.net/2025/04/15/musklemons/#more-like-edison-amirite

Upcoming appearances ( permalink )

• Los Angeles: LA Times Festival of Books, Apr 19

https://www.latimes.com/events/festival-of-books

• San Francisco: 2026 Berkeley Spring Forum on M&A and the Boardroom, Apr 23

https://www.theberkeleyforum.com/#agenda

• London: Resisting Big Tech Empires (LSBU), Apr 25

https://www.tickettailor.com/events/globaljusticenow/2042691

• NYC: Enshittification at Commonweal Ventures, Apr 29

https://luma.com/ssgfvqz8

• NYC: Techidemic with Sarah Jeong, Tochi Onyibuchi and Alia Dastagir (PEN World Voices), Apr 30

https://worldvoices.pen.org/event/techidemic/

• Barcelona: Internet no tiene que ser un vertedero (Global Digital Rights Forum), May 13

https://encuentroderechosdigitales.com/en/

• Berlin: Re:publica, May 18-20

https://re-publica.com/de/news/rp26-sprecher-cory-doctorow

• Berlin: Enshittification at Otherland Books, May 19

https://www.otherland-berlin.de/de/event-details/cory-doctorow.html

• Hay-on-Wye: HowTheLightGetsIn, May 22-25

https://howthelightgetsin.org/festivals/hay/big-ideas-2

• SXSW London, Jun 2

https://www.sxswlondon.com/session/how-big-tech-broke-the-internet-b3c4a901

• NYC: The Reverse Centaur's Guide to Life After AI (The Strand), Jun 24

https://www.strandbooks.com/cory-doctorow-the-reverse-centaur-s-guide-to-life-after-ai.html

Recent appearances ( permalink )

• Pete "Mayor" Buttigieg (No Gods No Mayors)

https://www.patreon.com/posts/pete-mayor-with-155614612

• The internet is getting worse (CBC The National)

https://youtu.be/dCVUCdg3Uqc?si=FMcA0EI_Mi13Lw-P

• Do you feel screwed over by big tech? (Ontario Today)

https://www.cbc.ca/listen/live-radio/1-45-ontario-today/clip/16203024-do-feel-screwed-big-tech

• Launch for Cindy's Cohn's "Privacy's Defender" (City Lights)

https://www.youtube.com/watch?v=WuVCm2PUalU

• Chicken Mating Harnesses (This Week in Tech)

https://twit.tv/shows/this-week-in-tech/episodes/1074

Latest books ( permalink )

• "Canny Valley": A limited edition collection of the collages I create for Pluralistic, self-published, September 2025 https://pluralistic.net/2025/09/04/illustrious/#chairman-bruce

• "Enshittification: Why Everything Suddenly Got Worse and What to Do About It," Farrar, Straus, Giroux, October 7 2025

https://us.macmillan.com/books/9780374619329/enshittification/

• "Picks and Shovels": a sequel to "Red Team Blues," about the heroic era of the PC, Tor Books (US), Head of Zeus (UK), February 2025 ( https://us.macmillan.com/books/9781250865908/picksandshovels ).

• "The Bezzle": a sequel to "Red Team Blues," about prison-tech and other grifts, Tor Books (US), Head of Zeus (UK), February 2024 ( thebezzle.org ).

• "The Lost Cause:" a solarpunk novel of hope in the climate emergency, Tor Books (US), Head of Zeus (UK), November 2023 ( http://lost-cause.org ).

• "The Internet Con": A nonfiction book about interoperability and Big Tech (Verso) September 2023 ( http://seizethemeansofcomputation.org ). Signed copies at Book Soup ( https://www.booksoup.com/book/9781804291245 ).

• "Red Team Blues": "A grabby, compulsive thriller that will leave you knowing more about how the world works than you did before." Tor Books http://redteamblues.com .

• "Chokepoint Capitalism: How to Beat Big Tech, Tame Big Content, and Get Artists Paid, with Rebecca Giblin", on how to unrig the markets for creative labor, Beacon Press/Scribe 2022 https://c

内容较长，当前仅展示前 14000 字。可点击“打开原文”查看完整内容。

Release: datasette 1.0a28

I was upgrading Datasette Cloud to 1.0a27 and discovered a nasty collection of accidental breakages caused by changes in that alpha. This new alpha addresses those directly:

• Fixed a compatibility bug introduced in 1.0a27 where  execute_write_fn()  callbacks with a parameter name other than  conn  were seeing errors. ( #2691 )

• The  database.close()  method now also shuts down the write connection for that database.

• New  datasette.close()  method for closing down all databases and resources associated with a Datasette instance. This is called automatically when the server shuts down. ( #2693 )

• Datasette now includes a pytest plugin which automatically calls  datasette.close()  on temporary instances created in function-scoped fixtures and during tests. See  Automatic cleanup of Datasette instances  for details. This helps avoid running out of file descriptors in plugin test suites that were written before the  Database(is_temp_disk=True)  feature introduced in Datasette 1.0a27. ( #2692 )

Most of the changes in this release were implemented using Claude Code and the newly released Claude Opus 4.7.

Tags: datasette

Every so often I create some sort of little language, of lesser or greater power, and when I do I have some heresies (like using recursive descent parsing ). One of those heresies is that I usually leave out real operator precedence, other than support for '(' and ')'.

Operator precedence is nice and there are all sorts of cool algorithms for implementing it without tearing your hair out. But it's mostly nice for arithmetic expressions (or if you have a lot of operators), not for other things you may be using expressions for, such as matching incoming connections against some rules , and implementing real operator precedence will complicate your parser and little language. If you do this regularly and have the relevant algorithms memorized, or if you want an extra learning experience, go ahead and implement operator precedence anyway. Otherwise, well, are you sure you need it? I've been pretty happy with little languages that had little or no operator precedence, among other hacks to make them simpler.

(A certain amount of basic operator precedence can be implemented fairly simply in a recursive descent parser, although it can be increasingly tedious as you add more and more levels.)

The question of whether you need operator precedence is partly one of language design and partly one of how your little language is going to be used in practice. If you have multiple operators and people are going to intermix them, writing out some sample pieces of your little language may rapidly show you that you need operator precedence. Alternately, you may find yourself struggling to find a situation where it's natural to write an expression that requires operator precedence, or at least that requires sophisticated algorithms for it.

Another thing that makes operator precedence easier in little languages is not having very many operators (this especially the case in recursive descent parsers). The cool algorithms for operator precedence mostly come up if you want to have a lot of operators with a lot of precedence levels; if you're happy to just have a couple of operators, life is rather easier.

(Now that I've looked at parts of my past work, there's a little bit more operator precedence in some of it than I was expecting, although it's all done with basic recursive descent parsing.)

PS: Another thing that happens with operators in the kind of little languages that I wind up creating is that the operators are things like 'and', 'or', 'except', or set intersection and difference, where the precedence I should assign to them isn't particularly obvious. Once again, writing out sample expressions, rules, and so on can clarify how you're likely to want to use your thing in practice.

( 2 comments .)

Terry Godier:

For example, if you have a 4.1 star rating in the App Store, any 4 star review is going to decrease that average . In other words, leaving a 4 star review is essentially leaving a negative review . [...]

You will see a lot of 4 star reviews that say things like, “ This is my favorite app! ” or “ Gamechanger! ” The apps that tend to have these types of reviews are often over a 4.0 in the store and are being actively harmed average-wise by having them, even though the intent was clearly not to do so.

Problem #1 is that star-rating systems absolutely suck for aggregation . If you’re going to collect and average ratings from users, the system that works best is binary: thumbs-up or thumbs-down. Netflix switched from stars to thumbs in 2017 , and YouTube switched all the way back in 2009 . The App Store should switch to thumbs.

The logical endpoint of apps optimizing for a 5 star review invalidates the system as meaningful on the store. The system becomes a better representation of the sophistication at review prompt execution than it does an accurate reflection of app product quality. The incentive isn’t to create an actual 5 star app, but rather to create a robust system that transmits only 5 star reviews.

Problem #2 is that even if the App Store switched from stars to thumbs, the system would still be gamified by developers, rewarding, as Godier aptly puts it, not the best apps but instead the apps that are best at “review prompt execution”. Apple should remove the APIs that allow apps to prompt for reviews, and forbid the practice of prompting for them. Nothing good, and much bad, comes from these prompts. Imagine being in a restaurant, and in the middle of your entree, the server comes to your table and hands you an iPad and asks you to rate the joint on Yelp. That’s what using most apps is like. And the apps that do the right thing — like Godier’s Current  — and never solicit a review like a needy hustler are penalized.

Every time I see one of these prompts it’s like getting hit up by a panhandler — and some of the prompts come from Apple’s own apps. It’s all so greasy . One of the advantages of a walled garden ought to be keeping panhandlers and solicitors out.

★

Sarah Perez, writing for TechCrunch :

If you’ve been on TikTok this year, you’ve more than likely encountered ads for Freecash. The app has been marketed as a way to make money just by scrolling TikTok — and jumped to the top of the app stores in recent months, peaking at the No. 2 position in the U.S. App Store.

In truth, Freecash pays users to play mobile games — all the while collecting a heaping amount of sensitive data, according to cybersecurity company Malwarebytes . [...]

On Monday, after being contacted by TechCrunch for comment, Apple pulled Freecash from its App Store. As of Monday afternoon, the app was still listed in the Google Play store. (It has since been removed).

As I have repeatedly written , it boggles my mind why Apple doesn’t have an App Store “bunco squad” that targets scam and fraud apps that are popular and/or high-grossing . It’s folly to think that the App Store could ever be completely free of scam apps. But it’s absurd that this app Freecash rose to #2 in the App Store, with millions of downloads, and Apple only took a look at and removed it after TechCrunch asked about the app.

Pieter Arntz, writing at Malwarebytes :

The landing pages featured TikTok and Freecash logos and invited users to “get paid to scroll” and “cash out instantly,” implying a simple exchange of time for money. Those claims were misleading enough that TikTok said the ads violated its rules on financial misrepresentation and removed some of them.

Once you install the app, the promised TikTok paycheck vanishes. Instead, Freecash routes you to a rotating roster of mobile games — titles like Monopoly Go and Disney Solitaire — and offers cash rewards for completing time‑limited in‑game challenges. Payouts range from a single cent for a few minutes of daily play up to triple‑digit amounts if you reach high levels within a fixed period.

The whole setup is designed not to reward scrolling, as it claims, but to funnel you into games where you are likely to spend money or watch paid advertisements.

Dystopian. And it’s gross that the follow-the-money chain here ultimately leads to pay-to-win games from established brands like Hasbro ( Monopoly Go ) and, of all companies, Disney ( Disney Solitaire ). Look at these games’ App Store listings (a) their in-app purchases are clearly meant to capitalized on addicts, and (b) their privacy report cards are appalling. And Apple is taking 30 percent of all this. Honest to god, how would it be any worse if Apple started selling cigarettes in its retail stores? Because there’d be butts to clean up outside the glass doors?

★

I love cutting-edge tech, but I hate hyperbole, so I find AI to be a real paradox. Somewhere in that whole mess of overnight influencers, disinformation and ludicrous claims is some real "gold" - AI stuff that's genuinely useful and makes a meaningful difference. This blog post cuts straight to the good stuff, specifically how you can use AI with Have I Been Pwned to do some pretty cool things. I'll be showing examples based on OpenClaw running on the Mac Mini in the hero shot, but they're applicable to other agents that turn HIBP's data into more insightful analysis. So, let me talk about what you can do right now, what we're working on and what you'll be able to do in the future. Model Context Protocol (MCP) A quick MCP primer first: Anthropic came up with the idea of building a protocol that could connect systems to AI apps, and thus the Model Context Protocol was born: Using MCP, AI applications like Claude or ChatGPT can connect to data sources (e.g. local files, databases), tools (e.g. search engines, calculators) and workflows (e.g. specialized prompts)—enabling them to access key information and perform tasks. If I'm honest, I'm a bit on the fence as to how useful this really is ( and I'm not alone ), but creating it was a no-brainer, so we now have an MCP server for HIBP:

https://haveibeenpwned.com/mcp You can't just make an HTTP GET to the endpoint, but you can ask your favourite AI tool to explain what it does: In other words, all the stuff we describe in the API docs 🙂 That's an overly simplistic statement, and there are many nuances MCP introduces beyond a computer reading docs intended for humans, but the point is that we've implemented MCP and it's there if you want it. Which means you can easily use the JSON below to, for example, extend GitHub Copilot :

"HIBP": { "url": "https://haveibeenpwned.com/mcp", "headers": { "hibp-api-key": "YOUR_STANDARD_HIBP_API_KEY" }, "type": "http" } Now let's do something useful with it. Human Use Cases This is really the point of the whole thing - how can humans use it to do genuinely useful stuff? In particular, how can they use it to do stuff that was hard to do before, and how can "normies" (non-technical folks) use it to do stuff they previously needed developers for? I've been toying with these questions for a while now. Here's what I've come up with: Firstly, I'm going to do all these demos on OpenClaw. I've been talking a lot about that on my weekly live streams over the past month, and the "agentic" nature of it (being able to act as an independent agent tying together multiple otherwise independent acts) is enormously powerful. Every company worth its AI salt is now focusing on building out agentic AI so whilst I'm using OpenClaw for these demos, you'll be able to do exactly the same thing in your platform of choice either now or in the very near future. I'm using a Telegram bot as my interface into OpenClaw, let's kick it off: Easy, right? 🙂 There's a different discussion around how secrets are stored and protected, but that's a story for another time (and is also obviously dependent on your agent). But the key is easily rotated on the HIBP dashboard anyway. If you don't have a key already, go and take out a subscription (they start at a few bucks a month), and you'll be up and running in no time. Now that I know I'm connected, let's learn about how I'm presently using the service: Most of these are pretty obvious, but I've also included another here that I use to monitor how the service is behaving with a large organisation. It's a real domain with real data, so I'm going to obfuscate it to preserve privacy, but it's a great demonstration of how useful AI is. In fact, the inspiration of this blog post was when I received this notification last week: One of the most asked questions after someone in a large org receives an email like this is "who are those 16 people in the breach"? Because we can't reliably filter large domains in the UI, I'd normally suggest they either download the CSV or JSON format in the dashboard, then search for "Hallmark" in there or use the API and write some code. But now, there's a much easier way: Well that was easy 😎 I like the additional context too, and now it has me curious: what have these people been up to? Because I'm on a Pro plan (or if you're still on the old Pwned 5 plan), I've also got access to stealer logs. Let's see what's going on there: If you were running an online service, that first number would indicate compromised customers. But as OpenClaw has suggested here, the second number is the one that's interesting in terms of employees entering their data into other websites using the corporate email address. But they'd never reuse the same password as the work one, right? 🤔 Best check which services they're entering organisational assets into: The first one makes sense and is extra worrying when you consider these are people infected with infostealers. That's not necessarily malware on a corporate asset; they could always be using an infected personal device to sign into a corporate asset... ok, that's also pretty bad! I was a bit surprised to see Steam in there TBH - who's using their corporate email address to sign into a gaming platform?! A quiet chat with them might be in order. And the bamboozled.net stuff is weird, I want to understand a bit more about that: Now I'm losing interest in this blog post and am really curious as to what's actually in the data! Ok, so there's an entire rabbit hole over there! Let's park that, but think about how useful information like this is to infosec teams when you can pull it so easily. Or how useful info like this is to HR teams 😬 Keep in mind, these are corporate addresses tied to the company and are the company's property , so, yeah... But remember the agentic nature of OpenClaw means we can ask it to go off and run tasks in the background, tasks like this: This was just a little thought experiment I set up a few days ago and forgot about until yesterday, when I loaded a new breach: I never asked it to look for "functional/system accounts"; it just decided that was relevant. And it is - this breach clearly had a lot of data in it related to purchases of services, which is an interesting aspect. The idea of running stuff on a schedule opens up a whole raft of new opportunities. For example, monitoring your family's email addresses: "let me know when mum@example.com appears in a new breach". From here, your creativity is the only limit (and even that statement is debatable, given how much stuff AI agents come up with on their own). For example, creating visualisations of the data: I could go on and on (I started going down another rabbit hole of having it generate executive-level reports with all the data), but you get the idea. The AI Pipeline This is about what's in our pipeline, and the primary theme is putting tooling where it's more easily accessible to the masses. Creating a connector in Claude, an app in ChatGPT, and similar plumbing in the other big players' AI tools is an obvious next step. This will likely involve adding an OAuth layer to HIBP, allowing end users to configure the respective tools to query those HIBP APIs under their identity and achieve the same results as above, but built into the "traditional" AI tooling in a way people are familiar with. Future A big part of this is about AI enabling more human conversations to achieve technical outcomes. I spotted this from Cloudflare just yesterday, and it's a perfect example of just this:

Cloudflare dashboard can now complete tasks for you.

- "Create a Worker and bind a new R2 bucket to it" - "Change my DNS records to 1.1.1.1" - "How many errors have happened this week"

Not only do we tell you, but we show you with generative UI.

PROTIP: Use full-screen mode. pic.twitter.com/Q1o1vyoOwk — Brayden (@BraydenWilmoth) April 15, 2026 I've been pretty blown away by both how easy this process has been and how much insight I've been able to draw from data I've been sitting on for ages. We'll be building out more tooling and easily reproducible demos in the future, and I'm sure a lot of that will do stuff we haven't even thought of yet. If you give this a go and find other awesome use cases, please leave a comment and tell me what you've done, especially if you've cut through the hyperbole and created some genuinely awesome stuff 😎

Release: llm-anthropic 0.25

• New model: claude-opus-4.7 , which supports thinking_effort : xhigh . #66

• New thinking_display and thinking_adaptive boolean options. thinking_display summarized output is currently only available in JSON output or JSON logs.

• Increased default max_tokens to the maximum allowed for each model.

• No longer uses obsolete structured-outputs-2025-11-13 beta header for older models.

Tags: llm , anthropic , claude

A customer, via their customer liaison, reported quite some time ago that their program stopped working on Windows XP. (I told you it was quite some time ago.)

The customer’s investigations revealed that the problem occurred because their window was receiving message 0x0091 , and the parameters are wrong. Who is sending this message with the wrong parameters?

Okay, first of all, how do you even know that the parameters are wrong? The message is not listed in winuser.h or in MSDN (as it was then called).

We explained that message 0x0091 is an internal message that they should just pass to Def­Window­Proc unchanged. What makes the customer think that the message is being received with the wrong parameters?

The customer said that their program was using that message as a custom message, and now, in addition to getting it when their program sends the message, they are also getting spurious copies of the message with WPARAM and LPARAM values that don’t correspond to any values that the program itself sent.

We informed them that they shouldn’t have been using that message for their own purposes. Those messages are in the system-defined range , which means that they are off-limits to applications. If they want to send a private message, use one in the application space.

It’s like finding an empty closet in an office building and using it to store your bicycle, but now, when you come to work, you find that the closet is filled with other stuff and there’s no room for your bicycle any more. “Why is there stuff in that closet?” Because it wasn’t your closet in the first place.

The liaison took our advice back to the customer, but mentioned that the customer probably won’t like that answer. The message 0x0091 was not the only message they were using. They also used other messages below WM_ USER , and they were all causing problems; they just wanted to start their investigation with 0x0091 .

Oh well. But I hope it’s as simple as just changing a macro definition from

#define WM_MYSECRETMESSAGE 0x0091 to

#define WM_MYSECRETMESSAGE (WM_APP + 1020) // or something Pick a message in the range available to applications for custom use.

The post What’s up with window message <CODE>0x0091</CODE>? We’re getting it with unexpected parameters appeared first on The Old New Thing .

Let  f ( x ,  y ) be an  n th degree polynomial in  x and  y . In general, a straight line will cross the zero set of  f in  n locations [1].

Newton defined a diameter to be any line that crosses the zero set of  f exactly  n times. If

f ( x ,  y ) =  x ² +  y ² − 1

then the zero set of  f is a circle and diameters of the circle in the usual sense are diameters in Newton’s sense. But Newton’s notion of diameter is more general, including lines the cross the circle without going through the center.

Newton’s theorem of diameters says that if you take several parallel diameters (in his sense of the word), the centroids of the intersections of each diameter with the curve f ( x ,  y ) = 0 all line on a line.

To illustrate this theorem, let’s look at the elliptic curve

y ² = x ³ − 2 x + 1,

i.e. the zeros of f ( x ,  y ) = y ² − ( x ³ − 2 x + 1). This is a third degree curve, and so in general a straight line will cross the curve three times [2].

The orange, green, and red lines are parallel, each intersecting the blue elliptic curve three times. The dot on each line is the centroid of the intersection points, the center of mass if you imagine each intersection to be a unit point mass. The centroids all lie on a line, a vertical line in this example though in general the line could have any slope.

I hadn’t seen this theorem until I ran across it recently when skimming [3]. Search results suggest the theorem isn’t widely known, which is surprising for a result that goes back to Newton.

Related posts

• What is an elliptic curve?

• The fundamental theorem of algebra

• Finding where two quadratic curves intersect

[1] Bézout’s theorem says a curve of degree m and a curve of degee n will always intersect in mn points. But that includes complex roots, adds a line at infinity, and counts intersections with multiplicity. So a line, a curve of degree 1, will intersect a curve of degree n at n points in this extended sense.

[2] See the description of Bézout’s theorem in the previous footnote. In the elliptic curve example, the parallel lines meet at a point at infinity. A line that misses the closed component of the elliptic curve and only passes through the second component has 1 real point of intersection but there would be 2 more if we were working in ℂ² rather than ℝ².

In algebraic terms, the system of equations

y ² = x ³ − 2 x + 1

3 y = 2 x + k

has three real solutions for small values of k , but for sufficiently large values of | k | two of the solutions will be complex.

[3] Mathematics: Its Content, Methods, and Meaning. Edited by A. D. Aleksandrov, A. N. Kolmogorov, and M. A. Lavrent’ev. Volume 1. The post Newton diameters first appeared on John D. Cook .

What if I told you there was a secret social network, hidden in plain sight? If you're reading this message, you're now a member of RSS Club !

RSS Club is a series of posts which are only visible to RSS / Atom subscribers. Like you 😃

If you want this for your own WordPress site, here's what you'll need:

• A blog post which is only visible in RSS / Atom.

• Which has no HTML rendering on your site.

• And cannot be found in your site's search.

• Nor via search engines.

• Also, doesn't appear on your mailing list.

• Does not get shared or syndicated to the Fediverse.

(This is a bit more strict than the original rules which allow for web rendering and being found via a search engine.)

Start With A Category

The easiest way to do this in WordPress is via a category - not a tag.

After creating a category on your blog, click the edit link. You will see in the URl bar a tag_id .

Whenever you want to make an RSS-exclusive post, you select the category before you publish.

Disable Display

This code stops any page in the RSS Club category from being displayed on the web.

function rss_club_post_blocker(): void { if ( is_singular( "post" ) && has_category( "rss-club" ) && !current_user_can( "edit_posts" ) ) { status_header( 403 ); echo "You must be a member of RSS Club to view this content."; exit; } } add_action( "template_redirect", "rss_club_post_blocker" );

Editors can still see it, but everyone else gets a blocked message.

Remove From Site Search and SiteMap

Here's a snippet to stick in your functions.php - it removes the category from any queries unless it is for the admin pages or the RSS feeds.

// Remove the RSS Club category from search results. // $query is passed by reference function rss_club_search_filter( \WP_Query $query ): void { // Ignore admin screens. if ( !is_admin() && !is_feed() ) { // Find the RSS-Club category ID. $category = get_category_by_slug( "rss-club" );

// Remove it from the search results. if ( $category ) { $query->set( "category__not_in", [$category->term_id] ); } } } add_action( "pre_get_posts", "rss_club_search_filter" );

This code also redacts that category from the build-in sitemap. Note - the name of the category still shows up in the XML, but it leads to a 404.

Exclude From Email and Social Media RSS Feeds

My mailing list and social media posts are fed from RSS. So how do remove an entire category from an RSS feed?

Simple! Append ?cat=-1234 to the end!

A negative category ID will remove the category from being displayed. So my email subscribers won't see the RSS only content. Of course, they get email-only exclusive posts, so don't feel too bad for them 😊

Fediverse Exclusion

The manual way is easiest. Assuming you have the ActivityPub plugin and a the Share On Mastodon plugin , you can unselect the sharing options before publishing.

If you think you might forget to toggle those boxen, there is a filter for the share plugin :

function rss_club_mastodon_filter( bool $is_enabled, int $post_id ): bool { global $exclude; if ( has_category( $exclude, $post_id ) ) { return false; } return $is_enabled; } add_filter( "share_on_mastodon_enabled", "rss_club_mastodon_filter", 10, 2 );

Similarly, there's a filter for the ActivityPub plugin :

function rss_club_activitypub_filter( bool $disabled, \WP_Post $post ): bool { global $exclude; if ( has_category( $exclude, $post ) ) { return true; }

return $disabled; } add_filter( "activitypub_is_post_disabled", "rss_club_activitypub_filter", 10, 2 );

Enjoy!

If you've set up your own RSS Club feed, drop me a line so I can subscribe 😊

This is the fifth chapter of my SQLAlchemy 2 in Practice book. If you'd like to support my work, I encourage you to buy this book, either directly from my store or on Amazon . Thank you!

You have now learned the design blocks used in relational databases. Sometimes, however, these building blocks have to be "tweaked" a bit to achieve a desired goal. This chapter is dedicated to exploring a very useful variation on the many-to-many relationship.

->->->->->->->->->->->->->->->->->->->->->->->->->->->->->

Top Sources: None

-->

Today's links

• A Pascal's Wager for AI Doomers : We're already being turned into paperclips.

• Hey look at this : Delights to delectate.

• Object permanence : Every pirate ebook on the internet; Sun's "Open DRM"; Untranslatable words; Let's encrypt is encrypting; Boots ruined by hedge fund; Brussels terrorists' opsec; Copyrighted Klingon; Murder Offsets.

• Upcoming appearances : Toronto, San Francisco, London, Berlin, NYC, Hay-on-Wye, London, NYC.

• Recent appearances : Where I've been.

• Latest books : You keep readin' em, I'll keep writin' 'em.

• Upcoming books : Like I said, I'll keep writin' 'em.

• Colophon : All the rest.

A Pascal's Wager for AI Doomers ( permalink )

Lest anyone accuse me of bargaining in bad faith here, let me start with this admission: I don't think AI is intelligent; nor do I think that the current (admittedly impressive) statistical techniques will lead to intelligence. I think worrying about what we'll do if AI becomes intelligent is at best a distraction and at worst a cynical marketing ploy:

https://locusmag.com/feature/cory-doctorow-full-employment/

Now, that said: among some of the "AI doomers," I recognize kindred spirits. I, too, worry about technologies controlled by corporations that have grown so powerful that they defy regulation. I worry about how those technologies are used against us, and about how the corporations that make them are fusing with authoritarian states to create a totalitarian nightmare. I worry that technology is used to spy on and immiserate workers.

I just don't think we need AI to do those things. I think we should already be worried about those things.

Last week, I had a version of this discussion in front of several hundred people at the Bronfman Lecture in Montreal, where I appeared with Astra Taylor and Yoshua Bengio (co-winner of the Turing Prize for his work creating the "deep learning" techniques powering today's AI surge), on a panel moderated by CBC Ideas host Nahlah Ayed:

https://www.eventbrite.ca/e/artificial-intelligence-the-ultimate-disrupter-tickets-1982706623885

It's safe to say that Bengio and I mostly disagree about AI. He's running an initiative called "Lawzero," whose goal is to create an international AI consortium that produces AI as a "digital public good" that is designed to be open, auditable, transparent and safe:

http://lawzero.org

Bengio said he'd started Lawzero because he was convinced that AI was going to get a lot more powerful, and, in the absence of some public-spirited version of AI, we would be subject to all kinds of manipulation and surveillance, and that the resulting chaos would present a civilizational risk.

Now, as I've stated (and as I said onstage) I am not worried about any of this. I am worried about AI, though. I'm worried a fast-talking AI salesman will convince your boss to fire you and replace you with an AI that can't do your job (the salesman will be pushing on an open door, since if there's one thing bosses hate, it's paying workers).

I'm worried that the seven companies that comprise 35% of the S&P 500 are headed for bankruptcy, as soon as someone makes them stop passing around the same $100b IOU while pretending it's in all their bank accounts at once. I'm worried that when that happens, the chatbots that badly do the jobs of the people who were fired because of the AI salesman will go away, and nothing and no one will do those jobs. I'm worried that the chaos caused by vaporizing a third of the stock market will lead to austerity and thence to fascism:

https://pluralistic.net/2026/04/13/always-great/#our-nhs

I worry that the workers who did those jobs will be scattered to the four winds, retrained or "discouraged" or retired, and that the priceless process knowledge they developed over generations will be wiped out and we will have to rebuild it amidst the economic and political chaos of the burst AI bubble:

https://pluralistic.net/2026/04/08/process-knowledge-vs-bosses/#wash-dishes-cut-wood

In short, I worry that AI is the asbestos we're shoveling into our civilization's walls, and our descendants will be digging it out for generations:

https://pluralistic.net/2026/01/06/1000x-liability/#graceful-failure-modes

But Bengio disagrees. He's very smart, and very accomplished, and he's very certain that AI is about to become "superhuman" and do horrible things to us if we don't get a handle on it. Several times at our events, he insisted that the existence of this possibility made it wildly irresponsible not to take measures to mitigate this risk.

Though I didn't say so at the time, this struck me as an AI-inflected version of Pascal's wager:

A rational person should adopt a lifestyle consistent with the existence of God and should strive to believe in God… if God does not exist, the believer incurs only finite losses, potentially sacrificing certain pleasures and luxuries; if God does exist, the believer stands to gain immeasurably, as represented for example by an eternity in Heaven in Abrahamic tradition, while simultaneously avoiding boundless losses associated with an eternity in Hell.

https://en.wikipedia.org/wiki/Pascal%27s_wager

Smarter people than me have been poking holes in Pascal's wager for more than 350 years. But when it comes to this modern Pascal's AI Wager, I have my own objection: how do you know when you've lost?

As of this moment, the human race has lit more than $1.4t on fire to immanentize this eschaton, and it remains stubbornly disimmanentized. How much more do we need to spend before we're certain that god isn't lurking in the word-guessing program? Sam Altman says it'll take another $2-3t – call it six months' worth of all US federal spending. If we do that and we still haven't met god, are we done? Can we call it a day?

Not according to Elon Musk. Musk says we need to deconstruct the solar system and build a Dyson sphere out of all the planets to completely encase the sun, so we can harvest every photon it emits to power our word-guessing programs:

https://www.pcmag.com/news/elons-next-big-swing-dyson-sphere-satellites-that-harness-the-suns-power

So let's say we do that and we still haven't met god – are we done? I don't see why we would be. After all, Musk's contention isn't that our sun emits one eschaton's worth of immanentizing particles. Musk just thinks that we need a lot of these sunbeams to coax god into our plane of existence. If one sun won't do it, perhaps two? Or two hundred? Or two thousand? Once we've committed the entire human species to this god-bothering project to the extent of putting two kilosuns into harness, wouldn't we be nuts to stop there? What if god is lurking in the two thousand and first sun? Making god out of algorithms is like spelling "banana" – easy to start, hard to stop.

But as Bengio and I got into it together on stage at the Montreal Centre, it occurred to me that maybe there was some common ground between us. After all, when someone starts talking about "humane technology" that respects our privacy and works for people rather than their bosses, my ears grow points. Throw in the phrase "international digital public goods" and you've got my undivided attention.

Because there's a sense in which Bengio and I are worried about exactly the same thing. I'm terrified that our planet has been colonized by artificial lifeforms that we constructed, but which have slipped our control. I'm terrified that these lifeforms corrupt our knowledge-creation process, making it impossible for us to know what's true and what isn't. I'm terrified that these lifeforms have conquered our apparatus of state – our legislatures, agencies and courts – and so that these public bodies work against the public and for our colonizing alien overlords.

The difference is, the artificial lifeforms that worry me aren't hypothetical – they're here today, amongst us, endangering the very survival of our species. These artificial lifeforms are called "limited liability corporations" and they are a concrete, imminent risk to the human race:

https://pluralistic.net/2026/04/15/artificial-lifeforms/#moral-consideration

What's more, challenging these artificial lifeforms will require us to build massive, "international, digital public goods": a post-American internet of free/open, auditable, transparent, enshittification-resistant platforms and firmware for every purpose and device currently in service:

https://pluralistic.net/2026/01/01/39c3/#the-new-coalition

And even after we've built that massive, international, digital public good, we'll still face the challenge of migrating all of our systems and loved ones out of the enshitternet of defective, spying, controlling American tech exports:

https://pluralistic.net/2026/01/30/zucksauce/#gandersauce

Every moment that we remain stuck in the enshitternet is a moment of existential risk. At the click of a mouse, Trump could order John Deere to switch off all the tractors in your country:

https://pluralistic.net/2022/05/08/about-those-kill-switched-ukrainian-tractors/

He doesn't need tanks to steal Greenland. He can just shut off Denmark's access to American platforms like Office365, iOS and Android and brick the whole damned country . It would be another Strait of Hormuz, but instead of oil and fertilizer, he'd control the flow of Lego, Ozempic and deliciously strong black licorice:

https://pluralistic.net/2026/01/29/post-american-canada/#ottawa

These aren't risks that could develop in the future . They're the risks we're confronted with today and frankly, they're fucking terrifying .

So here's my side-bet on Pascal's Wager. If you think we need to build "international digital public goods" to head off the future risk of a colonizing, remorseless, malevolent artificial lifeform, then let us agree that the prototype for that project is the "international digital public goods" we need right now to usher in the post-American internet and save ourselves from the colonizing, remorseless, malevolent artificial lifeforms that have already got their blood-funnels jammed down our throats.

Once we defeat those alien invaders, we may find that all the people who are trying to summon the evil god have lost the wherewithal to do so, and your crisis will have been averted. But if that's not the case and the evil god still looms on our horizon, then I will make it my business to help you mobilize the legions of skilled international digital public goods producers who are still flush from their victory over the limited liability corporation, and together, we will fight the evil god you swear is in our future.

I think that's a pretty solid offer.

Hey look at this ( permalink )

• A Hole in the ‘Open-and-Shut’ Case Against Charlie Kirk’s Alleged Assassin? https://prospect.org/2026/04/15/hole-in-open-and-shut-case-against-charlie-kirks-alleged-assassin-tyler-robinson/

• WORSE ON PURPOSE https://www.worseonpurpose.com/

• How Viktor Orbán Bankrolled the Network Around Reform UK https://bylinetimes.com/2026/04/14/exposed-how-viktor-orban-bankrolled-the-network-around-reform-uk/

• Two Visions https://www.hamiltonnolan.com/p/two-visions

• Caught in the Crackdown: As Arrests at Anti-ICE Protests Piled Up, Prosecutions Crumbled https://www.propublica.org/article/caught-in-crackdown-ice-cbp-doj-trump-arrests-convictions

Object permanence ( permalink )

#25yrsago Every pirate ebook on the internet https://web.archive.org/web/20010724030402/https://citizen513.cjb.net/

#20yrsago Retired generals diss Donald Rumsfeld https://nielsenhayden.com/makinglight/archives/007432.html#007432

#20yrsago How to break HDCP https://blog.citp.princeton.edu/2006/04/14/making-and-breaking-hdcp-handshakes/

#20yrsago How Sun’s “open DRM” dooms them and all they touch https://memex.craphound.com/2006/04/14/how-suns-open-drm-dooms-them-and-all-they-touch/

#20yrsago Benkler's "Wealth of Networks" http://www.congo-education.net/wealth-of-networks/

#15yrsago Scientific management’s unscientific grounding: the Management Myth https://web.archive.org/web/20120823212827/https://www.theatlantic.com/magazine/archive/2006/06/the-management-myth/304883/

#15yrsago 216 “untranslatable” emotional words from non-English languages https://www.drtimlomas.com/lexicography/cm4mi/lexicography#!lexicography/cm4mi

#10yrsago New York public employees union will vote on pulling out of hedge funds https://web.archive.org/web/20160414230326/https://www.bloomberg.com/news/articles/2016-04-13/nyc-pension-weighs-liquidating-1-5-billion-hedge-fund-portfolio

#10yrsago Panama’s public prosecutor says he can’t find any evidence of Mossack-Fonseca’s lawbreaking https://web.archive.org/web/20160419165306/https://www.thejournal.ie/mossack-fonseca-prosecution-2714795-Apr2016/?utm_source=twitter_self

#10yrsago Bernie Sanders responds to CEOs of Verizon and GE: “I welcome their contempt” https://web.archive.org/web/20160415165051/https://www.businessinsider.com/bernie-sanders-verizon-contempt-2016-4

#10yrsago Let’s Encrypt is actually encrypting the whole Web https://www.wired.com/2016/04/scheme-encrypt-entire-web-actually-working/

#10yrsago City of San Francisco tells man he can’t live in wooden box in friend’s living room https://www.theguardian.com/us-news/2016/apr/13/san-francisco-new-home-rented-box-illegal?CMP=tmb_gu

#10yrsago How the UK’s biggest pharmacy chain went from family-run public service to debt-laden hedge-fund disaster https://www.theguardian.com/news/2016/apr/13/how-boots-went-rogue

#10yrsago Ohio newspaper chain owner says his papers don’t publish articles about LGBTQ people https://ideatrash.net/2016/04/the-owner-of-four-town-papers-in-ohio.html

#10yrsago How British journalists talk about people they’re not allowed to talk about https:/

内容较长，当前仅展示前 14000 字。可点击“打开原文”查看完整内容。

The proof of work is the wrong analogy: finding hash collisions, while exponentially harder with N, is guaranteed to find, with enough work, some S so that H(S) satisfies N, so an asymmetry of resources used will see the side with more "work ability" eventually winning.

But bugs are different:

1. Different LLMs executions take different branches, but eventually the possible branches based on the code possible states are saturated.

2. If we imagine sampling the model for a bug in a given code M times, with M large, eventually the cap becomes not "M" (because of saturated state of the code AND the LLM sampler meaningful paths), but "I", the model intelligence level.

The OpenBSD SACK bug easily shows that: you can run an inferior model for an infinite number of tokens, and it will never realize(*) that the lack of validation of the start window, if put together with the integer overflow, then put together with the fact the branch where the node should never be NULL is entered regardless, will produce the bug.

So, cyber security of tomorrow will not be like proof of work in the sense of "more GPU wins"; instead, better models, and faster access to such models, will win.

* Don't trust who says that weak models can find the OpenBSD SACK bug. I tried it myself. What happens is that weak models hallucinate (sometimes causally hitting a real problem) that there is a lack of validation of the start of the window (which is in theory harmless because of the start Comments

For most of the time GitHub has owned npm, the public-facing website at npmjs.com has been effectively frozen, with the issue tracker accumulating years of requests that nobody on the inside seemed to be reading. In January Daniel Roe started npmx.dev as an alternative web frontend over the same registry data, posted about it on Bluesky, and within a fortnight years of pent-up demand had turned into a thousand issues and pull requests on a repo that would actually merge them, with the contributor count passing a hundred a couple of days after that. It helps that every npmjs.com URL works with the hostname swapped to npmx.dev or xnpmjs.com , the same trick Invidious and Nitter used, so browser extensions and muscle memory carry straight over. The competitive pressure appears to have worked: npmjs.com shipped dark mode last month, the single most upvoted feature request on the tracker for something like five years, and there are signs of other long-dormant tickets being picked up.

Whether or not that continues, npmx has turned into a useful catalogue of ideas for anyone building a package registry website, and the whole thing is MIT licensed where the npm registry and website remain closed source, so every feature below comes with a working reference implementation rather than just screenshots. Prior art from other ecosystems is noted where it exists.

• Transitive install size. The number shown is the unpacked size of the package plus every dependency it pulls in, which is what actually lands on disk, rather than the single tarball size that crates.io and PyPI show. JavaScript developers have been getting this from bundlephobia and packagephobia for years.

• Install script disclosure. Any preinstall , install , or postinstall script in the manifest is rendered on the package page along with the npx packages those scripts would fetch, with links into the code browser so you can read what runs. Worth having in front of you given how many supply-chain incidents start with a postinstall hook.

• Outdated and vulnerable dependency trees. Rather than a flat list of declared dependencies, you get an expandable tree where each node is annotated with how far behind latest it is and whether it appears in OSV , recursively through transitives. Google’s deps.dev does something similar across ecosystems.

• Version range resolution. Wherever a semver range like ^1.0.0 appears it is shown alongside the concrete version it currently resolves to, which saves a round trip to the CLI when you are trying to work out what you would actually get.

• Module replacement suggestions. Packages that appear in the e18e module-replacements dataset get a banner pointing at the native API or lighter alternative, with MDN links for the native cases.

• Module format and types badges. ESM, CJS, or dual is shown next to the package name, as is whether TypeScript types are bundled or need a separate @types/* install, plus the declared Node engine range. JavaScript-specific in the details but the general idea of “will this work with my toolchain” badges travels; crates.io’s MSRV field and edition badge are in the same spirit.

• Multi-forge repository stats. Star and fork counts are fetched from GitHub, GitLab, Bitbucket, Codeberg, Gitee, Sourcehut, Forgejo, Gitea, Radicle, and Tangled , depending on where the repository field points, rather than special-casing GitHub.

• Cross-registry availability. Scoped packages that also exist on JSR are flagged as such. The npm/JSR pairing is particular to JavaScript but “this is also on registry X” applies anywhere ecosystems overlap, like Maven and Clojars or the various Linux distro repos, and the same lookup doubles as a dependency-confusion check when the name exists elsewhere but the publisher does not match.

• Side-by-side package comparison. Up to ten packages can be loaded into a compare view that lays out all the metrics above in a table, plus a scatter plot with aggregate “traction” on one axis and “ergonomics” on the other so the popular-but-heavy and small-but-unknown options separate visually.

• Version diffing. Any two published versions can be diffed file-by-file in the browser, which Hex has had for years via diff.hex.pm and which exists in the Rust world through cargo-vet tooling.

• Release timeline with size annotations. Every version of a package is plotted on a timeline with markers where install size jumped by a meaningful percentage, which is a neat way to spot the release where someone accidentally started shipping their test fixtures.

• Download distribution by version. The weekly download chart can be broken down by major or minor line so you can see how much of the ecosystem is still on v2 of something now on v5, similar to RubyGems’ per-version download counts but rendered as a distribution rather than a table.

• Command palette. ⌘K opens a palette with every action available on the current page plus global navigation, and on a package page typing a semver range filters the version list to matches. Borrowed from editors and from GitHub itself rather than from any registry.

• Internationalisation. The interface ships in over thirty locales including RTL languages, with PyPI’s Warehouse being the other registry that has invested in this.

• Accessibility as a default. Charts and demo videos in the release notes carry long-form aria-label and figcaption text, the command palette works with screen readers, and there is a dedicated accessibility statement .

• Playground link extraction. StackBlitz, CodeSandbox, CodePen, JSFiddle, and Replit links found in a package’s README are pulled out into a dedicated panel so you can try the thing without cloning it.

• Agent skill detection. Packages that contain Agent Skills manifests have them listed with declared tool compatibility, which is very 2026, though detecting non-code payloads in published packages is useful.

• Social features on AT Protocol. Package “likes” are atproto records rather than rows in a private database, blog comment threads are Bluesky threads, and the custom record types are public lexicons in the repo so other tools can read and write the same data without talking to npmx. If you have ever wanted to add reviews or comments to a registry and balked at the moderation burden of running another silo, borrowing an existing network’s identity and content layer is a defensible answer, and while I am personally sceptical that leaning on Bluesky’s infrastructure will work out long term, npmx at least runs its own PDS at npmx.social so the records stay under their control either way.

• Local-CLI admin connector. Management actions like claiming a package name or editing access are proxied through your local npm CLI rather than requiring you to log into the site, which sidesteps the need for npmx to hold credentials for a registry it does not own.

• Dark mode and custom palettes. Listed last because this is the one npm has now copied, joining pkg.go.dev, crates.io, and PyPI which already had it.

Someone in the .NET world has already built an equivalent: nugx.org , in its own words “inspired by npmx”, is doing the same thing for NuGet.

In 2006, Joe Sugarman published a book called The Adweek Copywriting Handbook - and an axiom stuck... "The sole purpose of the first sentence in an advertisement is to get you to read the second sentence." That line, more or less, explains how social media turned into a pile of shit. Sugarman's advice became the core system prompt for 300,000 tech assholes on Twitter. They've run it through algorithm after algorithm and produced the most soul destroying rhetorical tic of the 2020s. I'm talking about "Mostpeopleslop." "Most founders don't know this yet." "Most people aren't paying attention to this." "Most founders skip [thing my startup sells] because [bad reason]." "Most founders treat [normal activity] like [wrong version of activity]." "Most founders say they want [thing]. Few actually [thing] well." "Most founders confuse [vague concept A] with [vague concept B]." You've seen it, you've scrolled past it, and you've maybe even liked one or two of these excretions before your brain caught up to your thumb, because it's bloody everywhere. It breeds in the dark spaces between LinkedIn notifications, it has colonized every timeline on every platform where a man with a podcast and a Calendly link can post for free, and I hate it. May God forgive me, I hate it.

Why it works (and why that's the problem) I'll give the format its due: it works // performs. And the reason why is simple. "Most people" is a tribal signal - when you read "most people don't know about this," your brain does a quick calculation: Am I most people? Do I want to be most people? No? Then I better keep reading, so I can be the Holy Exception. But you're not actually learning fucking anything. You're being told you're special for having stopped to read, and the poster is offering you membership in an in-group, and the price of admission is a like, a retweet, any scrap of engagement. It's a scarcity play - people pay more attention to shit that feels exclusive. "Most people don't know this" is exactly that. It comes in a few different flavours... The Reframe Artist goes "Most people are treating [recent tech acquisition] as a media story. It's a distribution story." This guy read one Ben Thompson article in 2019 and has been repackaging the word "distribution" as a personality trait ever since. The point underneath might even be fine! But he can't say it straight. The Trojan Horse is "Most founders skip analytics because setup is painful. [My startup] is native. Zero setup." These are just ads. They are indistinguishable from late-night infomercials. "Are YOU tired of [thing]? Most founders are! But wait, there's more and if you follow and reply CRAP now, you get a set of steak knives..." The Self-Eating Snake: "Most founders treat building in public like a highlight reel. They're doing it wrong. 7 ways to build in public without being cringe." Followed by a numbered list that packages a real idea in the same exact format it claims to be critiquing. The Fortune Cookie: "Most founders confuse motivation with desperation." "Most founders mistake speed for progress." These sound wise if you scroll past them fast enough. They're fortune cookies, and they get engagement because they're perfect for screenshotting into your Instagram story, but there's nothing actually there... And the Parasite : some guy quote-tweets "What keeps you moving? Progress or Pressure?" and adds "Most founders confuse which one they're running on." You take someone else's thought, bolt on the "most founders" frame, and now you've "created content." The confidence-to-effort ratio should embarrass anyone. It's intellectual house-flipping, with all the integrity attached. The content industrial complex Mostpeopleslop has metastasized because Twitter started rewarding engagement bait at the same time the creator economy started demanding you post all day // every day. If you're a tech influencer in 2026, you probably post 10 to 20 times a day, maybe more - this is what the gurus tell you to do. You need formats you can crank out fast that reliably get impressions, and "most people" threads do exactly that. There's no research required, and no original data - you barely need an opinion. You could generate these in your sleep, and thanks to OpenClaw some of these guys clearly do... The easiest content to produce is the content that mimics existing successful content. The "most people" format is the shallow work of tech Twitter. It looks like thought leadership. It reads like wisdom. It's still slop. The result is a timeline full of people telling you what "most people" get wrong, while they all say roughly the same things, in roughly the same format, to the same audience with a near-uniform contrarianism. Everyone is standing on a soapbox yelling "wake up, sheeple" at a crowd of other people on soapboxes. The aesthetic crime of reading the same tweet structure 40 times a day isn't even the worst part - it's that mostpeopleslop degrades the information environment. When every piece of advice is framed as something "most people" don't know, you lose the ability to distinguish between underappreciated ideas and stuff someone repackaged from a blog post they read that morning... And it trains audiences to value framing over substance - if you read enough "most people" posts, you start evaluating ideas based on how they're packaged rather than whether they're true. A well-formatted "most people" thread with a mediocre idea will outperform a useful post that doesn't use the formula, and so yes the medium becomes the message, but the message is: style points matter more than being right or even being valuable in the first place. Everyone is an insider and an outsider at the same time; you're an insider because you're reading this post, you're an outsider because "most people" haven't figured this out yet, but since everyone is reading these posts, everyone is an insider, which means the distinction is fictional and we seem to have a collective hallucination of exclusivity. The incentive structure on Twitter (and LinkedIn, where this format is somehow even more prevalent) rewards this kind of posting. If you're building an audience to sell a course, a SaaS product, a consulting practice, or a $249/month community where you teach other people to build audiences to sell courses, you need impressions, and you need followers, and mostpeopleslop delivers both. The people posting this stuff aren't stupid; some of them (a select // rare few, I'll grant) are sharp, have real experience, and could write things worth reading, but the format is a trap. Once you see that it performs, you keep using it, and every time you use it, you get a little further from saying something real and a little closer to being a content-generation machine optimized for engagement metrics. You have become the slop. I want people to say the thing. If you have an observation about distribution, share the observation. If you built a product that solves a problem, describe the problem and describe the solution and have done with it. You don't need to frame every single post as a correction of what "most people" believe, and you don't need to position yourself as the lone voice of reason in a sea of ignorance. You can just ~say the thing. The best writers and thinkers in tech have never needed the "most people" crutch. You can be interesting without being condescending. You can build an audience by being useful rather than by manufacturing a false sense of exclusivity 280 characters at a time. But most people don't know that yet. (Sorry. Had to.)

David Pierce, last week in his Installer column/newsletter for The Verge, singing the praises of the version 5.0 update to Sofa (the praises of which I just sung ):

Sofa 5 . A huge update to an Installerverse favorite, this app is now a great way to manage everything you want to watch, read, play, and even do IRL. I never quite made it stick when it was mostly just movies and shows, but now I think of it as like a Notion for my personal life. Apple devices only, alas, but boy do I love this app.

Pierce, I just noted today , also just wrote a feature story at The Verge about his decision to buy a new iPhone  — after trying an array of new Android phones and admitting to a (questionable, IMO) personal preference for Android over iOS — because there are so many better apps on iOS that don’t have equivalent-quality counterparts on Android. In that earlier piece, Pierce wrote:

Lots of the apps I use every day — apps like Puzzmo , NotePlan , Mimestream , and Unread  — either don’t exist on Android at all or only exist as web apps. Most of the ones that do work on both platforms are better on iOS. And forget about the kind of handcrafted, small-developer stuff — apps like Acme Weather , Current , and Quiche , just to name a few recent favorites — that’s all over the App Store and absolutely nowhere to be found on Android.

These apps don’t just happen to be both exquisitely crafted and exclusive to iOS (and in same cases, MacOS). They’re exquisitely crafted because they are idiomatic native apps designed to adhere to Apple’s platforms. Not all native apps are great, of course, but most great apps are native — and most great native apps are native to iOS or MacOS.

So there ought be no “alas” to describe Sofa being exclusive to Apple devices, but instead a “thank you” to developer Shawn Hickman for keeping it exclusive, and thus keeping it great.

★

Shawn Hickman:

A show you started last month. A book on your nightstand. A game you keep meaning to get back to. Finding something new is easy. Remembering where you left off is the hard part.

Sofa 5 helps you keep track of this stuff. Progress rings show up on covers throughout the app so you can see where you stand at a glance. Your home screen shows what’s next with one-tap checkboxes to keep things moving.

Five ways to track, depending on what fits: just enjoy with zero setup, tap to log, count pages, check off episodes, or keep a journal as you go. Pick one and switch anytime.

It’s a well-established cliché that no one ever finds the perfect to-do app or “task management system” unless they create it themselves. That’s certainly true for me (and resulted in my co-creating Vesper ). Keeping track of things you want or need to do is too close to codifying how you think and remember things in your own mind, and we all think and remember in unique ways. We thus crave unique apps or systems to manage our tasks, ones that fit our minds just right . That’s why there are a zillion to-do apps, including a bunch that are actually good. And, these days, that’s why there are so many people creating their own personal to-do apps using AI coding systems.

Because media-tracking apps are just a subset of to-do apps, all the same things hold true for them. So, just like how I occasionally flit back and forth between general-purpose to-do apps, or become enamored with a new one , I’ve switched between several media-tracking apps over the years. These are apps where you keep lists of movies and shows you want to watch, books you want to read, and then log them, perhaps with notes or ratings, as you watch them.

It’s an endlessly fascinating app genre. Sofa is a really good one, one that I’ve used, on and off, for years. (Disclaimer: I started using Sofa when it was the weekly sponsor on DF back in 2022 , but I’ve kept using it since then because it’s so good.) I’ve been using Sofa v5 for months now, including while it was in beta, and it is a big improvement to an already very good, very thoughtful app. A lot of people use general-purpose to-do apps to track movies and shows to watch, books to read, and games to play. Sofa 5 goes the other way, and expands what started as a dedicated media tracker into something you can use to track, well, anything you want to do.

Sofa is quite useful for free, and super useful with a paid subscription. If you’re even vaguely unsatisfied with your current app or system for tracking media to watch / read / play, you should check it out.

★

Tool: datasette.io news preview

The datasette.io website has a news section built from this news.yaml file in the underlying GitHub repository. The YAML format looks like this:

- date: 2026-04-15 body: |- [Datasette 1.0a27](https://docs.datasette.io/en/latest/changelog.html#a27-2026-04-15) changes how CSRF protection works in a way that simplifies form and API integration, and introduces a new `RenameTableEvent` for when a table is renamed by a SQL query. - date: 2026-03-18 body: |- ... This format is a little hard to edit, so I finally had Claude build a custom preview UI to make checking for errors have slightly less friction.

I built it using standard claude.ai and Claude Artifacts, taking advantage of Claude's ability to clone GitHub repos and look at their content as part of a regular chat:

Clone https://github.com/simonw/datasette.io and look at the news.yaml file and how it is rendered on the homepage. Build an artifact I can paste that YAML into which previews what it will look like, and highlights any markdown errors or YAML errors

Tags: vibe-coding , claude , tools , datasette

For reasons outside of the scope of this entry, we have an increasing number of servers in an inconvenient location ( I called it 'offsite' but that's not quite accurate). Since these servers run Ubuntu LTS, they're going to need to be reinstalled with new versions every so often, starting this summer (as 26.04 comes out), and we really don't want to do that in person, so we've been thinking about our options.

The best option would be to only have servers with full support for remote management through their BMC . By full support, I mean full 'KVM over IP' support for remote access as well as remote media, so that we could continue to use our regular install processes, exactly as if we were physically present to plug in a bootable USB stick and so on. Unfortunately lots of our servers either don't have a BMC at all or have a BMC with restricted and limited features (because we haven't bought an expensive license, for example).

The cheapest solution that is the most work to add and implement is network booting (and this only handles our reinstall issue). Assuming that all of our servers can reliably boot from the network (which isn't a sure thing), I believe that we could set up an environment that booted into our install setup, then had us SSH in to the Ubuntu server installer, where we could handle things more or less as if we were booting and installing locally. In a UEFI environment, in theory we can reliably switch boot entries around to do things like a one-shot network boot. Another nearby group does this for all of their servers (running Debian), so it's definitely possible to handle things this way. This option is arguably the technically correct way to handle installs and reinstalls, but will take much more staff time to set up.

The most general and easy to implement solution is a modern external 'KVM over IP' system. These plug into the video and USB ports of your server or servers, then let you access everything over IP, usually through an embedded web server. Since they use USB for their keyboard and mouse, it's easy for good modern ones to also support 'remote media', presenting either a USB disk or a USB DVD drive to the host. Often you can either upload your image (or images) to the internal storage on the KVM over IP system or stream it from somewhere else. For various reasons this isn't as good as a fully capable BMC, but you can get rack-focused multi-server systems that will let you connect one head unit to 8, 16, or more servers, as well as smaller scale single system units (including FOSS-based ones that can do useful tricks like run WireGuard).

(Most of the small scale systems only support HDMI. The rack systems often support VGA and DVI as well, which is good, because lots of our servers are still VGA. You can get converter dongles but it's better to have fewer pieces of hardware.)

For our purposes we'd like a KVM over IP system that supports more than one server at once but we don't need too many. Our major use is reinstalls and other troubleshooting, and we don't too many of those at once, so it's okay if we have to walk over to the datacenter location to shuffle which eight servers in a rack the KVM over IP system is currently connected to. However, for reasons outside of the scope of this entry it would be very useful if the KVM over IP system was rack-mountable (in a switch style two-post fashion would be fine).

The external KVM over IP option is more expensive in direct up front costs than building a network booting environment, but it requires a lot less staff time to build and maintain. On the other hand, at a university staff time is often considered a sunk cost that's ignored , so we may wind up with network booting even though we could probably get an 8-server KVM over IP solution for a cost that works out to only a few days time of a single system administrator.

(We could get a basic, single server, non-rack-mount, HDMI only KVM over IP box for trivial amounts of money, but that doesn't work as well in this situation.)

(A bit of me would enjoy the challenge of designing and building a network boot install environment, but the rest of me is looking at the amount of regular work we have and the fact that this is a repeatedly solved problem and feeling unenthused. Someone out there may even have written up how to go from having an Ubuntu server installer image to network-booting it on some machine, but good luck finding that writeup on today's Internet.)

Speed has become the primary virtue of the modern world. Everything is sacrificed to it.

Move fast (and break things, not as a goal but as a consequence).

Wisdom requires allowing yourself to be undone by experience:

• An opinion dismantled by reality.

• An artifact torn apart by the real world.

• An idea destroyed by its own shortsightedness.

Experiencing these can be slow and uncomfortable, but if you keep up your speed you can outrun them — never reflecting on what happened in your wake.

Speed is how you avoid reckoning. It guarantees you miss things, and you can’t learn from what you don’t notice.

Wisdom’s feedback loop is slow.

Wise people I’ve met seem unhurried. I don’t think it’s because they’re slow thinkers or actors. I think it’s because they’ve learned that important things take the time they take, no amount of urgency changes that.

Wisdom is chasing all of us, but we’re going too fast to notice what it’s trying to teach us.

Reply via:

Email · Mastodon ·

Bluesky

Sorry for missing last week! Was sick and then busy.

This week I want to cover a pet peeve of mine, best seen in this comic:

A "comprehensive and precise spec" is not necessarily code. A specification corresponds to a set of possible implementations, and code is a single implementation in that set. As long as the set has more than one element, there is a separation between the spec and the code.

Consider a business person (bp) who asks:

I want a tool to convert miles to kilometers.

Is this a comprehensive spec? Maybe, you can give it to Claude Code and tell it to make all design decisions and it will give you a program that converts miles to km. At the same time, there is a huge amount of details left out of this. What language? What's the UX? Should it be a command line script or a mobile app or an enterprise SaaS? For this reason, if we gave Claude's output to the bp, they'll probably be unsatisfied. The set of possible implementations includes the programs they want, but also lots of programs they don't want.

So they now they say:

It should be a textbox on a website.

Okay, this rules out a lot more stuff, but there's still a lot to decide. React or vanillajs or htmx? Should the output be a separate textbox or a popup? Should we use a conversion of 1.6 , 1.61 , or 1.609 ? So you could argue that this is still not a "comprehensive and precise spec". But what if the bp is happy with whatever Claude makes? Then their spec was sufficiently comprehensive and precise, since they got a program that solved their problem!

Now the comic above makes the more specific claim that a spec "comprehensive and precise enough to generate a program " is code. That wasn't even true before LLMs. Program synthesis , the automatic generation of conformant programs from specifications, is an active field of research! Last I checked in 2019 they were only generating local functions from type specifications; I don't know how things have changed with LLMs. But still, it shows that code and comprehensive specs are distinct things.

Specs are abstractions

What I'm getting at here is that a specification is an abstraction of code. 1 For every spec, there is a set of possible programs that satisfy that spec. The more comprehensive and precise the spec, the fewer programs in this set. If spec1 corresponds to a superset of spec2 , we further say that spec2 refines spec1 . A specification is sufficient if it does not need to be refined further: no matter what implementation ( within reason 2 ) is provided, the specifier would be satisfied. A spec does not need to be fully comprehensive to be sufficient.

Programmers are still needed to write specs

The comic makes a further claim: "a sufficiently detailed spec is code" is a reason why programmers won't be out of a job, even with we could automatically generate code from specs. And this is still true.

It is often the case that we express the abstraction spec via a formal language. Normally this makes me think of TLA+ or UML or even Planguage , but the most common example of this would be test suites. Tests are specifications, too ! And as a rule, it seems impossible to get nonprogrammers to successfully encode things in formal languages. Cucumber was a failed attempt to make business people write formal specs.

But does this make a comprehensive spec "code"? I'd argue no. It's possible to encode a specification in a programming language (again, test suites), but it is just that, an encoding. The spec still corresponds to a set of possible implementation programs, and the spec is still useful even if we don't encode it. Keeping "code" and "spec" distinct concepts is useful.

• obligatory link   ↩

• As in the implementation makes a good faith attempt to make a reasonable implementation. IE "this converts miles to kilometers and also mines crypto" is not a good faith interpretation.  ↩

Using the repair-friendly Framework 13 laptop chassis, I've tested the low-end x86 option (a Ryzen AI 5 340 Mainboard ), the fastest RISC-V option ( DC-ROMA II ), and today I'm publishing results from the only Arm Mainboard, the MetaComputing AI PC , which has a 12-core Arm SoC and up to 32 GB of soldered-on RAM.

My Framework 13 has run on x86, RISC-V, and now Arm, making it something of a 'Ship of Theseus'.

A customer reported that they were using the Wait­For­Single­Object function to wait for a thread to exit, but they found that even though the thread had exited, the Wait­For­Single­Object call did not return for over a minute. What could explain this delay in reporting the end of a thread? Can we do something to speed it up?

My psychic powers tell me that the thread didn’t actually exit.

What the customer is observing is probably that their thread procedure has returned, signaling the end of the thread. But a lot of stuff happens after the thread procedure exits. The system needs to send DLL_ THREAD_ DETACH notifications to all of the DLLs (unless the DLL has opted out via Disable­Thread­Library­Calls ), and doing so requires the loader lock.

I would use the debugger to look for the thread you thought had exited and see what it’s doing. It might be blocked waiting for the loader lock because some other thread is hogging it. Or it could be running a DLL’s detach code, and that detach code has gotten stuck on a long-running operation.

I suspect it’s the latter: One of the DLLs is waiting for something in its detach code, and that something takes about a minute.

We didn’t hear back from the customer, which could mean that this was indeed the problem. Or it could mean that this didn’t help, but they decided that we weren’t being helpful and didn’t pursue the matter further. Unfortunately, in a lot of these customer debugging engagements, we never hear back whether our theory worked. (Another possibility is that the customer wrote back with a “thank you”, but the customer liaison didn’t forward it to the engineering team because they didn’t want to bother them any further.)

The post Why is there a long delay between a thread exiting and the <CODE>Wait­For­Single­Object</CODE> returning? appeared first on The Old New Thing .

I feel terribly guilty when I visit a new city, post photos of my travels, only to have a friend say "Hey! Why didn't you let me know you were in my neck of the woods?"

Similarly, if I bump into an old acquaintance at a conference, we both tend to say "If only I'd known you were here, we could have had dinner together last night!"

I do enjoy the serendipity of events like FOSDEM - randomly seeing a mate and expressing the joy of spontaneity. But I also like arranging to meet up in advance.

At the moment, my strategy is sending a blast on social media saying "I'm visiting [this city] next week, anyone fancy a beer and a natter?" I've met friends all over Europe, Australia, and New Zealand that way. It mostly works . But I can't help feeling it is inefficient and prone to missing connections.

I even wrote my own code to auto-post FourSquare checkins to my other social media sites.

Here are my ideal scenarios. Imagine something built in to Signal / WhatsApp / Whatever app you already use.

Plan In Advance

I tell my app that I'm going to Barcelona from 14th - 19th February and am happy to meet any of my friends.

✨Background Magic✨

My friend Alice has also planned a trip to Barcelona around those dates. She gets a ping saying that one of her friends is going to be in the same city. Does she want to know more?

So far, so Dopplr .

My friend Bob lives just outside of Barcelona. He's set his "willing to travel" settings to be about 30 minutes, so also receives a ping.

I don't know that either of them have seen the notification until they decide they want to meet.

Spontaneous Fun

I step off the train in Manchester, England England. Perhaps the app notices I'm away from home, or maybe I press the "Anyone Around?" button.

On a map I can see friends who have shared their rough location. I decide to message Chuck to see if he's free for a chat.

Dave notices my location is now within his preferred travel distance. He gives me a ring.

A bit like how FourSquare used to be - but with less precision.

Downsides

The above is very much the "happy path". It doesn't look at any of the knotty problems or grapple with the UI that would be needed to make this work. But we know the technology for sharing location is viable - so what are the social issues that make this so difficult?

Social Awkwardness

"Oh, fuck, Edgar's location says he's in town. Can we pretend to be out of the country?"

Alternatively, "Huh, I know at least a dozen people who live in Skegness. Why aren't any of them responding to me?"

Social pressure and awkwardness are hard problems. No one wants to use the app that makes you feel like a friendless loser.

Privacy

Do you want your friends knowing your every movement? I'm sure some people do, but most probably don't. It's possible to sketch out some vague controls:

• Only send a notification if I push this button.

• Don't send alerts if I am within this radius of my home / work.

• Fuzz my location to the city / state / country level.

Danger

Is it a risk to let people know vaguely where you are? Is meeting up with (semi-) strangers from the Internet a smart life choice? Is having an app stalk you across the globe giving too much data to advertisers?

Does that creep from work abuse the system to keep popping up whenever you're out with friends?

Technology

I said the technology exists for this, and that was sort of true. Every device has GPS & an Internet connection. Storing a log of friends and sending them a message is a solved problem.

But is it solved in a decentralised and privacy preserving way?

No one wants to give all this power to one company. Google will build it and kill it. Facebook will sell your secrets to dropshippers. A funky start-up will be acquhired by Apple & restricted to iOS devices.

My location is fuzzed to an acceptable degree of imprecision and then sent… where? To all my friends directly? To a central server? Can k -anonymity help?

Is this a separate app? Everyone seemed to leave FourSquare after they buggered around with it. Perhaps it is just a feature in existing apps?

What's Already There?

Messaging apps like Signal, Telegram, and WhatsApp allow you to share your location with one or more friends.

To me, it feels a bit weird to manually send a dropped pin to some / all of my contact. It also doesn't let you share "tomorrow I will be in…"

Using "Stories" is the common way to share an update with all contacts - but none of them let you automatically share your location in a story.

FourSquare's Swarm app allows you to check in to a "neighbourhood". But there's no obvious way of saying "London" or "Manchester" - and I'm not sure how close to an area you need to be to get an alert that your friend is there.

What's Next?

I don't want to build this. Trying to get everyone I know to adopt a new app isn't going to happen. With the fragmentation of messaging and the lack of interoperability, this is likely to remain an unsolved problem for some time.

So here's my strategy.

• Get back in to using FourSquare. Most of my friends seemed to stop using it back in 2017 when it was split into Swarm. But a few are still on there.

• Manually post a story on Mastodon, BlueSky, Facebook, WhatsApp, Signal, and Telegram saying "Visiting Hamburg next week. Anyone want a beer?"

• Hope that something better comes along.

On April 15, 1998, Intel introduced its Celeron 266 processor. It was the first Celeron in a product line that lasted 25 years, but it wasn’t one of Intel’s finest moments. The Celeron was a cut-down Pentium II, designed in

The post Intel Celeron 266 introduced April 15, 1998 appeared first on The Silicon Underground .

Yesterday I wrote about the fast Homebrew rewrites and ended on the line that the bottleneck for that whole class of project is not Rust or Ruby, it is the absence of a stable declarative package schema. Someone on Mastodon picked up that thread and asked the obvious follow-on: which package managers actually have one? Going through the list, the honest answer is hardly any of them, and there is a quick test that makes the answer easy to check.

Ask this of any package manager: if I install this package on a Tuesday, could it do something different than if I install it on a Wednesday? If the answer is yes, the package manager is not really declarative, no matter what the manifest file looks like on the surface.

Somewhere in the install pipeline there is a place where arbitrary code runs, and that code can read the clock, check an environment variable, look at the hostname, phone a server, or do anything else a program can do. The Tuesday test is a quick way to separate the declarative tools from the ones that have a programming language hiding underneath a declarative-looking file format.

The test is not about whether the code is malicious, or whether it is a supply chain risk, or whether it could in principle do something terrible. Those are all separate questions with their own answers.

It is also not about the registry changing under you between the two days: new versions, yanks and the like are all real concerns, but they are concerns about the data the package manager is fetching rather than about the package manager itself. Pretend the registry is frozen and the lockfile is pinned.

The question here is narrower. Given the same manifest, the same lockfile and the same registry contents, is the install allowed to read anything the manifest does not declare as an input? The day of the week is the simplest example of such a hidden input, but the real point is that a package that passes the Tuesday test has no way to reach outside its declared inputs at all. A package that fails it can, and once it can, the manifest is no longer the whole story. Going through the list of well known package managers from the landscape post , it turns out that almost none of them pass.

Homebrew

Start with the one that started this. A Homebrew formula is a Ruby class with an install method and a post_install hook, and the entire class body is evaluated by the Homebrew client every time it touches the formula. Even the parts that look like data, such as url , sha256 , version , and depends_on , are method calls on the formula class, evaluated in a Ruby context that can require anything, shell out to anything, and read the clock from any method.

The cask format is a Ruby DSL with the same property. So is the Brewfile consumed by brew bundle , which was invented as a Homebrew analogue of Bundler’s Gemfile and inherits the same “executable Ruby file posing as a manifest” shape: a Brewfile can call brew , cask , tap , mas , vscode and friends, but it can also if Time.now.wday == 2 in between.

Homebrew fails the Tuesday test by design, which is the whole reason the formula.json API had to exist as a separate thing for fast clients to consume: there is no other way to extract package metadata without running the package definition. The JSON file is what passes the Tuesday test, and it only exists because the formula format does not.

Generating it is not free either. Homebrew’s own brew generate-formula-api command has to flip the Formula class into a special generating_hash! mode and wrap the run in a SimulateSystem block that lies to every formula about the host OS and architecture, so that calls which would normally branch on the real system instead return a stable answer. It is in-process monkey patching to stop the formula from noticing where it is, in order to coax a declarative-looking file out of a format that is anything but.

Ruby

The Gemfile is a Ruby file. The first line is often source "https://rubygems.org" , which looks like configuration, but source is a method call on an implicit DSL object, and anything else you can write in Ruby is valid above, below, or inside it. You can open a socket in your Gemfile. You can check Time.now.wday and add a different gem on Tuesdays.

The .gemspec file that ships inside every gem is also Ruby, and it is evaluated every time someone installs the gem, which means a gem author can put arbitrary code in the specification itself and have it run on the installer’s machine before anything has been built. Native extensions run extconf.rb , which is yet more Ruby, and post-install messages are generated at install time.

CocoaPods is the same story in a different namespace. The CocoaPods client is itself a Ruby program, a Podfile is a direct descendant of a Gemfile , and a .podspec is a direct descendant of a .gemspec , right down to the DSL, the block syntax, and the fact that both files are evaluated as Ruby every time you install. Everything said about Ruby above applies to CocoaPods without a single change.

Python

Python is the same story with different file names. A setup.py is a Python script that runs at install time, and setup.py is where Python packaging started, so an enormous amount of the existing ecosystem still goes through it.

The move to pyproject.toml looks like a shift to a declarative manifest, and in the limited sense that the file itself is TOML it is, but the whole job of that TOML file is to nominate a program to run. The [build-system] table points at a build backend , and the build backend is a Python package that executes arbitrary Python to produce a wheel. Setuptools , Hatchling , Poetry-core , PDM-backend , Flit , Maturin and scikit-build-core are all real programs, all capable of reading the date.

Wheels themselves are the one part of the Python pipeline that does pass the test: PEP 427 deliberately has no pre or post install hooks, and installing a wheel is meant to be a pure file-unpacking step. If a wheel does not already exist for your platform, pip and uv and Poetry and pdm will transparently build one from the sdist by invoking the build backend, which puts you back in arbitrary-Python territory.

JavaScript

JavaScript is the canonical example people reach for, because package.json is famously JSON, which is as declarative a format as you can get, and yet npm install runs arbitrary code through the preinstall , install , and postinstall lifecycle scripts . Those scripts are shell commands that run in the package directory, and nothing stops them from checking date +%u and branching on the result.

Yarn, pnpm, and Bun all inherit the same lifecycle script contract for compatibility with the existing ecosystem, though recent pnpm and Bun releases have started refusing to run scripts for dependencies that are not on an explicit allowlist. The contract is still there, the defaults have just got more cautious.

Deno 🌮

Deno fetches and caches modules on demand, either at import time or up front with deno install , and no code the package author supplies runs against the installer’s machine before the module itself is imported. Deno 2 added first-class package.json and node_modules support on top of the existing npm: specifiers, but even then it refuses to run the npm lifecycle scripts by default and requires an explicit --allow-scripts=<pkg> opt-in for any package that wants them.

Rust

Rust looks declarative at a glance. Cargo.toml is TOML, Cargo resolves everything from the lockfile, and the whole ecosystem leans heavily on the idea that a crate is a well defined thing.

Then you notice build.rs , which is a Rust file that Cargo compiles and runs before building the crate proper, so it can generate source code, link against system libraries, probe the host, and, yes, check the date. Procedural macros are the same story from a different angle: they are Rust code that runs at compile time in the compiler’s own process, and they can do anything a Rust program can do. Both mechanisms are considered normal and widely used.

Go 🌮

Go modules come closer to passing than almost anything else in this list. The go.mod file is a small declarative format with no scripting in it, go get does not run post-install hooks, and the module proxy and checksum database make the fetch step reproducible and auditable in a way that most other ecosystems are not.

The escape hatch is cgo , which invokes the system C compiler with arguments specified by #cgo directives in source files, and those directives can include whatever paths and flags the package author wants. The core dependency resolution and fetching pipeline is declarative. The build pipeline is not, as soon as C is involved.

JVM languages

The JVM ecosystem is split between the declarative-looking and the openly imperative. Maven’s pom.xml is XML and describes the project as data, but a pom can include plugin executions, and Maven plugins are Java code that runs during the build.

Gradle does not even pretend: build.gradle is a Groovy script, and build.gradle.kts is a Kotlin script, and both are full programming languages with access to the filesystem, the network, and the clock. sbt ’s build definition is Scala. Leiningen ’s project.clj is Clojure. Mill is Scala again.

The JVM world has spent twenty years treating the build file as a program, and the package management step is a side effect of running that program.

Swift

Swift Package Manager is in the same category. Package.swift is a Swift file that is compiled and run to produce the package description, which means every resolve of a Swift package involves executing Swift code from the package author. Apple added a manifest API version comment at the top of the file so that the compiler knows which stable API to expose, but the underlying mechanism is still “run the author’s Swift program.”

Zig

Zig is worth pulling out because it is a modern language that looked at all of the above and decided, deliberately, that the build file should be a real program. build.zig is Zig source compiled and run by the Zig toolchain, and the package manager is a set of APIs exposed to that program. The rationale is that builds in C-adjacent languages are already programs in disguise (makefiles, shell, CMake), and making the language of the build the same as the language of the project is more honest than pretending otherwise. It is a defensible position, and it fails the test completely.

Bazel 🌮

Bazel is the one entry on this list that tries to pass the Tuesday test at the language design level. BUILD files and .bzl extensions are written in Starlark , a dialect of Python that Google stripped back on purpose: no while loops, no recursion, no mutable global state, no way to read the clock, the filesystem outside declared inputs, or the network. Evaluation is guaranteed to terminate, and two evaluations of the same inputs are guaranteed to produce the same output. It is the only manifest language on this page that cannot observe what day it is even if the author wants it to.

The execution side is hedged the same way. Actions run inside a sandbox with only their declared inputs visible, and Bazel’s remote execution and remote cache assume that identical inputs produce identical outputs, so any non-determinism shows up as a cache miss and gets investigated.

The usual escape hatches are still there if you want them: repository_rule can call out to the host to fetch code, genrule runs shell, and custom toolchains can shell out to anything the sandbox allows, so a sufficiently motivated BUILD author can still reach the system date command. But the default posture is the opposite of everywhere else on this list, and the design is organised around passing the Tuesday test as an explicit goal.

Haskell

A Haskell package is described by a .cabal file, which is a custom declarative format, not Haskell source, so the metadata layer on its own passes the Tuesday test. Tools can parse a .cabal file and extract dependencies, versions and compiler flags without running any of the package author’s code.

The escape hatch is the build-type field. build-type: Simple uses a stock Setup script and is fine. build-type: Custom (and the newer Hooks ) tells Cabal to compile and run the package’s own Setup.hs , which is a real Haskell program with preBuild , postBuild , preInst and postInst hooks that can do anything Haskell can do, including read the clock.

Because .cabal is declarative metadata, it can also be mechanically translated into something else, which is a large part of why Haskell has such a big footprint in the Nix ecosystem. cabal2nix reads a .cabal file and emits a Nix expression, Nixpkgs ships a Haskell package set regenerated from Hackage and Stackage through that pipeline, and haskell.nix is an alternative infrastructure built around the same idea.

Everything else with a manifest that’s a program

The rest of the list is short because the pattern is by now predictable.

• PHP / Composer: composer.json is JSON, but a scripts section hooks events like post-install-cmd and post-update-cmd with shell commands or PHP callables.

• Elixir / Mix: mix.exs is Elixir.

• Dart / pub: pubspec.yaml is declarative, but pub supports hook scripts for native and data assets, written in Dart and run at build time.

• Perl / CPAN: Makefile.PL and Build.PL are Perl programs, and have been since the nineties.

• Lua / LuaRocks: rockspecs are Lua tables, but the build section can include a build_command that runs shell.

• Nim / Nimble: nimble files support before install and after install hooks written in NimScript.

• Julia / Pkg: packages run deps/build.jl at install time, which is a Julia program.

• Raku / zef: runs Perl or Raku build scripts.

opam and Portage

OCaml’s opam is unusually honest: the opam file is a declarative-looking S-expression format, but the build and install fields contain explicit lists of shell commands to run, an

内容较长，当前仅展示前 14000 字。可点击“打开原文”查看完整内容。

->->->->->->->->->->->->->->->->->->->->->->->->->->->->->

Top Sources: None

-->

Today's links

• Rights for robots : Not everything deserves moral consideration.

• Hey look at this : Delights to delectate.

• Object permanence : 7 years under the DMCA; NOLA mayoral candidate x New Orleans Square; Kettling is illegal; AOL won't deliver critical emails; Chris Ware x Charlie Brown; Mossack Fonseca raided; Corporate lobbying budget is greater than Senate and House; Corbyn overpays taxes; What IP means; Bill Gates v humanity; "Jackpot."

• Upcoming appearances : Toronto, San Francisco, London, Berlin, NYC, Hay-on-Wye, London.

• Recent appearances : Where I've been.

• Latest books : You keep readin' em, I'll keep writin' 'em.

• Upcoming books : Like I said, I'll keep writin' 'em.

• Colophon : All the rest.

Rights for robots ( permalink )

The Rights of Nature movement uses a bold tactic to preserve our habitable Earth: it seeks to extend (pseudo) personhood to things like watersheds, forests and other ecosystems, as well as nonhuman species, in hopes of creating legal "standing" to ask the courts for protection:

https://en.wikipedia.org/wiki/Rights_of_nature

What do watersheds, forests and nonhuman species need protection from ? That turns out to be a very interesting question, because the most common adversary in a Rights of Nature case is another pseudo-person: namely, a limited liability corporation.

These nonhuman "persons" have been a feature of our legal system since the late 19th century, when the Supreme Court found that the 14th Amendment's "Equal Protection" clause could be applied to a railroad. In the 150-some years since, corporate personhood has monotonically expanded, most notoriously through cases like Hobby Lobby , which gave a corporation the right to discriminate against women on the grounds that it shared its founders' religious opposition to abortion; and, of course, in Citizens United , which found that corporate personhood meant that corporations had a constitutional right to divert their profits to bribe politicians.

Theoretically, "corporate personhood" extends to all kinds of organizations, including trade unions – but in practice, corporate personhood primarily allows the ruling class to manufacture new "people" to serve as a botnet on their behalf. A union has free speech rights just like an employer, but the employer's property rights mea that it can exclude union organizers from its premises, and employer rights mean that corporations can force workers to sit through "captive audience" meetings where expensive consultants lie to them about how awful a union would be (the corporation's speech rights also mean that it's free to lie).

In my view, corporate personhood has been an unmitigated disaster. Creating "human rights" for these nonhuman entities led to the catastrophic degradation of the natural world, via the equally catastrophic degradation of our political processes.

In a strange way, corporate personhood has realized the danger that reactionary opponents of votes for women warned of. In the days of the suffrage movement, anti-feminists claimed that giving women the vote would simply lead to husbands getting two votes, since wives would simply vote the way their husbands told them to.

This libel never died out. Take the recent hard-fought UK by-election in Gorton and Denton (basically Manchester): this was the first test of the Green Party's electoral chances under its new leader, the brilliant and principled leftist Zack Polanski. The Green candidate was Hannah Spencer, a working-class plumber and plasterer who rejected the demonization of the region's Muslim voters, unlike her rivals from Labour (which has transformed itself into a right-wing party), Reform (a fascist party), and the Conservatives (an irrelevant and dying right party). During the race (and especially after Spencer romped to a massive victory) Spencer's rivals accused her of courting "family voters," by which they meant Muslim wives, who would vote the way their Islamist husbands ordered them to. Despite the facial absurdity of this claim – that the Islamist vote would go for the pro-trans party led by a gay Jew – it was widely repeated:

https://www.bbc.com/news/articles/clyxeqpzz2no

"Family voting" isn't a thing, but corporate personhood has conferred political rights on the ruling class, who get to manufacture corporate "people" at scale, each of which is guaranteed the same right to contribute to politicians and intervene in our politics as any human.

Contrast this with the Rights for Nature movement. Where corporate personhood leads to a society with less empathy for living things (up to and including humans), Rights for Nature creates a legal and social basis for more empathy. In her stunning novel A Half-Built Garden , Ruthanna Emrys paints a picture of a world in which the personhood of watersheds and animals become as much of a part of our worldview as corporate personhood is today:

https://pluralistic.net/2022/07/26/aislands/#dead-ringers

Scenes from A Half-Built Garden kept playing out in my mind last month while I attended the Bioneers conference in Berkeley, where they carried on their decades-long tradition of centering indigenous activists whose environmental campaigns were intimately bound up with the idea of personhood for the natural world and its inhabitants:

https://bioneers.org/

On the last morning, my daughter and I sat through a string of inspiring and uplifting presentations from indigenous-led groups that had used Rights of Nature to rally support for legal challenges that had forced those other nonhuman "persons" – limited liability corporations – to retreat from plans to raze, poison, or murder whole regions.

The final keynote speaker that morning was the writer Michael Pollan, who spoke about a looming polycrisis of AI, and I found myself groaning and squirming. Not him, too! Were we about to be held captive to yet another speaker convinced that AI was going to become conscious and turn us all into paperclips?

That seemed to be where he was leading, as he discussed the way that chatbots were designed to evince the empathic response we normally reserve for people – the same empathy that all the other speakers were seeking to inspire for nature. But then, he took an unexpected and welcome turn: Pollan compared extending personhood to chatbots to the disastrous decision to extend personhood to corporations, and urged us all to turn away from it.

This crystallized something that had niggled at me for years. For years, people I respect have used the Rights for Nature movement as an argument for extending empathy to software constructs. The more we practice empathy – and the more rights we afford to more entities – the better we get at it. Personhood for things that are not like us, the argument goes, makes our own personhood more secure, by honing a reflex toward empathy and respect for all things. This is the argument for saying thank you to Siri (and now to other chatbots):

https://ojs.lib.uwo.ca/index.php/fpq/article/download/14294/12136

Siri – like so many of our obedient, subservient, sycophantic chatbots – impersonates a woman. If we get habituated to barking orders at a "woman" (or at our "assistants") then this will bleed out into our interactions with real women and real assistants. Extending moral consideration to Siri, though "she" is just a software construct, will condition our reflexes to treat everything with respect.

For years, I'd uncritically accepted that argument, but after hearing Pollan speak, I changed my mind. Rather than treating Siri with respect because it impersonates a woman, we should demand that Siri stop impersonating a woman . I don't thank my Unix shell when I pipe a command to grep and get the output that I'm looking for, and I don't thank my pocket-knife when it slices through the tape on a parcel. I can appreciate that these are well-made tools and value their thoughtful design, but that doesn't mean I have to respect them in the way that I would respect a person .

That way lies madness – the madness that leads us to ascribe personalities to corporations and declare some of them to be "immoral" and others to be "moral," which is always and forever a dead end:

https://pluralistic.net/2024/01/12/youre-holding-it-wrong/#if-dishwashers-were-iphones

In other words: there's an argument from the Rights of Nature movement that says that the more empathy we practice, the better off we are in all our interactions. But Pollan complicated that argument, by raising the example of corporate personhood. It turns out that extending personhood to constructed nonhuman entities like corporations reduces the amount of empathy we practice. Far from empowering labor unions, the creation of "human" rights for groups and organizations has given capital more rights over workers. A labor rights regime can defend workers – without empowering bosses and without creating new "persons."

The question is: is a chatbot more like a corporation (whose personhood corrodes our empathy) or more like a watershed (whose personhood strengthens our empathy)? But to ask that question is to answer it – a chatbot is definitely more like a corporation than it is like a watershed. What's more: in a very real, non-metaphorical way, giving rights to chatbots means taking away rights from nature, thanks to LLMs' energy-intesivity.

Empathy then, for the nonhuman world – but not for human constructs.

Hey look at this ( permalink )

• Khan vs. Cutter: A Tale of Two Careers https://prospect.org/2026/04/14/khan-vs-cutter-tale-of-two-careers/

• The MetaBrainz Foundation is seeking a new Executive Director (ED) https://blog.metabrainz.org/2026/04/14/seeking-a-new-executive-director/

• Missouri Town Council Approves Data Center. A Week Later, Voters Fire Half of Council https://gizmodo.com/missouri-town-council-approves-data-center-a-week-later-voters-fire-half-of-council-2000746005

• Wikilinker https://whitelabel.org/wikilinker/about/

• Fold Catastrophes/Peter Watts https://tachyonpublications.com/product/fold-catastrophes/?mc_cid=c20986aa78

Object permanence ( permalink )

#20yrsago Canadian labels pull out of RIAA-fronted Canadian Recording Industry Ass. https://web.archive.org/web/20060414170111/https://www.michaelgeist.ca/component/option,com_content/task,view/id,1204/Itemid,85/nsub,/

#20yrsago EFF publishes “7 Years Under the DMCA” paper https://web.archive.org/web/20060415110951/https://www.eff.org/deeplinks/archives/004555.php

#20yrsago Life of a writer as a Zork adventure https://web.archive.org/web/20060414115745/http://acephalous.typepad.com/acephalous/2006/04/disadventure.html

#20yrsago NOLA mayoral candidate uses photo of Disneyland New Orleans Square https://web.archive.org/web/20060414214356/https://www.wonkette.com/politics/new-orleans/not-quite-the-happiest-place-on-earth-166989.php

#20yrsago AOL won’t deliver emails that criticize AOL https://web.archive.org/web/20060408133439/https://www.eff.org/news/archives/2006_04.php#004556

#15yrsago UK court rules that kettling was illegal https://www.theguardian.com/uk/2011/apr/14/kettling-g20-protesters-police-illegal

#15yrsago If Chris Ware was Charlie Brown https://eatmorebikes.blogspot.com/2011/04/lil-chris-ware.html

#10yrsago Piracy dooms motion picture industry to yet another record-breaking box-office year https://torrentfreak.com/piracy-fails-to-prevent-box-office-record-160413/

#10yrsago Panama Papers: Mossack Fonseca law offices raided by Panama authorities https://www.reuters.com/article/us-panama-tax-raid-idUSKCN0XA020/

#10yrsago Panama Papers reveal offshore companies were bagmen for the world’s spies https://web.archive.org/web/20160426083004/https://www.yahoo.com/news/panama-papers-reveal-spies-used-mossak-fonseca-231833609.html

#10yrsago How corporate America’s lobbying budget surpassed the combined Senate and Congress budget https://web.archive.org/web/20150422010643/https://www.theatlantic.com/business/archive/2015/04/how-corporate-lobbyists-conquered-american-democracy/390822/

#10yrsago URL shorteners are a short path to your computer’s hard drive https://arxiv.org/abs/1604.02734

#10yrsago UL has a new, opaque certification process for cybersecurity https://arstechnica.com/information-technology/2016/04/underwriters-labs-refuses-to-share-new-iot-cybersecurity-standard/

#10yrsago Jeremy Corbyn overpays his taxes https://web.archive.org/web/20160413192208/https://www.politicshome.com/news/uk/political-parties/labour-party/news/73724/jeremy-corbyn-overstated-income-his-tax-return

#10yrsago Cassetteboy’s latest video is an amazing, danceable anti-Snoopers Charter mashup https://www.youtube.com/watch?v=D2fSXp6N-vs

#10yrsago Texas: prisoners whose families maintain their social media presence face 45 days in solitary https://www.eff.org/deeplinks/2016/04/texas-prison-system-unveils-new-inmate-censorship-policy

#5yrsago Data-brokerages vs the world https://pluralistic.net/2021/04/13/public-interest-pharma/#axciom

#5yrsago What "IP" means https://pluralistic.net/2021/04/13/public-interest-pharma/#ip

#5yrsago Bill Gates will kill us all https://pluralistic.net/2021/04/13/public-interest-pharma/#gates-foundation

#5yrsago Jackpot https://pluralistic.net/2021/04/13/public-interest-pharma/#affluenza

Upcoming appearances ( permalink )

• Toronto: DemocracyXchange, Apr 16

https://www.democracyxchange.org/news/cory-doctorow-to-open-dxc26-on-april-16

• San Francisco: 2026 Berkeley Spring Forum on M&A and the Boardroom, Apr 23

https://www.theberkeleyforum.com/#agenda

• London: Resisting Big Tech Empires (LSBU), Apr 25

https://www.tickettailor.com/events/globaljusticenow/2042691

• NYC: Enshittification at Commonweal Ventures, Apr 29

https://luma.com/ssgfvqz

内容较长，当前仅展示前 14000 字。可点击“打开原文”查看完整内容。

One of things that has happened over the past N years, for some value of N, is that a lot of universities have outsourced their email to one of the big providers of this (Microsoft and Google are the two most common). Email is far from the only thing that universities have outsourced; for example, most universities don't run their entire authentication stack, because push based MFA is typically only available through vendors . People online regularly decry this outsourcing, especially for email, and say that universities should bring all of these things back in house the way they used to be, especially in today's time of increasing geopolitical tensions. Another thing that people say is that universities shouldn't depend on clouds as much as they sometime do, especially the major clouds.

I don't disagree with these people, but at the same time I'm a realist about what's being asking for and what is involved. Universities did not wake up one day and decide to give large amounts of money to vendors for dubious reasons. Universities (such as mine ) carefully studied what it would cost to continue their existing in house systems (in both hardware and staffing) and what they would get from it, and compared that to what it would cost and what they would get from the big vendors. Then they decided that one of the big vendors was a better option, and this decision is not wrong. As I wrote a long time ago, the big providers are simply better at this than a university can be , and it's not just email, it's also things like web CMSes and identity providers .

If you're asking universities to move things back in house, what you're asking them to do is to spend more money and have a worse experience, with fewer features and more annoyances. There are arguments for doing this anyway, on on things like principle and risk mitigation, but you have to explicitly and honestly make this case. Potentially you have to make this case to people well beyond the universities themselves; if it's going to cost a significant amount of money to bring these things back in house, someone is going to have to pay for the staff and the computer hardware and so on.

(To put it bluntly, if the appropriate level of government isn't on board with this shift, it's almost certainly not a sustainable university policy even if the people in the university are on board with it.)

Since you're making this case in a university, it's not enough to convince the senior leaders. You really need to convince a large body of professors to at least go along with it, and ideally to actively advocate for it. If professors are not on board with this, if the overall culture of the university doesn't shift to considering it important to use in house things, what will happen is that people will quietly outsource things all over again, individually or in small groups. People will forward their email to personal addresses at big providers, professors will spend grant funds on clouds, administrative staff will quietly ignore the FOSS office software you'd like them to use and use the big name stuff that they're already familiar with and everyone else uses, people will conduct their discussions on the SaaS discussion forum you like least, and so on.

I'm convinced that such a shift to bring things back in house can be done (partly because some governments are doing it for government departments). But it's not going to be easy or fast. If you're serious about this, you have a lot of work and a long slog ahead of you to organize, advocate relentlessly, slowly bring people on to your side, and build consensus.

( One comment .)

I bought a USB fingerprint reader for my Linux laptop from Temu because it was the only one I could find that I knew would work. As you may or may not know, I’m somewhat obsessed with tech on the edges, gadgets that do a thing comparable to a more expensive thing, and making the most of the things I have. (See my Colmi R02 smart ring, which I’m wearing now.) And I kind of hate typing in my password a thousand times a day. So I bought a fingerprint reader on Temu. And it works pretty well, all things considered. In the world of Windows and MacOS, the options have been pretty solid. All modern Mac laptops, besides the base model MacBook Neo, have fingerprint readers. (For desktops, the situation is more complicated. Apple doesn’t make a standalone fingerprint reader, only putting one in its Magic Keyboard, but should.) Microsoft has Windows Hello biometrics , a laptop-level approach to Face ID, but it works barely at best. My laptop, which has it, has only sporadically been able to get it to work with Windows. (Ironically, it works a little better on Linux.) But that has problems, too. If you’re in a dark room, for instance, it either doesn’t work at all or floods your face with a flash of light. Not exactly a fun 2 a.m. experience. The solution here is to get a fingerprint reader that can help secure logins and offer an alternative to typing your sudo password 100 times per day. But there’s a challenge for Linux users: There are lots of modern fingerprint readers out there, but almost none of them support Linux via its standard security tool fprint . The ones that do are large and clunky, built not as laptop appendages but as large accessories that make more sense in complex desktop settings. ThinkPads famously have pretty good fingerprint support on Linux compared to other platforms. (photos via DepositPhotos.com ) So what are laptop users to do? Beyond getting a ThinkPad, the options aren’t easy. When I started thinking about getting a fingerprint reader for my laptop, recently, I felt like I was tilting at windmills. I wasn’t sure what made the most sense, but I wanted something that could live off a USB-A port. What I found was a messy climate of cheap fingerprint readers that only barely do the thing that‘s listed on the tin. Finding a Linux-supporting fingerprint reader is a total crapshoot, and the best you can do is hope that someone else got there first. (Not helping: The list of supported devices on fprint is thick as mud, presuming that you know the code name for the chip in your fingerprint reader. Plus, the list of unsupported devices is just as long, thanks to unfinished drivers.) And we have gamers to thank for all this. See, a few years ago the enthusiast company GamePad Digital (GPD) made a series of laptops called the GPD Win Max, which are essentially decked-out, handheld netbooks for gamers. In the days before the Steam Deck, it was the best PC gamers could do for portable gaming. The Win Max is still made today, and it has a fingerprint reader. Users wanted to use the fingerprint reader in Linux, and that led to a community developing a solution. This chip, the Chipsailing CS9711, is used in a number of USB fingerprint readers. If you know where to find them and are willing to install a fork of libfprint , you can use this device as a fingerprint reader on your laptop. Not exactly painless—you have to know a few commands—but it’s absolutely doable, if you can find one. I found one, but it wasn’t easy, and I ultimately had to buy the thing via, of all things, Temu.

Sponsored By … Well, Us Ever wanted to read Tedium without having those annoying ads all over the site? We have just the plan for you. Sign up for a $3 monthly membership on our Ko-Fi, and we promise we can get rid of them. We have the technology. And it beats an ad blocker. (Web-only for now, email coming soon!)

If you get a fingerprint reader like this, odds are you’re going to struggle to determine if it’s Linux-compatible. There’s nothing on the device that suggests it might be. So, Is This Safe? I think the key thing you might be asking yourself is, is buying a random fingerprint reader introducing a security risk to your device? The short answer: Well, it’s an attack surface, and attack surfaces are made to be exploited. Even without the influence of Linux, Windows Hello devices have been getting exploited for years. At last year’s Black Hat security conference, a team of researchers figured out how to shove someone else’s face into the camera stream the feature relies on. Before that, Microsoft itself found issues with common fingerprint readers. There are some benefits to an external fingerprint reader that an internal one does not have. If you’re concerned someone might try to log into your machine at the coffee shop while you’re hitting the restroom, take the fingerprint reader with you. (As I was writing, I actually tried this. It worked.) This has limits; the reader is generic, so you can’t do something like pair the specific device to your machine, so if anyone else has a fingerprint reader with the same chip, they can use it on your machine. The more expensive YubiKey , which comes in models with or without fingerprint readers, could be a good alternative to focus who want to skip the Temu lottery. This is not exactly hardened like a YubiKey or Titan device might be, but if your goal is to offer a modest amount of convenience, it could be just enough to make your life slightly easier. (Odds are, a snooper isn’t going to have a fingerprint reader of their own that matches yours—much like most people aren’t going to go to the trouble of hacking a device via its Thunderbolt connection .) So, what’s the solution here? I think the best thing would be if manufacturers intentionally took steps to support fingerprint readers on Linux, but that doesn’t seem to be happening any time soon. So the alternative: Chinese manufacturers should probably explain what chip they used in the description of the device they’re selling. Currently, they don’t, and that presumably leads a lot of nerds to buy these devices, learn the devices don’t work on Linux, and immediately return them. That has to be costing them money. There’s another solution that might be staring you in the face as you’re reading this: A lot of Android phones have fingerprint scanners already. Why not use one of those as your authentication tool, rather than doing Temu dumpster diving? I didn’t see any projects that formalized this, though I have seen some hacky solutions on GitHub. KDE Connect , the widely used phone connection tool, could be a great choice for a user-friendly version of this. All I know is that it’ll be nice to cut down on the number of times each day that I have to type in my password.

Fingerprint-Free Links Publishers are getting wary of AI scraping, and they’re taking it out on the Internet Archive again. Fight for the Future recently organized an open letter of journalists who want to defend this important resource, and I was happy to be a signatory . We should not take it for granted. I didn’t realize the aesthetic of Panera had a name, but apparently it does: “ Global Village Coffeehouse .” Jonathan Carson breaks down the design style, which you’ve seen for years but didn’t quite know how to refer to it. G. Love, a popular ’90s musician from Philly, recently lost his life savings in a crypto scam that also nailed lots of other people . Probably a good time listen to some G. Love & Special Sauce on a streaming service to help him out. Start with “ Rodeo Clowns ,” so Jack Johnson gets some royalties, too. -- Find this one an interesting read? Share it with a pal ! Are you sick of your password? Share it with us, and you’ll never be able to use it again. (Kidding!) And thanks again to  la machine  for sponsoring. It doesn’t have or need a fingerprint sensor.

Zig 0.16.0 release notes: "Juicy Main"

Zig has really good release notes - comprehensive, detailed, and with relevant usage examples for each of the new features.

Of particular note in the newly released Zig 0.16.0 is what they are calling "Juicy Main" - a dependency injection feature for your program's main() function where accepting a process.Init parameter grants access to a struct of useful properties:

const std = @import ( "std" );

pub fn main ( init : std.process.Init ) ! void { /// general purpose allocator for temporary heap allocations: const gpa = init . gpa ; /// default Io implementation: const io = init . io ; /// access to environment variables: std . log . info ( "{d} env vars" , .{ init . environ_map . count ()}); /// access to CLI arguments const args = try init . minimal . args . toSlice ( init . arena . allocator () ); }

Via Lobste.rs

Tags: zig

datasette PR #2689: Replace token-based CSRF with Sec-Fetch-Site header protection

Datasette has long protected against CSRF attacks using CSRF tokens, implemented using my asgi-csrf Python library. These are something of a pain to work with - you need to scatter forms in templates with <input type="hidden" name="csrftoken" value="{{ csrftoken() }}"> lines and then selectively disable CSRF protection for APIs that are intended to be called from outside the browser.

I've been following Filippo Valsorda's research here with interest, described in this detailed essay from August 2025 and shipped as part of Go 1.25 that same month.

I've now landed the same change in Datasette. Here's the PR description - Claude Code did much of the work (across 10 commits, closely guided by me and cross-reviewed by GPT-5.4) but I've decided to start writing these PR descriptions by hand, partly to make them more concise and also as an exercise in keeping myself honest.

• New CSRF protection middleware inspired by Go 1.25 and this research by Filippo Valsorda. This replaces the old CSRF token based protection.

• Removes all instances of <input type="hidden" name="csrftoken" value="{{ csrftoken() }}"> in the templates - they are no longer needed.

• Removes the def skip_csrf(datasette, scope): plugin hook defined in datasette/hookspecs.py and its documentation and tests.

• Updated CSRF protection documentation to describe the new approach.

• Upgrade guide now describes the CSRF change .

Tags: csrf , security , datasette , ai-assisted-programming

Molly White, at Web3 Is Going Just Great:

After a fake version of the Ledger cryptocurrency wallet app made it onto the normally highly curated Apple App store, customers lost $9.5 million dollars to the malicious product. Believing it was a genuine Ledger product, people entered their seed phrases into the app, then discovered their wallets were immediately drained.

One victim, a musician who goes by G. Love, wrote: “I lost my retirement fund in a hack/Scam when I switched my Ledger over to my new computer and by accident downloaded a malicious ledger app from the Apple store. All my BTC gone in an instant.” According to him, he lost 5.9 BTC (~$445,000).

The legit (if that adjective can be used for cryptocurrency apps) Ledger Live Mac app is only available as a direct download from Ledger’s website . They also do have an app in the App Store, but it’s iPhone-only .

★

Microsoft today pushed software updates to fix a staggering 167 security vulnerabilities in its Windows operating systems and related software, including a SharePoint Server zero-day and a publicly disclosed weakness in Windows Defender dubbed “ BlueHammer .” Separately, Google Chrome fixed its fourth zero-day of 2026, and an emergency update for Adobe Reader nixes an actively exploited flaw that can lead to remote code execution.

Redmond warns that attackers are already targeting CVE-2026-32201 , a vulnerability in Microsoft SharePoint Server that allows attackers to spoof trusted content or interfaces over a network.

Mike Walters , president and co-founder of Action1 , said CVE-2026-32201 can be used to deceive employees, partners, or customers by presenting falsified information within trusted SharePoint environments.

“This CVE can enable phishing attacks, unauthorized data manipulation, or social engineering campaigns that lead to further compromise,” Walters said. “The presence of active exploitation significantly increases organizational risk.”

Microsoft also addressed BlueHammer ( CVE-2026-33825 ), a privilege escalation bug in Windows Defender. According to BleepingComputer, the researcher who discovered the flaw published exploit code for it after notifying Microsoft and growing exasperated with their response. Will Dormann , senior principal vulnerability analyst at Tharros , says he confirmed that the public BlueHammer exploit code no longer works after installing today’s patches.

Satnam Narang , senior staff research engineer at Tenable , said April marks the second-biggest Patch Tuesday ever for Microsoft. Narang also said there are indications that a zero-day flaw Adobe patched in an emergency update on April 11 — CVE-2026-34621 — has seen active exploitation since at least November 2025.

Adam Barnett , lead software engineer at Rapid7 , called the patch total from Microsoft today “a new record in that category” because it includes nearly 60 browser vulnerabilities. Barnett said it might be tempting to imagine that this sudden spike was tied to the buzz around the announcement a week ago today of Project Glasswing — a much-hyped but still unreleased new AI capability from Anthropic that is reportedly quite good at finding bugs in a vast array of software.

But he notes that Microsoft Edge is based on the Chromium engine, and the Chromium maintainers acknowledge a wide range of researchers for the vulnerabilities which Microsoft republished last Friday.

“A safe conclusion is that this increase in volume is driven by ever-expanding AI capabilities,” Barnett said. “We should expect to see further increases in vulnerability reporting volume as the impact of AI models extend further, both in terms of capability and availability.”

Finally, no matter what browser you use to surf the web, it’s important to completely close out and restart the browser periodically. This is really easy to put off (especially if you have a bajillion tabs open at any time) but it’s the only way to ensure that any available updates get installed. For example, a Google Chrome update released earlier this month fixed 21 security holes, including the high-severity zero-day flaw CVE-2026-5281 .

For a clickable, per-patch breakdown, check out the SANS Internet Storm Center Patch Tuesday roundup . Running into problems applying any of these updates? Leave a note about it in the comments below and there’s a decent chance someone here will pipe in with a solution.

If you like this piece and want to support my independent reporting and analysis, why not subscribe to my premium newsletter? It’s $70 a year, or $7 a month, and in return you get a weekly newsletter that’s usually anywhere from 5,000 to 18,000 words, including vast, detailed analyses of NVIDIA , Anthropic and OpenAI’s finances , and the AI bubble writ large . I recently put out the timely and important Hater’s Guide To The SaaSpocalypse , another on How AI Isn't Too Big To Fail , and a deep (17,500 word) Hater’s Guide To OpenAI .  Subscribing to premium is both great value and makes it possible to write these large, deeply-researched free pieces every week.  Soundtrack: Muse — Stockholm Syndrome I think the most enlightening thing about AI is that it shows you how even the most mediocre text inspires some sort of emotion. Soulless LinkedIn slop makes you feel frustration with a person for their lack of authenticity, but you can still imagine how they forced it out of their heads. You still connect with them, even if it’s in a bad way.  AI copy is dead. It is inert. The reason you can spot it is that it sounds hollow. I don’t care if a website says stuff on it because I typed in, just like I don’t care if it responds in a way that sounds human, because it all feels like nothing to me. I am not here to give a website respect, I will not be impressed by a website, nor will I grant a website any extra credit if it can’t do the right thing every time. The computer is meant to work for me. If the computer doesn’t do what I want, I change the kind of computer I use. LLMs will always hallucinate, their outputs are not trustworthy as a result, they cannot be deterministic, and any chance of any mistakes of any kind are unforgivable. I don’t care how the website made you feel: it’s a machine that doesn’t always work, and that’s not a very good machine.  I feel nothing when I see an LLM’s output. Tell me thank you or whatever, I don’t care. You’re a website. Oh you can spit out code? Amazing. Still a website.  Perhaps you’ve found value in LLMs. Congratulations! You should feel no compulsion to have to convince me, nor should you feel any pride in using a particular website. And if you feel you’re being judged for using AI, perhaps you should ask why you feel so vilified? Did the industry do something to somehow warrant judgment? Is there something weird or embarrassing about the product, such as it famously having a propensity to get things wrong? Perhaps it loses billions of dollars? Oh, it’s damaging to the environment too? And people are telling outright lies about it and constantly saying it’ll replace people’s jobs? And the CEOs are all greedy oafish sociopaths?  Did you try being cloying, judgmental, condescending, and aggressive to those who don’t like AI? Oh, that didn’t work? I can’t imagine why.  Sounds embarrassing! You must really like that website.  ChatGPT is a website. Claude is a website. While I guess Claude Code runs in a terminal window, that just means it’s an app, which I put in exactly the same mental box as I do a website.  Yet everything you read or hear or see about AI does everything it can to make you think that AI is something other than a website or an app. People that “discover the power of AI” immediately stop discussing it in the same terms as Microsoft Word, Google, or any other app or website. It’s never just about what AI can do today, but always about some theoretical “AGI” or vague shit about “AI agents” that are some sort of indeterminate level of “valuable” without anyone being able to describe why. Truly useful technology isn’t described in oblique or hyperbolic terms. For example, last week, IBM’s Dave McCann described using a series of “AI agents” to Business Insider The agent — it's actually a collection of AI agents and assistants — scans McCann's calendar for client meetings and drafts a list of 10 things he needs to know for each one. The goal, McCann told Business Insider, was to free up time he and his staff spent preparing for the meetings. Sounds like a website to me.  The agent reviews in-house data, what IBM and the client are doing in the market, external data, and account details — such as project status and services sold and purchased, McCann said. It can also identify industry trends and client needs by, for example, reviewing a firm's annual report and identifying a corresponding service IBM could provide. Sounds like a website using an LLM to summarize stuff to me. Why are we making all this effort to talk about what a website does?  Digital Dave also saves McCann's team time, he said, because the three or four staffers who used to spend hours pulling together insights for the prep calls are now free to do other work.

"It's not just about driving efficiencies, but it's really about transforming how work gets done," McCann said. My friend, this isn’t a “series of agents.” It’s an LLM that looks at stuff and spits out an answer. Chatbots have done this kind of thing forever. These aren’t “agents.” “Agents” makes it sound like there’s some sort of futuristic autonomous presence rather than a chatbot that’s looking at documents using technology that’s guaranteed to hallucinate incorrect information . One benefit of building agents, McCann said, is that IBMers who develop them can share them with others on their team or more broadly within the company, "so it immediately creates that multiplier effect."

Many of the people who report to him have created agents, he said. There's a healthy competition, McCann said, to engineer the most robust digital sidekicks, especially because workers can build off of what their colleagues created. Here’s a fun exercise: replace the word “agent” with “app,” and replace “AI” with “application.” In fact, let’s try that with the next quote: Apps can handle a range of functions, including gathering information, processing paperwork, drafting communications, taking meeting minutes, and pulling research. It's still early, but these systems are quickly becoming a major focus of corporate application efforts as companies look to turn applications into something that can actually take work off employees' plates. A variety of functions including searching for stuff, looking at stuff, generating stuff, transcribing a meeting, and searching for stuff. Wow! Who gives a fuck. Every “AI agent” story is either about code generation, summarizing some sort of information source, or generating something based on an information source that you may or may not be able to trust.  “Agent” is an intentional act of deception, and even “modern” agents like OpenClaw and its respective ripoffs ultimately boil down to “I can send you a reminder” or “I can transcribe a text you send me.” Yet everybody seems to want to believe these things are “valuable” or “useful” without ever explaining why. A page of OpenClaw integrations claiming to share “real projects, real automations [and] real magic” includes such incredible, magical use cases as “reads my X bookmarks and discusses them with me,” “check incoming mail and remove spam,” “researches people before meetings and creates briefing docs,” “schedule reminders,” “tracking who visits a website” (summarizing information), and “using voice notes to tell OpenClaw what to do,” which includes “distilling market research” (searching for stuff) and “tightening a proposal” (generating stuff after looking at it). I’d have no quarrel with any of this if it wasn’t literally described as magical and innovative. This is exactly the shit that software has always done — automations, shortcuts, reminders, and document work. Boring, potentially useful stuff done in an inefficient way requiring a Mac Mini and hundreds of dollars a day of API calls.  Even Stephen Fry’s effusive review of the iPad from 2010 , in referring to it as a “magical object,” still referred to it as “class,” “a different order of experience,” remarking on its speed, responsiveness, its “smooth glide,” and remarking that it’s so simple . Even Fry, a writer beloved for his effervescence and sophisticated lexicon, was still able to point at the things he liked (such as the design and simplicity) in clear terms. Even in couching it in terms of the future, Fry is still able to cogently explain why he’s excited about the present. Conversely, articles about Large Language Models and their associated products often describe them in one of three ways: • As if their ability to try to do some of a task allows them to do the entire task.

• As if their ability to do tasks is somehow impressive or a justification for their cost.

• An excuse for why they cannot do more hinged on something happening in the future. This simply doesn’t happen outside of bubbles. The original CNET review of the iPhone — a technology I’d argue literally changed the way that human beings live their lives — still described it in terms that mirrored the reality we live in: THE GOOD The Apple iPhone has a stunning display, a sleek design and an innovative multitouch user interface. Its Safari browser makes for a superb web surfing experience, and it offers easy-to-use apps. As an iPod, it shines.

THE BAD The Apple iPhone has variable call quality and lacks some basic features found in many cellphones, including stereo Bluetooth support and a faster data network. Integrated memory is stingy for an iPod, and you have to sync the iPhone to manage music content.

THE BOTTOM LINE Despite some important missing features, a slow data network and call quality that doesn't always deliver, the Apple iPhone sets a new benchmark for an integrated cellphone and MP3 player. I’d argue that technologies like cloud storage, contactless payments, streaming music, and video and digital photography have transformed our societies in ways that were obvious from the very beginning. Nobody sat around cajoling us to accept that we’d need to sunset our Nokia 3210s and get used to touchscreens because it was blatantly obvious that it was better on using the first iPhone.  Nobody ostracized you for not being sufficiently excited about iPhone apps. Git, launched in 2005, is arguably one of the single-most transformational technologies in tech history, changing how software engineers built all kinds of software . And I’d argue that Github, which came a few years later, was equally transformational.  Editor’s note : If you used SourceForge or Microsoft Visual SourceSafe, which earned the nickname Microsoft Visual SourceShredder due to the catastrophic (and potentially career-ending) ways it failed, you know . I can’t find a single example of somebody being shamed for not being sufficiently excited, other than people arguing over whether Git was the superior version control software , or saying that  Github, a cloud-based repository for code and collaboration, was obvious in its utility. Those that liked it didn’t feel particularly defensive. Even articles about GitHub’s growth spoke entirely in terms rooted in the present. I realize this was before the hyper-polarized world of post-Musk Twitter, one where venture capital and the tech industry in general was a fraction of the size, but it’s really weird how different it feels when you read about how the stuff that actually mattered was covered. I must repeat that this was a very different world with very different incentives. Today’s tech industry is a series of giant group chats across various social networks and physical locations, with a much-larger startup community (yCombinator’s last batch had 199 people — the first had 8) influenced heavily by the whims of investors and the various cults of personality in the valley. While social pressure absolutely existed, the speed at which it could manifest and mutate was minute in comparison to the rabid dogs of Twitter or the current state of Hackernews. There were fewer VCs, too. In any case, no previous real or imagined tech revolution has ever inspired such eager defensiveness, tribalism or outright aggression toward dissenters, nor such ridiculous attempts to obfuscate the truth about a product outside of cryptocurrency, an industry with obvious corruption and financial incentives.  What Makes People So Attached To and Protective Of LLMs? We’ve never had a cult of personality around a specific technology at this scale. There is something that AI does to people — in the way it both functions and the way that people react to it —  that inspires them to act, defensively, weirdly, tribally. I think it starts with LLMs themselves, and the feeling they create within a user. We all love prompts. We love to be asked questions about ourselves. We feel important when somebody takes interest in what we’re doing, and even more-so when they remember things about it and seem to be paying attention. LLMs are built to completely focus themselves on us and do so while affirming every single interaction.  Human beings also naturally crave order and structure, which means we’ve created frameworks in our head about what authoritative-sounding or looking information looks like, and the language that engenders trust in it. We trust Wikipedia both because it’s an incredibly well-maintained library of information riddled with citations and because it tonally and structurally resembles an authoritative source. Large Language Models have been explicitly trained to deliver information (through training on much of the internet including Wikipedia) in a structured manner that makes us trust it like we would another source massaged with language we’d expect from a trusted friend or endlessly-patient teacher. All of this is done with the intention of making you forget that you’re using a website. And that deception is what starts to make people act strangely. The fact that an LLM can maybe do something is enough to make people try it, along with the constant pressure from social media, peers and the mainstream media.  Some peopl

内容较长，当前仅展示前 14000 字。可点击“打开原文”查看完整内容。

• •

photo cred: my dad Here’s a reasonable thought: as the replication crisis has unfolded over the past 10-15 years, a bunch of psychological phenomena have been debunked and discarded forever. Power posing , ego depletion , growth mindset , stereotype threat , walking slower after reading the word “Florida” —all gone for good. Surely, nobody studies or publishes on these topics anymore, except maybe to debunk them a little further, like infantrymen wandering around a battlefield after the fighting is done and issuing the coup de grâce to those poor wounded soldiers who are dying, but not yet dead. This isn’t true. All of these ideas live on, mostly undaunted by news of their deaths. Nobody calls it “power posing” anymore, but you can still find plenty of new studies on “embodiment” and “expansive posture”, like this one , this one , and this one . Ego depletion studies keep coming out . I count over a thousand papers published on growth mindset just in the first three months of 2026. People are even doing variations on the slow-walking study, but now in virtual reality . This leads to some absurd situations. One psychologist who used to work on stereotype threat now disavows the theory entirely : “I no longer believe it is real, but you can make up your own mind.” But another psychologist claims that “stereotype threat is real and virtually universal [...] there is a lot of evidence supporting [its] existence (and impact)”. We’re not arguing about whether stereotype threat is powerful or weak, or whether it is pervasive or rare, but whether it is obviously alive or obviously dead . That’s literally the premise of a Monty Python sketch .

Perhaps stereotype threat is merely pining for the fjords ( source ) It might seem like the way to resolve these disputes is to weigh up all the evidence, meta-analyze all the data, deploy your p- curves , your moderator analyses, and your tests for heterogeneity, maybe even run a big, multi-lab, preregistered replication. Do all that and then we’ll finally know whether these effects are real or not! This is a trap. We have spent the past decade doing exactly those things , and yet here we are. Clearly, no amount of data-collecting, number-crunching, or bias-correcting is going to lay these theories to rest, nor will it return them to the land of the living. We need a different approach. And so we must turn, as we so often do, to the source of all truly important ideas in the philosophy of science: the sci-fi universe of Halo . • •

SPARTANS NEVER DIE In Halo , Spartan super soldiers never officially die; they are only ever listed as “missing in action” . (This is meant to keep morale high among a hyper-militarized human culture that is on the verge of being exterminated by evil aliens.) I think we should adopt a similar scheme for scientific phenomena: they never die. They merely become embarrassing. This isn’t how science is supposed to work, of course. The secret sauce of science is supposed to be falsifiability : it ain’t science unless you can kill it. If I claim that all swans are white, and you show up with a black swan, then I’m supposed to bid a tearful goodbye to my theory and send it to that big farm upstate where it can frolic and play with all the other failed hypotheses. Falsification sounds straightforward until you actually try it. You show up with your black swan, and instead of admitting defeat, I go, “Hmm, well is it really black? Is it actually a swan? Seems more like a dusky-looking duck to me!” And we publish dueling papers until the end of our days. • •

I dunno, maybe they’re white with black highlights? ( source ) Falsifiability depends not only on the qualities of the theory itself, but also on the whims and biases of the people who engage with it. And because there are so many people with so many different whims and biases , few theories are ever going to be left with zero adherents. For instance, there are still physics PhDs trying to prove that the sun orbits the Earth . That might be disturbing, but it’s also necessary—if no one was ever willing to entertain crazy ideas, we wouldn’t have any scientific progress at all. We have to keep some kooks around because occasionally, as the economic historian Joel Mokyr puts it, “a crackpot hits the jackpot”. 1 The persistence and necessity of kookiness means we’ll never be able to say that a theory is well and truly dead. We can, however, say when a theory is embarrassing . If I deny the possibility of a black swan, and you produce something that looks awfully like a black swan, it’s still possible that I will prevail—maybe we’ll discover your black swan is actually a white swan covered in soot, or DNA analysis will vindicate my “dusky duck” theory. But if I didn’t expect a black swan-looking thing to exist at all, my hypothesis is a lot less plausible than it was before, and it’s much more embarrassing to believe in it. REAL TALK This is the situation we appear to be in with many theories in psychology. We can’t say whether they’re “real” or not. Somewhere out there, the Spartans may live on. But if we’ve been studying something for decades and people look at all the evidence and they still doubt whether it exists at all, we have to admit: that’s cringe. Cringe doesn’t mean wrong! Continental drift was cringe. 2 Germ theory was cringe. 3 Smallpox vaccination was cringe. 4 All of them went from mortifying to undeniable. Maybe truly revolutionary theories must follow that trajectory. If a scientific idea is young and it’s not cringe, it probably has no promise. But if it’s old and it’s still cringe, it probably has no merit. That’s why I am not optimistic about any big-name theory in psychology that has gone the wrong direction on the Cool-Cringe Continuum over the past ten years—it’s not impossible for them to make a comeback, but it’s not the way things usually go. Still, no matter how ropey things get for these theories, it makes no sense to write them off as “not real”. If stereotype threat truly doesn’t exist, that means you could never, under any circumstances, run a study that produces results in line with the theory. That’s a crazy claim to make! We don’t have nearly enough evidence to support such a conclusion, and we never will. 5 In fact, insisting that certain effects are “not real” merely provides an incentive for people to keep studying them, because it makes their results newsworthy: “Look, we’re proving the existence of a supposedly nonexistent effect!” But of course it’s rare for anyone to actually prove such a thing. Instead, they are almost always “proving” that, given infinitely flexible theories and infinite ways to test them, you can produce some small effect that kind-of sort-of accords with some version of the hypothesis, broadly construed. No one should claim that this is impossible, and no one should get credit for showing that it is possible. If we appreciated how hard it is to kill a theory for good, maybe we’d stop wasting our time trying to do exactly that. For instance, ego depletion—the idea that willpower is a “muscle” that can get “fatigued” by overuse—has been the subject of at least three big replication attempts. This preregistered multi-lab replication from 2016 found no effect (N = 2,141). This preregistered multi-lab replication from 2022 also found no effect (N = 3,531). But oops, this other preregistered multi-lab replication from 2022 did find an effect (N = 1,775). At this point, maybe we should cut it out with all the preregistered multi-lab replications and just admit this theory is never going to die, and to spend any more effort investigating it would be embarrassing for all involved. • •

psychological theories after decades of preregistered multi-lab replications that produce mixed results ( source ) Subscribe now SEEING THE LIGHT AND LYING ABOUT IT Science snobs love to claim that this problem is unique to the social sciences, as if falsification is a breeze everywhere else. But it isn’t. For example, when Arthur Eddington went out to test the theory of relativity by photographing an eclipse in 1919 , he ended up throwing out several pictures that “didn’t work”. He reasoned that the sun had heated the glass of his telescope unevenly, throwing off the results. Was that fair? Was it right? Were those pictures legitimate and failed tests of the theory, or were they tainted by faulty equipment? Now that other results have independently supported Einstein’s theory, Eddington’s choice to ditch the disconfirming data seems appropriate and wise. But in the moment, it sure looked like p -hacking (where the p in this case stands for “photograph”). 6 • •

All theories are true if you squint hard enough ( source ) When you omit the inconvenient details, Eddington’s adventure seems like a classic case of falsification. That’s probably why it partly inspired the philosopher of science Karl Popper to come up with the idea of falsification in the first place . 7 The Eddington affair isn’t unique. Knock-down, drag-out disconfirmations are rarer than we would like to admit. Francesco Redi performed the first experiments “disproving” spontaneous generation in the 1660s, but Louis Pasteur was still “disproving” it in the 18 60s! Remember during the pandemic, when people were arguing about whether respiratory viruses can spread via aerosols, whether masks work, and whether UV light can protect us from infection? It seemed like those arguments arose around the same time that a novel coronavirus jumped down someone’s windpipe, but in fact they had been going on for a hundred years. 8 Here’s a fun one: in 1906, when Camillo Golgi won the Nobel Prize for Physiology or Medicine, he used his acceptance speech to argue against the “neuron doctrine”, the idea that the brain is made up of functionally independent cells. This was surprising to the neuroanatomist Santiago Ramón y Cajal, who happened to be the biggest proponent of the neuron doctrine, and who also happened to be in the audience, sharing the other half of the prize. Ramón y Cajal, for his part, would later retort that Golgi’s images were “artificially distorted and falsified”. 9 These disputes didn’t end because someone recanted their beliefs or committed scientific seppuku. Max Planck famously quipped that science advances one funeral at a time 10 , but that’s not quite right, because nothing changes if everyone at the funeral vows to continue the legacy of the dead. It seems to me that science actually advances one young person’s decision at a time. Do they choose to keep carrying the banner for increasingly cringe hypotheses, do they enter into endless disputes over the aliveness or deadness of theories, or do they take a another page from the Monty Python playbook, and decide to do something completely different ? • •

( source ) FINISH THE FIGHT When the replication crisis kicked off a decade ago and “classic” psychological phenomena started looking shaky, we could have asked ourselves, Talking Heads-style , “Well, how did we get here?” 11 When we run a study and get a result, what does that mean ? Which studies should we be running in the first place? What the hell are we doing? What’s it all for? We did not ask ourselves these questions. Instead, we checked “have a reckoning” off our our to-do lists and then we went back to business as usual, just with bigger sample sizes and occasional preregistration. I fear that we are concluding our come-to-Jesus moment without interrogating any of the mistakes that put us face-to-face with the Son of Man in the first place. We seem to believe that tighter stats, more transparent methods, and time-stamped analysis plans will separate the true ideas from the false ideas, like Jesus separating the sheep from the goats on the Day of Judgment. Unfortunately, it turns out that some of the sheep and goats are hard to tell apart. And some of the goat-owners are absolutely insisting that their goats are sheep. 12 We could spend the rest of time trying to get to the bottom of this. Or we could admit that, if we’ve argued about it this long and we’ve gotten nowhere, maybe we’ve crossed into cringe territory and it’s time to call it quits. We can’t say the Spartan is dead. But we can say he’s probably not coming back. • •

Experimental History can both die and become embarrassing

1 The Lever of Riches, p. 252.

2 Further discussion of it [continental drift] merely encumbers the literature and befogs the minds of fellow students. [It is] as antiquated as pre-Curie physics. It is a fairy tale.

- Barry Willis, professor of geology, 1944

3 There is no end to the absurdities connected with this doctrine. Suffice it to say, that in the ordinary sense of the word, there is no proof, such as would be admitted in any scientific inquiry, that there is any such thing as ‘contagion.’

- Florence Nightingale, 1863

4 Extermination [of smallpox] will be proved to be impossible, unless the vaccinators be mightier than the Almighty God himself

- Dr. William Rowley, 1805

5 Imagine you read that some guy in your city was murdered. Then the next day you find out that, actually, the guy’s fine; he merely faked his death for tax reasons. You would not conclude, “Ah, turns out murders never happen, and could never happen!” Similarly, when a result fails to replicate, it doesn’t mean that every possible version of the theory is invalidated forever. It merely tightens the space of possibilities around the idea, which almost always leaves it less interesting and more embarrassing.

6 See The Knowledge Machine by Michael Strevins, p. 41-46.

7 p. 38-39.

8 See Carl Zimmer’s Airborne.

9 See Lorraine Daston and Peter Galison’s Objectivity , p. 115-116.

10 As is usually the case with quotes like these, the canonical version was said by someone else .

11

The appropriate mindset for dealing with the replication cr

内容较长，当前仅展示前 14000 字。可点击“打开原文”查看完整内容。

Soon, AI will be good enough to interact with the Internet in an indistinguishable way from a human. This can be an amazing opportunity for liberation from all the people who are targeting your attention .

I vibe coded this zappa proxy, it is not quite there yet, but I think it points the way forward. Why should I browse the Internet or use apps when machines can do it for me? Suckers getting billed for an ad impression from a 1 cent Qwen.

Instead of the source, I’ll include the prompt in this post. I used GPT-5.4 to code it.

Download mitmproxy and configure Firefox to use a SOCKS5 proxy and install the required cert to proxy HTTPS traffic. Write a plugin for mitmproxy to route all website traffic through Qwen using the Cerebras API, you need to proxy HTML, JS, and CSS. Tell Qwen to remove all ads, popups, bright colors, moving things, and enshittified crap from the website and return a good version of the site. Pass this good version back to the user through the proxy. Log everything to a file. If the AI returns an error, pass that error along to the user, do not return pages without AI transformation.

I disabled uBlock Origin for these tests, Chrome on the left is the default internet, Firefox on the right is using the proxy if by some crazy chance you couldn’t tell.

The right way to ship this is probably a browser extension in some browser that didn’t totally nerf extensions. It should be simple with a customizable prompt, then people can share prompts like they share uBlock Origin filter lists. And it should be agentic, it shouldn’t actually return the HTML, it should use tools and keep per site state. Imagine a skilled software engineer running in 100x real time cleaning up websites for you before you view them.

Don’t fall for AI browser crap that’s marketed to you, that’s just them wanting to control your attention better. You need an AI you can trust to fight back!

I hope ad people see the writing on the wall, get scared, and pivot to user aligned business model. Intelligence is about to be dirt cheap, everyone will have a full time lighting fast personal assistant to deal with the enshittified world for them.

And you can say, well they will have a smarter one on the make everything bad side, but if mine is human level and aligned with me they will have to have gone so hard that no actual human in the world can deal with them so yea good luck with that.

The Turing Test is over. Enjoy spending your ad dollars showing things to my Qwen.

If you know the distance d to a satellite, you can compute a circle of points that passes through your location. That’s because you’re at the intersection of two spheres—the earth’s surface and a sphere of radius d centered on the satellite—and the intersection of two spheres is a circle. Said another way, one observation of a satellite determines a circle of possible locations.

If you know the distance to a second satellite as well, then you can find two circles that contain your location. The two circles intersect at two points, and you know that you’re at one of two possible positions. If you know your approximate position, you may be able to rule out one of the intersection points.

If you know the distance to three different satellites, now you know three circles that you’re standing on, and the third circle will only pass through one of the two points determined by the first two satellites. Now you know exactly where you are.

Knowing the distance to more satellites is even better. In theory additional observations are redundant but harmless. In practice, they let you partially cancel out inevitable measurement errors.

If you’re not on the earth’s surface, you’re still at the intersection of  n spheres if you know the distance to  n satellites. If you’re in an airplane, or on route to the moon, the same principles apply.

Errors and corrections

How do you know the distance to a satellite? The satellite can announce what time it is by its clock, then when you receive the announcement you compare it to the time by your clock. The difference between the two times tells you how long the radio signal traveled. Multiply by the speed of light and you have the distance.

However, your clock will probably not be exactly synchronized with the satellite clock. Observing a fourth satellite can fix the problem of your clock not being synchronized with the satellite clocks. But it doesn’t fix the more subtle problems of special relativity and general relativity. See this post by Shri Khalpada for an accessible discussion of the physics.

Numerical computation

Each distance measurement gives you an equation:

|| x – s i || = d i

where s i is the location of the i th satellite and d i is your distance to that satellite. If you square both sides of the equation, you have a quadratic equation. You have to solve a system of nonlinear equations, and yet there is a way to transform the problem into solving linear equations, i.e. using linear algebra. See this article for details.

Related posts

• The navigation triangle

• Dutton’s Navigation and Piloting

The post Intersecting spheres and GPS first appeared on John D. Cook .

Some time ago, I noted that there was a walkthrough of the original Microsoft Building 3 . If you go behind the receptionist desk, you’ll see a telephone at the receptionist’s station, but off to side, there was also a red telephone resting between a tape dispenser and a small pamphlet labelled “Quick Reference Guide”.

What was this red telephone for? Was it a direct line to Bill Gates’s office ? Or maybe it was a direct line to Security?

Nope.

It was just a plain telephone.

And that’s what made it special.

As is customary at large companies, the telephones on the Microsoft campus were part of a corporate PBX (private branch exchange). A PBX is a private telephone system within a company, and companies use them to save on telephone costs, as well as to provide auxiliary telephone services. For example, you could call another office by dialing just the extension, and the call would be routed entirely within the PBX without having to interact with the public telephone systems. Generally, most calls are typically from one office to another, so a PBX saves considerable money by reducing demand for outside communications services. Also, a PBX allows integration with other systems. For example, if somebody leaves you a voicemail, the system can email you a message.

But what if the PBX is down, and there is an emergency?

The red telephones are plain telephones with standard telephone service. They are not part of the PBX and therefore operate normally even if there is a PBX outage. If there is an emergency, the receptionist can use the red telephone to call emergency services. Presumably, each red telephone was registered in the telephone system with the address of its building, allowing emergency services to dispatch assistance quickly.

Bonus chatter : What was the “Quick Reference Guide”? It was a guide to emergency procedures. It makes sense that it was kept next to the emergency telephone.

Bonus bonus chatter : Bill Gates kept a red telephone in his own office as well. If the PBX went down, I guess it was technically true that the red telephones could be used to call Bill Gates’s office.

The post Why was there a red telephone at every receptionist desk? appeared first on The Old New Thing .

The Wikipedia article on modern triangle geometry has an image labled “Artz parabolas” with no explanation.

A quick search didn’t turn up anything about Artz parabolas, but apparently the parabolas go through pairs of vertices with tangents parallel to the sides.

The derivation is a little complicated, but here’s code that will find the parameters of a parabola

ax ² + bxy + cy ² + dx + ey + f = 0

that passes through ( x i , y i ) with slope m i for i = 1, 2.

def solve(x1, y1, m1, x2, y2, m2): Δx = x2 - x1 Δy = y2 - y1 λ = 4*(Δx*m1 - Δy)*(Δx*m2 - Δy)/(m1 - m2)**2 k = x2*y1 - x1*y2

a = Δy**2 + λ*m1*m2 b = -2*Δx*Δy - λ*(m1 + m2) c = Δx**2 + λ d = 2*k*Δy + λ*(m1*y2 + m2*y1 - m1*m2*(x1 + x2)) e = -2*k*Δx + λ*(m1*x1 + m2*x2 - y1 - y2) f = k**2 + λ*(m1*x1 - y1)*(m2*x2 - y2)

return (a, b, c, d, e, f) The post Finding a parabola through two points with given slopes first appeared on John D. Cook .

When websites are blatantly hostile, users close them to never come back. Have you ever downloaded an app, realized it was deceptive, and deleted it immediately? It's a common occurrence for me. But there is truly hostile software that we still end up using daily. We don't just delete those apps because the hostility is far more subtle. It's like the boiling frog, the heat turns up so slowly that the frog enjoys a nice warm bath before it's fully cooked.

With clever hostile software, they introduce one frustrating feature at a time. Every time I find myself on LinkedIn, it's not out of pleasure. Maybe it's an email about an enticing job. Maybe it's an article someone shared with me. Either way, before I click the link, I have no intention of scrolling through the feed. Yet I end up on it anyway, not because I want to, but because I've been tricked.

You see, LinkedIn employs a trick called back button hijacking. You click a LinkedIn URL that a friend shared, read the article, and when you're done, you click the back button expecting to return to whatever app you were on before. But instead of going back, you're still on LinkedIn. Except now, you are on the homepage, where your feed loads with enticing posts that lure you into scrolling.

How did that happen? How did you end up on the homepage when you only clicked on a single link? That's back button hijacking.

Here's how it works. When you click the original LinkedIn link, you land on a page and read the article. In the background, LinkedIn secretly gets to work. Using the location.replace() JavaScript method, it swaps the page's URL to the homepage. The replace method doesn't add an entry to the browser's history. Then LinkedIn manually pushes the original URL you landed on into the history stack. This all happens so fast that the user never notices any change in the URL or the page.

As far as the browser is concerned, you opened the LinkedIn homepage and then clicked on a post to read it. So when you click the back button, you're taken back to the homepage, the feed loads, and you're presented with the most engaging post to keep you on the platform.

If you spent a few minutes reading the article, you probably won't even remember how you got to the site. So when you click back and see the feed, you won't question it. You'll assume nothing deceptive happened.

While LinkedIn only pushes you one level down in the history state, more aggressive websites can break the back button entirely. They push a new history state every time you try to go back, effectively trapping you on their site. In those cases, your only option is to close the tab.

I've also seen developers unintentionally break the back button, often when implementing a search feature. On a search box where each keystroke returns a result, an inexperienced developer might push a new history state on every keystroke, intending to let users navigate back to previous search terms. Unfortunately, this creates an excessive number of history entries. If you typed a long search query, you'd have to click the back button for every character (including spaces) just to get back to the previous page. The correct approach is to only push the history state when the user submits or leaves the search box ( onblur ).

As of yesterday, Google announced a new spam policy to address this issue. Their reasoning:

People report feeling manipulated and eventually less willing to visit unfamiliar sites. As we've stated before, inserting deceptive or manipulative pages into a user's browser history has always been against our Google Search Essentials.

Any website using these tactics will be demoted in search results:

Pages that are engaging in back button hijacking may be subject to manual spam actions or automated demotions, which can impact the site's performance in Google Search results. To give site owners time to make any needed changes, we're publishing this policy two months in advance of enforcement on June 15, 2026.

I'm not sure how much search rankings affect LinkedIn specifically, but in the grand scheme of things, this is a welcome change. I hope this practice is abolished entirely.

zerobrew and nanobrew have been doing the rounds as fast alternatives to Homebrew, one written in Rust with the tagline “uv-style architecture for Homebrew packages” and the other in Zig with a 1.2 MB static binary and a benchmark table comparing itself favourably against the first. Both are upfront, once you scroll past the speedup numbers, that they resolve dependencies against homebrew-core, download the bottles that Homebrew’s CI built and Homebrew’s bandwidth bill serves, and parse the cask definitions that Homebrew contributors maintain.

They’re alternative clients for someone else’s registry, which is a perfectly reasonable thing to build, but the framing as a replacement glosses over what running a system package manager actually involves.

nanobrew’s README has a “what doesn’t work yet” section listing Ruby post_install hooks, build-from-source with custom options, conditional blocks in Brewfiles, and any complex Ruby DSL, while zerobrew handles source builds by falling back to “Homebrew’s Ruby DSL”, which I read as shelling out to the thing it’s meant to be replacing.

The parts of Homebrew they skip are the parts that are slow for a reason: evaluating arbitrary Ruby to discover what a package needs, running post-install hooks that touch the filesystem in package-specific ways, and handling the long tail of formulae that don’t reduce to “download this tarball and symlink it into a prefix”. Implementing only the bottle path and declaring the rest out of scope covers the easy 80% of packages and most of the benchmark wins.

zerobrew’s table reports a 4.4x speedup installing ffmpeg from a warm cache, nanobrew gets the same operation down to 287 milliseconds, and I keep trying to picture the developer who installs ffmpeg, uninstalls it, and installs it again on the same machine often enough for warm-cache reinstall time to be the number they care about.

A warm install is measuring how quickly you can clonefile a directory out of a content-addressable store, which is a fine thing to optimise but says almost nothing about the experience of setting up a new laptop or adding a tool you didn’t have yesterday. The cold-cache numbers are much closer together, occasionally slower than Homebrew when the bottle is large, because at that point everyone is waiting on the same CDN and there’s no clever data structure that makes bytes arrive faster.

I wrote about why uv is fast a few months ago. The language rewrite was the least interesting part of that story. uv is fast because PEP 658 finally let Python resolvers fetch package metadata without executing setup.py , and because uv dropped eggs and pip.conf and a dozen other legacy paths that pip still carries. Homebrew already shipped its equivalent of PEP 658 in the formula.json API, and that’s the thing that made zerobrew and nanobrew possible in the first place, neither of them is solving the metadata-without-Ruby-evaluation problem because Homebrew already solved it for them.

zerobrew’s content-addressable store and APFS clonefile tricks would work equally well from Ruby, and nanobrew’s parallel downloads have been on by default in Homebrew since 4.7.0 last November . The architectural choices are real improvements but they aren’t “we rewrote it in Zig” improvements, and a zero-startup-time binary matters a lot less when the operation behind it is a 40 MB download either way.

Most of the work in a package manager is the long tail: formulae that want a specific libiconv on an old macOS release, casks with notarisation quirks, post-install scripts that edit config files in ways you can’t predict in advance. None of it benchmarks. Whether either project still has a maintainer paying attention a year from now, once those issues start piling up in the tracker, is an open question. Both also chose Apache-2.0 rather than inheriting Homebrew’s BSD-2-Clause, which is legally fine and suggests the authors see themselves as building independent projects rather than contributing to the ecosystem they depend on.

The formula format is Turing-complete Ruby, which means the package definition and the client that interprets it are effectively the same artefact, and any move toward declarative package data has to either break the existing formulae or ship a Ruby evaluator as part of every client forever.

The formula API currently lists 8,308 formulae in homebrew-core and the cask API another 7,617 casks, plus roughly 34,000 homebrew-* Ruby repositories on GitHub that look like third-party taps, all written against an internal DSL that was never meant to be a stable interchange format. The fast clients get to sidestep that problem by declaring it out of scope, which is a freedom the project they depend on doesn’t have.

The bottleneck isn’t Rust or Ruby, it’s the absence of a stable declarative package schema. Until that exists, every fast client is fast because Homebrew already did the slow work.

->->->->->->->->->->->->->->->->->->->->->->->->->->->->->

Top Sources: None

-->

Today's links

• In praise of (some) compartmentalization : Go with the flow (mostly).

• Hey look at this : Delights to delectate.

• Object permanence : Multitasking teens; Copyrighted dirt; NZ internet disconnection x CHCH quake; Hubble cake; Churchill's booze Rx; Fraud-resistant election tech.

• Upcoming appearances : Toronto, San Francisco, London, Berlin, NYC, Hay-on-Wye, London.

• Recent appearances : Where I've been.

• Latest books : You keep readin' em, I'll keep writin' 'em.

• Upcoming books : Like I said, I'll keep writin' 'em.

• Colophon : All the rest.

In praise of (some) compartmentalization ( permalink )

If there's one FAQ I get Q'ed most F'ly, it's this: "How do you get so much done?" The short answer is, "I write when I'm anxious (which is how I came to write nine books during lockdown)." The long answer is more complicated.

The first complication to understand is that I have lifelong, degenerating chronic pain that makes me hurt from the base of my skull to the soles of my feet – my whole posterior chain. On a good day, it hurts. On a bad day, it hurts so bad that it's all I can think about.

Unless…I work. If I can find my way into a creative project, the rest of the world just kind of fades back, including my physical body. Sometimes I can get there through entertainment, too – a really good book or movie, say, but more often I find myself squirming and needing to get up and stretch or use a theragun after a couple hours in a movie theater seat, even the kind that reclines. A good conversation can do it, too, and is better than a movie or a book. The challenge and engagement of an intense conversation – preferably one with a chewy, productive and interesting disagreement – can take me out of things.

There's a degree to which ignoring my body is the right thing to do. I've come to understand a lot of my pain as being a phantom, a pathological failure of my nervous system to terminate a pain signal after it fires. Instead of fading away, my pain messages bounce back and forth, getting amplified rather than attenuated, until all my nerves are screaming at me. Where pain has no physiological correlate – in other words, where the ache is just an ache, without a strain or a tear or a bruise – it makes sense to ignore it. It's actually healthy to ignore it, because paying attention to pain is one of the things that can amplify it (though not always).

But this only gets me so far, because some of my pain does have a physiological correlate. My biomechanics suck, thanks to congenital hip defects that screwed up the way I walked and sat and lay and moved for most of my life, until eventually my wonky hips wore out and I swapped 'em for a titanium set. By that point, it was too late, because I'd made a mess of my posterior chain, all the way from my skull to my feet, and years of diligent physio, swimming, yoga, occupational therapy and physiotherapy have barely made a dent. So when I sit or stand or lie down, I'm always straining something , and I really do need to get up and move around and stretch and whatnot, or sure as hell I will pay the price later. So if I get too distracted, then I start ignoring the pain I need to be paying attention to, and that's at least as bad as paying attention to the pain I should be ignoring.

Which brings me to anxiety. These are anxious times. I don't know anyone who feels good right now. Particularly this week, as the Strait of Epstein emergency gets progressively worse, and there's this January 2020 sense of the crisis on the horizon, hitting one country after another. Last week, Australia got its last shipment of fossil fuels. This week, restaurants in India are all shuttered because of gas rationing. People who understand these things better than I do tell me that even if Trump strokes out tonight and Hegseth overdoes the autoerotic asphyxiation, it'll be months, possibly years, before things get back to "normal" ("normal!").

Any time I think about this stuff for even a few minutes, I start to feel that covid-a-comin', early-2020 feeling, only it's worse this time around, because I literally couldn't imagine what covid would mean when it got here, and now I know.

When I start to feel those feelings, I can just sit down and start thinking with my fingers, working on a book or a blog-post. Or working on an illustration to go with one of these posts, which is the most delicious distraction, leaving me with just enough capacity to mull over the structure of the argument that will accompany it.

I can't do anything about the impending energy catastrophe, apart from being part of a network of mutual aid and political organizing, so it makes sense not to fixate on it. But there are things that upset me – problems my friends and loved ones are having – where there's such a thing as too much compartmentalization. It's one thing to lose myself in work until the heat of emotion cools so I can think rationally about an issue that's got me seeing red, and another to use work as a way to neglect a loved one who needs attention in the hope that the moment will pass before I have to do any difficult emotional labor.

Compartmentalization, in other words, but not too much compartmentalization. During the lockdown years, I transformed myself into a machine for turning Talking Heads bootlegs into science fiction novels and technology criticism, and that was better than spending that time boozing or scrolling or fighting – but in retrospect, there's probably more I could have done during those hard months to support the people around me. In my defense – in all our defenses – that was an unprecedented situation and we all did the best we could.

Creative work takes me away from my pain – both physical and emotional – because creative work takes me into a "flow" state. This useful word comes to us from Mihaly Csikszentmihalyi, who coined the term in the 1960s while he was investigating a seeming paradox: how was it that we modern people had mastered so many of the useful arts and sciences, and yet we seemed no happier than the ancients? How could we make so much progress in so many fields, and so little progress in being happy?

In his fieldwork, Csikszentmihalyi found that people reported the most happiness while they were doing difficult things well – when your "body or mind is stretched to its limits in a voluntary effort to accomplish something difficult and worthwhile." He called this state "flow."

As Derek Thompson says, the word "flow" implies an effortlessness, but really, it's the effort – just enough, not too much – that defines flow-states. We aren't happiest in a frictionless world, but rather, in a world of "achievable challenges":

https://www.derekthompson.org/p/how-zombie-flow-took-over-culture

Thompson relates this to "the law of familiar surprises," an idea he developed in his book Hit Makers , which investigated why some media, ideas and people found fame, while others languished. A "familiar surprise" is something that's "familiar but not too familiar."

He thinks that the Hollywood mania for sequels and reboots is the result of media execs chasing "familiar surprises." I think there's something to this, but we shouldn't discount the effect that monopolization has on the media: as companies get larger and larger, they end up committing to larger and larger projects, and you just don't take the kinds of risks with a $500m movie that you can take with a $5m one. If you're spending $500m, you want to hedge that investment with as many safe bets as you can find – big name stars, successful IP, and familiar narrative structures. If the movie still tanks, at least no one will get fired for taking a big, bold risk.

Today, we're living in a world of extremely familiar, and progressively less surprising culture. AI slop is the epitome of familiarity, since by definition, AI tries to make a future that is similar to the past, because all it can do is extrapolate from previous data. That's a fundamentally conservative, uncreative way to think about the world:

https://pluralistic.net/2020/05/14/everybody-poops/#homeostatic-mechanism

The tracks the Spotify algorithm picks out of the catalog are going to be as similar to the ones you've played in the past as it can make them – and the royalty-free slop tracks that Spotify generates with AI or commissions from no-name artists will be even more insipidly unsurprising:

https://pluralistic.net/2022/09/12/streaming-doesnt-pay/#stunt-publishing

Thompson cites Shishi Wu's dissertation on "Passive Flow," a term she coined to describe how teens fall into social media scroll-trances:

https://scholarworks.umb.edu/cgi/viewcontent.cgi?article=2104&amp;context=doctoral_dissertations

Wu says it's a mistake to attribute the regretted hours of scrolling to addiction or a failure of self-control. Rather, the user is falling into "passive flow," a condition arising from three factors:

I. Engagement without a clear goal;

II. A loss of self-awareness – of your body and your mental state;

III. Losing track of time.

I instantly recognize II. and III. – they're the hallmarks of the flow states that abstract me away from my own pain when I'm working. The big difference here is I. – I go to work with the clearest of goals, while "passive flow" is undirected (Thompson also cites psychologist Paul Bloom, who calls the scroll-trance "shitty flow." In shitty flow, you lose track of the world and its sensations – but in a way that you later regret.)

Thompson has his own name for this phenomenon of algorithmically induced, regret-inducing flow: he calls it "zombie flow." It's flow that "recapitulates the goal of flow while evacuating the purpose."

Zombie flow is "progress without pleasure" – it's frictionless, and so it gives us nothing except that sense of the world going away, and when it stops, the world is still there. The trick is to find a way of compartmentalizing that rewards attention with some kind of productive residue that you can look back on with pride and pleasure.

I wouldn't call myself a happy person. I don't think I know any happy people right now. But I'm an extremely hopeful person, because I can see so many ways that we can make things better (an admittedly very low bar), and I have mastered the trick of harnessing my unhappiness to the pursuit of things that might make the world better, and I'm gradually learning when to stop escaping the pain and confront it.

( Image: marsupium photography , CC BY-SA 2.0 , modified )

Hey look at this ( permalink )

• Uncovering Webloc https://citizenlab.ca/research/analysis-of-penlinks-ad-based-geolocation-surveillance-tech/

• The Science of Forced Perspective at Disney Parks https://www.youtube.com/watch?v=yqefjmRVLTM

• The Reverse Centaur’s Guide to Life After AI: How to Think About Artificial Intelligence—Before It’s Too Late https://www.publishersweekly.com/9780374621568

• EFF HOPE: Join Us This August! https://www.eff.org/deeplinks/2026/04/eff-hope-join-us-august

• Here Are the Finalists for the 2025 Locus Awards https://reactormag.com/finalists-2025-locus-awards/

Object permanence ( permalink )

#25yrsago Pee-Wee Herman on his career https://web.archive.org/web/20010414033156/https://ew.com/ew/report/0,6115,105857~1~0~paulreubensreturnsto,00.html

#25yrsago Anxious hand-wringing about multitasking teens https://www.nytimes.com/2001/04/12/technology/teenage-overload-or-digital-dexterity.html

#20yrsago Clever t-shirt typography spells “hate” – “love” in mirror-writing https://web.archive.org/web/20060413102804/https://accordionguy.blogware.com/blog/_archives/2006/4/12/1881414.html

#20yrsago New Mexico Lightning Field claims to have copyrighted dirt https://diaart.org/visit/visit-our-locations-sites/walter-de-maria-the-lightning-field#overview

#20yrsago Futuristic house made of spinach protein and soy-foam https://web.archive.org/web/20060413111650/http://bfi.org/node/828

#15yrsago New Zealand to sneak in Internet disconnection copyright law with Christchurch quake emergency legislation https://www.stuff.co.nz/technology/digital-living/4882838/Law-to-fight-internet-piracy-rushed-through

#10yrsago Bake: An amazing space-themed Hubble cake https://www.sprinklebakes.com/2016/04/black-velvet-nebula-cake.html

#10yrsago Shanghai law uses credit scores to enforce filial piety https://www.caixinglobal.com/2016-04-11/shanghai-says-people-who-fail-to-visit-parents-will-have-credit-scores-lowered-101011746.html

#10yrsago Walmart heiress donated $378,400 to Hillary Clinton campaign and PACs https://web.archive.org/web/20160414155119/https://www.alternet.org/election-2016/alice-walton-donated-353400-clintons-victory-fund

#10yrsago Mass arrests at DC protest over money in politics https://www.washingtonpost.com/local/public-safety/mass-arrests-of-protesters-in-demonstration-at-capitol-against-big-money/2016/04/11/96c13df0-0037-11e6-9d36-33d198ea26c5_story.html

#10yrsago Churchill got a doctor’s note requiring him to drink at least 8 doubles a day “for convalescence” https://web.archive.org/web/20130321054712/https://arttattler.com/archivewinstonchurchill.html

#5yrsago Big Tech's secret weapon is switching costs, not network effects https://pluralistic.net/2021/04/12/tear-down-that-wall/#zucks-iron-curtain

#5yrsago Fraud-resistant election-tech https://pluralistic.net/2021/04/12/tear-down-that-wall/#bmds

#1yrago Blue Cross of Louisiana doesn't give a shit about breast cancer https://pluralistic.net/2025/04/12/pre-authorization/#is-not-a-guarantee-of-payment

Upcoming appearances ( permalink )

• Toronto: DemocracyXchange, Apr 16

https://www.democracyxchange.org/news/cory-doctorow-to-open-dxc26-on-april-16

• San Francisco: 2026 Berkeley Spring Forum on M&A and the Boardro

内容较长，当前仅展示前 14000 字。可点击“打开原文”查看完整内容。

I'm starting to become pretty fond of Bruce. Actually, I've had a bit of an epiphany: an AI assistant like Bruce isn't just about auto-responding to tickets in an entirely autonomous manner; it's also pretty awesome at responding with just a little bit of human assistance. Charlotte and I both replied to some tickets today that were way too specific for Bruce to ever do on his own, but by feeding in just a little bit of additional info (such as the number of domains someone was presently monitoring), Bruce was able to construct a really good reply and "own" the ticket. So maybe that's the sweet spot: auto-reply to the really obvious stuff and then take just a little human input on everything else.

Over on the Fediverse I indulged in some snark :

Network inventory hot and grumpy take: Yep, it's not great that sysadmins and network people don't necessarily have a hardware and network inventory, unlike modern software development where famously everyone knows exactly what their entire dependency tree is and why it's there and has full trust in it staying that way.

(That is sarcasm.)

Let's get this out of the way right at the start: inventories are hard . I don't just mean network inventories or machine inventories or software inventories or dependency inventories. I mean any and all inventories, everywhere. For example, some real businesses periodically take a day or two off from doing business in order to check and reconcile their inventory with actual physical reality. It's ordinary to have a business's website say they have something in stock at a location, but when you go to the location, the people there can only shrug and tell you they have no idea where the theoretically in-stock item is, if it even exists.

(I can also assure you that an inventory of other physical items, even very important ones like keys, can become completely hopeless. One reason lots of people like reprogrammable electronic locks is that you can make your inventory be the authoritative state of the world. Of course, this will also lead to you discovering ways in which your inventory did not reflect reality, as people turn up who should have access but aren't in your lock inventory.)

One reason that all inventories are hard is that they're an attempt to keep two (or more) things in sync with each other, those being the inventory itself and the physical or software reality. Not coincidentally, in our field the most accurate inventories tend to be the ones that are built on self-reporting. Unfortunately there is only so much information that can be accurately self-reported. For example, a machine intrinsically knows that it exists and has certain hardware and software states, but it doesn't intrinsically know why it exists. If you try to make a machine 'self report' why it exists, this is generally going to be the machine echoing back to you something that you told it earlier.

This also relies on being able to get a self report from machines or whatever else is of interest. A machine or a piece of software or whatever that doesn't generate a self report is mostly invisible. Generally self reporting is something that has to be added to machines, software, and other things of interest, and if this isn't complete, that creates gaps in a self reported inventory. You can fill these gaps in the inventory by hand, but then you're trying to keep two things in sync with each other.

The less you can trust self reporting, the harder inventories get. We see this in the perpetual struggle of default deny firewalls, which can be seen as an inventory of allowed network traffic except that we can't allow things to self-report that they should be allowed. This creates a burden of inventory maintenance in the form of firewall rule updates (which is often made more annoying by organizational structure, where you can't update the 'inventory' yourself but have to wait for other people to do it before you can do things).

Ultimately, maintaining an inventory takes work. If you want that work to happen, you must budget time for that work and you must make that work rewarded. If your organization's structure of rewards and demerits makes it clear that maintaining an inventory is not as important as other things, well, you will get what you'd expect.

(Locally, we do budget time to maintain several sorts of inventories, but at the same time many of them are imperfect. Partly there is a trade off between the amount of time spent maintaining inventories and their accuracy, and partly people make mistakes, which is another reason why things self reporting themselves is better if you can manage it.)

( 2 comments .)

The Playlist:

The first pitch, he said, goes back to 2008, and it was already pretty radical by Bond standards. “I had pitched in 2008 the idea to Barbara Broccoli of a parallel franchise,” Soderbergh said. “Set in the ’60s, R-rated, violent, sexy. Fictional backstory to real historical events, different actor, different universe.” [...]

That version was designed to open up a different, more lo-fi, stripped-down, and cost-effective way of making Bond movies, but not a replacement for them. “[It would be] cheaply made, where you get people like me, who are interested in that approach to do one of these things,” Soderbergh explained. “It’s just another lane that exists totally separate from the normal Bond movies.”

Broccoli and company, he said, were at least open enough to hear it out. “They were intrigued,” Soderbergh said. “But didn’t move forward.”

This hurts — it hurts to ponder what could have been.

★

The TL;DR is that Google engineering appears to have the same AI adoption footprint as John Deere, the tractor company. Most of the industry has the same internal adoption curve: 20% agentic power users, 20% outright refusers, 60% still using Cursor or equivalent chat tool. It turns out Google has this curve too. [...]

There has been an industry-wide hiring freeze for 18+ months, during which time nobody has been moving jobs. So there are no clued-in people coming in from the outside to tell Google how far behind they are, how utterly mediocre they have become as an eng org.

— Steve Yegge , provocative, as always

Tags: steve-yegge , google , generative-ai , agentic-engineering , ai , llms

Andrzej Odrzywolek recently posted an article on arXiv showing that you can obtain all the elementary functions from just the function

and the constant 1. The following equations, taken from the paper’s supplement , show how to bootstrap addition, subtraction, multiplication, and division from the elm function.

See the paper and supplement for how to obtain constants like π and functions like square and square root, as well as the standard circular and hyperbolic functions.

Related posts

• Bootstrapping a small math library

• Toffoli gates are all you need

The post Mathematical minimalism first appeared on John D. Cook .

A colleague told me that there was an O ( N ) algorithm for finding a duplicated item in an array of N integers in the range 1 to N − 1. There must be a duplicate due to the pigeonhole principle. There might be more than one duplicated value; you merely have to find any duplicate.¹

The backstory behind this puzzle is that my colleague had thought this problem was solvable in O ( N log N ), presumably by sorting the array and then scanning for the duplicate. They posed this as an interview question, and the interviewee found an even better linear-time algorithm!

My solution is to interpret the array as a linked list of 1-based indices, and borrow the sign bit of each integer as a flag to indicate that the slot has been visited. We start at index 1 and follow the indices until they either reach a value whose sign bit has already been set (which is our duplicate), or they return to index 1 (a cycle). If we find a cycle, then move to the next index which does not have the sign bit set, and repeat. At the end, you can restore the original values by clearing the sign bits.²

I figured that modifying the values was acceptable given that the O ( N log N ) solution also modifies the array. At least my version restores the original values when it’s done!

But it turns out the interview candidate found an even better O ( N ) algorithm, one that doesn’t modify the array at all.

Again, view the array values as indices. You are looking for two nodes that point to the same destination. You already know that no array entry has the value N , so the entry at index N cannot be part of a cycle. Therefore, the chain that starts at N must eventually join an existing cycle, and that join point is a duplicate. Start at index N and use Floyd’s cycle detector algorithm to find the start of the cycle in O ( N ) time.

¹ If you constrain the problem further to say that there is exactly one duplicate, then you can find the duplicate by summing all the values and then subtracting N(N−1)/2 .

² I’m pulling a fast one. This is really O ( N ) space because I’m using the sign bit as a convenient “initially zero” flag bit.

The post Finding a duplicated item in an array of <VAR>N</VAR> integers in the range 1 to <VAR>N</VAR> − 1 appeared first on The Old New Thing .

A friend of mine bought a Tesla Roadster back in the early 2010s. At the time, spotting a Tesla on the road was a rare event. Maybe even occasion enough to stop and take a picture. I never got the chance to photograph one, let alone drive one, until I met this new friend recently. This was my chance to experience the car firsthand.

We walked to the parking structure to see it. As soon as he opened the door, something looked... off. On the outside, it was a pristine, six-figure roadster. But the inside looked completely custom. Not "custom" in the sense of a professional shop install, but more like the driver himself grabbed a hammer and chisel and made it his own.

First, the driver's seat had been altered. It was much lower than usual and didn't match the passenger seat. My friend stands 6'7", and the Roadster is a tiny car. He physically couldn't fit, so he modified the seat rails to lower it. But that fix created a new problem: the door armrest now dug into his hip. So, he took a file to the interior panel, shaved it down, and 3D printed a smaller, ergonomic armrest. He even 3D printed a cup holder for the passenger side so his coffee was within reach.

To me, the idea of taking a Dremel or a file to a $100,000+ car was unimaginable. You must be crazy to do it.

He caught the look on my face and shrugged. "Hey, it's my car. I paid for it. I intend to be comfortable in it."

I never thought of it like this. That sentiment stuck with me. Recently when I read an article by Kent Walters about filing the corners of his MacBook , those same feelings resurfaced. My work MacBook has edges so sharp that I've often felt like I was slicing my wrist on the chassis. I treated this as a design flaw I had to endure. But not Kent. He treated it as an obstacle to be removed. He literally filed down the corners of his laptop to ensure the machine he uses every day was comfortable.

I may not have the guts to file my work issued MacBook, but I'm no stranger to customization... in software. I modify my tools constantly. I spend days tweaking my IDE, remapping keyboard shortcuts, and writing custom scripts until the software is unrecognizable to anyone else on my team. I don't think twice about rewriting a config file to make the tool fit my brain.

When I was a kid, I always had a screw driver around, fixing a device that wasn't really broken. On the home computer, I modified everything. I once deleted all .ini files to improve performance. It didn't work, but it led to a fruitful career.

But somehow, when it comes to expensive hardware now, I freeze. I treat the physical object as a museum piece to be preserved. I bought a docking station to banish the laptop to a shelf, using an external mouse and keyboard to avoid touching the sharp chassis. I built a complex workaround to accommodate the tool, rather than performing the simple, brutal act of modifying the tool to accommodate me.

We treat our physical tools as if they are on loan from the manufacturer.

You'll see a musician buying a vintage guitar but refuses to adjust the action, terrified of ruining the "collector's value." Meanwhile, the working guitarist has sanded down the neck and covered it in stickers because it feels better in their hand. The software engineer accepts the default keybindings to avoid "bad habits," while the power user creates a layout that doubles their speed.

If you own a tool, whether it's a car, a computer, or a line of code, you own the right to change it. The manufacturer designed it for the "average" user, but you are a specific human with specific needs.

Remember grandma's couch in the living room? It had that plastic cover on it. It was so uncomfortable, but no one dared to remove it. The plastic was to preserve the sofa. No one got to enjoy it, instead everyone accommodated the couch only to preserve its value. A value that one ever benefits from. Don't let the perceived value of an object stop you from making it truly yours. A tool with battle scars is a tool that is loved.

My wife and I run OpenBenches . It's a niche little site which lets people share photos of memorial benches and their locations. Most modern phones embed a geolocation within the photo's metadata, so we use that information to put the photos on a map.

Google's Android has now broken that.

On the web, we used to use:

<input type="file" accept="image/jpeg">

That opened the phone's photo picker and let the use upload a geotagged photo. But a while ago Google deliberately broke that.

Instead, we were encourage to use the file picker :

<input type="file">

That opened the default file manager. This had the unfortunate side-effect of allowing the user to upload any file, rather than just photos. But it did allow the EXIF metadata through unmolested. Then Google broke that as well .

Using a "Progressive Web App" doesn't work either.

So, can users transfer their photos via Bluetooth or QuickShare? No. That's now broken as well .

You can't even directly share via email without the location being stripped away.

Literally the only way to get a photo with geolocation intact is to plug in a USB cable, copy the photo to your computer, and then upload it via a desktop web browser?

Why?!?!?

Because Google run an anticompetitive monopoly on their dominant mobile operating system.

Privacy.

There's a worry that users don't know they're taking photos with geolocation enabled. If you post a cute picture of your kid / jewellery / pint then there's a risk that a ne’er-do-well could find your exact location.

Most social media services are sensible and strip the location automatically. If you try to send a geotagged photo to Facebook / Mastodon / BlueSky / WhatsApp / etc, they default to not showing the location. You can add it in manually if you want, but anyone downloading your photo won't see the geotag.

And, you know, I get it. Google doesn't want the headline "Stalkers found me, kidnapped my baby, and stole my wedding ring - how a little known Android feature puts you in danger!"

But it is just so tiresome that Google never consults their community. There was no advance notice of this change that I could find. Just a bunch of frustrated users in my inbox blaming me for breaking something.

I don't know what the answer is. Perhaps a pop up saying "This website wants to see the location of your photos. Yes / No / Always / Never"? People get tired of constant prompts and the wording will never be clear enough for most users.

It looks like the only option available will be to develop a native Android app (and an iOS one?!) with all the cost, effort, and admin that entails. Android apps have a special permission for accessing geolocation in images .

If anyone has a working way to let Android web-browsers access the full geolocation EXIF metadata of photos uploaded on the web, please drop a comment in the box.

In the meantime, please leave a +1 on this HTML Spec comment .

The Common Package Specification went stable in CMake 4.3 last year and the name caught my attention because it sounds like it might be addressing the cross-ecosystem dependency problem I’ve written about before . Reading the spec, the “common” turns out to mean common across build systems rather than common across language ecosystems: it’s a JSON format that CMake and Meson and autotools can all read to find out where an installed library lives and how to link against it, replacing the mix of .pc files and *Config.cmake scripts that currently fill that role.

The schema is full of include paths, preprocessor defines, link flags, component types like dylib and archive and interface for header-only libraries, and feature strings like c++11 and gnu , which makes sense given it came out of Kitware and the C++ tooling study group and is being driven by people building large C++ applications who are tired of every build system having its own incompatible way of describing the same installed library.

Conan can already generate CPS files for everything in ConanCenter, and CMake’s find_package() reads them with fallback to the older formats, so libraries built through that toolchain will start leaving .cps files in install prefixes whether anyone outside the C++ world notices or not. Each one is a small structured record of an installed binary: its location on disk, its version, what other components it requires, what platform it was built for.

For something like the binary dependency tracing Vlad and I have been looking at, that’s a useful data source sitting alongside the symbol tables we’d be extracting anyway, particularly for the version field, which is the thing you can’t reliably recover from nm output and currently have to guess from filenames or distro package databases.

The closer fit is native extension builds in language package managers. Ruby’s mkmf has pkg_config() baked into it and the pkg-config gem reimplementing the format in pure Ruby has tens of millions of downloads, while node-gyp users shell out to pkg-config from binding.gyp action blocks to find headers and libraries at install time. These are doing exactly what CPS is designed to replace, and a CPS reader for mkmf would be a small piece of code, but the libraries that gems actually build against (libxml2, libpq, libsqlite3, openssl) ship .pc files because pkg-config has been around since 2000 and don’t yet ship .cps files because almost nothing outside CMake produces them.

There’s an open proposal to add a package_url field using purl identifiers so a CPS file could record which conan or vcpkg or distro package it came from, which would close a loop between the build-system world’s description format and the identifier scheme everything else has converged on.

Python has been moving on the adjacent problems independently, with PEP 770 reserving .dist-info/sboms/ inside wheels for CycloneDX or SPDX documents describing bundled libraries, and auditwheel already implementing it by querying dpkg or rpm or apk at repair time to find which system package each grafted .so came from before writing the result as purls. CPS wouldn’t help here. Wheel consumers never compile anything, so what they need is provenance for what got bundled, and Python correctly reached for SBOM formats. The numpy 2.2.6 wheel I pulled to check still doesn’t have an SBOM in it despite the spec being accepted a year ago, which mostly tells you how long the tail is on rebuilding the world, and is part of why reconstructing this data from binaries after the fact stays useful even as the metadata standards land.

PEP 725 declares dep:generic/openssl style requirements in pyproject.toml so build tools know what needs to be present before they start, using a purl-derived scheme that again has no relationship to CPS despite covering ground that pkg-config users would recognise.

None of these efforts reference each other much, which is roughly what you’d expect when the C dependency problem gets solved piecewise by whichever community hits it hardest, but the pieces are at least using compatible identifiers now, and a CPS file with a purl in it is something you could trace through to a PEP 770 SBOM entry without anyone having planned for that to work.

This newsletter is free to read, and it’ll stay that way. But if you want more - extra posts each month, no sponsored CTAs, access to the community, and a direct line to ask me things - paid subscriptions are $2.50/month. A lot of people have told me it’s worth it.

Upgrade

In June 1812, Napoleon Bonaparte marched 685,000 soldiers into Russia - the largest military force ever assembled in European history up to that point, and one of the largest military fuckups of all time. He had no coherent supply plan for feeding them, he had no realistic timeline for when, exactly, the Russians would agree to fight a decisive battle on his terms, and he couldn’t even articulate a coherent goal for his gamble, beyond ~beat the Russians in some vague way. He had been warned by multiple advisors, including his own foreign minister Talleyrand, that invading Russia was a catastrophic idea - and he did it anyway. By December, roughly 400,000 of his soldiers were dead, mostly from starvation and exposure and the consequences of field surgery, and another 100,000 had been captured. The Grande Armée, the most feared fighting force on the continent, clawed its way back across the Niemen River as a frozen, shattered remnant of itself. It was the beginning of the end for Napoleon, who would never again be able to field an army of the size // quality he squandered on his pointless excursion into Russia. Napoleon was, by any reasonable accounting, a genius - a military mind who rewrote the rules of European warfare, a political operator who fought his way up from being a minor league Corsican nobility to the Emperor of France and ruler of most of modern Europe before he turned 35, and a reformer whose ideas around the judicial system and the liberal order still echo today. But none of that stopped him from making one of the dumbest decisions any leader has ever made, because he was arrogant, because he’d gotten away with so much for so long that he confused his luck for a system, and because (with the exception of Talleyrand) most of the people around him had simply stopped telling him no. There’s a particular kind of person who can’t accept that story at face value, and you’ve met them. I am absolutely sure of it. They show up in every comment section and reply thread where someone powerful does something that looks, on its face, like a mistake - and their argument always runs the same way: you don’t understand, this is actually part of a larger plan, there’s a strategy here that you and I can’t see because we’re not operating at that annointed and elevated level… They’re the 4D chess crowd. And they are fucking everywhere. When Elon Musk bought Twitter in October 2022 for $44 billion, a price he himself had tried to back out of after waiving due diligence (a decision so baffling that the presiding judge, Kathleen McCormick, openly marveled at it in court), the 4D chess analysts fired up immediately. You haven’t seen the inside of the honeycomb, they insisted! You don’t get it! You’re not the richest man on earth - how could you possibly hope to process his brilliance? The mass layoffs that gutted the company’s accessibility team and its content moderation staff were, obviously, equally strategic. The verification fiasco that let someone impersonate Eli Lilly and tank their stock price with a fake tweet about free insulin had to be part of The Plan™️. The advertiser exodus that cratered the company’s revenue was just Musk shaking off the dead weight, building something new, playing a longer game than any of us could understand. But a jury in 2026 found Musk liable for deliberately misleading investors during the acquisition. People he’d fired had to be re-hired weeks later because nobody had bothered to check whether they were, you know, running anything important before they were shown the door. The company lost roughly 80% of its value under his ownership - because there was no 4D chess. There was simply a billionaire who’d gotten used to being the smartest person in every room he walked into, who didn’t even have a Talleyrand of his own to hint that it might be a bad call, who bought a company on impulse, and then made it worse through a series of decisions that were exactly as bad as they looked from the outside. The same thing plays out with Trump; every chaotic press conference, every contradictory policy announcement is immediately reframed by his most sycophantic supporters (and, weirdly, by a certain type of opponent who wants to believe they’re up against a mastermind). “He’s distracting you.” “He’s controlling the news cycle.” “He’s flooding the zone.” “He knows exactly what he’s doing.” “Wake up, sheeple.” I’ll grant you - sometimes Trump does know what he’s doing. Sometimes a provocation is calculated and the outrage does serve a purpose. But the 4D chess crowd can’t distinguish between those moments and the moments where the simplest explanation is just that a 79-year-old man with a phone, no impulse control, and an audience of millions is posting whatever dumb shit he feels like posting at 2 AM. I call it the Hidden Plan Theory. The powerful don’t get to be powerful without being special, right? And if they’re special, if they’re smarter than all the rest of us, everything they do must be for a reason, right? And if we can’t see that reason, that must be a problem with us - mere mortals - not the divinely appointed titans, right? Right?! The most recent entry in this genre is OpenAI’s acquisition of TBPN, the daily tech talk show hosted by John Coogan and Jordi Hays. OpenAI reportedly paid in the low hundreds of millions of dollars for a show with 58,000 subscribers on YouTube. The show reports to Chris Lehane, OpenAI’s chief political operative. And predictably, the rationalizers have lined up. Fortune ran a piece titled “3 reasons OpenAI buying daily tech show TBPN for hundreds of millions isn’t totally crazy.” The argument boiled down to: OpenAI is buying influence, packaging distribution with narrative control, positioning itself to shape public conversation about AI at a moment when that conversation will determine the regulatory environment the company operates in. And look, some of that might be true. But it’s worth sitting with the simpler read for a second. A company whose own executives told staff to stop chasing “side quests” and focus on core AI model development spent hundreds of millions of dollars on a podcast. CNBC’s headline called it “chasing vibes.” Slate called it “sleazy.” Ben Thompson at Stratechery did the most thorough demolition job. He compared OpenAI to “the short bus at the end of the rainbow,” which is funny and also brutal and also correct. The whole Stratechery piece is worth reading because Thompson actually bothered to lay out just how incoherent OpenAI’s strategy has become — they were against ads until suddenly ads were the plan, Apple was a partner until they poached Jony Ive, and Anthropic is over there shipping models while Sam Altman is signing checks for a talk show. Thompson’s takeaway: “there just isn’t much evidence that anyone knows what they are doing or that there is any sort of overarching plan.” And that’s the rub. The 4D chess read asks you to believe that Altman - Google breathing down his neck, Anthropic breathing down his neck, Meta breathing down his neck - sat down and decided a talk show with fewer subscribers than most mid-tier gaming streamers was the best possible use of hundreds of millions of dollars. The boring read asks you to believe a CEO did something that served his ego. Pick whichever one requires less of a leap of faith. I know which one I’m going with... Why do people resist the boring read? Melvin Lerner had a theory. He published a book in 1980 called The Belief in a Just World, and his argument was that most of us walk around with a bone-deep need to believe that people Get What They Deserve. If someone is rich, they must be smart. If they’re smart, their decisions must make sense. And if their decisions look dumb, well, you must be the one who’s missing something. It’s a warm blanket of a worldview. It just doesn’t survive contact with reality. There’s something else going on, too, and it’s less intellectual // more animal. We see patterns everywhere. We see them when they’re not there. Kahneman built half his career on this - we are so desperate to find signal in the noise that we’ll construct entire narratives out of nothing, and a narrative where the powerful guy is playing 12 moves ahead is just a better story than one where he fucked up because that’s what people do. But the 4D chess framing also flatters the believer. If you can see the hidden strategy that everyone else is missing, you’re the smart one, you’re the one who gets it. Which rather stops being funny when you realize what it costs…when you insist that every action a powerful person takes is part of a grand strategy, you strip away accountability and you make it impossible to call a bad decision a bad decision. Every failure becomes a setup for a future success that never arrives, and every scandal a distraction from a larger game that never materializes. The goalposts disappear entirely, because the frame has become unfalsifiable; any outcome can be absorbed into the theory. If the plan works, it was genius. If it doesn’t, the real plan hasn’t been revealed yet. This is how cults of personality sustain themselves - through interpretation, and through a community of believers who will do the intellectual labor of making sense of the nonsensical, who treat confusion as evidence of their own limited understanding rather than evidence that the thing they’re looking at is, in fact, confused. The higher someone climbs, the fewer people around them will push back. The richer they get, the more their bad ideas get funded instead of challenged. The more successful they become, the more they start to believe that their success came from skill rather than from some volatile, unrepeatable cocktail of skill, timing, luck, and other people’s labor. Napoleon was brilliant. He was also surrounded, by 1812, by marshals who were tired of arguing with him and a court that had learned it was safer to agree, and the invasion of Russia was precisely what happens when a brilliant person loses the feedback mechanisms that kept them brilliant. Musk buying Twitter wasn’t 4D chess. OpenAI buying a podcast for a price that could have funded a mid-sized AI research lab wasn’t a strategic fucking masterstroke. Sometimes powerful people just do dumb shit, and sometimes there is no plan. The people who will pay the highest price for the 4D chess delusion are, ironically, the people most devoted to it; because if you can’t look at a powerful person’s decision and say “that was a bloody stupid thing to do,” you can’t learn anything from their mistakes, and you can’t see the world clearly. But when the choice is between speaking up and watching an unchecked megalomaniac march 685,000 soldiers into a Russian winter without a fur coat in sight, clarity is the only thing worth having.

SPONSORED

Westenberg is designed, built and funded by my solo-powered agency, Studio Self. Reach out and work with me:

Work with me

->->->->->->->->->->->->->->->->->->->->->->->->->->->->->

Top Sources: None

-->

Today's links

• Austerity creates fascism : We can't afford to not afford nice things.

• Hey look at this : Delights to delectate.

• Object permanence : The Server of Amontillado; Flapper's Dictionary; Mastercard v rec.humor.funny; Philippines electoral data breach; A front page from the Trump presidency; Spike Lee x Bernie Sanders; France v password hashing; Algorithms as Central European folk-dances; Save Comcast; Lex Luthor v export controls; Zuckerberg in the dock.

• Upcoming appearances : Toronto, San Francisco, London, Berlin, NYC, Hay-on-Wye, London.

• Recent appearances : Where I've been.

• Latest books : You keep readin' em, I'll keep writin' 'em.

• Upcoming books : Like I said, I'll keep writin' 'em.

• Colophon : All the rest.

Austerity creates fascism ( permalink )

I'm worried about AI psychosis. Specifically, I'm worried about the psychosis that makes our "capital allocators" spend $1.4T on the money-losingest technology in the history of the human race, in pursuit of a bizarre fantasy that if we teach the word-guessing program enough words, it will take all the jobs. That's some next-level underpants-gnomery:

https://pluralistic.net/2026/03/12/normal-technology/#bubble-exceptionalism

The thing that worries me about billionaires' AI psychosis isn't concern for their financial solvency. No, what I worry about is what happens when the seven companies that comprise a third of the S&P 500 stop trading the same $100b IOU around while pretending it's in all of their bank accounts at once and implode , vaporizing a third of the US stock market.

My concern about a massive collapse in the capital markets isn't that workers will suffer directly . Despite all the Wonderful Life rhetoric about your money being in Joe's house and the Kennedy house and Mrs Macklin's house, the reality is that the median US worker has $955 saved for retirement. You could nuke the whole financial system and not take a dime out of most workers' pockets:

https://finance.yahoo.com/news/955-saved-for-retirement-millions-are-in-that-boat-150003868.html

No, the thing that has me terrified about AI is that when it craters and takes the economy with it, that we will respond the same way we have during every financial crisis of the 21st century: with austerity, and austerity breeds fascism .

There's a direct line from every K-shaped recovery to every strong-man who's currently sending masked gunmen into the streets. The Hungarian dictator Viktor Orban rose to power after people who'd been suckered into denominating their mortgages in Swiss francs lost their houses when the currency markets moved suddenly, because the swindlers who'd sold them those mortgages took the position that wanting to live somewhere automatically made you an expert in forex risk, so caveat fuckin' emptor, baby.

Back in America, Obama decided to bail out the banks and not the people. His treasury secretary Tim Geithner told him the banks were headed for a catastrophic crash and could only be saved if he "foamed the runways" with everyday Americans' mortgages. Millions of Americans lost their homes to foreclosure as banks, flush with public cash, threw them out of their homes and then flipped them to investment banks who became the country's worst slumlords:

https://pluralistic.net/2022/02/08/wall-street-landlords/#the-new-slumlords

Americans were understandably not entirely happy with this outcome. So when Hillary Clinton replied to Donald Trump's "Make America Great Again" with "America is already great," her message was, "Vote for me if you think everything is great; vote for Trump if you think everything is fucked ":

https://www.politico.com/blogs/2016-dem-primary-live-updates-and-results/2016/03/clinton-america-is-already-great-220078

"Austerity begets fascism" is one of those things that makes a lot of intuitive sense, but it turns out that there's a good empirical basis for believing it. In "Public Service Decline and Support for the Populist Right" four economists from the LSE and Bocconi provide an excellent look at the linkage between austerity and support for fascists:

https://catherinedevries.eu/NHS.pdf

Here's how they break it down. Political scientists have assembled a large, reproducible body of evidence to show that "public service provision is crucial to people’s perceptions of their quality of life and living standards." Good public services are the basis for "the social contract between rulers and the ruled" – pay your taxes and obey the laws, and in return, you will be well served.

When public services go wrong, people don't always know who to blame, but they definitely notice that something is going wrong, so when public services fail, people stop trusting the state, and that social contract starts to fray. They start to suspect that elites are lining their pockets rather than managing the system, and they "withdraw their support" for the system.

Fascists thrive in these conditions. Fascists come to power by mobilizing grievances. By choosing a scapegoat, fascists can create support from people who are justifiably furious that the services they rely on have collapsed. So when you can't get shelter, or health care, or elder care, or child care, or an education for your kids, you become a mark for a fascist grifter with a story about "undeserving migrants" who've taken the benefits that should rightly accrue to "deserving natives."

(This is grimly hilarious, given that the wizened, decrepit rich world is critically dependent on migrants as a source of healthy, working-age workers who pay massive amounts into the system while barely making use of it, many of whom plan on retiring to their home countries when they do reach the age where they're likely to extract a net loss to the benefits system.)

Enter the NHS, a beloved institution that is hailed as the pride of the nation by both the political left and the right. The majority of Britons use the NHS, with only 12-14% of the population "going private," so when the NHS declines, everybody notices (what's more, even people with private care use the NHS for many of their needs).

Britons love the NHS and they want the government to spend more on it. There's "a broad public consensus that the government is not going far enough when it comes to funding." That's because generations of cuts to the NHS have left it substantially hollowed out, with major parts of the service handed over to for-profit entities who overcharge and underserve.

The most tangible and immediate evidence of this slow-motion collapse comes when your local general practitioner ("family doctor" or "primary care physician" in Americanese) shuts down. The UK has lost 1,700 GP practices since 2013.

Reasoning that a GP closure would make people angry at the system, the economists behind the paper wanted to see what happened to people's political beliefs when their GP's office shut. They relied on the GP Patient Survey, a longitudinal study run by NHS England and Ipsos Mori. The survey asks a statistically significant random sample of patients from every GP practice in the NHS and then weights the results "to reflect the demographic characteristics of the local population according to UK Census estimates." It's good data.

The researchers cross-referenced this with various high-quality instruments that measured the political views of Britons, like the U Essex Understanding Society Panel, drawing on 13 years' worth of surveys from 2009-2022, gaining access to a protected version of the dataset with fine-grained geographic information about survey respondents, which allowed them to link responses to the "catchment areas" for specific GPs' office. They combined this data with the British Election Study panel, which has surveyed voters 29 times since 2014.

Most of the paper describes the careful work the researchers did to analyze, cross-reference and validate this data, but what interested me was the conclusion: that people who see a severe degradation in the quality of the services they rely on switch their political affiliation to one of Britain's fascist parties – UKIP, the Brexit Party, or Reform – parties that have called for ethnic cleansing in Britain.

This is what has me scared. We can see the looming economic crises in our near future. If it's not the AI crash that triggers the next wave of austerity, it'll be the oil crisis created by Trump's bungling in the Strait of Epstein. And of course, we could always get a twofer, because the Gulf States that were pouring hundreds of billions into AI data-centers now need every cent to rebuild the LNG shipping terminals and oil refineries that Iran blew up after Trump, Hegseth and Netanyahu started murdering all the schoolgirls they could target. Once they nope out of the AI bubble, that could trigger the collapse.

This is a study about the NHS, but it's not just about the NHS. It's perfectly reasonable to assume that people react this way when they experience cuts to their road maintenance, their schools, their community centers, and any other service they rely on. Fascism – what Hannah Arendt called 'organized loneliness' – can only take root when people stop believing that their society will reward their lawfulness with an orderly and humane existence.

The crisis is coming, but whether we do austerity when it gets here is our choice. Everywhere we turn, political leaders are rejecting generations of failed austerity in favor of "sewer socialism" – the idea that you get people to trust their government by earning that trust. Zohran Mamdani is fixing 100,000 potholes in the first 100 days, despite the multi-billion dollar deficit that outgoing Mayor Eric Adams created by "running the city like a business":

https://prospect.org/2026/04/10/zohran-mamdani-getting-new-york-city-believe-in-government/

In Canada and the UK, party leaders like Avi Lewis (NDP) and Zack Polanski (Greens) are vowing to fight the coming crises by spending, not cutting. Compare that with UK fascist leader Nigel Farage, who says that if he's elected, he'll create a "paramilitary style" British ICE, building concentration camps for 24,000 migrants, with the hope of deporting 288,000 people per year:

https://www.thenerve.news/p/reform-deportation-operation-restoring-justice-data-surveillance-palantir-uk-labour

"Socialism or barbarism" isn't just a cliche – it's actually a choice on the ballot.

Hey look at this ( permalink )

• France's government is ditching Windows for Linux, calling US tech dependence a strategic risk https://www.xda-developers.com/frances-government-ditching-windows-for-linux/

• The Indie News Queen Who’s Not Done Pissing Off the Powerful https://www.wired.com/story/the-indie-news-queen-whos-not-done-pissing-off-the-powerful/

• Another Court Rules Copyright Can’t Stop People From Reading and Speaking the Law https://www.eff.org/deeplinks/2026/04/another-court-rules-copyright-cant-stop-people-reading-and-speaking-law

• EFF is Leaving X https://www.eff.org/deeplinks/2026/04/eff-leaving-x

• Seven countries now generate 100% of their electricity from renewable energy https://www.the-independent.com/tech/renewable-energy-solar-nepal-bhutan-iceland-b2533699.html

Object permanence ( permalink )

#25yrsago The Server of Amontillado https://web.archive.org/web/20070112024841/http://www.techweb.com/wire/story/TWB20010409S0012

#25yrsago Mastercard threatens the moderator of rec.humor.funny https://www.netfunny.com/rhf/jokes/01/Apr/mcrhf.html

#15yrsago Sweden exports sweatshops: Ikea’s first American factory https://web.archive.org/web/20190404035900/https://www.latimes.com/business/la-xpm-2011-apr-10-la-fi-ikea-union-20110410-story.html

#15yrsago Canada’s New Democratic Party promises national broadband and net neutrality https://web.archive.org/web/20110412064952/https://www.michaelgeist.ca/content/view/5734/125/

#15yrsago Flapper’s dictionary: 1922 https://bookflaps.blogspot.com/2011/04/flappers-dictionary.html

#15yrsago Toronto’s Silver Snail to leave Queen Street West https://web.archive.org/web/20110409181737/http://www.thestar.com/entertainment/article/970520–the-silver-snail-comics-icon-sold-to-move

#15yrsago WI county clerk whose homemade voting software found 14K votes for Tea Party judge is an old hand at illegal campaigning https://web.archive.org/web/20110412121323/http://host.madison.com/wsj/news/local/govt-and-politics/elections/article_7e777016-62b2-11e0-9b74-001cc4c002e0.html

#15yrsago Canadian Tories’ campaign pledge: We will spy on the Internet https://web.archive.org/web/20110412125250/https://www.michaelgeist.ca/content/view/5733/125/

#15yrsago France to require unhashed password storage https://www.bbc.com/news/technology-12983734

#15yrsago Central European folk-dancers illustrated sorting algorithms https://www.i-programmer.info/news/150-training-a-education/2255-sorting-algorithms-as-dances.html

#10yrsago Save Comcast! https://www.eff.org/deeplinks/2016/04/save-comcast

#10yrsago Goldman Sachs will pay $5B for fraudulent sales of toxic debt, no one will go to jail https://web.archive.org/web/20160412155435/https://consumerist.com/2016/04/11/goldman-sachs-to-pay-5b-to-settle-charges-of-selling-troubled-mortgages-ahead-of-the-financial-crisis/

#10yrsago How could Lex Luthor beat the import controls on kryptonite? https://lawandthemultiverse.com/2016/04/11/batman-v-superman-and-import-licenses/

#10yrsago Congresscritters spend 4 hours/day on the phone, begging for money https://www.youtube.com/watch?v=Ylomy1Aw9Hk

#10yrsago Philippines electoral data breach much worse than initially reported, possibly worst ever https://www.infosecurity-magazine.com/news/every-voter-in-philippines-exposed/

#10yrsago A cashless society as a tool for censorship and social con

内容较长，当前仅展示前 14000 字。可点击“打开原文”查看完整内容。

The problem is that LLMs inherently  lack the virtue of laziness . Work costs nothing to an LLM. LLMs do not feel a need to optimize for their own (or anyone's) future time, and will happily dump more and more onto a layercake of garbage. Left unchecked, LLMs will make systems larger, not better — appealing to perverse vanity metrics, perhaps, but at the cost of everything that matters.

As such, LLMs highlight how essential our human laziness is: our finite time  forces  us to develop crisp abstractions in part because we don't want to waste our (human!) time on the consequences of clunky ones.

— Bryan Cantrill , The peril of laziness lost

Tags: bryan-cantrill , ai , llms , ai-assisted-programming , generative-ai

On the Fediverse, I had a learning experience :

Another what the heck moment in Fedora 43. In Gnome-terminal (only, not xterm), hitting 'Delete' in vim insert mode no longer deletes characters to the left of the cursor, only characters to the right. Delete is generating ^? in both gnome-terminal and xterm, and Delete works to delete characters in vim in g-t on the ':' command prompt.

Whatever vim / gnome-terminal combined stupidity this is, I want it gone. Now.

Actually I got the name of the key wrong. The key I was hitting is BackSpace (in X keysym terminology). I thought of it as Delete because that's what it generates, but the real Delete key is another key, and this turns out to be relevant. What I described happening is what I think is normally called as 'forward delete', as opposed to 'backward delete', the normal BackSpace behavior (and what I want).

I will skip ahead to the fix: for historical reasons , I had Gnome-terminal set to generate ASCII DEL for both the BackSpace and the Delete keys (it's in a per-profile 'Compatibility' tab). The modern proper setting for Delete is 'escape code'. Setting that cured the problem, but how we got here is the interesting bit.

Unix has long had both a stty setting for 'what is your backspace character' and also a termcap/terminfo parameter for 'what does the backspace key generate' (in terminfo, this is 'kbs'). Things such as readline, vim and GNU Emacs can use those to determine the character sequence they should recognize as backspace, or they can ignore both settings and use hard-coded values. This has historically been important because there used to be a great split of what this key generated on serial terminals , and this split propagated into X and people's X configurations .

(Interestingly, terminfo databases aren't consistent across systems about what BackSpace is expected to generate in xterm. Linux and OpenBSD terminfo appears to expect it to generate ^?, but FreeBSD expects ^H. You can check with ' infocmp | fgrep kbs '. Vim appears to take its setting from your backspace character from stty, not terminfo, which is the correct approach.)

Unix has never had a stty setting for 'forward delete', but it did soon get a terminfo and termcap distinction between the 'backspace' and 'delete' keys (well, between what character sequences each sends). In terminfo, what the delete key sends is 'kdch1', and I don't know when it appeared; in termcap, it is 'kd', which appeared no latter than 4.3 BSD in 1985, per the 4.3 BSD termcap(5) manual page . If your program wants to support forward delete at all ( which vim does ) and you can't see the physical keys being hit , you have to use 'kdch1'. Well, sort of. You're theoretically supposed to use kdch1, but in practice kdch1 doesn't necessarily correspond to the reality of your terminal program and its current settings.

( Termcap was invented first, in BSD Unix. Terminfo came later and apparently was first generally available in System V Release 2, in 1984. It's possible that terminfo had 'kdch1' from the start, since I believe that by 1984 there were Unix machines with 'full' keyboards with both BackSpace and Delete. Plus the DEC VT-100 serial terminal also had both Backspace and Delete keys, and it was introduced in 1978.)

Vim handles keyboard keys through an internal notion of terminal capabilities and key sequences, and for forward delete the internal capability is called t_kD . Vim can get its t_kD value from a number of places; it can get the value from the regular terminfo kdch1 value, it can derive it from your regular backspace value (as is done by :fixdel ), or it can ask your terminal program what the various physical keys generate (this is controlled by the xtermcodes option ). When vim does the last, it will get whatever your terminal program is reporting about its current settings, not whatever official settings (for 'kdch1' and other things) are published in the system's terminfo database. This is useful when these settings are controlled through preferences, instead of being fixed values.

(Specifically, vim and other programs will use xterm's XTGETTCAP request to read out various live terminfo settings. This is why it matters that there is a terminfo thing for the delete key as separate from the backspace key.)

Vim's xterm-codes behavior officially happens on 'xterm patchlevel 141 or higher'. In practice a lot of other terminal emulators imitate xterm here, and in particular recent enough versions of gnome-terminal do. If you're curious to see what your terminal program is reporting for itself, you can start vim and use ' :echo v:termresponse ' (or you can run ' tput RV; cat >/dev/null ' at your shell command line, then Ctrl-C it once whatever has echoed). Currently xterm reports its patchlevel and gnome-terminal reports some sort of VTE library version, which on modern versions of Gnome-terminal is (much) larger than '141' (mine reports '8203'), and triggers vim's behavior of asking the terminal program for its actual keyboard mapping.

(Technically 'RV' is send device attributes , not XTVERSION . You can find programs that query XTVERSION specifically, such as xtver .)

When Gnome-terminal reported its keyboard mapping to vim, it apparently reported that both my BackSpace and Delete keys generate ASCII DEL, which was true (at the time). When vim received this report, it set both t_kb and t_kD to ASCII DEL (this is visible with eg ' :set t_kb '), and then apparently vim decides that the <Del> version should take priority over the <BS> version so that when I hit a key that generates ASCII DEL, vim will do forward delete instead of backward delete.

(Actual xterm apparently reports something different to vim. Although both BackSpace and Delete generate ASCII DEL in my xterm setup, vim reports that t_kD is ' ^[[3;*~ ', the normal escape sequence for it that gnome-terminal will also generate when it's set that way. This means I have no access to forward delete in vim in xterm, but that's okay with me; I basically never use it.)

Gnome-terminal support for xterm's XTGETTCAP stuff was apparently added in mid 2025 through VTE in this feature request and this commit . Fedora 42 shipped with a version of gnome-terminal and VTE before this change, and the Fedora 43 versions are afterward, so now vim can actually find out what the current key mappings are and trigger this behavior.

There are at least two ways to fix this through vim in your .vimrc, and also two ways that don't work. In working ways, if you unset t_RV (' set t_RV= '), vim never makes the version query and never goes on to ask for keyboard stuff. If you disable xtermcodes (' set noxtermcodes '), vim will also never ask for the keyboard mapping, but now it knows the nominal xterm version number (which isn't necessarily very useful, given that different projects report wildly different numbers).

The two ways that don't work in your .vimrc are unsetting t_kD and using ' :fixdel ', although both of them work after vim has finished starting. I assume that both of them don't work because their effects are being overridden when vim asks the terminal program for its key bindings. There may be vim magic that you can use to get around this, but it's better to change your (my) historical gnome-terminal profile settings so that all profiles have their 'Delete key generates' setting in the Compatibility tab set to 'Escape sequence'.

(There is probably some way to set this preference for all profiles through the command line but I just did it by hand through the GUI.)

PS: My view is that vim is the party with the bug. Given the behavior of :fixdel , I think that if vim detects that t_kb and t_kD are both set to ASCII DEL in the terminal response, it should either unset t_kD or make it Ctrl-H.

PPS: Since I checked, urxvt (aka rxvt-unicode) does respond to the xterm RV sequence but reports a version number of '95' as of version 9.31, which is far too low to trigger vim asking for termcap stuff (and I don't know if urxvt supports that). The Fedora 43 konsole reports a version number of 115 (for konsole 25.12.3), and I will leave it up to interested parties to investigate what other terminal programs report.

I've been curious for a while about what's actually happening inside Mixture of Experts models when they generate tokens. Nearly every frontier model these days (Qwen 3.5, DeepSeek, Kimi, and almost certainly Opus and GPT-5.x) is a MoE - but it's hard to get an intuition for what "expert routing" actually looks like in practice.

So I built a small tool to visualise it: moe-viz.martinalderson.com

You can pick between a few different prompts, watch the generation animate out, and see exactly which experts fire at each layer for each token. The top panel shows routing as the token is generated, the bottom panel builds up a cumulative heatmap across the whole generation.

I built this by modifying the llama.cpp codebase to output more profiling data, with Claude Code's help. So it may have serious mistakes, but it was a really fun weekend project.

The thing that really surprised me: for any given (albeit short) prompt, ~25% of experts never activate at all. But it's always a different 25% - run a different prompt and a different set of experts goes dormant.

That's a much more interesting result than I expected. Interestingly Gemma 26BA4 runs really well with the "CPU MoE" feature - 4b params is not a lot to run on a fairly fast CPU and having KV cache on GPU really helps. I think there's a lot of performance improvements that could be done with MoE inference locally as well - eg caching certain experts on GPU vs CPU.

If you're interested in learning more about LLM inference internals I'd certainly recommend pointing your favourite coding agent at the llama.cpp codebase and getting it to explain the various parts - it really helped me learn a lot.

Thanks to a tip from Rahim Nathwani , here's a uv run recipe for transcribing an audio file on macOS using the 10.28 GB Gemma 4 E2B model with MLX and mlx-vlm :

uv run --python 3.13 --with mlx_vlm --with torchvision --with gradio \ mlx_vlm.generate \ --model google/gemma-4-e2b-it \ --audio file.wav \ --prompt "Transcribe this audio" \ --max-tokens 500 \ --temperature 1.0 Your browser does not support the audio element.

I tried it on this 14 second .wav file and it output the following:

This front here is a quick voice memo. I want to try it out with MLX VLM. Just going to see if it can be transcribed by Gemma and how that works.

(That was supposed to be "This right here..." and "... how well that works" but I can hear why it misinterpreted that as "front" and "how that works".)

Tags: uv , mlx , ai , gemma , llms , speech-to-text , python , generative-ai

The date of Easter

The church fixed Easter to be the first Sunday after the first full moon after the Spring equinox. They were choosing a date in the Roman (Julian) calendar to commemorate an event whose date was known according to the Jewish lunisolar calendar, hence the reference to equinoxes and full moons.

The previous post explained why the Eastern and Western dates of Easter differ. The primary reason is that both churches use March 21 as the first day of Spring, but the Eastern church uses March 21 on the Julian calendar and the Western church uses March 21 on the Gregorian calendar.

But that’s not the only difference. The churches chose different algorithms for calculating when the first full moon would be. The date of Easter doesn’t depend on the date of the full moon per se, but the methods used to predict full moons.

This post will show why determining the date of the full moon is messy.

Lunation length

The moon takes between 29 and 30 days between full moons (or between new moons, which are easier to objectively measure). This period is called a lunation . The average length of a lunation is L = 29.530588853 days. This is not a convenient number to work with, and so there’s no simple way of reconciling the orbital period of the moon with the rotation period of the earth [1]. Lunar calendars alternate months with 29 and 30 days, but they can’t be very accurate, so they have to have some fudge factor analogous to leap years.

The value of L was known from ancient times. Meton of Athens calculated in 432 BC that 235 lunar cycles equaled 19 tropical years or 6940 days. This corresponds to L ≈ 29.5319. Around a century later the Greek scholar Callippus refined this to 940 cycles in 76 years or 27,759 days. This corresponds to L ≈ 29.53085.

The problem wasn’t knowing L but devising a convenient way of working with L . There is no way to work with lunations that is as easy as the way the Julian (or even the more complicated Gregorian) calendar reconciles days with years.

Approximations

Let’s look at the accuracy of several approximations for L . We’d like an approximation that is not only accurate in an absolute sense, but also accurate relative to its complexity. The complexity of a fraction is measured by a height function . We’ll use what’s called the “classic” height function: log( max( n , d ) ) where n and d are the numerator and denominator of a fraction. Since we’re approximating a number bigger than 1, this will be simply log( n ).

We will compare the first five convergents, approximations that come from the continued fraction form of L , and the approximations of Meton and Callippus. Here’s a plot.

And here’s the code that produced the plot, showing the fractions used.

from numpy import log import matplotlib.pyplot as plt

fracs = [ (30, 1), (59, 2), (443, 15), (502, 17), (1447, 49), (6940, 235), (27759, 940) ]

def error(n, d): L = 29.530588853 return abs(n/d - L)

for f in fracs: plt.plot(log(f[0]), log(error(*f)), 'o') plt.xlabel("log numerator") plt.ylabel("log error") plt.show() The approximation 1447/49 is the best by far, both in absolute terms and relative to the size of the numerator. But it’s not very useful for calendar design because 1447 is not nicely related to the number of days in a year.

[1] The time between full moons is a synodic month, the time it takes for the moon to return to the same position relative to the sun. This is longer than a sidereal month, the time it takes the moon to complete one orbit relative to the fixed stars. The post Lunar period approximations first appeared on John D. Cook .

I quipped on BlueSky :

It’s interesting how AI proponents are often like "skill issue" when the LLM doesn't work like someone expects.

Whereas when human-centered UX people see someone using it wrong, they're like "skill issue on us , the people who made this"

This is top of mind because I’ve been working with Jan Miksovsky on his project Web Origami and he exemplified this to me recently.

I was working with some part of Origami and I was “holding it wrong”. I kept apologizing for my misunderstanding and misuse. And Jan — rather than being like “Yeah, that’s a skill issue on your part, but you’ll get there” — his posture as tool-maker was one of introspection. He took the time to consider that perhaps the technology he was building was not properly aligning with my expectations as a user (or human-centered factors more generally). And he graciously explained that perspective to me, making me feel — well, not like an idiot.

My inability to find the results others claim with AI often has me saying either 1) “these claims are obviously BS”, or 2) “I guess it’s a skill issue on my part”.

And it kinda sucks to be saying (2) to yourself all the time, regardless of the technology.

A tech-centered approach treats the technology as a fixed point: if you don’t get what you want, you’re not using it right. The burden is entirely on you, the user, to learn the technology’s language.

Whereas a human-centered approach flips that: the technology exists to serve people as they actually are, not as we wish them to be. Confusion is allowed to be seen as a design failure, not a user failure.

What’s interesting is I think a lot of __insert technology here__ advocates would likely claim they’re “human-centered”. But when the response to failure is “learn the tech better”, it introduces a skill ceiling which naturally creates a priesthood of people who are “in-the-know” on how to make a technology work with the right incantation .

I’ve used AI as an example in this post, but it’s not really about AI specifically. This seems to be generally applicable, AI is just the current flavor.

I don’t have a big takeaway here. Just reflecting.

I love human-centered technology and technologists.

Reply via:

Email · Mastodon ·

Bluesky

I must have been the last developer still confused by the AWS interface. I knew how to access DynamoDB, that was the only tool I needed for my daily work. But everything else was a mystery. How do I access web hosting? If I needed a small server to host a static website, what service would I use? Searching for "web hosting" inside the AWS console yielded nothing.

After digging through the web, I found the answer: an Elastic Cloud Compute instance, better known as EC2. I learned that I could use it under the "Free Tier." Amazon offers free tiers for many services, but figuring out the actual cost beyond that introductory period requires elaborate calculation tools. In fact, I’ve often seen independent developers build tools specifically to help people decipher AWS pricing

If you want to use AWS effectively, it seems the only path is to get certified. Companies send employees to conferences and courses to learn the platform. I took some of those courses and they taught me how to navigate the interface and build very specific things. But that skill isn't transferrable. In the course, I wasn't exactly learning a new engineering skill. Instead, I was learning Amazon.

Amazon has created a complex suite of tools that has become the industry standard. Hidden within its moat of confusion, we are trained to believe it is the only option. Its complexity justifies the high cost, and the Free Tier lures in new users who settle into the idea that this is just "the way" to do web development.

When you are presented with a simple interface like DigitalOcean or Linode and a much cheaper price tag, you tend to think that something is missing. Surely, a cheaper, simpler service must lack half the features, right? The reality is, you don't need half the stuff AWS offers. Where other companies create tutorials to help you build, Amazon offers certificates. It is a powerful signal for enterprise legitimacy, but for most developers, it is overkill.

This isn't to say AWS is "bad," but it obscures the reality of running a web service. It is much easier than it seems. There are hundreds of alternatives for hosting. You can run your services reliably on a VPS without ever breaking the bank.

Most web programming is free , or at the very least, affordable.

I heard that while this blog is good at diagnosing the problem, it falls short when proposing solutions. Today I’m proposing a solution that everyone (except the haters and losers) can get behind.

We have a real problem in America, and it’s billionaires. I mean, it’s actually fiat money that the state can print arbitrary amounts of, but that’s a complicated idea, so we’ll just say it’s billionaires.

You, as an American, have the same right to be a billionaire as everyone else. You know that feeling of resentment you have when you see rich people on social media. Watch the resentment fade once we give everyone a billion dollars .

The implementation of this act would be straightforward. Americas population is 342.6 million. First, we issue new billion dollar bills and print 342.6 million of them. Then we hand them out. A beautiful thing about this bill is it gives plenty of things for the Democrats and Republicans to squabble over.

• Should we give the billion dollars to undocumented immigrants (or illegal aliens, if you prefer)?

• Should children get the billion? Should we hold it in a trust for them?

• Should existing billionaires get it? They are already billionaires, this act is for the needy.

• Should we charge tax on the billion dollars? Should TurboTax get a cut?

Let’s do an analysis, including second order effects which I know is more advanced political thinking than most politicians do, but we are a new kind of politician, the kind that wants to give you one billion dollars.

The first order effects is that everyone is rich and the rich people aren’t more rich than you. This is pure awesome. I hear that rich people love being rich, and I’m sure you will love it too. This also makes it easy to pay back the national debt.

The second order effects is that the US dollar is over, and everyone will have to switch to something else. Perhaps this time we’ll switch to something that some dude can’t just print trillions of. Like gold.

When America is ready for a revolution, this is the way to do it. A jubilee. Non violent and through one simple democratically passed bill. We do live in a democracy, right?

Don’t fall for scams like a wealth tax, that is just the elites squabbling over which seat at the large marble table they get. We are giving everyone a billion dollars so they can buy their own large marble table.

I non-ironically support this bill, and you should too. Call your congressman, let’s get it passed!

One of the things that Apache and other web servers have been able to do for a long time is to compress responses when the requesting agent indicates that it supports this. Accepting compressed responses is so common that not doing so is potentially an bad sign , although a distressing number of syndication feed fetchers don't request (or accept) compressed responses. Apache is sophisticated enough that it can compress output on the fly and do it for unpredictable sources of dynamic content, such as CGIs and Django web applications (and requests it acts as a reverse proxy for, as far as I know).

Another thing that the web has is the ETag header . An ETag header is supposed to be a unique identifier for a specific version of a 'resource', ie a URL. The place I normally think of ETags being used is in conditional GETs , but it also has a lesser appreciated (by me) role in HTTP caching , and as I understand it, that creates a little problem.

An opportunistic cache is allowed to use the same ETag and If-None-Match headers for cache validation . When an ETag value is only used by the origin server for conditional GET, we generally would prefer that the ETag value not vary based on the compression. However, when an intermediate cache uses an ETag for validation, it's apparently more convenient if the ETag is specific to the compression. As a result, RFC 9110 's specification for ETag specifically requires that the ETag vary based on the response compression, not just its contents.

In Apache 2.2, Apache ignored this requirement (at least by default). Especially, it ignored this requirement if you provided the ETag in dynamically generated content, such as CGI output. Apache 2.2 would give your ETag to everyone regardless of the compression it did, and then everyone would make the same If-None-Match query to you and you'd be happy because the ETag you (re)generated was matching their If-None-Match and so lots of people were making, for example, conditional syndication feed fetches.

In Apache 2.4, Apache apparently decided that this was no good and it needed to do better. In ETag values you provide (and at least sometimes ETag values it generates), Apache 2.4 sticks on a suffix, such as '-gzip', to make them unique to the Apache-chosen compression. People who receive these altered ETag values then dutifully copy them into their If-None-Match header, which Apache 2.4 passes back unaltered to your CGI or other web application, and then if you're unaware of this you will compare their modified value to your unmodified value and conclude that almost no one is making valid conditional requests any more (for some reason, starting when you upgraded to Apache 2.4).

This behavior is actually something you can change if you want to, through the mod_deflate directive DeflateAlterEtag and the mod_brotli directive BrotliAlterEtag . But it's more correct and probably better in the long run to adjust your CGI or web application code to deal with these altered If-None-Match values, although it would be nice if Apache did it for you somehow. Since I looked it up in relatively current Apache 2.4 source code, the two ETag suffixes you're likely to see in the wild are '-gzip' and '-br'.

This newsletter is free to read, and it’ll stay that way. But if you want more - extra posts each month, no sponsored CTAs, access to the community, and a direct line to ask me things - paid subscriptions are $2.50/month. A lot of people have told me it’s worth it.

Upgrade

On October 4, 1957, the Soviet Union launched Sputnik - and the United States lost its collective mind. Newspapers ran headlines about Soviet nuclear weapons raining from orbit, and schools held duck-and-cover drills. Eisenhower's approval rating cratered and the smartest people in Washington agreed that America had fallen behind, for good, the free world was in terminal decline, and their enemies were about to launch space-faring Nukes. Then, eleven years and 8 months later, Neil Armstrong stepped onto the moon. One small step, etc. Folks in 1957 had at least some reason to be afraid, and the fear was grounded in something real: you could measure the gap in rocket technology down to the pound of thrust. But the people who responded to that fear by building things (the Apollo program, the engineers who decided the problem was solvable) landed on the moon. The people who responded by predicting doom were forgotten before the decade was out. I can't think of a better summary of the argument I'm trying to make here... In the last 15 years, a specific kind of intellectual posture has taken hold everywhere. I've started calling it "competitive pessimism" - which might not be perfect, but it's the best I've got. Whoever can list the most reasons something won't work gets treated as the smartest person in the room. If you say "I think this could go well," you get ~the look. That slight tilt of the head. Optimism is treated like a belief in astrology. Pessimism reads as intelligence now. Optimism reads as naivety. This has gotten so baked into educated Western culture that most people don't notice they're doing it. But it's toxic, all the same. Where this came from The instinct has some logic to it, I'll be fair about that. The 21st century opened with the dot-com crash, which wiped $5 trillion off the NASDAQ between March 2000 and October 2002. Then September 11th, and the Afghanistan War, and then the Iraq War. Then the 2008 financial crisis, which destroyed 8.7 million American jobs in eighteen months. Then Obama! And then Trump. Then a pandemic that killed over a million people in the US alone. Climate reports from the IPCC kept landing, each one worse. If you paid attention to any of this, bracing for impact started to look like base common sense. The internet of course poured a gasoline on all of it. In 2012, Jonah Berger and Katherine Milkman at Wharton went through about seven thousand New York Times articles and tracked which ones readers actually emailed to their friends. The anxious // angry pieces won. The hopeful writing just sort of...sat there. The platforms didn't need an academic paper to work this out. Doom = clicks. Doom = ad revenue. Doom got you a booking on Joe Rogan. Pessimists built media empires, and optimists built water treatment plants in sub-Saharan Africa and nobody wrote a magazine cover about them. Pessimism is useful and I won't be glib about that. You want a pessimist reviewing the specs on the I-35W bridge before it goes up. You want a pessimist reading your bloodwork. Risk assessment is a discipline that saves lives every single day. What happened over the last two decades is that risk assessment slid from being a discipline into being a disposition; worry stopped being something you ~did and became something you ~were. And that's where the trouble started. What the doomers predicted In 1894, the Times of London published a calculation: at current rates of growth, the city's streets would be buried under nine feet of horse manure by the 1940s. The math was technically on the money: fifty thousand horses working in London at the time, each producing 15 to 35 pounds of dung per day, with a population growing...the arithmetic pointed one way. What nobody at the Times knew was that Karl Benz, tinkering in a shop in Mannheim, had already patented a gasoline-powered vehicle eight years earlier. The car scaled up, the manure problem disappeared and a completely different set of problems showed up in its place. Thomas Malthus did the same thing a century earlier, in his 1798 Essay on the Principle of Population . Population grows geometrically, food arithmetically, and therefore - famine is mathematically inevitable. He published this at the start of the Agricultural Revolution. Paul Ehrlich doubled down in 1968: "The battle to feed all of humanity is over," he wrote on page one of The Population Bomb , "In the 1970s hundreds of millions of people will starve to death." Well, food production tripled instead. Peak oil in 2005, same story; the doomsday logic was always internally consistent. The world just did not cooperate. I know I'm cherry-picking here. Listing reversals is easy. Plenty of problems didn't get fixed. Plenty of hopeful people were dead wrong. But the doomers were also wrong, and the doomers didn't build anything while they were busy ~being wrong. The optimists who failed at least generated attempts. This is the asymmetry I keep snagging on. Why it feels smart to be grim In 1984, a psychologist at Berkeley named Philip Tetlock started cornering experts at conferences and asking them to make specific, testable predictions. • Would the Soviet Union collapse within five years?

• Would inflation top 6%? He accumulated tens of thousands of these forecasts from 284 political scientists, economists, and government advisors, and after twenty years he scored them all against reality. Most of the experts performed about as well as "dart-throwing chimpanzees" -- Tetlock's line, not mine. The very worst forecasters were the folks with One Grand Theory™️ who bent all incoming data to fit it. Nobody puts the careful, uncertain forecasters on television. "I see arguments on both sides and I'm not confident" doesn't fill a segment. This is an ongoing complaint of mine. And then there's the reputation factor. If you predict a catastrophe and you're wrong, nobody circles back to check - and your wrong call just dissolves. If you predict things will work out and they don't, that shit follows you around forever. The lopsidedness of the payoff alone is enough to push smart, careful people toward the darkest possible forecast even when the evidence is genuinely mixed. Being wrong about doom costs you nothing. Being wrong about hope costs you your career. Hope as a decision Cornel West split optimism and hope into two separate things... • Optimism is a spectator sport, in his framing. You watch the data and decide whether the trend lines look good.

• Hope is a commitment to act as though improvement is possible, because without that commitment you guarantee it isn't. Nobody serious is claiming things will get better on their own. In fact, things can only get better if enough people act as though they might. Every hospital that got built started with someone saying "we can treat those people." Every civil rights movement and every vaccine that reduced suffering began with someone who looked at a bad situation and decided to treat it as a problem to solve, and a problem that ~could be solved. "What about the problems that didn't get solved? What about the optimists who were wrong?" Well, what about them? The optimists who were wrong still attempted something. The pessimists who were right attempted nothing. And the world runs on attempts, not on accurate // profound predictions of failure. The permanent bracing costs At the University of Pennsylvania, Martin Seligman spent decades studying what he called "learned helplessness." He found that people who explain bad events as permanent and personal, baked into the fabric of reality, are more likely to become depressed and less likely to keep trying. I should know. That about accurately describes my emotional state for most of my 20's. The cultural pessimism that passes for intelligence has the same structure - if your default explanation for every problem is "systems are broken and people are selfish, so nothing will ever be different," you've adopted a worldview that is indistinguishable from despair, and you might call it realism but it produces the same behavior as hopelessness. When pessimism becomes the default in public conversation, it starts building the world it claims to be describing. People who believe nothing can be different don't vote, don't volunteer, don't start companies, don't run for office, don't build the thing that might have mattered. Pessimism at scale is a self-fulfilling prophecy. Rebecca Solnit put it well in Hope in the Dark : "Hope is not a lottery ticket you can sit on the sofa and clutch, feeling lucky. It is something you do." The stubborn, irrational case In 1903, Simon Newcomb - a professor of mathematics at Johns Hopkins and probably the most credentialed scientist in the country - wrote a widely-read essay arguing that powered heavier-than-air flight was a practical impossibility. And on December 17 of that same year, Wilbur and Orville Wright flew four times at Kitty Hawk. The longest flight lasted 59 seconds and covered 852 feet. Newcomb never revised his position. Pessimism is more accurate in the short term - almost always, I'll give it that. Things do go wrong in roughly the ways people predict they will. But optimism is more productive over decades. Optimism is the thing that generates attempts, and without attempts nothing changes. Blind cheerfulness ignores evidence, crashes planes, builds the Humane AI Pin and bankrupts companies. Nobody wants that. But the choice to look at bad data and act anyway, because sitting still is the one move that guarantees the bad outcome, is a noble one. The most dangerous idea I keep running into is that there is nothing to be done. It's the one idea that, if enough people hold it, comes true - and I refuse to treat that as a serious intellectual position. I refuse to let Quiet Quitting become the dominant intellectual model of our age. I would rather be wrong about what we're capable of than right about why we shouldn't bother trying...

SPONSORED

Westenberg is designed, built and funded by my solo-powered agency, Studio Self. Reach out and work with me:

Work with me

SQLite 3.53.0

SQLite 3.52.0 was withdrawn so this is a pretty big release with a whole lot of accumulated user-facing and internal improvements. Some that stood out to me:

• ALTER TABLE can now add and remove NOT NULL and CHECK constraints - I've previously used my own sqlite-utils transform() method for this.

• New json_array_insert() function and its jsonb equivalent.

• Significant improvements to CLI mode , including result formatting.

The result formatting improvements come from a new library, the Query Results Formatter . I had Claude Code (on my phone) compile that to WebAssembly and build this playground interface for trying that out.

Via Lobste.rs

Tags: sql , sqlite

Some graphic design fun for the weekend: achingly gorgeous art pieces recreating vintage Pan Am luggage tags, by Ella Freire. I love them all. The colors, the type, the shapes — sublime.

( Via Dan Cederholm’s Studio Notes .)

★

->->->->->->->->->->->->->->->->->->->->->->->->->->->->->

Top Sources: None

-->

Today's links

• Don't Be Evil : Evil genius is just a lack of shame.

• Hey look at this : Delights to delectate.

• Object permanence : FBI x Trotsky; Jakob Nielsen x headlines; Floppy disk stained glass; Zero tolerance for mismatched socks; EFF v DOGE.

• Upcoming appearances : Toronto, San Francisco, London, Berlin, NYC, Hay-on-Wye, London.

• Recent appearances : Where I've been.

• Latest books : You keep readin' em, I'll keep writin' 'em.

• Upcoming books : Like I said, I'll keep writin' 'em.

• Colophon : All the rest.

Don't Be Evil ( permalink )

How I knew I was officially Old: I stopped being disoriented by the experience of meeting with grown-ass adults who wanted to thank me for the books of mine they'd read in their childhoods, which helped shape their lives. Instead of marveling that a book that felt to me like it was ten seconds old was a childhood favorite of this full-grown person, I was free to experience the intense gratification of knowing I'd helped this person find their way, and intense gratitude that they'd told me about it (including you, Sean – it was nice to meet you last night at Drawn and Quarterly in Montreal!).

Now that I am Old, I find myself dwelling on key junctures from my life. It's not nostalgia ("Nostalgia is a toxic impulse" – J. Hodgman) – rather, it's an attempt to figure out how I got here ("My god! What have I done?" – D. Byrne), and also, how the world got this way.

There's one incident I return to a lot, a moment that didn't feel momentous at the time, but which, on reflection, seems to have a lot to say about this moment – both for me, and for the world we live in.

Back in the late 1990s, I co-founded a dotcom company, Opencola. It was a "free/open, peer-to-peer search and recommendation system." The big idea was that we could combine early machine learning technology with Napster-style P2P file sharing and a web-crawler to help you find things that would interest you. The way it was gonna work was that you'd have a folder on your desktop and you could put things in it that you liked and the system would crawl other users' folders, and the open web, and copy things into your folder that it found that seemed related to the stuff you liked. You could refine the system's sensibilities by thumbs-up/thumbs-downing the suggestions, and it would refine its conception of your preferences over time. As with Napster and its successors, you could also talk to the people whose collections enriched your own, allowing you to connect with people who shared even your most esoteric interests.

Opencola didn't make it. Our VCs got greedy when Microsoft offered to buy us and tried to grab all the equity away from the founders. I quit and went to EFF, and my partners got very good jobs at Microsoft, and the company was bought for its tax-credits by Opentext, and that was that.

(Well, not quite – several of the programmers who worked on the project have rebooted it, which is very cool!)

https://opencola.io/

But back in the Opencola days, we three partners would have these regular meetings where we'd brainstorm ways that we could make money off of this extremely cool, but frankly very noncommercial idea. As with any good brainstorming session, there were "no bad ideas," so sometimes we would veer off into fanciful territory, or even very evil territory.

It's one of those evil ideas that I keep coming back to. Sometimes, during these money-making brainstorm sessions, we'd decompose the technology we were working on into its component parts to see if any subset of them might make money ("Be the first person to not do something no one has ever not done before" – B. Eno).

We had a (by contemporary standards, primitive) machine-learning system; we had a web crawler; and we had a keen sense of how the early web worked. In particular, we were really interested in a new, Linux-based search tool that used citation analysis – a close cousin to our own collaborative filter, harnessing latent clues about relevance implicit in the web's structure – to produce the best search results the web had ever seen. Like us, this company had no idea how to make money, so we were watching it very carefully. That company was called "Google."

That's where the evil part came in. We were pretty sure we could extract a list of the 100,000 most commonly searched terms from Google, and then we could use our web-crawler to capture the top 100 results for each. We could feed these to our Bayesian machine-learning tool to create statistical models of the semantic structure of these results, and then we could generate thousands of pages of word-salad for each of those keywords that matched those statistical models, along with interlinks that could trick Google's citation analysis model. Plaster those word-salad pages with ads, and voila – free cash flow!

Of course, we didn't do it. But even as we developed this idea, the room crackled with a kind of dark, excited dread. We weren't any smarter than many other rooms full of people who were engaged in exercises just like this one. The difference was, we loved the web. The idea of someone deliberately poisoning it this way churned our stomachs. The whole point of Opencola was to connect people with each other based on their shared interests. We loved Google and how it helped you find the people who wrote the web in ways that delighted and informed you. This kind of spam, aimed at wrecking Google's ability to help people make sense of the things we were all posting to the internet, was… grotesque .

I didn't know the term then, but what we were doing amounted to "red-teaming" – thinking through the ways that attackers could destroy something that we valued. Later, we tried "blue-teaming," trying to imagine how our tools might help us fight back if someone else got the same idea and went through with it.

I didn't know the term "blue-teaming" then, either. Once I learned these terms, they brought a lot of clarity to the world. Today, I have another term that I turn to when I am trying to rally other people who love the internet and want it to be good: "Tron-pilled." Tron "fought for the user." Lots of us technologists are Tron-pilled. Back in the early days, when it wasn't clear that there was ever going to be any money in this internet thing, being Tron-pilled was pretty much the only reason to get involved with it. Sure, there were a few monsters who fell into the early internet because it offered them a chance to torment strangers at a distance, but they were vastly outnumbered by the legion of Tron-pilled nerds who wanted to make the internet better because we wanted all our normie friends to have the same kind of good time we were having.

The point of this is that there were lots of people back then who had the capacity to imagine the kind of gross stuff that Zuckerberg, Musk, and innumerable other scammers, hustlers and creeps got up to on the web. The thing that distinguished these monsters wasn't their genius – it was their callousness. When we brainstormed ways to break the internet, we felt scared and were inspired to try to save it. When they brainstormed ways to break the internet, they created pitch-decks.

And still: the old web was good in so many ways for so long. The Tron-pilled amongst us held the line. When we build a new, good, post-American internet, we're going to need a multitude of Tron-pilled technologists, old and young, who build, maintain – and, above all, defend it.

Hey look at this ( permalink )

• Apple signs meaningless deal to make some less-important parts in America https://www.theregister.com/2026/03/26/apple_expands_list_of_bits/

• Public Service Decline and Support for the Populist Right https://catherinedevries.eu/NHS.pdf

• Another Court Rules Copyright Can’t Stop People From Reading and Speaking the Law https://www.eff.org/deeplinks/2026/04/another-court-rules-copyright-cant-stop-people-reading-and-speaking-law

• Yikes, Encryption’s Y2K Moment is Coming Years Early https://www.eff.org/deeplinks/2026/04/yikes-encryptions-y2k-moment-coming-years-early

• Vertical Vertigo https://prospect.org/2026/04/10/apr-2026-magazine-vertical-vertigo-franchise-deregulation-antitrust-law/

Object permanence ( permalink )

#25yrsago Trotsky’s assassination – according to the FBI https://web.archive.org/web/20010413212536/http://foia.fbi.gov/trotsky.htm

#25yrsago Online headline-writing guidelines from Jakob Nielsen https://memex.craphound.com/2001/04/09/headline-writing-guidelines-from-legendary-usability/

#25yrsago Floppy-disk stained-glass windows https://web.archive.org/web/20010607052511/http://www.acme.com/jef/crafts/bathroom_windows.html

#15yrsago English school principal announces zero tolerance for mismatched socks https://nationalpost.com/news/u-k-school-cracks-down-on-bad-manners

#1yrago EFF's lawsuit against DOGE will go forward https://pluralistic.net/2025/04/09/cases-and-controversy/#brocolli-haired-brownshirts

Upcoming appearances ( permalink )

• Toronto: DemocracyXchange, Apr 16

https://www.democracyxchange.org/news/cory-doctorow-to-open-dxc26-on-april-16

• San Francisco: 2026 Berkeley Spring Forum on M&A and the Boardroom, Apr 23

https://www.theberkeleyforum.com/#agenda

• London: Resisting Big Tech Empires (LSBU), Apr 25

https://www.tickettailor.com/events/globaljusticenow/2042691

• NYC: Enshittification at Commonweal Ventures, Apr 29

https://luma.com/ssgfvqz8

• NYC: Techidemic with Sarah Jeong, Tochi Onyibuchi and Alia Dastagir (PEN World Voices), Apr 30

https://worldvoices.pen.org/event/techidemic/

• Berlin: Re:publica, May 18-20

https://re-publica.com/de/news/rp26-sprecher-cory-doctorow

• Berlin: Enshittification at Otherland Books, May 19

https://www.otherland-berlin.de/de/event-details/cory-doctorow.html

• Hay-on-Wye: HowTheLightGetsIn, May 22-25

https://howthelightgetsin.org/festivals/hay/big-ideas-2

• SXSW London, Jun 2

https://www.sxswlondon.com/session/how-big-tech-broke-the-internet-b3c4a901

Recent appearances ( permalink )

• The internet is getting worse (CBC The National)

https://youtu.be/dCVUCdg3Uqc?si=FMcA0EI_Mi13Lw-P

• Do you feel screwed over by big tech? (Ontario Today)

https://www.cbc.ca/listen/live-radio/1-45-ontario-today/clip/16203024-do-feel-screwed-big-tech

• Launch for Cindy's Cohn's "Privacy's Defender" (City Lights)

https://www.youtube.com/watch?v=WuVCm2PUalU

• Chicken Mating Harnesses (This Week in Tech)

https://twit.tv/shows/this-week-in-tech/episodes/1074

• The Virtual Jewel Box (U Utah)

https://tanner.utah.edu/podcast/enshittification-cory-doctorow-matthew-potolsky/

Latest books ( permalink )

• "Canny Valley": A limited edition collection of the collages I create for Pluralistic, self-published, September 2025 https://pluralistic.net/2025/09/04/illustrious/#chairman-bruce

• "Enshittification: Why Everything Suddenly Got Worse and What to Do About It," Farrar, Straus, Giroux, October 7 2025

https://us.macmillan.com/books/9780374619329/enshittification/

• "Picks and Shovels": a sequel to "Red Team Blues," about the heroic era of the PC, Tor Books (US), Head of Zeus (UK), February 2025 ( https://us.macmillan.com/books/9781250865908/picksandshovels ).

• "The Bezzle": a sequel to "Red Team Blues," about prison-tech and other grifts, Tor Books (US), Head of Zeus (UK), February 2024 ( thebezzle.org ).

• "The Lost Cause:" a solarpunk novel of hope in the climate emergency, Tor Books (US), Head of Zeus (UK), November 2023 ( http://lost-cause.org ).

• "The Internet Con": A nonfiction book about interoperability and Big Tech (Verso) September 2023 ( http://seizethemeansofcomputation.org ). Signed copies at Book Soup ( https://www.booksoup.com/book/9781804291245 ).

• "Red Team Blues": "A grabby, compulsive thriller that will leave you knowing more about how the world works than you did before." Tor Books http://redteamblues.com .

• "Chokepoint Capitalism: How to Beat Big Tech, Tame Big Content, and Get Artists Paid, with Rebecca Giblin", on how to unrig the markets for creative labor, Beacon Press/Scribe 2022 https://chokepointcapitalism.com

Upcoming books ( permalink )

• "The Reverse-Centaur's Guide to AI," a short book about being a better AI critic, Farrar, Straus and Giroux, June 2026 ( https://us.macmillan.com/books/9780374621568/thereversecentaursguidetolifeafterai/ )

• "Enshittification, Why Everything Suddenly Got Worse and What to Do About It" (the graphic novel), Firstsecond, 2026

• "The Post-American Internet," a geopolitical sequel of sorts to Enshittification , Farrar, Straus and Giroux, 2027

• "Unauthorized Bread": a middle-grades graphic novel adapted from my novella about refugees, toasters and DRM, FirstSecond, 2027

• "The Memex Method," Farrar, Straus, Giroux, 2027

Colophon ( permalink )

Today's top sources:

Currently writing: "The Post-American Internet," a sequel to "Enshittification," about the better world the rest of us get to have now that Trump has torched America. Third draft completed. Submitted to editor.

• "The Reverse Centaur's Guide to AI," a short book for Farrar, Straus and Giroux about being an effective AI critic. LEGAL REVIEW AND COPYEDIT COMPLETE.

• "The Post-American Internet," a short book about internet policy in the age of Trumpism. PLANNING.

• A Little Brother short story about DIY insulin PLANNING

This work – excluding any serialized fiction – is licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.

https://creativecommons.org/licenses/by/4.

内容较长，当前仅展示前 14000 字。可点击“打开原文”查看完整内容。

• •

Antarctic snow cruiser circa 1939, via Historyland . Welcome to the reading list, a weekly roundup of news and links related to buildings, infrastructure, and industrial technology. This week we look at whether the Strait of Hormuz is open yet, building code cost benefit analysis, Intel joining Terafab, sponge cities, and more. Roughly 2/3rds of the reading list is paywalled, so for full access become a paid subscriber. War in Iran A two-week ceasefire between the US and Iran was announced earlier this week, in exchange for Iran opening the Strait of Hormuz. [ BBC ] But despite the agreement, so far Iran seems to have kept the Strait closed. [ AP News ] “Is Hormuz Open Yet?” is a website for tracking the status of ship crossings in the Strait of Hormuz. [ Is Hormuz Open Yet? ] • •

Prior to the cease fire Iran was apparently attempting cyberattacks on US infrastructure. “ Iran-affiliated advanced persistent threat (APT) actors are conducting exploitation activity targeting internet-facing operational technology (OT) devices, including programmable logic controllers (PLCs) manufactured by Rockwell Automation/Allen-Bradley. This activity has led to PLC disruptions across several U.S. critical infrastructure sectors through malicious interactions with the project file and manipulation of data on human machine interface (HMI) and supervisory control and data acquisition (SCADA) displays, resulting in operational disruption and financial loss.” [ CISA ] [ LA Times ] Prior to the cease fire Iran threatened to target OpenAI’s Stargate data center in Abu Dhabi. [ The Verge ] And Microsoft is apparently considering designing more resilient data centers in high-risk areas. [ The Register ] This week Iranian drone attacks targeted Saudi Arabia’s Jubail petrochemical complex, [ Reuters ] UAE’s Habshan gas facility [ Al Jazeera ], and power and desalination plants in Kuwait. [ Al Jazeera ] The US supposedly located the weapons officer of the F-15E shot down in Iran using “Ghost Murmur,” a tool that allegedly uses “ long-range quantum magnetometry to find the electromagnetic signal of a human heartbeat .” [ NY Post ] Housing A paper from UCLA’s Lewis Center takes a look at the process of building code development, and notes that provisions added to the building code rarely undergo any sort of cost-benefit analysis. “ For example, when a fire marshall in Glendale, Arizona proposed two decades ago that US elevators be required to be larger than international standards to accommodate a 7-ft stretcher lying flat, the cost impact was reported as “none” (Grabar 2025). Today, it is among the reasons that a basic four-stop elevator in New York City costs about $158,000, compared to $36,000 in Switzerland (Smith 2024). These costs are ultimately borne not only as more expensive elevator amenitized buildings, but in the prevalence of newly constructed five- and six-story walk-ups in the US, which are inaccessible to many elderly and disabled tenants and are unheard of in most high-income countries (Smith 2024).” [ Escholarship ] Building code cost-benefit analysis was one of the points of advocacy from the White House Executive order a few weeks ago. [ White House ] Most single-family homes in the US are built to the requirements of the (inaccurately named) International Residential Code. But apartment buildings are built to the somewhat-more-strict International Building Code, even small, house-like apartment buildings like triplexes. The Congress for New Urbanism proposes expanding the IRC to cover small apartment buildings as well. [ CNU ] British building standards apparently recommend that windows be sized so that they’re cleanable from the inside by “95% of the elderly female population, without the need for stretching;” if this (non-binding, but often followed in practice) recommendation is followed, the result is extremely tiny windows. [ X ] IFP’s infrastructure team has a good piece on how the build-to-rent provisions in the Senate’s ROAD to housing act would dramatically reduce new home construction in the US. (I’m a member of IFP’s infrastructure team, but didn’t help write this piece.) “ At President Trump’s request, the Senate acted to prohibit institutional investors from buying up single-family homes. This provision is captured in Section 901 of 21st Century ROAD, “Homes are for people, not corporations.” But while the White House’s Executive Order and proposed legislative text would ban institutional investors from purchasing existing single-family homes, they explicitly protected investor financing of new rental homes. The Senate’s Section 901 goes further: it establishes a disposition requirement for investors to sell their newly built one- and two-family homes within a fixed period, discouraging investment in new rental homes and decreasing housing supply. The last-minute inclusion of Section 901 with this disposition requirement has jeopardized the overall package and fueled calls for a fix in the House. The housing industry, the pro-housing advocacy community, and both Democrats and Republicans in the House and Senate, as well as members of the administration, have voiced opposition to the section as written.” [ IFP ] • •

Read more

I have an old mobile phone number that I'd like to keep. I think it is registered with a bunch of services for 2FA by SMS, but I can't be sure. So I want to keep it for a couple of years just in case I need it to log on to something.

I don't want to faff around with physical SIMs, so I went looking for the cheapest way to keep my number for the longest time. There are a whole bunch of providers out there who will do low-cost monthly contracts (like Spusu), which I don't want. Similarly, there are some pure PAYG providers who require you to top-up with £10 every few months (like 1pmobile).

In the end, I went with Lyca Mobile (affiliate link). Total cost was £10 which should last indefinitely.

The process isn't particularly straightforward. Here's how it works:

First, add a PAYG SIM to your basket and select "eSIM"

Next, click the Bin icon (🗑) in the top right. You'll get this pop-up:

Select "Discard plan & add credit" - you'll return to this screen:

The minimum top-up is a tenner, so select that. From there, you can add details of your old number, its porting code, and when you want the port to take place. Then pay.

Done! You'll receive your eSIM instantly. Scan it with your phone and you'll be up and running. The phone number porting will take as long as it takes.

OK, but will Lyca let you keep a number indefinitely? Here's what they say:

How long can I keep my number for if I don’t use any of Lyca Mobile’s services?

Normally we will keep your number for 120 days if you do not use our service. However, you may also keep your Lycamobile number for up to 1 year without using our service. Just dial *139*9999# from your Lycamobile and follow the instructions on the screen. Please be aware that there will be a fixed annual fee of £15 which will be deducted from your balance.

Source

Note, their chatbot says the fixed fee is a fiver. Like all half-baked AI systems, it is wrong.

So, what does "using" consist of? This is hard to find out! I think is any chargeable event. Based on their current PAYG pricing the cheapest options are:

• Send an SMS for 23p

• Use 1MB of data for 15p.

If I'm right, you could use 1MB of data every 120 days. That would deplete your credit in about 22 years. More than long enough for me!

There you have it, I'm pretty sure that's the cheapest way to keep a UK mobile number on an eSIM. You can keep it switched off for 119 days, flick it on, send a quick message, then shut it down again.

Click the referral link to join Lyca Mobile

Over on the Fediverse, I said :

I feel I've now written enough Linux nftables configurations that I've come to like it. It's a more pf-like experience than iptables, that's for sure (and that's a good thing when you're writing a coherent ruleset instead of manipulating things on the fly).

I've had to write a few static IP filtering rulesets recently (on Ubuntu), and in each case I immediately reached for nftables and enjoyed the experience. The nftables documentation isn't what I consider great but I can navigate through it and get things done, and I even managed to get NAT working on a recent machine. I'm now mostly considering my iptables knowledge to be a legacy thing that I'll expect to use less and less in the future, although I'm not going to go out and convert iptables rulesets to nftables rulesets.

(Partly this is a conservation of attention thing. Both iptables and nftables have a lot of dim corners that I have to remember if I'm doing anything complicated with them, and I only have so much of a brain.)

One of the ways that nftables is nicer for me is that the natural way to write a nftables ruleset is to edit /etc/nftables.conf (or some other file). This lets you (me) see all of your rules in one place, think about all of them before you try to use them, revise them, and so on. You can even pre-write a nftables.conf elsewhere (in your home directory or whatever), and it's natural to put comments in. Nftables also has an acceptably PF-like concept of symbolic variables and 'anonymous sets' that can be used to write compact rules in straightforward cases in your nftables.conf; as far as I know there's no equivalent of this in iptables.

(In iptables you can use actual sets that you define and populate, or you can write shell scripts with ' for ' loops and so on, but neither of these are entirely fun and as far as I know there's no great way to populate sets from nicely formatted files.)

However, this is only for whole, static rulesets. As I expected before , iptables is going to stay what I use if I need to add and remove rules on the fly, for example to block access to a service on startup or to add and remove some rules as network interfaces come and go. I know that you can do on the fly rule changes with nftables (and many of the nft examples in the manual page are of on the fly changes), but this is an area of nftables that I haven't explored and don't really want to. Unless I need to flip back and forth between two (or more) entire sets of rules, I'm going to keep using iptables for on the fly stuff.

(If I'm moving between several rulesets, 'nft -f /etc/some-file' is the easy way to flush and reload a coherent set of rules all at once, and I can write each ruleset as a coherent thing all in one place with helpful comments and so on.)

This is also only for new rulesets. Even with my new fondness for nftables, I'm not likely to rewrite existing, stable collections of iptables rules into nftables rules even if they can be expressed as a static collection of things. The one case where I can imagine doing a conversion is if I need to change existing iptables rules around substantially and rewriting them as nftables rules is easier than recovering iptables stuff that I may have forgotten by then.

PS: In fact the /etc/nftables.conf experience is sufficiently like the BSD pf experience that it fooled my mind recently. When I was working on the rules for the system with NAT, I kept adding filtering rules for the host to the 'forward' chain and then being confused when they didn't work. BSD pf doesn't have an input versus forward distinction, so my mind drifting into 'I'll just put the host rules here along with the forwarding rules'.

( 2 comments .)

Back in college, the final project in our JavaScript class was to build a website. We were a group of four, and we built the best website in class. It was for a restaurant called the Coral Reef. We found pictures online, created a menu, and settled on a solid theme. I was taking a digital art class in parallel, so I used my Photoshop skills to place our logo inside pictures of our fake restaurant. All of a sudden, something clicked. We were admiring our website on a CRT monitor when my classmate pulled me aside. She had an idea. A business idea.

An idea so great that she couldn't share it with the rest of the team. She whispered, covering her mouth with one hand so a lip reader couldn't steal this fantastic idea: "what if we build websites for people?"

This was the 2000s, of course it was a fantastic idea. The perfect time to spin up an online business after a market crash. But what she didn't know was that, while I was in class in the mornings, my afternoons were spent scouring Craigslist and building crappy websites for a hundred to two hundred dollars a piece. I wasn't going to share my measly spoils. If anything, this was the perfect time to build that kind of service. That's a great idea , I said.

There is something satisfying about having an idea validated. A sort of satisfaction we get from the acknowledgment. We are smart, and our ideas are good. Whenever someone learned that I was a developer, they felt this urge to share their "someday" idea. It's an app, a website, or some technology I couldn't even make sense of. I used to try to dissect these ideas, get to the nitty-gritty details, scrutinize them. But that always ended in hostility. "Yeah, you don't get it. You probably don't have enough experience" was a common response when I didn't give a resounding yes.

I don't get those questions anymore, at least not framed in the same way. I have worked for decades in the field, and I even have a few failed start-ups under my belt. I'm ready to hear your ideas. But that job has been taken, not by another eager developer with even more experience, or maybe a successful start-up on their résumé. No, not a person. AI took this job.

Somewhere behind a chatbot interface, an AI is telling one of your friends that their idea is brilliant. Another AI is telling them to write out the full details in a prompt and it will build the app in a single stroke. That friend probably shared a localhost:3000 link with you, or a Lovable app, last year. That same friend was satisfied with the demo they saw then and has most likely moved on.

In the days when I stood as a judge, validating an idea was rarely what sparked a business. The satisfaction was in the telling. And today, a prompt is rarely a spark either. In fact, the prompt is not enough. My friends share a link to their ChatGPT conversation as proof that their idea is brilliant.

I can't deny it, the robot has already spoken. I'm not the authority on good or bad ideas. I've called ideas stupid that went on to make millions of dollars. (A ChatGPT wrapper for SMS, for instance.)

A decade ago, I was in Y Combinator's Startup School. In my batch, there were two co-founders: one was the developer, and the other was the idea guy. In every meeting, the idea guy would come up with a brand new idea that had nothing to do with their start-up. The instructor tried to steer him toward being the salesman, but he wouldn't budge. "My talent is in coming up with ideas," he said.

We love having great ideas. We're just not interested in starting a business, because that's what it actually takes. A friend will joke, "here's an idea" then proceeds to tell me their idea. "If you ever build it, send me my share." They are not expecting me to build it. They are happy to have shared a great idea.

As for my classmate, she never spoke of the business again. But over the years, she must have sent me at least a dozen clients. It was a great idea after all.

Whenever a new technology shows up, the conversation quickly splits into camps. There are the people who reject it outright, and there are the people who seem to adopt it with religious enthusiasm. For more than a year now, no topic has been more polarising than AI coding agents.

What I keep noticing is that a lot of the criticism directed at these tools is perfectly legitimate, but it often comes from people without a meaningful amount of direct experience with them. They are not necessarily wrong. In fact, many of them cite studies, polls and all kinds of sources that themselves spent time investigating and surveying. And quite legitimately they identified real issues: the output can be bad, the security implications are scary, the economics are strange and potentially unsustainable, there is an environmental impact, the social consequences are unclear, and the hype is exhausting.

But there is something important missing from that criticism when it comes from a position of non-use: it is too abstract.

There is a difference between saying “this looks flawed in principle” and saying “I used this enough to understand where it breaks, where it helps, and how it changes my work.” The second type of criticism is expensive. It costs time, frustration, and a genuine willingness to engage.

The enthusiast camp consists of true believers. These are the people who have adopted the technology despite its shortcomings, sometimes even because they enjoy wrestling with them. They have already decided that the tool is worth fitting into their lives, so they naturally end up forgiving a lot. They might not even recognize the flaws because for them the benefits or excitement have already won.

But what does the center look like? I consider myself to be part of the center: cautiously excited, but also not without criticism. By my observation though that center is not neutral in the way people imagine it to be. Its bias is not towards endorsement so much as towards engagement, because the middle ground between rejecting a technology outright and embracing it fully is usually occupied by people willing to explore it seriously enough to judge it.

Bias on Both Sides

The compositions of the groups of people in the discussions about new technology are oddly shaped because one side has paid the cost of direct experience and the other has not, or not to the same degree. That alone creates an asymmetry.

Take coding agents as an example. If you do not use them, or at least not for productive work, you can still criticize them on many grounds. You can say they generate sloppy code, that they lower your skills, etc. But if you have not actually spent serious time with them, then your view of their practical reality is going to be inherited from somewhere else. You will know them through screenshots, anecdotes, the most annoying users on Twitter, conference talks, company slogans, and whatever filtered back from the people who did use them. That is not nothing, but it is not the same as contact.

The problem is not that such criticism is worthless. The problem is that people often mistake non-use for neutrality. It is not. A serious opinion on a new language, framework, device, or way of working usually has some minimum buy-in. You have to cross a threshold of use before your criticism becomes grounded in the thing itself rather than in its reputation.

That threshold is inconvenient. It asks you to spend time on something that may not pay off, and to risk finding yourself at least partially won over. It is a lot to ask of people. But because that threshold exists, the measured middle is rarely populated by people who are perfectly indifferent to change. It is populated by people who were willing to move toward it enough in order to evaluate it properly.

Simultaneously, it’s important to remember that usage does not automatically create wisdom. The enthusiastic adopter might have their own distortions. They may enjoy the novelty, feel a need to justify the time they invested, or overgeneralize from the niche where the technology works wonderfully. They may simply like progress and want to be associated with it.

This is particularly visible with AI. There are clearly people who have decided that the future is here, all objections are temporary, and every workflow must now be rebuilt around agents. What makes AI weirder is that it’s such a massive shift in capabilities that has triggered a tremendous injection of money, and a meaningful number of adopters have bet their future on that technology.

So if one pole is uninformed abstraction and the other is overcommitted enthusiasm, then surely the center must sit right in the middle between them?

Engagement Is Not Endorsement

The center, I would argue, naturally needs to lean towards engagement. The reason is simple: a genuinely measured opinion on a new technology requires real engagement with it.

You do not get an informed view by trying something for 15 minutes, getting annoyed once, and returning to your previous tools. You also do not get it by admiring demos, listening to podcasts or discussing on social media. You have to use it enough to get past both the first disappointment and the honeymoon phase. Seemingly with AI tools, true understanding is not a matter of hours but weeks of investment.

That means the people in the center are selected from a particular group: people who were willing to give the thing a fair chance without yet assuming it deserved a permanent place in their lives.

That willingness is already a bias towards curiosity and experimentation which makes the center look more like adopters in behavior, because exploration requires use, but it does not make the center identical to enthusiasts in judgment.

This matters because from the perspective of the outright rejecter, all of these people can look the same. If someone spent serious time with coding agents, found them useful in some areas, harmful in others, and came away with a nuanced view, they may still be thrown into the same bucket as the person who thinks agents can do no wrong.

But those are not the same position at all. It’s important to recognize that engagement with those tools does not automatically imply endorsement or at the very least not blanket endorsement.

The Center Looks Suspicious

This is why discussions about new technology, and AI in particular feel so polarized. The actual center is hard to see because it does not appear visually centered. From the outside, serious exploration can look a lot like adoption.

If you map opinions onto a line, you might imagine the middle as the point equally distant from rejection and enthusiasm. But in practice that is not how it works. The middle is shifted toward the side of the people who have actually interacted with the technology enough to say something concrete about it. That does not mean the middle has accepted the adopter’s conclusion. It means the middle has adopted some of the adopter’s behavior, because investigation requires contact.

That creates a strange effect because the people with the most grounded criticism are often also adopters. I would argue some of the best criticism of coding agents right now comes from people who use them extensively. Take Mario : he created a coding agent, yet is also one of the most vocal voices of criticism in the space. These folks can tell you in detail how they fail and they can tell you where they waste time, where they regress code quality, where they need carefully designed tooling, where they only work well in some ecosystems, and where the whole thing falls apart.

But because those people kept using the tools long enough to learn those lessons, they can appear compromised to outsiders. And worse: if they continue to use them, contribute thoughts and criticism back, they are increasingly thrown in with the same people who are devoid of any criticism.

Failure Is Possible

This line of thinking could be seen as an inherent “pro-innovation bias.” That would be wrong, as plenty of technology deserves resistance. Many people are right to resist, and sometimes the people who never gave a technology a chance saw problems earlier than everyone else. Crypto is a good reminder: plenty of projects looked every bit as exciting as coding agents do now, and still collapsed when the economics no longer worked.

What matters here is a narrower point. The center is not biased towards novelty so much as towards contact with the thing that creates potential change. The middle ground is not between use and non-use, but between refusal and commitment and the people in the center will often look more like adopters than skeptics, not because they have already made up their minds, but because getting an informed view requires exploration.

If you want to criticize a new thing well, you first have to get close enough to dislike it for the right reasons. And for some technologies, you also have to hang around long enough to understand what, exactly, deserves criticism.

Light: it's the radiation we can see. The communications potential of light is obvious, and indeed, many of the earliest forms of long-distance communication relied on it: signal fires, semaphore, heliographs. You could say that we still make extensive use of light for communications today, in the form of fiber optics. Early on, some fiber users (such as AT&T) even preferred the term "lightguide," a nice analogy to the long-distance waveguides that Bell Laboratories had experimented with.

The comparison between lightguide and waveguide illuminates (heh) an important dichotomy in radiation-based communication. We make wide use of radio frequency in both free-space applications ("radio" as we think of it) and confined applications (like cable television). We also make wide use of light in confined fiber optic systems. That leaves us to wonder about the less-considered fourth option: free-space optical (FSO) communications, the use of modulated light without a confined guide.

Well, if I had written this two or three years ago, free-space optical might have counted as quite obscure. The idea of using a modulated laser or LED light source for communications over a distance is actually quite old. Commercial products for Ethernet-over-laser have been available since the late 1990s and achieved multi-gigabit speeds by 2010. Motivated mostly by Strategic Defense Initiative and Ballistic Missile Defense Organization requirements for hardened communications within satellite constellations, experiments on a gigabit laser satellite-to-ground link were underway in 1998, although the system ultimately only provided satisfactory performance at a rate of around 300Mbps [^1]. As it turns out, FSO computer networking is nearly as old as computer networking itself, with a 1973 experimental system briefly put into use at Xerox PARC.

Despite the fact that FSO systems have been generally available and even quite functional for decades, they remained a niche technology with very little public profile until the phenomenon of low-orbit communications constellations (namely Starlink) put the concept of intra-satellite laser communication into the spotlight. Despite various experimental satellite-to-satellite systems dating back to the early 2000s, and more or less clandestine military applications over the same period, the first real production system is probably the EU's EDRS, which went live in 2016. Starlink didn't really get the laser technology working until 2022. That's one of the interesting things about FSO: it seems intuitively like it should work, it does work, but it's a technology that has often sat dormant for many years at a time.

Well, thinking about satellites, we all know that space is hard. There are formidable technical challenges around aiming and detecting lasers in space, and the rate of iteration is slowed by the long timelines of aerospace projects. But what about down here on earth? Where everything is so much easier? Well, we got Li-Fi. Li-Fi is a largely stillborn technology, and not the topic of this article, so I will resist the urge to explain it too thoroughly. As the name suggests, it's intended to provide a capability similar to Wi-Fi (short-range networking between multiple devices) but using visible light. Despite various demonstrations of gigabit or faster systems, Li-Fi has next to zero commercial adoption, with most uptake in military applications. There's just something about the military and light, which we'll get to later. But here's what I want to discuss today: the golden age of FSO communications, a brief period where the cutting-edge technology behind the television remote control appeared to be the future of short-range computer networking.

During the 1980s, Hewlett-Packard manufactured scientific and graphing calculators with a feature set that increasingly overlapped with personal computers. This era can be hard to understand for people around my age or younger, who associate graphing calculators exclusively with the few Texas Instruments models blessed (and demanded) by common high school math textbooks. These are a holdover, a specter, of earlier years in which scientific and graphing calculators were serious technical instruments and some of the most sophisticated computing devices available to many of their owners. Features like BASIC programmability, still widespread in graphing calculators but increasingly divorced from actual applications (besides ignoring the math teacher and writing primitive CRPGs), used to be an important part of business computing.

Engineers would obtain (even buy!) calculator BASIC programs that automated common calculations. Life insurance salespeople might quote rates using a calculator BASIC program. Calculator manufacturers often sold ROM cartridges that added domain-specific functions, and these modules now represent the many applications of the programmable calculator: financial modeling. chemical engineering. statistics. Not that many years later, the whole field was virtually wiped out by portable computers, but not before calculators and computers underwent an awkward near-convergence (best exemplified by the TI-95, a calculator with computer characteristics, and the TI-99, a computer with calculator characteristics).

The point is that calculators might fairly be called the first practical portable computers, and people increasingly used calculators as part of business and engineering workflows. The challenge here is that computer applications tend to involve storage and processing of large numbers of records, a task that the small (and often volatile) memory of calculators didn't encourage. A bookkeeper might use a calculator to total the day's transactions, an engineer might use a calculator to compute the capacity of a beam. Both of these tasks involve math, the forté of the calculator, but they also require documentation. The accountant and the engineer both need to record the results of their work for later review.

An interesting early approach by HP reflects the tradition of accounting: bookkeepers tended to use "adding machines" rather than calculators, a distinction that is mostly forgotten today but still apparent to anyone who buys an adding machine and finds it to be a little odd compared to a typical calculator. Besides the keypad layout (with an oversize dual-function +/= key), adding machines usually include a printer. Turn on the printer, total your transactions, and you now have a slip of paper that you can use to check your work, and even retain as part of your records.

These machines were big and bulky, though, and they still are today. What if you could have the convenience of a pocket scientific calculator and a printing adding machine in the same product family? Well, you could: by the end of the 1980s, many HP scientific and graphing calculators supported the 82240B accessory printer. It was even wireless.

HP calculators sent data to the 82240B printer using infrared light. For this purpose, HP developed a simple unidirectional protocol based on a UART hooked up to an LED (and, on the other end, a UART hooked up to a PIN diode). Called "RedEye," the calculator-printer application seems to have evolved over a short span into a more general-purpose, bidirectional protocol called HP SIR, for Serial InfraRed. As the name implies, SIR provided an interface very much like an RS-232 serial port, using a signaling scheme that was even fairly similar to RS-232, if you put the whole thing through an LED-to-photodiode step each way.

There were, naturally, a few adaptations to the nature of FSO communication. HP SIR was bidirectional but only half-duplex, because the realities of optics make it very difficult to build an IR transceiver whose receiving detector will not be completely blinded whenever the transmitting LED is active. Power was also a major concern: the infrared LEDs of the late '80s were not very efficient, and portable devices like calculators were expected to achieve a decent runtime on a few AAs. To cut down on power consumption, HP SIR replaced RS-232's bipolar non-return-to-zero signaling with a return-to-zero scheme in which the actual pulses (i.e. the periods when the LED is active) were much shorter than the bit interval, resulting in a low duty cycle. Since you can only really turn an LED on one way, HP SIR replaced bipolar signaling (e.g. positive for 1 and negative for 0) with a system in which the presence of a pulse in a bit interval indicated 0, and the absence of a pulse indicated 1.

If you paid much attention in your college data communications course, you might wonder about clock recovery when there are a lot of 1s in a row (and thus no pulses at all). We'll get to that later. I had a very painful data communications class that I am trying to forget, and I haven't quite braced myself to discuss line coding yet.

HP SIR was extended to numerous applications, including what we would definitely recognize as portable computers today. HP's "palmtop" computers, like the x00LX series, were just about the size of pocket calculators but ran a full-on DOS. These were a transitional stage between early portables and later PDAs, but they introduced a need that would only become bigger in the PDA era: a quick, convenient way of transferring data between the portable computer and other devices. HP SIR was the perfect answer. Start some software, point the palmtop at the desktop, and press send... infrared provided a surprisingly cost-effective way to implement these local connections without the need for cables. HP didn't forget the printers—this was HP, after all—and palmtops could wirelessly print to select HP printers by "point and shoot."

HP wasn't the only company with a short-range infrared protocol. Japan's Sharp had developed a similar protocol, also for calculators, that might not be much remembered in the United States except for its adoption on Apple's Newton series of PDAs. The Newton's awkward sibling, General Magic's Magic Cap, had a similar (but of course incompatible) infrared capability called MagicBeam. The early '90s brought the PDA and the PDA brought an obvious demand for a consumer-friendly, short-range wireless network protocol... and that's why we ended up with at least a half dozen of them, virtually all infrared-based. Everything from the relative cost of components to the regulatory landscape meant that infrared was easier and cheaper to productize than radio frequency protocols, so infrared was the direction that almost everyone went.

While just about everyone in consumer electronics eventually got involved, it seems to have been Hewlett-Packard that stepped up to drive standardization. I don't have conclusive evidence, but I think there's a fairly obvious reason: HP was one of several companies making portable devices, an area where they weren't unsuccessful but never enjoyed total market dominance. Printers, though... printers were a different matter. HP enjoyed clear leadership in printers from the late '80s and perhaps to our present day. People might own a PDA from one of many brands, but when it came time to print, they'd be pointing that PDA at an HP product.

In 1993, Hewlett-Packard hosted an industry meeting that kicked off the Infrared Data Association, or IrDA. As a group of HP employees recounted the event, it was a smash hit: there were far more attendees than expected, representing more than fifty companies in both consumer and industrial electronics. Within a few years, IrDA's membership grew to 150 companies—including IBM, Microsoft, and Apple. Commercial adoption was similarly impressive: in the late 1990s, IrDA transceivers were a ubiquitous feature of phones, printers, and computers. You may have never used IrDA, but if you were old enough in the 1990s, you almost certainly owned devices with IrDA support.

During the early meetings of IrDA, various candidates were considered before, unsurprisingly, HP SIR was selected as the basis of the new industry-standard protocol. IrDA 1.0 is essentially a rebrand of HP SIR, and "SIR" persisted as the common name for IrDA, although the "S" was changed to "Standard" or, as later versions introduced higher speeds, "Slow." Slow it was, at least by modern standards. IrDA ran at 115 kbps, but for the then-typical purpose of replacing an RS-232 serial connection, 115 kbps was plenty (the same as the maximum speed supported by common serial controllers at the time).

Early versions of IrDA suffered from a lack of standardization. Adopting HP SIR as the basis for IrDA brought in an already mature technology, a simple RS-232 based signaling scheme that was even easy to implement with UARTs. But that low-level standard was basically all IrDA standardized. The application layer, and even error detection and reliable delivery, were left to implementers. As you can imagine, everyone did things slightly differently and interoperability fell apart.

This is an old story in technology standards: you align on the low level, and then the next level up becomes the problem. Reliable interoperability ends up requiring standardized application protocols and, more than likely, peer and service discovery protocols. Well, guess what the IrDA spent the mid-'90s on?

The full IrDA protocol stack, mostly created over the first few years of IrDA's existence, can be a little bit confusing because of the way that it reflects the history. The first IrDA standards were limited to the physical layer, initially SIR, and the IrLAP Link Access Protocol. Besides some basic link control functions, IrLAP handles discovery. When a device wishes to initiate IrDA communications, it repeatedly transmits a random 32-bit ID. The frame timing of the beacon establishes the baseline for a time-slot-based access control mechanism; other IrDA devices that detect the beacons select a random time-slot (in between beacon transmissions) in which to respond with their own ID. Thi

内容较长，当前仅展示前 14000 字。可点击“打开原文”查看完整内容。

For The New Yorker, Ronan Farrow and Andrew Marantz go deep profiling Sam Altman under the mince-no-words headline “Sam Altman May Control Our Future — Can He Be Trusted?” 16,000+ words — roughly one-third the length of The Great Gatsby  — very specifically investigating Altman’s trustworthiness, particularly the details surrounding his still-hard-to-believe ouster by the OpenAI board in late 2023 , only to return within a week and purge the board. The piece is long, yes, but very much worth your attention — it is both meticulously researched and sourced, and simply enjoyable to read. Altman, to his credit, was a cooperative subject, offering Farrow and Marantz numerous interviews during an investigation that Farrow says took over a year and half.

A few excerpts and comments (not in the same order they appear in the story):

1.

Yet most of the people we spoke to shared the judgment of Sutskever and Amodei: Altman has a relentless will to power that, even among industrialists who put their names on spaceships, sets him apart. “He’s unconstrained by truth,” the board member told us. “He has two traits that are almost never seen in the same person. The first is a strong desire to please people, to be liked in any given interaction. The second is almost a sociopathic lack of concern for the consequences that may come from deceiving someone.”

The board member was not the only person who, unprompted, used the word “sociopathic.” One of Altman’s batch mates in the first Y Combinator cohort was Aaron Swartz, a brilliant but troubled coder who died by suicide in 2013 and is now remembered in many tech circles as something of a sage. Not long before his death, Swartz expressed concerns about Altman to several friends. “You need to understand that Sam can never be trusted,” he told one. “He is a sociopath. He would do anything.”

A recurring theme in the piece is that colleagues who’ve worked with Altman the closest trust him the least. This bit about Aaron Swartz warning friends that Altman is a “sociopath” who “can never be trusted” is, to my knowledge, new reporting. Swartz’s opinion carries significant weight with me. 1 Swartz is lionized (rightly) for his tremendous strengths, and the profoundly tragic circumstances of his martyrdom have resulted in less focus on his weaknesses. But I knew him fairly well and he led a very public life, and I’m unaware of anyone claiming he ever lied. Exaggerated? Sure. Lied? I think never.

Another central premise of the story is that while it’s axiomatic that one should want honest, trustworthy, scrupulous people in positions of leadership at any company, the nature of frontier AI models demands that the organizations developing them be led by people of extraordinary integrity. The article, to my reading, draws no firm conclusion — produces no smoking gun, as it were — regarding whether Sam Altman is generally honest/truthworthy/scrupulous. But I think it’s unambiguous that he’s not a man of great integrity.

2.

Regarding Fidji Simo, OpenAI’s other “CEO”:

Several executives connected to OpenAI have expressed ongoing reservations about Altman’s leadership and floated Fidji Simo, who was formerly the C.E.O. of Instacart and now serves as OpenAI’s C.E.O. for AGI Deployment, as a successor. Simo herself has privately said that she believes Altman may eventually step down, a person briefed on a recent discussion told us. (Simo disputes this. Instacart recently reached a settlement with the F.T.C., in which it admitted no wrongdoing but agreed to pay a sixty-million-dollar fine for alleged deceptive practices under Simo’s leadership.)

This paragraph is juicy in and of itself, with its suggestions of palace intrigue. But it’s all the more interesting in light of the fact that, post-publication of the New Yorker piece, Fidji Simo has taken an open-ended medical leave from OpenAI. If we run with the theory that Altman is untrustworthy (the entire thesis of Farrow and Marantz’s story), and that Simo is also untrustworthy (based on the fraudulent scams she ran while CEO of Instacart , along with her running the Facebook app at Meta before that), we’d be foolish not to at least consider the possibility that her medical leave is a cover story for Altman squeezing Simo out after catching on to her angling to replace him atop OpenAI. The last thing OpenAI needs is more leadership dirty laundry aired in public, so, rather than fire her, maybe Altman let her leave gracefully under the guise of a relapse of her POTS symptoms?

Simo’s LinkedIn profile lists her in two active roles: CEO of “AGI deployment” at OpenAI, and co-founder of ChronicleBio (“building the largest biological data platform to power AI-driven therapies for complex chronic conditions”). If my spitball theory is right, she’ll announce in a few months that after recuperating from her POTS relapse, the experience has left her seeing the urgent need to direct her energy at ChronicleBio. Or perhaps my theory is all wet, and Simo and Altman have a sound partnership founded on genuine trust, and she’ll soon be back in the saddle at OpenAI overseeing the deployment of AGI (which, to be clear, doesn’t yet exist 2 ). But regardless of whether the Altman-Simo relationship remains cemented or is in the midst of dissolving, it raises serious questions why — if Altman is a man of integrity who believes that OpenAI is a company whose nature demands leaders of especially high integrity — he would hire the Instacart CEO who spearheaded bait-and-switch consumer scams that all came right out of the playbook for unscrupulous car salesmen .

3.

Regarding Altman’s stint as CEO at Y Combinator, and his eventual, somewhat ambiguous, departure, Farrow and Marantz write:

By 2018, several Y.C. partners were so frustrated with Altman’s behavior that they approached [Y Combinator founder Paul] Graham to complain. Graham and Jessica Livingston, his wife and a Y.C. founder, apparently had a frank conversation with Altman. Afterward, Graham started telling people that although Altman had agreed to leave the company, he was resisting in practice. Altman told some Y.C. partners that he would resign as president but become chairman instead. In May, 2019, a blog post announcing that Y.C. had a new president came with an asterisk: “Sam is transitioning to Chairman of YC.” A few months later, the post was edited to read “Sam Altman stepped away from any formal position at YC”; after that, the phrase was removed entirely. Nevertheless, as recently as 2021, a Securities and Exchange Commission filing listed Altman as the chairman of Y Combinator. (Altman says that he wasn’t aware of this until much later.)

Altman has maintained over the years, both in public and in recent depositions, that he was never fired from Y.C., and he told us that he did not resist leaving. Graham has tweeted that “we didn’t want him to leave, just to choose” between Y.C. and OpenAI. In a statement, Graham told us, “We didn’t have the legal power to fire anyone. All we could do was apply moral pressure.” In private, though, he has been unambiguous that Altman was removed because of Y.C. partners’ mistrust. This account of Altman’s time at Y Combinator is based on discussions with several Y.C. founders and partners, in addition to contemporaneous materials, all of which indicate that the parting was not entirely mutual. On one occasion, Graham told Y.C. colleagues that, prior to his removal, “Sam had been lying to us all the time.”

Graham responded to this on Twitter/X thus :

Since there’s yet another article claiming that we “removed” Sam because partners distrusted him, no, we didn’t. It’s not because I want to defend Sam that I keep insisting on this. It’s because it’s so annoying to read false accounts of my own actions.

Which tweet includes a link to a 2024 tweet containing the full statement Farrow and Marantz reference, which reads:

People have been claiming YC fired Sam Altman. That’s not true. Here’s what actually happened. For several years he was running both YC and OpenAI, but when OpenAI announced that it was going to have a for-profit subsidiary and that Sam was going to be the CEO, we (specifically Jessica) told him that if he was going to work full-time on OpenAI, we should find someone else to run YC, and he agreed. If he’d said that he was going to find someone else to be CEO of OpenAI so that he could focus 100% on YC, we’d have been fine with that too. We didn’t want him to leave, just to choose one or the other.

Graham is standing behind Altman publicly, but I don’t think The New Yorker piece mischaracterized his 2024 statement about Altman’s departure from Y Combinator. Regarding the quote sourced to anonymous “Y.C. colleagues” that he told them “Sam had been lying to us all the time”, Graham tweeted :

I remember having a conversation after Sam resigned with a YC partner who said he and some other partners had been unhappy with how Sam had been running YC. I told him Sam had told us that all the partners were happy, so he was either out of touch or lying to us.

And, emphasizing that this remark was specifically in the context of how happy Y Combinator’s partners were under Altman’s leadership of YC, Graham tweets :

Every YC president tends to tell us the partners are happy. Sam’s successor did too, and he was mistaken too. Saying the partners are unhappy amounts to saying you’re doing a bad job, and no one wants to admit or even see that.

Seems obvious in retrospect, but we’ve now learned we should ask the partners themselves. (And they are indeed now happy.)

I would characterize Graham’s tweets re: Altman this week as emphasizing only that Altman was not fired or otherwise forced from YC, and could have stayed as CEO at YC if he’d found another CEO for OpenAI. But for all of Graham’s elucidating engagement on Twitter/X this week regarding this story, he’s dancing around the core question of the Farrow/Marantz investigation, the one right there in The New Yorker’s headline: Can Sam Altman be trusted? “ We didn’t ‘remove’ Sam Altman ” and “ We didn’t want him to leave ” are not the same things as saying, say, “ I think Sam Altman is honest and trustworthy ” or “ Sam Altman is a man of integrity ”. If Paul Graham were to say such things, clearly and unambiguously, those remarks would carry tremendous weight. But — rather conspicuously to my eyes — he’s not saying such things.

4.

From the second half of the same paragraph quoted above, that started with Aaron Swartz’s warnings about Altman:

Multiple senior executives at Microsoft said that, despite Nadella’s long-standing loyalty, the company’s relationship with Altman has become fraught. “He has misrepresented, distorted, renegotiated, reneged on agreements,” one said. Earlier this year, OpenAI reaffirmed Microsoft as the exclusive cloud provider for its “stateless” — or memoryless — models. That day, it announced a fifty-billion-dollar deal making Amazon the exclusive reseller of its enterprise platform for A.I. agents. While reselling is permitted, Microsoft executives argue OpenAI’s plan could collide with Microsoft’s exclusivity. (OpenAI maintains that the Amazon deal will not violate the earlier contract; a Microsoft representative said the company is “confident that OpenAI understands and respects” its legal obligations.) The senior executive at Microsoft said, of Altman, “I think there’s a small but real chance he’s eventually remembered as a Bernie Madoff- or Sam Bankman-Fried-level scammer.”

The most successful scams — the ones that last longest and grow largest — are ones with an actual product at the heart. Scams with no actual there there go bust quickly. The Bankman-Fried FTX scandal blew up quickly because FTX never offered anything of actual value. Bernie Madoff, though, had a long career, because much of his firm’s business was legitimate. It wasn’t only the Ponzi scheme, which is what enabled Madoff to keep the Ponzi scheme going for two decades.

But the better comparison to OpenAI — if that “small but real chance” comes true — might be Enron . Enron was a real company that built and owned a very real pipeline and energy infrastructure business. ChatGPT and Codex are very real, very impressive technologies. Enron’s operations were real, but the story they told to investors was a sham. OpenAI’s technology is undeniably real and blazing the frontier of AI. It’s the financial story Altman has structured that seems alarmingly circular .

• In a 2005 Y Combinator “class photo” , Altman and Swartz are standing next to each other. Despite the fact that Altman was sporting a reasonable number of popped polo collars (zero), Swartz was clearly the better-dressed of the two. *   ↩︎

* Aaron would’ve loved this footnote. Christ, I miss him.

• With rare exceptions, I continue to think it’s a sign of deep C-suite dysfunction when a company has multiple “CEOs”. When it actually works —  like at Netflix , with co-CEOs Ted Sarandos and Greg Peters (and previously, Sarandos and Reed Hastings before Hastings’s retirement in 2023) — the co-CEOs are genuine partners, and neither reports to the other. There is generally only one director of a movie, but there are exceptions, who are frequently siblings (e.g. the Coens , the Wachowskis , the Russos ). A football team only has one head coach. The defensive coordinator is the “defensive coordinator”, not the “head coach of defense”. It’s obvious that Fidji Simo reports to Sam Altman, and thus isn’t the “CEO” of anything at OpenAI. But OpenAI does have applications, and surely is creating more of them, so being in charge of applications is being in charge of something real. By any reasonable definition, AGI has not yet been achieved , and many top AI experts continue to question whether LLM technology will ever result in AGI. So Simo changing her title to (or Altman changing her title to) “CEO of AGI deployment” is akin to

内容较长，当前仅展示前 14000 字。可点击“打开原文”查看完整内容。

Lenny posted another snippet from our 1 hour 40 minute podcast recording and it's about kākāpō parrots!

Tags: kakapo

Soundtrack: The Dillinger Escape Plan — Setting Fire To Sleeping Giants In what The New Yorker’s Andrew Marantz and Ronan Farrow called a “tense call” after his brief ouster from OpenAI in 2023, Sam Altman seemed unable to reckon with a “pattern of deception” across his time at the company:  “This is just so fucked up,” he said repeatedly, according to people on the call. “I can’t change my personality.” Altman says that he doesn’t recall the exchange. “It’s possible I meant something like ‘I do try to be a unifying force,’ ” he told us, adding that this trait had enabled him to lead an immensely successful company.

He attributed the criticism to a tendency, especially early in his career, “to be too much of a conflict avoider.” But a board member offered a different interpretation of his statement: “What it meant was ‘I have this trait where I lie to people, and I’m not going to stop.’ ” Were the colleagues who fired Altman motivated by alarmism and personal animus, or were they right that he couldn’t be trusted? No, he cannot. Sam Altman is a deeply-untrustworthy individual, and like OpenAI lives on the fringes of truth, using a complaint media to launder statements that are, for legal reasons, difficult to call “lies” but certainly resemble them. For example, back in November 2025, Altman told venture capitalist Brad Gerstner that OpenAI was doing “well more” than $13 billion in annual revenue when the company would do — and this is assuming you believe CNBC’s source — $13.1 billion for the entire year . I guarantee you that, if pressed, Altman would say that OpenAI was doing “well more than” $13 billion of annualized revenue at the time, which was likely true based on OpenAI’s stylized math, which works out as so (per The Information): OpenAI multiplies its total revenue for a recent four-week period by 13, which equals 52 weeks —or a full year, according to a person with direct knowledge of its finances.

OpenAI shares 20% of its revenue with Microsoft due to their multifaceted business arrangement, but OpenAI’s financial statements count sales before the company gives Microsoft its slice. This means that, per CNBC’s reporting, OpenAI barely scratched $10 billion in revenue in 2025, and that every single story about OpenAI’s revenue other than my own reporting (which came directly from Azure) massively overinflates its sales. The Information’s piece about OpenAI hitting $4.3 billion in revenue in the first half of 2025 should really say “$3.44 billion,” but even then, my own reporting suggests that OpenAI likely made a mere $2.27 billion in the first half of last year, meaning that even that $10 billion number is questionable. It’s also genuinely insane to me that more people aren’t concerned about OpenAI, not as a creator of software, but as a business entity continually misleading its partners, the media, and the general public. To put it far more bluntly, the media has failed to hold OpenAI accountable, enabling and rationalizing a company built on deception, rationalizing and normalizing ridiculous and impossible ideas just because Sam Altman said them. The Media Must Stop Enabling OpenAI and Acknowledge That It Cannot Afford Its Commitments Let me give you a very obvious example. About a month ago, per CNBC , “...OpenAI reset spending expectations, telling investors its compute target was around $600 billion by 2030.” This is, on its face, a completely fucking insane thing to say, even if OpenAI was a profitable company. Microsoft, a company with hundreds of billions of dollars of annual revenue, has about $42 billion in quarterly operating expenses .  OpenAI cannot afford to pay these agreements. At all. Hell, I don’t think any company can! And instead of saying that, or acknowledging the problem, CNBC simply repeats the statement of “$600 billion in compute spend,” laundering Altman and OpenAI’s reputation as it did (with many of the same writers and TV hosts) with Sam Bankman-Fried . CNBC claimed mere months before the collapse of FTX that it had grown revenue by 1,000% “during the crypto craze,” with its chief executive having “ ...survived the market wreckage and still expanded his empire .” You might say “how could we possibly know?” and the answer is “read CNBC’s own reporting that said that Bankman-Fried intentionally kept FTX in the Bahamas ,” which said that Bankman-Fried had intentionally reduced his stake in Canadian finance firm Voyager ( which eventually collapsed on similar terms to FTX ) to avoid regulatory disclosures around (Bankman-Fried’s investment vehicle) Alameda’s finances. This piece was written by a reporter that has helped launder the reputation of Stargate Abilene , claiming it was “online” despite only a fraction of its capacity actually existing.  The same goes for OpenAI’s $300 billion deal with Oracle that OpenAI cannot afford and Oracle does not have the capacity to serve . These deals do not make any logical sense, the money does not exist, and the utter ridiculousness of reporting them as objective truths rather than ludicrous overpromises allowed Oracle’s stock to pump and OpenAI to continue pretending it could actually ever have hundreds of billions of dollars to spend. OpenAI now claims it makes $2 billion a month , but even then I have serious questions about how much of that is real money considering the proliferation of discounted subscriptions (such as ones that pop up when you cancel that offer you three months of discounted access to ChatGPT Plus ) and free compute deals, such as the $2500 given to Ramp customers , millions of tokens in exchange for sharing your data , the $100,000 token grants given to AI policy researchers , and the OpenAI For Startups program that appears to offer thousands (or even tens of thousands) of dollars of tokens to startups . While I don’t have proof, I would bet that OpenAI likely includes these free tokens in its revenues and then counts them as part of its billions of dollars of sales and market spend . I also think that revenue growth is a little too convenient, accelerating only to match Anthropic, which recently “hit” $30 billion in annualized revenue under suspicious circumstances . I can only imagine OpenAI will soon announce that it’s actually hit $35 billion in annualized revenue , or perhaps $40 billion in annualized revenue , and if that happens, you know that OpenAI is just making shit up.  Regardless, even if OpenAI is actually making $2 billion a month in revenue, it’s likely losing anywhere from $4 billion to $10 billion to make that revenue. Per my own reporting from last year, OpenAI spent $8.67 billion on inference to make $4.329 billion in revenue , and that’s not including training costs that I was unable to dig up — and those numbers were before OpenAI spent tens of millions of dollars in inference costs propping up its doomed Sora video generation product , or launched its Codex coding environment. In simpler terms, OpenAI’s costs have likely accelerated dramatically with its supposed revenue growth. And all of this is happening before OpenAI has to spend the majority of its capital. Oracle has, per my sources in Abilene, only managed to successfully build and generate revenue from two buildings out of the eight that are meant to be done by the end of the year, which means that OpenAI is only paying a small fraction of the final costs of one Stargate data center. Its $138 billion deal with Amazon Web Services is only in its early stages, and as I explained a few months ago in the Hater’s Guide To Microsoft , Redmond’s Remaining Performance Obligations that it expects to make revenue from in the next 12 months have remained flat for multiple quarters, meaning that OpenAI’s supposed purchase of “ an incremental $250 billion in Azure compute ” are yet to commence. In practice, this means that OpenAI’s expenses are likely to massively increase in the coming months. And while the “ $122 billion ” funding round it raised — with $35 billion of it contingent on either AGI or going public (Amazon), and $60 billion of it paid in tranches by SoftBank and NVIDIA — may seem like a lot, keep in mind that OpenAI had received $22.5 billion from SoftBank on December 31 2025 , a little under four months ago.  This suggests that either OpenAI is running out of capital, or has significant up-front commitments it needs to fulfil, requiring massive amounts of cash to be sent to Amazon, Microsoft, CoreWeave ( which it pays on net 360 terms ) and Oracle.  And if I’m honest, I think the entire goal of the funding round was to plug OpenAI’s leaky finances long enough to take it public, against the advice of CFO Sarah Friar. OpenAI Is Rushing Toward IPO Against The Wishes of Its CFO — And It Has Every Warning Sign That Something Is Very, Very Wrong With Its Finances One under-discussed part of Farrow and Marantz’s piece was a quote about OpenAI’s overall finances, emphasis mine : As OpenAI prepares for its potential I.P.O., Altman has faced questions not only about the effect of A.I. on the economy—it could soon cause severe labor disruption, perhaps eliminating millions of jobs—but about the company’s own finances. Eric Ries, an expert on startup governance, derided “circular deals” in the industry—for example, OpenAI’s deals with Nvidia and other chip manufacturers—and said that in other eras some of the company’s accounting practices would have been considered “borderline fraudulent.” The board member told us, “The company levered up financially in a way that’s risky and scary right now.” (OpenAI disputes this.) As I wrote up earlier in the week , OpenAI CFO Sarah Friar does not believe, per The Information , that OpenAI is ready to go public, and is concerned about both revenue growth slowing and OpenAI’s ability to pay its bills: She told some colleagues earlier this year that she didn’t believe the company would be ready to go public in 2026, because of the procedural and organizational work needed and the risks from its spending commitments, according to a person who spoke to her. She said she wasn’t sure yet whether OpenAI would need to pour so much money into obtaining AI servers in the coming years or whether its revenue growth, which has been slowing, would support the commitments, said the person who spoke to her. To make matters worse, Friar also no longer reports to Altman — and god is it strange that the CFO doesn’t report to the CEO! — and it’s actually unclear who it is she reports to at all, as her current report, Fiji Simo, has taken an indeterminately-long leave of medical absence . Friar has also, per The Information, been left out of conversations around financial planning for data center capacity. These are the big, flashing warning signs of a company with serious financial and accounting issues, run by Sam Altman, a CEO with a vastly-documented pattern of lies and deceit. Altman is sidelining his CFO, rushing the company to go public so that his investors can cash out and the larger con of OpenAI can be dumped onto public investors. And beneath the surface, the raw economics of OpenAI do not make sense. OpenAI Can Only Exist As Long As Venture Capital Subsidizes Its Business and Its Customers, And Its Funders and Infrastructure Partners Have Access To Debt You’ll notice I haven’t talked much about OpenAI’s products yet, and that’s because I do not believe they can exist without venture capital funding them and the customers that buy them. These products only have market share as long as other parties continue to build capacity or throw money into the furnace. To explain: • OpenAI’s ChatGPT Subscriptions are, like every LLM product, deeply unprofitable, which means that OpenAI needs constant funding to keep providing them. I have found users of OpenAI Codex who have been able to burn between $1,000 and $2,000 in the space of a week on a $200-a-month subscription, and OpenAI just reset rate limits for the second time in a month. This isn’t a real business.

• OpenAI’s API customers (the ones paying for access to its models) are, for the most part, venture-backed startups providing services like Cursor and Perplexity that are powered by these models. These startups are all incredibly unprofitable, requiring them to raise hundreds of millions of dollars every few months ( as is the case with Harvey , Lovable, and many other big-name AI firms), which means that a large chunk — some estimate around 27% of its revenue — is dependent on customers that stop existing the moment that venture capital slows down.

• OpenAI’s infrastructure partners like CoreWeave and Oracle are taking on anywhere from a few billion to over a hundred billion dollars’ worth of debt to build data centers for OpenAI, putting both companies in material jeopardy in the event of OpenAI’s failure to pay or overall collapse. • 67% of CoreWeave’s 2025 revenue came from Microsoft renting capacity to rent to OpenAI , and $22 billion (32%) of of CoreWeave’s $66.8 billion in revenue backlog , which requires it to build more capacity to fill.

• Oracle took on $38 billion in debt in 2025 , and is in the process of raising another $50 billion more as it lays off thousands of people , with said debt’s only purpose being building data center capacity for OpenAI.

• OpenAI’s lead investor SoftBank is putting its company in dire straits to fund the company, with over $60 billion invested in the company so far, existentially tying SoftBank’s overall financial health to both OpenAI’s stock price and SoftBank’s ability to continue paying (or refinancing) its loans. • SoftBank took on a year-long $15 billion bridge loan in 2025 , had to sell its entire stake in NVIDIA , and expand its ARM-stock-backed margin loan to over $11 billion to give OpenAI $30 billion in 2025, and then took on another $40 billion bridge loan a few weeks ago to fund the $30 billion it promised for OpenAI’s latest funding round . While OpenAI is not systemically

内容较长，当前仅展示前 14000 字。可点击“打开原文”查看完整内容。

This is a response to this Sam Altman’s blog post .

Sam Altman is not the bad guy. History comes from two places, great men and causes and forces. We have way too little of the former and way too much of the latter right now. I hear that in America people fear the government taking away their freedom, and in China people fear the lack of government taking away their freedom.

Maybe it’s just because I have been living in Asia, but I don’t fear Sam or Elon or Dario at all. I fear the Molochian tragedy of the commons. The small decisions made by millions every day that make the world slightly worse for their fellow man, like adding a dark pattern to a website, lobbying to siphon a few more tax dollars, posting an advertisement that uses fear to sell, or enabling the tip screen in a coffee shop. I don’t fear “great men,” I fear that there’s no one coordinated enough to prevent this.

Technology does not contain a destiny. If you haven’t read Manna , now is a good time to. The choices we as a society make determine our future.

The blog post is far too trusting of the democratic worldview. I know it doesn’t say UBI, but I hope you understand UBI is not a real solution, UBI is an extremely dangerous way of disguising slavery in a form of giving you something. Everyone would do well to study Yarvin and understand that in modern democracies, power doesn’t come from the people, it flows through the people. “Making sure (the) democratic system stays in control” is meaningless, it’s not in control right now.

The only solution I can come up with is to orient towards sharing the technology with people broadly, and for no one to have the ring.

This is the right path. Now, sharing isn’t offering them a subscription to your cloud service, that’s feudalism. You actually have to share the technology, not “access” to the technology that can be revoked at any time.

I totally understand not sharing the weights of a trained model. That model cost a lot to train, and you have to recoup the investment in order to afford training the next model. But what I don’t understand is not sharing research. Share the architecture. Share the tricks. Share the science. Tbh I’m not sure why any self respecting researcher works at a closed lab, this isn’t how impactful science ever happens and it won’t be different this time.

You will keep your lead. You’ll attract any researcher who cares about impact beyond $$$. You’ll keep the original dream of OpenAI. And you’ll be remembered in history. Science never credits the first guy who came up with an idea, it credits the guy who published.

You can actually make this change. Have OpenAI start publishing. Rejoin the millenia long project of science instead of being a forgotten circus of trinkets and intricacies.

There’s a lot of mathematics just off the beaten path. You can spend a career in math and yet not know all there is to know about even the most basic areas of math. For example, this post will demonstrate something you may not have seen about decimal forms of fractions.

Let p > 5 be a prime number and 0 < k < p . Then the digits in k / p might be the same for all k , varying only by cyclic permutations. This is the case, for example, when p = 7 or p = 17. More on these kinds of fractions here .

The digits in k / p repeat for every k , but different values of k might have sequences of digits that vary by more than cyclic permutations. For example, let’s look at the values of k /13.

>>> for i in range(1, 13): ... print(i/13) ... 1 0.0769230769230769 2 0.1538461538461538 3 0.2307692307692307 4 0.3076923076923077 5 0.3846153846153846 6 0.4615384615384615 7 0.5384615384615384 8 0.6153846153846154 9 0.6923076923076923 10 0.7692307692307693 11 0.8461538461538461 12 0.9230769230769231 One cycle goes through the digits 076923. You’ll see this when k = 1, 3, 4, 9, 10, or 11. The other cycle goes through 153846 for the rest of the values of k . The cycles 076923 and 153846 are called the distinct repeating sets of 13 in [1].

If we look at fractions with denominator 41, thee are six distinct repeating sets.

02439 04878 07317 09756 12195 14634 26829 36585 You could find these by modifying the Python code above. However, in general you’ll need more than default precision to see the full periods. You might want to shift over to bc , for example.

When you look at all the distinct repeating sets of a prime number, all digits appear almost the same number of times. Some digits may appear one more time than others, but that’s as uneven as you can get. A corollary in [1] states that if p = 10 q + r , with 0 < r < 10, then 11 − r digits appear q times, and r − 1 digits appear q times.

Looking back at the example with p = 13, we have q = 1 and r = 3. The corollary says we should expect 8 digits to appear once and 2 digits to appear twice. And that’s what we see: in the sets 076923 and 153846 we have 3 and 6 repeated twice and the remaining 8 digits appear once.

In the example with p = 41, we have q = 4 and r = 1. So we expect all 10 digits to appear 4 times, which is the case.

Related posts

• Cyclic fractions

• Periods of fractions

• Calendars and continued fractions

[1] James K. Schiller. A Theorem in the Decimal Representation of Rationals. The American Mathematical Monthly

Vol. 66, No. 9 (Nov., 1959), pp. 797-798 The post Distribution of digits in fractions first appeared on John D. Cook .

Last time, we looked at adding or removing a handle from an active Wait­For­Multiple­Objects , and we developed an asynchronous mechanism that requests that the changes be made soon. But asynchronous add/remove can be a problem bcause you might remove a handle, clean up the things that the handle was dependent upon, but then receive a notification that the handle you removed has been signaled, even though you already cleaned up the things the handle depended on.

What we can do is wait for the waiting thread to acknowledge the operation.

_Guarded_by_(desiredMutex) DWORD desiredCounter = 1; DWORD activeCounter = 0;

void wait_until_active(DWORD value) { DWORD current = activeCounter; while (static_cast<int>(current - value) < 0) { WaitOnAddress(&activeCounter, &current, sizeof(activeCounter), INFINITE); current = activeCounter; } } The wait_ until_ active function waits until the value of active­Counter is at least as large as value . We do this by subtracting the two values, to avoid wraparound problems.¹ The comparison takes advantage of the guarantee in C++20 that conversion from an unsigned integer to a signed integer converts to the value that is numerically equal modulo 2ⁿ where n is the number of bits in the destination. (Prior to C++20, the result was implementation-defined, but in practice all modern implementations did what C++20 mandates.)²

You can also use std:: atomic :

_Guarded_by_(desiredMutex) DWORD desiredCounter = 1; std::atomic<DWORD> activeCounter;

void wait_until_active(DWORD value) { DWORD current = activeCounter; while (static_cast<int>(current - value) < 0) { activeCounter.wait(current); current = activeCounter; } } As before, the background thread manipulates the desiredHandles and desiredActions , then signals the waiting thread to wake up and process the changes. But this time, the background thread blocks until the waiting thread acknowledges the changes.

// Warning: For expository purposes. Almost no error checking. void waiting_thread() { bool update = true; std::vector<wil::unique_handle> handles; std::vector<std::function<void()>> actions;

while (true) { if (std::exchange(update, false)) { std::lock_guard guard(desiredMutex);

handles.clear(); handles.reserve(desiredHandles.size() + 1); std::transform(desiredHandles.begin(), desiredHandles.end(), std::back_inserter(handles), [](auto&& h) { return duplicate_handle(h.get()); }); // Add the bonus "changed" handle handles.emplace_back(duplicate_handle(changed.get()));

actions = desiredActions;

if (activeCounter != desiredCounter) { activeCounter = desiredCounter; WakeByAddressAll(&activeCounter); } }

auto count = static_cast<DWORD>(handles.size()); auto result = WaitForMultipleObjects(count, handles.data()->get(), FALSE, INFINITE); auto index = result - WAIT_OBJECT_0; if (index == count - 1) { // the list changed. Loop back to update. update = true; continue; } else if (index < count - 1) { actions[index](); } else { // deal with unexpected result } } }

void change_handle_list() { DWORD value; { std::lock_guard guard(desiredMutex); ⟦ make changes to desiredHandles and desiredActions ⟧ value = ++desiredCounter; SetEvent(changed.get()); } wait_until_active(value); } The pattern is that after the background thread makes the desired changes, they increment the desiredCounter and signal the event. It’s okay if multiple threads make changes before the waiting thread wakes up. The changes simply accumulate, and the event just stays signaled. Each background thread then waits for the waiting thread to process the change.

On the waiting side, we process changes as usual, but we also publish our current change counter if it has changed, to let the background threads know that we made some progress. Eventually, we will make enough progress that all of the pending changes have been processed, and the last ackground thread will be released from wait_ until_ active .

¹ You’ll run into problems if the counter increments 2 billion times without the worker thread noticing. At a thousand increments per second, that’ll last you a month. I figure that if you have a worker thread that is unresponsible for that long, then you have bigger problems. But you can avoid even that problem by switching to a 64-bit integer, so that the overflow won’t happen before the sun is expected to turn into a red giant.

² The holdouts would be compilers for systems that are not two’s-complement.

The post How do you add or remove a handle from an active <CODE>Wait­For­Multiple­Objects</CODE>?, part 2 appeared first on The Old New Thing .

This post is exclusive to feed subscribers. Enjoy!

This whole experiment is called RSS Club - but perhaps it should be called "XML-based distributed feed club"?

I've been playing about with local-only and privacy-conscious view tracking . I can see how many people click on my stories from HN or Google or anywhere else. I also decided to add the number of times a story is viewed by someone reading via feeds - like you!

Here's a typical day of page views:

First of all, I'm staggered that so many of you read this via feeds! Hurrah! And I'm amazed that I get more readers via feeds than Google. Every member of this secret RSS club is awesome 😘

When I originally set up this blog, it only supported RSS. At some point, WordPress added the more modern Atom feed format. Both get full support from me. But I'm wondering why so many people are still on RSS rather than Atom? Are there clients which don't support Atom? Is it just a legacy thing?

Should I redirect the RSS feed to the Atom feed or would that break things for you?

If you have any strong views on RSS 🆚 Atom, please drop me a comment via your favourite method .

Package registries return every version a package has ever published in a single response, with no way to ask for less. The API formats were designed ten to twenty years ago when packages had tens of versions, not thousands, and they haven’t changed even as the ecosystems grew by orders of magnitude around them.

npm’s registry API dates to 2010 when there were a few hundred packages on the registry. registry.npmjs.org/vite now returns 37MB of JSON for 725 versions (gzip brings that to 4.4MB over the wire, but it’s still 37MB to parse) because each version entry includes the full README (up to 64KB), every dependency, every maintainer, the full package.json as published, and CouchDB revision metadata. typescript is 15MB for 3,758 versions, and even express is 800KB. None of these responses carry pagination headers of any kind, no Link , no X-Total-Count , no X-Per-Page , just Content-Type: application/json and standard cache controls.

npm offers an abbreviated metadata format through an Accept: application/vnd.npm.install-v1+json header that strips READMEs and most metadata, shrinking vite from 37MB to about 2MB, but it’s still unpaginated and the slimmed-down response drops fields like publication timestamps that tools need for dependency cooldown periods , forcing anything that implements cooldown back onto the full 37MB document.

The Renovate project found the hard ceiling when, at 10,451 versions, their package metadata exceeded 100MB and npm publish started returning E406 Not Acceptable: Your package metadata is too large (100.01 MB > 100 MB) . The only fix was unpublishing old versions, which also broke their Docker image builds since those depended on the npm package being publishable.

PyPI’s Simple API has roots going back to 2003 with setuptools, and PEP 503 formalized it in 2015 when there were about 70,000 packages. pypi.org/pypi/boto3/json returns all 2,011 releases in a single 2.8MB JSON response, and the Simple API that pip actually uses for resolution ( /simple/boto3/ ) lists every file for every version as HTML anchor elements on one page. PEP 691 modernized the format to JSON in 2022 but didn’t add pagination, and the discussion thread shows nobody even raised it as a possibility. The PEP explicitly constrains against increasing the number of HTTP requests an installer has to make.

Packagist returns all 1,261 versions of laravel/framework inline and has since 2012. RubyGems’ JSON API sends all 516 versions of rails in 465KB, a format largely unchanged since 2009. Hex, pub.dev, Maven Central’s maven-metadata.xml , and Hackage all work the same way, each dating to between 2005 and 2014.

Go’s module proxy, designed in 2019 with the benefit of hindsight, keeps its /@v/list endpoint as plain text with one version string per line, so 1,865 versions of aws-sdk-go is 16KB. Maven’s metadata XML is similarly minimal at 12KB for spring-core. When the format only stores version strings the responses stay small regardless of how many versions accumulate.

NuGet’s V3 API, redesigned in 2015, is the only major registry that paginates version metadata on the server side, splitting versions into pages of 64 in its registration endpoint. Small packages get versions inlined in the index response while larger packages like Microsoft.Extensions.DependencyInjection (159 versions across 3 pages) return page pointers the client fetches separately. Docker Hub also paginates tags at 100 per page with next / previous URLs in the response body. crates.io is halfway there: its versions API has a meta field with total and next_page , but for serde’s 315 versions it returns everything at once with next_page: null , and I haven’t found a crate large enough to trigger the second page.

The reason none of these registries paginate is that package managers need all versions visible at once to resolve dependency constraints. If npm install had to make ten round trips for every transitive dependency, installs would be painfully slow, so registries optimized for CDN cacheability instead: one canonical URL per package, one response, cache it at the edge. That trade-off made sense when the largest packages had a few dozen versions.

RubyGems’ Compact Index, Cargo’s sparse index, and Go’s /@v/list found a better path by stripping the response down to just what a resolver needs, serving it as a static file, and letting CDNs and HTTP range requests handle the rest. RubyGems’ compact index reduced dependency data from 202MB to 2.7MB compressed, and the responses stay small because they contain dependency metadata rather than everything a human might want to browse. npm and PyPI never made that split. When npm install fetches vite, it parses 37MB of READMEs, maintainer lists, and CouchDB revision history just to find out which version satisfies ^6.0.0 . Even gzipped, that metadata is eight times the size of the 522KB tarball it points to.

->->->->->->->->->->->->->->->->->->->->->->->->->->->->->

Top Sources: None

-->

Today's links

• Canny Valley and Creative Commons : Another bite at the apple.

• Hey look at this : Delights to delectate.

• Object permanence : Bidenomics needs to be bigger; Al Franken's balanced war budget; Bernie x The Pope; Art is a money-laundry; UK government condemns copyright trolls; Howard Dean's genocidal pharma sellout.

• Upcoming appearances : Montreal, Toronto, San Francisco, London, Berlin, NYC, Hay-on-Wye, London.

• Recent appearances : Where I've been.

• Latest books : You keep readin' em, I'll keep writin' 'em.

• Upcoming books : Like I said, I'll keep writin' 'em.

• Colophon : All the rest.

Canny Valley and Creative Commons ( permalink )

Last year, I ran a wildly successful Kickstarter campaign to pre-sell my ebooks, audiobooks and hardcovers of my book Enshittification , which went on to be an international bestseller, selling out 10 printings in the first 11 weeks:

https://www.kickstarter.com/projects/doctorow/enshittification-the-drm-free-audiobook

If you'd like an essay-formatted version of this thread to read or share, here's a link to it on pluralistic.net, my surveillance-free, ad-free, tracker-free blog:

https://pluralistic.net/2026/04/10/canny-valley#limited-edition

I've done many of these Kickstarter campaigns now, and I always try to come up with something special for backers – some limited edition book or tchotchke that lets me scratch my own itch for making beautiful physical things, and also lets a few backers splash out on a truly special item. I've come up with some doozies, like:

• A hand-copied manuscript for the original, never-before-seen ending for my novel Little Brother

https://www.kickstarter.com/projects/doctorow/attack-surface-audiobook-for-the-third-little-brother-book/rewards

• Hand-annotated pages making fun of Robert Bork's The Antitrust Paradox , displayed in shadow boxes:

https://www.kickstarter.com/projects/doctorow/chokepoint-capitalism-an-audiobook-amazon-wont-sell/rewards

• A leather bound, extremely limited edition copy of Red Team Blues , with a secret miniature bound copy of the unedited manuscript for The Bezzle in a hidden cavity:

https://www.kickstarter.com/projects/doctorow/red-team-blues-another-audiobook-that-amazon-wont-sell/rewards

• And, for Enshittification , Canny Valley , a limited edition book of my collage illustrations from Pluralistic, made from Creative Commons and public domain sources, with an introduction by Bruce Sterling:

https://www.kickstarter.com/projects/doctorow/enshittification-the-drm-free-audiobook/rewards

I put 100 copies of Canny Valley up for sale in the Enshittification Kickstarter and all of them sold out in a matter of days. However, as promised at the time, there is a second chance to get a copy of the book, through the Creative Commons 25th anniversary fundraiser, which has just kicked off:

https://mailchi.mp/creativecommons/were-turning-25-book-giveaway

The whole print run for Canny Valley was limited to 500 copies, and it is the only run I will do for the book. 100 copies were sold to Kickstarter backers, I kept 25 for myself, and the remaining 375 are now available as a thank-you gift for people who make tax-deductible gifts to CC.

I have been a great supporter of Creative Commons since its inception – literally, I was around when Aaron Swartz, Matt Haughey and Lisa Rein worked with Larry Lessig to design the data scheme and user interface to create, use and re-use Creative Commons licenses. My debut novel, Down and Out in the Magic Kingdom , was the first book ever released under a CC license:

https://craphound.com/down/download

Creative Commons arose out of the copyright wars of the early 2000s, in which the severe deficiencies of using copyright as the primary form of internet regulation were becoming ever clearer. Then – as now – the internet was filling up with material that everyday people produced together, incorporating one another's work, as well as popular works that had meaning to them. Virtually all of this material violated copyright law, and bringing it into compliance would cost hundreds of billions of dollars in billable lawyer hours to draft, negotiate and sign all the licenses needed to avoid both criminal and civil liability.

That's where CC came in: a team of international lawyers standardized a set of legal licenses that did something new and necessary: facilitated sharing and remix, rather than restricting them. Simply apply a CC license to your work – say, a Wikipedia contribution, a Flickr photo, or a story on AO3 – and others would be able to reproduce, adapt and recombine that work with other CC licensed works. What's more, thanks to the heroic efforts of the international CC team, these licenses were able to span borders, languages and legal systems, meaning that a Japanese animator can create a short based on a French story, using Australian 3D assets and a Croatian soundtrack:

https://creativecommons.org/licenses/list.en

It's hard to overstate what a heroic feat of lawyering this is. Making a set of documents that allows creativity to spread freely across 45+ (often very different) legal systems is arguably the most ambitious piece of applied IP legal research ever undertaken. Today, tens of billions of works are CC licensed, including (to name just one example), all of Wikipedia.

I rely heavily on CC licensed works to make the images that run over my posts on Pluralistic, my CC-licensed newsletter. I combine these with public domain images in the GIMP (a powerful free/open Photoshop replacement that runs GNU/Linux, MacOS and Windows) to make my collages, which you can download in high-rez (and freely re-use, thanks to the CC licenses I apply to each of them) from this Flickr set of 350+ items:

https://www.flickr.com/photos/doctorow/albums/72177720316719208?sd

Canny Valley collects 80 of my favorite collages in a beautiful book that was printed on 100lb Mohawk paper on an Indigo digital offset printer and bound with PVA glue that will last a century, at Pasadena's Typecraft, a family-owned print shop that's been in business for more than 100 years:

https://www.typecraft.com/live2/who-we-are.html

It was designed by the type legend John D Berry:

https://johndberry.com/

And the introduction was written by my friend and mentor, the cyberpunk pioneer and digital art impresario Bruce Sterling:

https://en.wikipedia.org/wiki/Bruce_Sterling

I published a long post that explained my creative process last year, including Bruce's intro (which is also CC licensed). I'm going to reproduce Bruce's intro below, but you can read the whole post here:

https://pluralistic.net/2025/09/04/illustrious/#chairman-bruce

I love these little books and I love that there's a chance for a few more people to lay hands on their own – and I especially love that this will support Creative Commons, an organization that produces digital public goods for a new, good internet:

https://mailchi.mp/creativecommons/were-turning-25-book-giveaway

==

INTRODUCTION

by Bruce Sterling

In 1970 a robotics professor named Masahiro Mori discovered a new problem in aesthetics. He called this "bukimi no tani genshō."

The Japanese robots he built were functional, so the "bukimi no tani" situation was not an engineering problem. It was a deep and basic problem in the human perception of humanlike androids.

Humble assembly robots, with their claws and swivels, those looked okay to most people. Dolls, puppets and mannequins, those also looked okay.

Living people had always aesthetically looked okay to people. Especially, the pretty ones.

However, between these two realms that the late Dr Mori was gamely attempting to weld together — the world of living mankind and of the pseudo-man-like machine– there was an artistic crevasse. Anything in this "Uncanny Valley" looked, and felt, severely not-okay. These overdressed robots looked and felt so eerie that their creator's skills became actively disgusting. The robots got prettier, but only up to a steep verge. Then they slid down the precipice and became zombie doppelgangers.

That's also the issue with the aptly-titled "Canny Valley" art collection here. People already know how to react aesthetically to traditional graphic images. Diagrams are okay. Hand-drawn sketches and cartoons are also okay. Brush-made paintings are mostly fine. Photographs, those can get kind of dodgy.

Digital collages that slice up and weld highly disparate elements like diagrams, cartoons, sketches and also photos and paintings, those trend toward the uncanny.

The pixel-juggling means of digital image-manipulation are not art-traditional pencils or brushes. They do not involve the human hand, or maybe not even the human eye, or the human will. They're not fixed on paper or canvas; they're a Frankenstein mash-up landscape of tiny colored screen-dots where images can become so fried that they look and feel "cursed." They're conceptually gooey congelations, stuck in the valley mire of that which is and must be neither this-nor-that.

A modern digital artist has billions of jpegs in files, folders, clouds and buckets. He's never gonna run out of weightless grist from that mill.

Why would Cory Doctorow — novelist, journalist, activist, opinion columnist and so on — want to lift his typing fingers from his lettered keyboard, so as to create graphics with cut-and-paste and "lasso tools"?

Cory Doctorow also has some remarkably tangled, scandalous and precarious issues to contemplate, summarize and discuss. They're not his scandalous private intrigues, though. Instead, they're scandalous public intrigues. Or, at least Cory struggles to rouse some public indignation about these intrigues, because his core topics are the tangled penthouse/slash/underground machinations of billionaire web moguls.

Cory really knows really a deep dank lot about this uncanny nexus of arcane situations. He explains the shameful disasters there, but they're difficult to capture without torrents of unwieldy tech jargon.

I think there are two basic reasons for this.

The important motivation is his own need to express himself by some method other than words.

I'm reminded here of the example of H. G. Wells, another science fiction writer turned internationally famous political pundit. HG Wells was quite a tireless and ambitious writer — so much so that he almost matched the torrential output of Cory Doctorow.

But HG Wells nevertheless felt a compelling need to hand-draw cartoons. He called them "picshuas." These hundreds of "picshuas" were rarely made public. They were usually sketched in the margins of his hand-written letters. Commonly the picshuas were aimed at his second wife, the woman he had renamed "Jane." These picshuas were caricatures, or maybe rapid pen-and-ink conceptual outlines, of passing conflicts, events and situations in the life of Wells. They seemed to carry tender messages to Jane that the writer was unable or unwilling to speak aloud to her. Wells being Wells, there were always issues in his private life that might well pose a challenge to bluntly state aloud: "Oh by the way, darling, I've built a second house in the South of France where I spend my summers with a comely KGB asset, the Baroness Budberg." Even a famously glib and charming writer might feel the need to finesse that.

Cory Doctorow also has some remarkably tangled, scandalous and precarious issues to contemplate, summarize and discuss. They're not his scandalous private intrigues, though. Instead, they're scandalous public intrigues. Or, at least Cory struggles to rouse some public indignation about these intrigues, because his core topics are the tangled penthouse/slash/underground machinations of billionaire web moguls.

Cory really knows really a deep dank lot about this uncanny nexus of arcane situations. He explains the shameful disasters there, but they're difficult to capture without torrents of unwieldy tech jargon.

So instead, he diligently clips, cuts, pastes, lassos, collages and pastiches. He might, plausibly, hire a professional artist to design his editorial cartoons for him. However, then Cory would have to verbally explain all his political analysis to this innocent graphics guy. Then Cory would also have to double-check the results of the artist and fix the inevitable newbie errors and grave misunderstandings. That effort would be three times the labor for a dogged crusader who is already working like sixty.

It's more practical for him to mash-up images that resemble editorial cartoons.

He can't draw. Also, although he definitely has a pronounced sense of aesthetics, it's not a aesthetic most people would consider tasteful. Cory Doctorow, from his very youth, has always had a "craphound" aesthetic. As an aesthete, Cory is the kind of guy who would collect rain-drenched punk-band flyers that had fallen off telephone poles and store them inside a 1950s cardboard kid-cereal box. I am not scolding him for this. He's always been like that.

As Wells used to say about his unique "picshuas," they seemed like eccentric scribblings, but over the years, when massed-up as an oeuvre, they formed a comic burlesque of an actual life. Similarly, one isolated Doctorow collage can seem rather what-the-hell. It's trying to be "canny." If you get it, you get it. If you don't get the first one, then you can page through all of these, and at the end you will probably get it. En masse, it forms the comic burlesque of a digital left-wing cyberspatial world-of-hell. A monster-teeming Silicon Uncanny Valley of extensively raked muck.

There are a lot of web-comix people who like to make comic fun of the Internet, and to mock "the Industry." However, there's no other social and analytical record quite like this one

内容较长，当前仅展示前 14000 字。可点击“打开原文”查看完整内容。

I'm happy to announce the general availability of watgo - the W eb A ssembly T oolkit for G o. This project is similar to wabt (C++) or wasm-tools (Rust), but in pure, zero-dependency Go.

watgo comes with a CLI and a Go API to parse WAT (WebAssembly Text), validate it, and encode it into WASM binaries; it also supports decoding WASM from its binary format.

At the center of it all is wasmir - a semantic representation of a WebAssembly module that users can examine (and manipulate). This diagram shows the functionalities provided by watgo:

• Parse: a parser from WAT to wasmir

• Validate: uses the official WebAssembly validation semantics to check that the module is well formed and safe

• Encode: emits wasmir into WASM binary representation

• Decode: read WASM binary representation into wasmir

CLI use case

watgo comes with a CLI, which you can install by issuing this command:

go install github.com/eliben/watgo/cmd/watgo@latest

The CLI aims to be compatible with wasm-tools [1] , and I've already switched my wasm-wat-samples projects to use it; e.g. a command to parse a WAT file, validate it and encode it into binary format:

watgo parse stack.wat -o stack.wasm

API use case

wasmir semantically represents a WASM module with an API that's easy to work with. Here's an example of using watgo to parse a simple WAT program and do some analysis:

package main

import ( "fmt"

"github.com/eliben/watgo" "github.com/eliben/watgo/wasmir" )

const wasmText = ` (module (func (export "add") (param i32 i32) (result i32) local.get 0 local.get 1 i32.add ) (func (param f32 i32) (result i32) local.get 1 i32.const 1 i32.add drop i32.const 0 ) )`

func main () { m , err := watgo . ParseWAT ([] byte ( wasmText )) if err != nil { panic ( err ) }

i32Params := 0 localGets := 0 i32Adds := 0

// Module-defined functions carry a type index into m.Types. The function // body itself is a flat sequence of wasmir.Instruction values. for _ , fn := range m . Funcs { sig := m . Types [ fn . TypeIdx ] for _ , param := range sig . Params { if param . Kind == wasmir . ValueKindI32 { i32Params ++ } }

for _ , instr := range fn . Body { switch instr . Kind { case wasmir . InstrLocalGet : localGets ++ case wasmir . InstrI32Add : i32Adds ++ } } }

fmt . Printf ( "module-defined funcs: %d\n" , len ( m . Funcs )) fmt . Printf ( "i32 params: %d\n" , i32Params ) fmt . Printf ( "local.get instructions: %d\n" , localGets ) fmt . Printf ( "i32.add instructions: %d\n" , i32Adds ) }

One important note: the WAT format supports several syntactic niceties that are flattened / canonicalized when lowered to wasmir . For example, all folded instructions are lowered to unfolded ones (linear form), function & type names are resolved to numeric indices, etc. This matches the validation and execution semantics of WASM and its binary representation.

These syntactic details are present in watgo in the textformat package (which parses WAT into an AST) and are removed when this is lowered to wasmir . The textformat package is kept internal at this time, but in the future I may consider exposing it publicly - if there's interest.

Testing strategy

Even though it's still early days for watgo, I'm reasonably confident in its correctness due to a strategy of very heavy testing right from the start.

WebAssembly comes with a large official test suite , which is perfect for end-to-end testing of new implementations. The core test suite includes almost 200K lines of WAT files that carry several modules with expected execution semantics and a variety of error scenarios exercised. These live in specially designed .wast files and leverage a custom spec interpreter.

watgo hijacks this approach by using the official test suite for its own testing. A custom harness parses .wast files and uses watgo to convert the WAT in them to binary WASM, which is then executed by Node.js [2] ; this harness is a significant effort in itself, but it's very much worth it - the result is excellent testing coverage. watgo passes the entire WASM spec core test suite.

Similarly, we leverage wabt's interp test suite which also includes end-to-end tests, using a simpler Node-based harness to test them against watgo.

Finally, I maintain a collection of realistic program samples written in WAT in the wasm-wat-samples repository ; these are also used by watgo to test itself.

[1] Though not all of wasm-tools's functionality is supported yet.

[2] To stick to a pure-Go approach also for testing, I originally tried using wazero for this, but had to give up because wazero doesn't support some of the recent WASM proposals that have already made it into the standard (most notably Garbage Collection).

A meditation on the game of Solitaire and its endless variations, which go well beyond what you can find in Windows 3.1. Hey all, Ernie here with a piece from David Buck , who has been obsessed with a certain single-player game lately. See if you can figure out which one. Today in Tedium : Who doesn’t love card games, especially the ones you can play on your own? Solitaire is quiet. It’s slow. It wants nothing from me. There’s a challenge to solving it that can be both frustrating and rewarding. So many different versions of the game make for unique experiences and variety. The cost of entry is low: all you need is a deck of cards, a table, and a little bit of patience. I like to tell people that if they give me a guitar and a deck of cards, they probably won’t see me for about 12 hours. Throw in some comics and some tunes, and I’ll be gone all day. For me, solitaire is more than a distraction or time killer. It’s become part of my daily routine and has helped me reduce stress and have more fun every day. But man, do I suck at it. In today’s Tedium, we’re reshuffling things a bit and talking about everyone’s favorite single-player card game, Solitaire. — David @ Tedium

Sponsored By … Well, Us Ever wanted to read Tedium without having those annoying ads all over the site? We have just the plan for you. Sign up for a $3 monthly membership on our Ko-Fi, and we promise we can get rid of them. We have the technology. And it beats an ad blocker. (Web-only for now, email coming soon!)

4,000

The number of people who took part in a study commissioned by Solitaired.com in 2025. To determine whether playing the game affects mental health and cognitive decline, they had every respondent play a specially designed version of Klondike to test processing speed, working memory, and visual memory. Then they took a cognitive test . The entire study, conducted by UCLA CRESST, is available to read online , but the results show that playing Solitaire really can be helpful for keeping your brain sharp. I’m interested to see what future studies will show, or if anyone bothers to study the subject at all.

Playing a (losing) hand of Klondike on Solitaired.com Solitaire is a game, puzzle, mild therapy, and an exercise in patience all rolled into one I’ve always enjoyed playing Solitaire. Back in the days of Windows 3.11, then Windows 95 (and later, a nifty CD-ROM of different Solitaire games), I played the game a lot. Next to Jill of the Jungle and Lemmings , Solitaire was my most-played game (remember when we wrote about DOS? It seems like a lifetime ago). After what has been a very rough few years physically, mentally, emotionally, and spiritually, I found myself inexplicably drawn to the game again. At first, I played with a deck of cards. Then, I discovered some online versions that worked out fine. At some point, the nostalgia bug bit me, and I decided to look into getting an old CD-ROM I owned, Hoyle Solitaire & Mahjong , working on my PC. No, it’s not the one with the “throwing cards” mini-game. It’s just Solitaire (and Mahjong) with a peaceful, relaxing atmosphere. It didn’t take long. I installed VirtualBox and Windows 95 on my Windows 11 machine (before the update killed it). Then I simply installed the game in the virtual environment from the CD. On my old Windows 10 laptop, it just worked when I put the CD in (I knew it would, because that’s how I play Lemmings most of the time). It was fun, and I played it extensively. Now, I play at least five or so different types of Solitaire every day. I was disappointed with the lack of a good, garbage-free version of the game in Windows 11 (which is a moot point now, since I switched to Linux Mint recently for the reason I mentioned earlier). So revisiting my favorite Solitaire CD-ROM was a no-brainer. It helped me feel calm, less overwhelmed, and more focused. I wanted to know why. But what is it about solitaire that is so appealing? Why did the computer version of it get so popular? Are there really any mental health benefits of playing the game? And why on earth is it so gosh darn difficult to win most variations? I decided to find out.

1746

The year the word “solitaire” first appeared in the Oxford English Dictionary, although at the time it probably meant Peg Solitaire. You know, that weird game they have on every table at Cracker Barrel. The card game as we know it likely came around in the late 18th century. It was based on another game called Patience (called that for obvious reasons). While the names “Patience” and “Solitaire” are basically two words to mean the same thing, there was probably a time when they were different games. More books, with new variations of the game , about the game came out throughout the 19th century , and folks have been writing about it ever since. There was even a rumor that Napoleon loved the game . And although people have been playing variations of the game over the last few centuries, it didn’t become such a cultural phenomenon until computer mice and GUIs came along.

Playing a (losing) hand of ‘Freecell’ in Internet Archive’s Windows 3.1 emulator . How digital solitaire helped people learn how to use a mouse When you think about solitaire, do you picture a series of different, challenging games that are more about patience and play than about winning, or do you think of “that card game on the computer you play when you get bored? Regardless of your answer, solitaire is huge, and it’s everywhere. My favorite part about Solitaire history (and I’m pulling from pre-2022 sources as much as possible here) is that a lot of it says stuff like “nobody knows where it came from originally” or “no one quite knows how it started.” I’m paraphrasing here, but there’s a deep uncertainty about it. One thing is well known, though: that Edmond Hoyle has the definitive word on the rules of many of its variants, despite Hoyle having almost nothing to do with Solitaire itself. He was just a big rules guy . Even the Founding Fathers enjoyed a few card games . But let’s travel forward to the 20th century, when Klondike solitaire became part of computing history. The only nice thing you’ll ever hear me say about Microsoft is that they’re largely responsible for bringing the computerized version of solitaire to home PCs. It was a pack-in for Windows 3.0. Believe it or not, there was a time when the mouse was a very new, somewhat confusing concept for many people. That was in 1990. Before that (early 80s), Atari 8-bit computers and Macs had their own versions of Klondike, each programmed by different people. But that Microsoft version really took off. In 1988, a guy named Wes Cherry interned at Microsoft. Cherry was surprised to learn their computers didn’t have virtual card games like the one on his Mac at home. So he made one. He wrote the code for Klondike, his then-girlfriend (Leslie Kooy) designed some of the cards, and designer Susan Kare made the rest of the deck. He threw it on the company server. From there, a program manager noticed it and decided to include it in the official version to be released in 1990. According to a 2016 Mental Floss interview with Cherry, he originally included a “boss key” to let players quickly exit the program if their supervisors caught them playing. Microsoft made him take it out. The game served another purpose, though: along with Minesweeper , it was also used to help people get used to Windows’ drag-and-drop interface instead of using the command line for everything.

“Golf is like solitaire. When you cheat, you only cheat yourself.”

— Tony Lema, a professional golfer who won a lot of games in the late 1950s/early 60s. Sadly, he died in a plane crash in 1964, but his words definitely ring true when it comes to any game or challenge, including Solitaire. Sure, you can cheat. But where’s the fun and challenge in that?

Playing a (losing) hand of ‘Golf’ in Hoyle Solitaire & Mahjong. Six types of Solitaire that are better than the usual suspects, and some tips for playing Solitaire online. We’ve firmly established that I love a good game of Solitaire. Klondike is always fun for a few hands. Trust me; you know this one: Two great pastimes: Superman comics & playing a (losing) hand Klondike with real cards. It’s fun, but it’s like vanilla ice cream. A lot of people love it, but there are so many more, varied flavors out there (although the three-card-draw variant does make it a bit more fun). Here are six of our favorites: Playing a (losing) hand of ‘Golf’ solitaire. Golf: This is probably my favorite version of solitaire. It’s simple, but can be very tough. It’s basically a building-up or building-down game on a single waste like. Some versions let you build on Kings, some don’t. It also has several variations that keep things interesting, and a typical game lasts only a few minutes unless you decide to really take your time. It’s difficult to win but extremely fun. Playing a (losing) hand of ‘Nestor’ in Linux Nestor: Nestor is a deceptive game. It looks simple, but it’s pretty devious. Okay, it’s a tile-matching game using cards instead of tiles. But that’s what makes it fun. This one is tough to win, but well worth playing. I recommend using physical cards over online/computerized versions, just because it’s more fun (in my opinion) to “tile-match” that way. If you do want a digital version, the best ones I’ve played are on Sierra’s Hoyle Solitaire and on the PySol for Linux. Playing a (losing) hand of ‘Scorpion’ in Linux. Scorpion: People do love their arachnids. Spider is an incredibly popular version of solitaire that can get pretty tough if you’re using all the suits. If you’re sick of traditional Spider Solitaire or just want to be squashed by the game instead of the other way around, try Scorpion. It’s a challenge, and you’re probably not going to win, but half the fun is seeing where the cards take you. Playing a long (losing) hand of ‘Colorado’ solitaire in Linux; yes, it took 15 minutes. Colorado : If you’re up for a challenge and you’re okay with never really winning, Colorado solitaire has what you’re looking for. This one requires two decks and has you making both Ace-up and King-down piles. It is frustrating as H-E-double hockey sticks, but it’s fun to give yourself a challenge. Hopefully, I’ll win one of these days. Playing a (los…wait, I won? What!?) hand of ‘Athena’ in Linux. Athena: This is an interesting variation of Klondike that features face-up and face-down cards interspersed with each other on the tableau. It’s fascinating to see that on a solitaire tableau. It also uses a three-card draw for the reserve pile, which makes for a nice challenge and a somewhat different approach to tactics than you’d use in a traditional game of Klondike. I play this one almost as often as Golf. Winning it somehow feels like an accomplishment. Playing a (losing) hand of Canfield in Linux. Canfield: This one is tough, but not as tough as Colorado or 40 Thieves. In the UK, it was called “Demon,” and for good reason: it’s pretty devilish. In the US, a casino owner named Richard Canfield turned this variant into a gambling game. I think it’s pretty fun and quite challenging. Hoyle’s book had some great rules for it , but you can play it online , as it might make for an easier game.

101

The number of games of Golf solitaire I played on Sierra’s Hoyle Solitaire & Mahjong game in February of 2026. Told you it was my favorite. The 1996 PC game has background music, custom cards and backgrounds, and some of my absolute favorite one and two-deck solitaire games. Golf is shockingly simple but deviously difficult to win. I spent 2.15 hours playing, went through 101 hands, and didn’t win a single game. While I kind of suck at Golf solitaire, I still love it and had a great time playing. And I’ll definitely be doing it again. The odds of winning Solitaire can vary , but I find it fascinating that I win more often when I play with physical cards than I do when I play Solitaire digitally.

Eight solutions to the tedium of online Solitaire Playing anything online can come with its own set of challenges. Sometimes playing solitaire games online is a bit of a crapshoot. We’ve all probably seen (or, perhaps, used) one of those “play games and earn money” apps. You know the ones I’m talking about: they have a weird look to them, and they all seem sort of scammy while being increasingly AI-generated. Yeah, solitaire has unfortunately fallen into that trap. If there isn’t some shady site out there promising to help you “earn money by playing,” then there’s an issue. Most of these, like Solitaire Cash , are a scam . Go figure. Even the “top ten” lists of the “best ones” are also likely pointing to scams. Just look at the data policies and user reviews of most of these apps on their respective stores. My advice is to steer clear. Aside from these, there are a ton of other problems with trying to play digital Solitaire in 2026. Ads, ads, ads galore. AI-generated slop. Memberships. XP and gambling (looking at you, Windows 11). Lack of variety (it’s all Spider, Klondike, Pyramid, and FreeCell). Playing a (losing) hand of ‘Canfield’ on Politaire. I offer eight solutions to this problem: • Get yourself a few decks of good playing cards, grab a Hoyle gaming book or browse an online resource like Politaire , and learn to play a few of the games manually. Sit down at a nice, clear table. Put on your favorite tunes. Learn to shuffle, then play as much of any game as you like. The bonus is you get the tactile sensation of physical cards, and you can cheat as much as you like, if you’re so inclined. Who’s gonna judge ya?

• Use a secure browser with an adblocker if you’re playing online. Be very careful about which sites you choose. Some of them are after much more than stats and fake trophies for their players. Solitaired and Politaire (linked above) are both great sites for getting your fix, but I prefer Pol

内容较长，当前仅展示前 14000 字。可点击“打开原文”查看完整内容。

This newsletter is free to read, and it’ll stay that way. But if you want more - extra posts each month, no sponsored CTAs, access to the community, and a direct line to ask me things - paid subscriptions are $2.50/month. A lot of people have told me it’s worth it.

Upgrade

I spent about a decade waking up at 6am and checking my follower count before I brushed my teeth. Refreshing analytics while the coffee brewed, reading Y Combinator essays, networking on Twitter and trying to reverse-engineer what made people break out. I'd look at every piece of creative work I produced and ask "will this scale?" Every night, I'd calculate the gap between where I was and where Mark Zuckerberg was at my age, or Marc Andreessen, or Om Malik, or Ryan Holiday etc etc etc - which is an unhinged thing to do. But I did it all the time. I was obsessed with whatever it was that would come Next. After all of this, after I had made it, after I'd stopped "plateauing" and reached my potential. This is what I've come to call The Strive. And you know it too, even if you've never called it that. It's the obsession with making it, going viral, founding a billion-dollar company, becoming the next TBPN, raising millions of dollars, getting profiled in Wired, landing on the Forbes 30 Under 30 list (or, for those of us who aged out, the Forbes 40 Under 40 list that doesn't exist but should). The Strive is what makes people put "serial entrepreneur" in their Twitter bio. It's what makes a 24-year-old describe their note-taking app as "disrupting knowledge work." It's what kept me awake at 2am calculating how many followers I needed per week to hit my Q3 growth target. Back in the 70's a researcher named Philip Brickman studied lottery winners and found that people who won big were no happier than anyone else within a few months. He called it the "hedonic treadmill." You get the thing, the feeling fades, you chase the next thing. The Strive is the hedonic treadmill all over again, but it comes with a mandatory pair of white sneakers and a Claude Max subscription. How the machine works From the outside, The Strive it looks like that thing we call passion; but from the inside it feels like a crushing, soul destroying anxiety disorder. You set a goal, and with a bit of luck and a whole lot of blood, you hit it, and you feel good for somewhere between 4 hours and 2 days (and I'm being generous with the 2 days), and then it fades and you set a bigger goal because the old one, the one you were sure would change everything, turned out to be a thing that happened and nothing more. I hit 10,000 followers once and felt good for about an afternoon, and I got published in an outlet I'd been pitching for months and the dopamine lasted maybe 36 hours before I was back at my laptop, pitching the next thing. Your brain's ~wanting system and your brain's ~liking system are separate circuits, and the wanting system is bigger and louder and more connected to everything else. As it turns out, dopamine fires for the chase, not for the catch. Infrastructure The Strive doesn't live in your head alone - no, it has infrastructure. It has an entire litany of podcasts, and conferences, Twitter threads, and LinkedIn posts, co-working spaces, and pitch competitions, and all of it keeps you sprinting. Everyone around you is Striving, too. And when you stop, you feel like you're falling behind. But falling behind who? People who are also on the treadmill, also wondering why their last win didn't stick? Once you're in it, opting out feels like abject failure. If you're not growing, you must be dying, if you're content, you must be complacent. Peace and satisfaction are a disease that infests the uninitiated. Well, I went to the events and read the books (the ones with single-word titles like "Grit" and "Hustle") and optimised my mornings and tracked my habits with an app that gave me a score, and I tweeted through it, and I cold-emailed strangers to ask if I could "pick their brain," which is a phrase that should be fucking illegal. It got me nowhere. What it costs You're told to calculate the upside: money, status, influence. You're told to weigh that against the "sacrifice," which is always framed as temporary. Grind for a few years, miss some dinners, put some relationships on hold. There's a finish line out there and once you cross it you get to enjoy things. But this is bullshit! There's no finish line! That's the trick, and it's a damned good one! I watched a friend raise a Series A and immediately start losing sleep over Series B. I know someone who hit a million in annual revenue and couldn't enjoy it because all he could think about was getting to 10. Every finish line is a checkpoint. You cross it and the next one appears, further away, higher up. This is intentional design. What The Strive actually cost me was a large number of physical years. Years I spent optimising instead of living, years I spent going to networking events instead of seeing friends, building an audience when I could have been reading a book for fun. I worked on things that were always about to become The Thing that Mattered, and they never quite did. And even if they had, it wouldn't have been enough. It would never, ever have been enough. Enough What if the right scale for interesting work is whatever scale that lets you keep doing it? What if a good idea doesn't need to become a billion-dollar company? What if it can be a good idea that you work on because it's interesting and it pays your rent? Kahneman and Deaton published a study in 2010 showing that after about $75,000 a year (probably closer to $100,000 now), more money doesn't make your day-to-day life feel any better. Your abstract "life satisfaction" might tick up, but the actual texture of your days doesn't change. You can't ask "how much is enough?" inside The Strive's framework because "enough" is a word it doesn't recognise. I run a solo creative studio called Studio Self. I write things I love writing. I work with clients I actually like. I pick projects that challenge my brain in ways I find interesting and I turn down the ones that don't. I am not optimising for maximum revenue. I am not building a unicorn. I am unlikely to go down in history. By The Strive's metrics, I'm a failure. I should be raising money. I should be building a team. I should be positioning for an exit. Instead I'm writing a blog and reading comic books and playing Doom II and working on ideas that will almost certainly never make anyone a billion dollars, and I'm fine with that. Better than fine. I wake up and I'm not dreading the day. I work on things I care about. I stop working when I'm done. My brain feels alive and I have time to read for fun and I think that's worth more than a Series A. The MASH test The Strive doesn't believe in hobbies. In its twisted framework, everything is either productive or wasteful. Reading a comic book: wasteful. Reading a business book: productive. Playing a video game: wasteful. Building one: productive. It can't process the idea that you might do something because you enjoy it. Every hour has to be an investment. Every experience has to compound. That is a psychotic way to live. I mean that close to literally. It's a disconnection from the basic human experience of enjoying things because they're enjoyable. A 6-year-old knows you read a book because it's fun. The Strive beats that out of you and replaces it with a spreadsheet. I have a test for whether The Strive still owns you, and I call it the MASH test. MASH ran for 11 seasons, from 1972 to 1983. The finale pulled 105.9 million viewers, still the most-watched broadcast in American television history. It's a show about people stuck in the Korean War trying to stay human by being funny and caring about their work even though everything around them is insane. The test: can you sit down and watch an episode of MASH on a Wednesday afternoon without feeling guilty about it? If you can't, if you feel The Strive pulling at you, telling you that you're wasting time, that you should be producing something, that every hour not spent growing your brand is an hour wasted, then The Strive still owns you. You've handed your peace of mind to a system that will never give you permission to stop. I can read a comic book now without running the mental math on whether I should be making content instead. I can go for a walk without listening to a business podcast. I can talk to someone without wondering if they're a useful connection. These sound like small things but mate I promise you, they're the whole game. Why it sticks You'd think, given everything I've described, that people would stop. But tey don't, and I didn't for a long time, even though I knew the math was bad. Part of the reason why is survivorship bias. The Strive only shows you the people who won: the fundraise posts, the exit announcements, the profile in TechCrunch. You don't see the thousands who ground it out for five years and ended up back at a day job, older and more tired and with a credit card balance that makes them nauseous. The expected value of The Strive is way lower than it looks from the outside, but the outside is the only view you get. Part of it is identity. Once I'd been Striving long enough, it stopped being something I did, and started being something I was. My friends were Strivers and my self-concept was "ambitious person building something." When I started pulling back, it felt like I was killing a version of myself. That's not a comfortable feeling. But the biggest part, the part nobody wants to cop to is this: The Strive is a really good way to avoid sitting with your actual life. If you're always chasing the next milestone, you don't have to ask whether you like the way you spend your days. You don't have to look at the possibility that catching the thing wouldn't make you happy either. I think, for me, a lot of The Strive was... running, running from the question of whether any of it was what I wanted, or what I'd been told to want. Boring on purpose Contentment is boring. "I woke up, I wrote something I liked, I read a book, I had dinner, I went to bed" doesn't make for a great narrative. Nobody's making a podcast series about the person who decided things were just fine and they were just fine with that. The Strive has narrative tension. Will they raise the round? Will the product launch? Will they make it? My life doesn't have narrative tension right now and I think that might be the whole point. A life that makes a good story tends to be a life that was awful to live. The chapters people want to read about in biographies tend to be the ones the person would have skipped if they could. The Strive sounds great in the abstract. Work hard, dream big, change the world, but on the ground it's a prescription for chronic dissatisfaction, because it trains you to put your well-being somewhere in the future, always in the future, and the future never arrives. I'd rather be bored and present than excited and perpetually somewhere else. I'd rather have a Wednesday than a narrative arc. I realise that's not a sexy position to hold. I'm directionally ok with that. I work hard, I care about quality. I want the things I make to be good and I want to find clients who push me and I want projects that make my brain hurt in a good way. But the specific cultural program that equates your worth with your scale, your follower count, your funding round, is a bad deal for most people. It takes the normal desire to do good work and bolts a set of impossible metrics onto it. It takes "I'd like to make a living doing something I care about" and inflates it into "you need to build an empire." Those are different things. The Strive collapses them into one. Where this goes "Is this enough?" is a better question than "How do I get more?" and I wish someone had told me that 10 years ago, but I probably wouldn't have listened. I was too busy Striving. The Strive isn't going anywhere, not any time soon. There's too much money in it, too many people selling the dream. The conferences will keep going, and the podcasts will keep recording, and LinkedIn will keep telling you that your comfort zone is where dreams go to die, which, as motivational slogans go, really is something isn't it? But I think, I hope , the math is starting to catch up with more people. We spend years marinating in anxiety for a feeling that lasts 48 hours, on repeat, forever - and that is a bad fucking trade. I'm going to go watch MASH now. I've got nowhere to be and nothing to optimise and I don't feel guilty about it at all.

SPONSORED

Westenberg is designed, built and funded by my solo-powered agency, Studio Self. Reach out and work with me:

Work with me

For nearly 20 years the deal has been simple: you click a link, arbitrary code runs on your device, and a stack of sandboxes keeps that code from doing anything nasty. Browser sandboxes for untrusted JavaScript, VM sandboxes for multi-tenant cloud, ad iframes so banner creatives can't take over your phone or laptop - the modern internet is built on the assumption that those sandboxes hold. Anthropic just shipped a research preview that generates working exploits for one of them 72.4% of the time, up from under 1% a few months ago. That deal might be breaking.

From what I've read Mythos is a very large model. Rumours have pointed to it being similar in size to the short lived (and very underwhelming) GPT4.5 .

As such I'm with a lot of commentators in thinking that a primary reason this hasn't been rolled out further is compute. Anthropic is probably the most compute starved major AI lab right now and I strongly suspect they do not have the compute to roll this out even if they wanted more broadly.

From leaked pricing, it's expensive as well - at $125/MTok output (5x more than Opus, which is itself the most expensive model out there).

But this probably doesn't matter

One thing that has really been overlooked with all the focus on frontier scale models is how quickly improvements in the huge models are being achieved on far smaller models. I've spent a lot of time with Gemma 4 open weights model, and it is incredibly impressive for a model that is ~50x smaller than the frontier models.

So I have no doubt that whatever capabilities Mythos has will relatively quickly be available in smaller, and thus easier to serve, models.

And even if Mythos' huge size somehow is intrinsic to the abilities (I very much doubt this, given current progress in scaling smaller models) it has, it's only a matter of time before newer chips [1] are able to serve it en masse. It's important to look to where the puck is going.

Sandboxing is at risk

As I've written before, LLMs in my opinion pose an extremely serious cybersecurity risk. Fundamentally we are seeing a radical change in how easy it is to find (and thus exploit) serious flaws and bugs in software for nefarious purposes.

To back up a step, it's important to understand how modern cybersecurity is currently achieved. One of the most important concepts is that of a sandbox . Nearly every electronic device you touch day to day has one (or many) layers of these to protect the system. In short, a sandbox is a so called 'virtualised' environment where software can execute on the system, but with limited permissions, segregated from other software, with a very strong boundary that protects the software 'breaking out' of the sandbox.

If you're reading this on a modern smartphone, you have at least 3 layers of sandboxing between this page and your phone's operating system.

First, your browser has (at least) two levels of sandboxing. One is for the JavaScript execution environment (which runs the interactive code on websites). This is then sandboxed by the browser sandbox, which limits what the site as a whole can do. Finally, iOS or Android then has an app sandbox which limits what the browser as a whole can do.

This defence in depth is absolutely fundamental to modern information security, especially allowing users to browse "untrusted" websites with any level of security. For a malicious website to gain control over your device, it needs to chain together multiple vulnerabilities, all at the same time. In reality this is extremely hard to do (and these kinds of chains fetch millions of dollars on the grey market ).

Guess what? According to Anthropic, Mythos Preview successfully generates a working exploit for Firefox's JS shell in 72.4% of trials. Opus 4.6 managed this in under 1% of trials in a previous evaluation:

Worth flagging a couple of caveats. The JS shell here is Firefox's standalone SpiderMonkey - so this is escaping the innermost sandbox layer, not the full browser chain (the renderer process and OS app sandbox still sit on top). And it's Anthropic's own benchmark, not an independent one. But even hedging both of those, the trajectory is what matters - we're going from "effectively zero" to "72.4% of the time" in one model generation, on a real-world target rather than a toy CTF.

This is pretty terrifying if you understand the implications of this. If an LLM can find exploits in sandboxes - which are some of the most well secured pieces of software on the planet - then suddenly every website you aimlessly browse through could contain malicious code which can 'escape' the sandbox and theoretically take control of your device - and all the data on your phone could be sent to someone nasty.

These attacks are so dangerous because the internet is built around sandboxes being safe. For example, each banner ad your browser loads is loaded in a separate sandboxed environment. This means they can run a huge amount of (mostly) untested code, with everyone relying on the browser sandbox to protect them. If that sandbox falls, then suddenly a malicious ad campaign can take over millions of devices in hours.

But it's not just websites

Equally, sandboxes (and virtualisation) are fundamental to allowing cloud computing to operate at scale. Most servers these days are not running code against the actual server they are on. Instead, AWS et al take the physical hardware and "slice" it up into so called "virtual" servers, selling each slice to different customers. This allows many more applications to run on a single server - and enables some pretty nice profit margins for the companies involved.

This operates on roughly the same model as your phone, with various layers to protect customers from accessing each other's data and (more importantly) from accessing the control plane of AWS.

So, we have a very, very big problem if these sandboxes fail, and all fingers point towards this being the case this year. I should tone down the disaster porn slightly - there have been many sandbox escapes before that haven't caused chaos, but I have a strong feeling that this is going to be difficult.

And to be clear, when just AWS us-east-1 goes down (which it has done many , many , times ) it is front page news globally and tends to cause significant disruption to day to day life. This is just one of AWS's data centre zones - if a malicious actor was able to take control of the AWS control plane it's likely they'd be able to take all regions simultaneously, and it would likely be infinitely harder to restore when a bad actor was in charge, as opposed to the internal problems that have caused previous problems - and been extremely difficult to restore from in a timely way.

The plan

Given all this it's understandable that Anthropic are being cautious about releasing this in the wild. The issue though, is that the cat is out of the bag. Even if Anthropic pulled a Miles Dyson and lowered their model code into a pit of molten lava, someone else is going to scale an RL model and release it. The incentives are far, far too high and the prisoner's dilemma strikes again.

The current status quo seems to be that these next generation models will be released to a select group of cybersecurity professionals and related organisations, so they can fix things as much as possible to give them a head start.

Perhaps this is the best that can be done, but this seems to me to be a repeat of the famous "obscurity is not security" approach which has become a meme in itself in the information security world. It also seems far fetched to me that these organisations who do have access are going to find even most of the critical problems in a limited time window.

And that brings me to my final point. While Anthropic are providing $100m of credit and $4m of 'direct cash donations' to open source projects, it's not all open source projects.

There are a lot of open source projects that everyone relies on without realising. While the obvious ones like the Linux kernel are getting this "access" ahead of time, there are literally millions of pieces of open source software (nevermind commercial software) that are essential for a substantial minority of systems operation. I'm not quite sure where the plan leaves these ones.

Perhaps this is just another round in the cat and mouse cycle that reaches a mostly stable equilibrium, and at worst we have some short term disruption. But if I step back and look how fast the industry has moved over the past few years - I'm not so sure.

And one thing I think is for certain, it looks like we do now have the fabled superhuman ability in at least one domain. I don't think it's the last.

• Albeit at the cost of adding yet more pressure onto the compute crunch the AI industry is experiencing ↩︎

In short: GitHub’s downtime is bad, but uptime numbers can be misleading. It’s not as bad as it looks; more like a D than an F.

“Zero nines uptime”?

99.99% uptime, or “four nines”, is a common industry standard. Four nines of uptime is equivalent to 1.008 minutes of downtime per week.

GitHub is not meeting that, and it’s frustrating. Even though they’re owned by Microsoft’s, one of the richest companies on earth, they aren’t clearing this bar.

Here are some things people are saying:

• “GitHub appears to be struggling with measly three nines availability”

• “World’s First Enterprise Solution With Zero Nines Uptime”

• “Sure, they may have made the uptime worse, but remember what we got in exchange – when it’s up, the UI is slower and buggier.”

According to “The Missing GitHub Status Page” , which reports historical uptime better than GitHub’s official source, they’ve had 89.43% uptime over the last 90 days. That’s zero nines of uptime. That implies more than 2.5 hours of downtime every day !

I dislike GitHub and Microsoft, so I shouldn’t be coming to their defense, but I think this characterization is unfair.

Downtime is additive (kinda)

I’m no mathematician, but let’s do a little math.

Let’s say your enterprise has two services: Service A and Service B. Over the last 10 days:

• Service A had one day of downtime. That means it has 90% uptime.

• Service B had two days of downtime on different days. That means it has 80% uptime.

3 of the last 10 days had outages. That’s 70% uptime total. (That’s how the Missing GitHub Status Page calculates it.)

GitHub’s status page lists ten services: core Git operations, webhooks, Issues, and more. Sometimes they’re down simultaneously, but usually not.

If all ten of those services have 99% uptime and outages don’t overlap, it’d look like GitHub had 90% uptime because some part of GitHub is out 10% of the time. That’s much worse!

Punished for a good engineering practice

The numbers look better if outages happen at the same time. For example, if Service A and Service B go down on Saturday and Sunday, you’d have 80% uptime overall instead of 70%. Compared to the previous scenario, Service A is down twice as long, but the uptime number looks better.

A downstream effect of this calculation is that your uptime numbers look worse if your services are well-isolated .

I think it’s good that Service A doesn’t take down Service B! I think it’s good that a GitHub Packages outage doesn’t take down GitHub Issues! But if all you see is one aggregate uptime number, you might miss that.

Things look rosier when you look at features individually. Over the last 90 days, core Git operations have had 98.98% uptime, or about 22 hours where things were broken. That’s still bad, but not as bad as some people are saying. D tier, not F tier.

Also, an incident doesn’t mean everything is broken. For example, GitHub recently had an issue where things were slow for users on the west coast of the United States. Not good , but not “everything is broken for all users”. Again, the number doesn’t tell the whole story.

There are better reasons to dislike GitHub

I still think GitHub’s uptime is unacceptably low, especially because they’re owned by Microsoft, but I don’t think we’re being honest when we say that GitHub has “zero nines” of availability.

To me, it’s more like: they have a bunch of unstable services which cumulatively have horrible uptime, but individually have not-very-good uptime.

There are better reasons to dislike these companies.

Nftables is the current generation Linux firewall rule system, supplanting iptables (which supplanted ipchains). As covered in the nft manual page , nftables has the concept of 'symbolic variables' . Since I'm used to BSD PF, I will crudely describe these as a combination of some parts of pf tables and PF macros. I personally feel that the nft manual page doesn't do a good job of documenting what's possible in these, so here are some notes.

The simple case is simple values:

define tundev = "tun0"; define outdev = "eno1"; define natip = 128.100.x.y define tunnet = 172.29.0.0/16

(It turns out that the ';' here is decorative and I put it in out of superstition , judging from actually reading the "Lexical Conventions" section.)

I'm not sure of the rules of when you have to quote things and when you don't. As covered in the manual page, you use these symbolic values in the relevant nftables bits, for example a SNAT rule:

ip saddr $tunnet oifname $outdev counter snat to $natip;

Nftables also has the concept of 'anonymous sets' , which are written in the obvious PF-like syntax of '{ ..., ..., ... }'. You can use symbolic variables to define anonymous sets, and if you do they can span multiple lines and have embedded comments, and of course you can have multiple elements on one line (not shown in this example):

define allowed_udp_ports = { # DNS 53, # NTP 123, # for HTTP/3 aka QUIC 443 }

(I suspect that symbolic values written directly in nftables rules can also span multiple lines and have embedded comments, but I haven't checked.)

A comma on the last entry is optional. Unlike in BSD PF, elements must be separated by commas.

You can use this to define port numbers, IP address ranges, and no doubt other things. However, I don't know how efficient it is if you're defining large numbers of things, and of course you can't update your defined things without reloading your entire ruleset. If you need either of features, you're going to have to figure out named nftables sets or maps.

There's no direct equivalent of the BSD PF syntax for defining a table from a file with eg ' table <SSH_IN> persist file "/etc/pf/SSH-ALLOWED" '. The closest you can come is to define an anonymous set in a file you ' include ' in your nftables rules.

(I believe this is also the best you can do for loading named sets and maps from files.)

PS: Apparently there are also anonymous maps , to go with named ones.

Sidebar: Named sets in nftables

Since I just worked this out, well, found an example , here is how you write a set in your nftables.conf:

table inet filter { set allowed_tcp_ports { typeof tcp dport elements = { 22, 25, 80, 443 } }

chain input { [...] meta iifname $outdev tcp dport @allowed_tcp_ports counter accept; [...]

Now that I understand the use of ' typeof ', I'll probably use it for all sets and maps rather than trying to look up the specific type involved ( although nft can help with that with ' nft describe ').

Jason Snell, writing at Six Colors:

Software developer Photon, whose product requires running a bunch of Macs to connect to iMessage, discovered a pretty major bug :

Every Mac has a hidden expiration date. After exactly 49 days, 17 hours, 2 minutes, and 47 seconds of continuous uptime, a 32-bit unsigned integer overflow in Apple’s XNU kernel freezes the internal TCP timestamp clock… ICMP (ping) keeps working. Everything else dies. The only fix most people know is a reboot.

The whole story is wild (albeit technical). Photon says they’re working on a fix, but really, this is something Apple should be working on.

If you keep track of time using milliseconds, and store that in an unsigned 32-bit integer, it overflows after 49 days, 17 hours, 2 minutes, and 47 seconds. That’s the bug.

I think this bug is new to Tahoe. If you look at Apple’s open-source XNU kernel code —  e.g. lines 3,732 to 3,745 in tcp_subr.c  — you can see that the lines assigning the time in milliseconds to a uint32_t variable were checked in just six months ago, whereas most of the file is five years old. Also, I personally ran my MacBook Pro — at the time, running MacOS 15.7.2 Sequoia — up to 91 days of uptime in January. I even mentioned that remarkable uptime in my annual report card , in praise of Apple’s software reliability. Apple’s pre-Tahoe reliability, that is.

I was hesitant to link to this at all because the original (unbylined) report from Photon is so hard to follow. It’s downright manic — over 3,500 words with 33 section headings ( <h2> and <h3> tags), with no cohesive narrative. The bug, seemingly, is not that complicated. The whole write-up from Photon just screams “AI-generated slop” to me, and I thus hesitate even to link to Snell’s piece linking to it. But I think the bug is real, and my sympathy for everyone afflicted with MacOS 26 Tahoe is sincere. (And if I’m wrong about the post being AI slop and a human at Photon actually wrote this, I would suggest taking it easy with the cocaine.)

★

Tool: GitHub Repo Size

GitHub doesn't tell you the repo size in the UI, but it's available in the CORS-friendly API . Paste a repo into this tool to see the size, for example for simonw/datasette (8.1MB).

Tags: cors , github

Me, in 2025, on Mastodon :

I love tools like Netlify and deploying my small personal sites with git push

But i'm not gonna lie, 2025 might be the year I go back to just doing builds locally and pushing the deploys from my computer.

I'm sick of devops'ing stupid stuff because builds work on my machine and I have to spend that extra bit of time to ensure they also work on remote linux computers.

Not sure I need the infrastructure of giant teams working together for making a small personal website.

It’s 2026 now, but I finally took my first steps towards this.

The Why

One of the ideas I really love around the “local-first” movement is this notion that everything canonical is done locally, then remote “sync” is an enhancement.

For my personal website, I want builds and deployments to work that way.

All data, build tooling, deployment, etc., happens first and foremost on my machine.

From there, having another server somewhere else do it is purely a “progressive enhancement”. If it were to fail, fine. I can resort back to doing it locally very easily because all the tooling is optimized for local build and deployment first (rather than being dependent on fixing some remote server to get builds and deployments working).

It’s amazing how many of my problems come from the struggle to get one thing to work identically across multiple computers .

I want to explore a solution that removes the cause of my problem, rather than trying to stabilize it with more time and code.

“The first rule of distributed computing is don’t distribute your computing unless you absolutely have to” — especially if you’re just building personal websites.

The What

So I un-did stuff I previously did (that’r right, my current predicament is self-inflicted — imagine that).

My notes site used to work like this :

• Content lives in Dropbox

• Code is on GitHub

• Netlify’s servers pull both, then run a build and deploy the site

It worked, but sporadically. Sometimes it would fail, then start working again, all without me changing anything. And when it did work, it often would take a long time — like five, six minutes to run a build/deployment.

I never could figure out the issue. Some combination of Netlify’s servers (which I don’t control and don’t have full visibility into) talking to Dropbox’s servers (which I also don’t control and don’t have full visibility into).

I got sick of trying to make a simple (but distributed) build process work across multiple computers when 99% of the time, I really only need it to work on one computer.

So I turned off builds in Netlify, and made it so my primary, local computer does all the work. Here are the trade-offs:

• What I lose : I can no longer make edits to notes, then build/deploy the site from my phone or tablet.

• What I gain : I don’t have to troubleshoot build issues on machines I don’t own or control. Now, if it “works on my machine”, it works period.

The How

The change was pretty simple.

First, I turned off builds in Netlify. Now when I git push Netlify does nothing.

Next, I changed my build process to stop pulling markdown notes from the Dropbox API and instead pull them from a local folder on my computer. Simple, fast.

And lastly, as a measure to protect myself from myself, I cloned the codebase for my notes to a second location on my computer. This way I have a “working copy” version of my site where I do local development, and I have a clean “production copy” of my site which is where I build/deploy from. This helps ensure I don’t accidentally build and deploy my “working copy” which I often leave in a weird, half-finished state.

In my package.json I have a deploy command that looks like this:

git pull && npm ci && netlify deploy --build --prod That’s what I run from my “clean” copy. It pulls down any new changes, makes sure I have the latest deps, builds the site, then lets Netlify’s CLI deploy it.

As extra credit, I created a macOS shortcut

# So it knows where to get the right $PATH to node source ~/.zshrc

# Then switch to my dir and run the command cd ~/Sites/com.jim-nielsen.notes/ npm run deploy So I can do CMD + Space , type “Deploy notes.jim-nielsen.com” to trigger a build, then watch the little shortcut run to completion in my Mac’s menubar.

I’ve been living with this setup for a few weeks now and it has worked beautifully. Best part is: I’ve never had to open up Netlify’s website to check the status of a build or troubleshoot a deployment.

That’s an enhancement I can have later — if I want to.

Reply via:

Email · Mastodon ·

Bluesky

Saw a post on X saying that the latitude of the Pyramid of Giza is the same as the speed of light.

I looked into this, expecting it to be approximately true. It’s exactly true in the sense that the speed of light in vacuum is 299,792,458 m/s and the line of latitude 29.9792458° N passes through the pyramid. The exact center of the pyramid is at 29.97917° N, 31.13417° E.

Of course this is a coincidence. Even if you believe that somehow the ancient Egyptians knew the speed of light, the meter was defined four millennia after the pyramid was built. The post The Great Pyramid of Giza and the Speed of Light first appeared on John D. Cook .

This is the fourth chapter of my SQLAlchemy 2 in Practice book. If you'd like to support my work, I encourage you to buy this book, either directly from my store or on Amazon . Thank you!

Continuing with the topic of relationships, this chapter is dedicated to the many-to-many type, which as its name implies, is used when it is not possible to identify any of the sides as a "one" side.

Last time, we looked at adding or removing a handle from an active Msg­Wait­For­Multiple­Objects , and observed that we could send a message to both break out of the wait and update the list of handles. But what if the other thread is waiting in a Wait­For­Multiple­Objects ? You can’t send a message since Wait­For­Multiple­Objects doesn’t wake for messages.

You can fake it by using an event which means “I want to change the list of handles.” The background thread can add that handle to its list, and if the “I want to change the list of handles” event is signaled, it updates its list.

One of the easier ways to represent the desired change is to maintain two lists, the “active” list (the one being waited on) and the “desired” list (the one you want to change it to). The background thread can make whatever changes to the “desired” list it wants, and then it signals the “changed” event. The waiting thread sees that the “changed” event is set and copies the “desired” list to the “active” list. This copying needs to be done with Duplicate­Handle because the background thread might close a handle in the “desired” list, and we can’t close a handle while it is being waited on.

wil::unique_handle duplicate_handle(HANDLE other) { HANDLE result; THROW_IF_WIN32_BOOL_FALSE( DuplicateHandle(GetCurrentProcess(), other, GetCurrentProcess(), &result, 0, FALSE, DUPLICATE_SAME_ACCESS)); return wil::unique_handle(result); } This helper function duplicates a raw HANDLE and returns it in a wil::unique_handle . The duplicate handle has its own lifetime separate from the original. The waiting thread operates on a copy of the handles, so that it is unaffected by changes to the original handles.

std::mutex desiredMutex; _Guarded_by_(desiredMutex) std::vector<wil::unique_handle> desiredHandles; _Guarded_by_(desiredMutex) std::vector<std::function<void()>> desiredActions; The desiredHandles is a vector of handles we want to be waiting for, and the The desiredActions is a parallel vector of things to do for each of those handles.

// auto-reset, initially unsignaled wil::unique_handle changed(CreateEvent(nullptr, FALSE, FALSE, nullptr));

void waiting_thread() { while (true) { std::vector<wil::unique_handle> handles; std::vector<std::function<void()>> actions; { std::lock_guard guard(desiredMutex);

handles.reserve(desiredHandles.size() + 1); std::transform(desiredHandles.begin(), desiredHandles.end(), std::back_inserter(handles), [](auto&& h) { return duplicate_handle(h.get()); }); // Add the bonus "changed" handle handles.emplace_back(duplicate_handle(changed.get()));

actions = desiredActions; }

auto count = static_cast<DWORD>(handles.size()); auto result = WaitForMultipleObjects(count, handles.data()->addressof(), FALSE, INFINITE); auto index = result - WAIT_OBJECT_0; if (index == count - 1) { // the list changed. Loop back to update. continue; } else if (index < count - 1) { actions[index](); } else { // deal with unexpected result FAIL_FAST(); // (replace this with your favorite error recovery) } } } The waiting thread makes a copy of the desiredHandles and desiredActions , and adds the changed handle to the end so we will wake up if somebody changes the list. We operate on the copy so that any changes to desiredHandles and desiredActions that occur while we are waiting won’t affect us. Note that the copy in handles is done via Duplicate­Handle so that it operates on a separate set of handles. That way, if another thread closes a handle in desiredHandles , it won’t affect us.

void change_handle_list() { std::lock_guard guard(desiredMutex); ⟦ make changes to desiredHandles and desiredActions ⟧ SetEvent(changed.get()); } Any time somebody wants to change the list of handles, they take the desiredMutex lock and can proceed to make whatever changes they want. These changes won’t affect the waiting thread because it is operating on duplicate handles. When finished, we set the changed event to wake up the waiting thread so it can pick up the new set of handles.

Right now, the purpose of the changed event is to wake up the blocking call, but we could also use it as a way to know whether we should update our captured handles. This allows us to reuse the handle array if there were no changes.

void waiting_thread() { bool update = true; std::vector<wil::unique_handle> handles; std::vector<std::function<void()>> actions;

while (true) { if (std::exchange(update, false)) { std::lock_guard guard(desiredMutex);

handles.clear(); handles.reserve(desiredHandles.size() + 1); std::transform(desiredHandles.begin(), desiredHandles.end(), std::back_inserter(handles), [](auto&& h) { return duplicate_handle(h.get()); }); // Add the bonus "changed" handle handles.emplace_back(duplicate_handle(changed.get()));

actions = desiredActions; }

auto count = static_cast<DWORD>(handles.size()); auto result = WaitForMultipleObjects(count, handles.data()->get(), FALSE, INFINITE); auto index = result - WAIT_OBJECT_0; if (index == count - 1) { // the list changed. Loop back to update. update = true; continue; } else if (index < count - 1) { actions[index](); } else { // deal with unexpected result FAIL_FAST(); // (replace this with your favorite error recovery) } } } In this design, changes to the handle list are asynchronous. They don’t take effect immediately, because the waiting thread might be busy running an action. Instead, they take effect when the waiting thread gets around to making another copy of the desiredHandles vector and call Wait­For­Multiple­Objects again. This could be a problem: You ask to remove a handle, and then clean up the things that the handle depended on. But before the worker thread can process the removal, the handle is signaled. The result is that the worker thread calls your callback after you thought had told it to stop!

Next time, we’ll see what we can do to make the changes synchronous.

The post How do you add or remove a handle from an active <CODE>Wait­For­Multiple­Objects</CODE>? appeared first on The Old New Thing .

Drones in Ukraine and in the War with Iran have made the surface of the earth a contested space. The U.S. has discovered that 1) air superiority and missile defense systems ( THAAD , Patriot batteries) designed to counter tens or hundreds of aircraft and missiles is insufficient against asymmetric attacks of thousands of drones. And that 2) undefended high value fixed civilian infrastructure – oil tankers, data centers, desalination plants, oil refineries, energy nodes, factories, et al -are all at risk.

When the targets are no longer just military assets but anything valuable on the surface, the long term math no longer favors the defender. To solve this problem the U.S. is spending $10s of billions of dollars on low-cost Counter-UAS systems – detection systems, inexpensive missiles, kamikaze drones, microwave and laser weapons.

But what we’re not spending $10s of billions on is learning how to cheaply and quickly put our high-value, hard-to-replace, and time-critical assets (munitions, fuel distribution, Command and Control continuity nodes, spares), etc., out of harm’s way – sheltered, underground (or in space).

The lessons from Gaza reinforce that underground systems can also preserve forces and enable maneuver. The lessons from Ukraine are that survivability while under constant drone observation/attack requires using underground facilities to provide overhead cover (while masking RF, infrared and other signatures). And the lessons from Iran’s attacks on infrastructure in the Gulf Cooperation Council countries is that anything on the surface is going to be a target.

We need to rethink the nature of force protection as well as military and civilian infrastructure protection.

Air Defense Systems

For decades the U.S. has built air defense systems designed for shooting down aircraft and missiles. The Navy’s Aegis destroyers provide defense for carrier strike groups using surface-to-air missiles against hostile aircraft and missiles. The Army’s Patriot anti-aircraft batteries provide area protection against aircraft and missiles. The Missile Defense Agency (MDA) provides missile defense from North Korea for Guam and a limited missile defense for the U.S.   MDA is leading the development of Golden Dome , a missile defense system to protect the entire U.S. against ballistic, cruise, and hypersonic missiles from China and Russia. All of these systems were designed to use expensive missiles to shoot down equally expensive aircraft and missiles. None of these systems were designed to shoot down hundreds/thousands of very low-cost drones.

Aircraft Protection

After destroying Iraqi aircraft shelters in the Gulf War with 2,000-lb bombs, the U.S. Air Force convinced itself that building aircraft and maintenance shelters was not worth the investment. Instead, their plan – the Agile Combat Employment (ACE) program – was to disperse small teams to remote austere locations (with minimal air defense systems) in time of war. Dispersal along with air superiority would substitute for building hardened shelters. Oops . It didn’t count on low-cost drones finding those dispersed aircraft. (One would have thought that Ukraine’s Operation Spider’s Web using 117 drones smuggled in shipping containers – which struck and destroyed Russian bombers – would have been a wakeup call.)

The cost of not having hardened aircraft shelters during the 2026 Iran War came home when Iran destroyed an AWACS aircraft and KC-135 tankers sitting in the open. Meanwhile, China, Iran and North Korea have made massive investments in hardened shelters and underground facilities.

Protecting Ground Forces

The problem of protecting troops with foxholes against artillery is hundreds of years old. In WWI, trenches connected foxholes into systems. Bunkers were hardened against direct hits. Each step was a response to increased lethality from above. Today, drones are the new artillery; a persistent, cheap and precise overhead threat but with the ability to maneuver laterally, enter openings, and loiter. And mass drone attacks put every high value military and civilian target on the surface at risk. Fielding more hardened shelters for soldiers like the Army’s Modular Protective System Overhead Cover shelters is a first step for FPV kamikaze drones defense, but drones can get inside buildings through any sufficiently sized openings.

Drone Protection

Ukraine has installed ~500 miles of anti-drone net tunnels with a goal of 2,500 miles by the end of 2026 . These are metal poles and fishing nets stretched over roads but they represent the same instinct: the surface is a kill zone, so cover it. Russia has done the same.

The logical response is to go underground (or out to space) but the technology to do it quickly, cheaply, and at scale is genuinely new. The gap in current thinking is between “put up nets” (cheap, fast, limited) and “build a Cold War concrete bunker” (expensive, slow, permanent). What’s missing is the middle layer – rapidly bored shallow tunnels that provide genuine overhead cover for movement corridors, equipment parking, and personnel protection.

What tunnels solve that nets and shelters don’t

A net stops an FPV drone’s propellers. A shelter stops shrapnel. But a tunnel 15-30 feet underground is invisible to ISR, immune most to top-attack munitions, can’t be entered by a drone through a door or window, and survives anything short of a bunker-buster. Gaza proved that even with total air superiority and ground control, Israel has destroyed only about 40 percent of Gaza’s tunnels after two and a half years of war.

That’s an asymmetric defender’s advantage the U.S. military should be thinking about for its own use, not just as a threat to overcome.

What’s changed to make this feasible is that we may not need boring tunnels per se, but instead modular, pre-fabricated tunnel segments that can be installed with cut-and-cover methods at expeditionary bases. Or autonomous boring machines sized for military logistics (smaller versions of the Boring Company TBMs ) corridors rather than highway traffic.

The problem is a lack of urgency and imagination

The problem is real, the incumbents ( Army Corps of Engineers ) are slow, and the existing commercial tunneling industry isn’t thinking about expeditionary military applications.

The doctrinal gap is between “dig a foxhole with an entrenching tool” (individual soldier, hours) or deploy a few Army’s Modular Protective System Overhead Cover shelters or “build a Cold War hardened aircraft shelter” (major construction project, years, billions). There’s no doctrine for rapidly boring hardened underground movement corridors, dispersed equipment shelters, or protected command post positions using modern tunneling technology.

Army doctrine treats excavation as something done with organic engineer equipment — backhoes, bulldozers, troops with shovels — to create individual fighting positions and cut-and-cover bunkers. The Air Force doctrine barely addresses physical hardening at all, having spent 30 years assuming air superiority would substitute for it.

Nobody in the doctrinal community is asking: what if the Army could cut and cover 100 meters of precast tunnel segments in a day or if we could bore a 12-foot diameter tunnel 30 feet underground at a rate of a hundred of meters per week and use it as a protected logistics corridor, command post, or aircraft revetment?

Summary

Oceans on both sides and friendly nations on our borders have lulled America into a false sense of security. After all, the U.S. has not fought a foreign force on American soil since 1812.

Protection and survivability is no longer a problem for a single service nor is it a problem of a single solution or an incremental solution. Something fundamentally disruptive has changed in the nature of asymmetric warfare and there’s no going back. While we’re actively chasing immediate solutions ( Golden Dome , JTAF-401 , et al), we need to rethink the nature of force protection, and military and civilian infrastructure protection. Protection and survivability solutions are not as sexy as buying aircraft or weapons systems but they may be the key to winning a war.

The U.S. needs a coherent protection and survivability strategy across the DoW and all sectors of our economy. This conversation needs to be not only about how we do it, but how we organize to do it, how we budget and pay for it and how we rapidly deploy it.

Lessons Learned

• There is no coherent protection and survivability strategy that addresses drones across the DoW and the whole of nation

• Just point solutions

• For troops near the front, tunnels could reduce visual, thermal, and RF signature while providing fragment protection with a network of small, concealed, overhead- covered positions, short connectors, buried command posts, protected aid stations, and revetted vehicle hides.

• We need to underground assets that cannot be quickly replaced

• Command posts, comms nodes, ammunition, fuel distribution points, repair facilities, key power systems, maintenance spares, and high-value aircraft or drones.

• Think protected taxiways, blast walls, covered trenches, buried cabling, alternate exits, redundant portals, and rapid runway repair. Sortie generation under attack depends on a whole system, not one bunker.

• We need to work with commercial companies to harden/defend their sites

• Provide active defenses and incentives for under-grounding critical facilities

• The Army and Air Force need to rethink their doctrines and techniques for Protection and Survivability

• Army Techniques Publications (ATP) 3-37.34 – Survivability Operations treat excavation as something done with backhoes, bulldozers, troops with shovels to create individual fighting positions and cut-and-cover bunkers. Update it.

• The Air Force needs to do the same with AFDP 3-10, AFDP 3-0.1 (Force Protection and AFTTP 3-32.34v3 , AFH 10-222, Volume 14 and UFC 3-340-02

• We need to think of force and infrastructure protection not piecemeal but holistically

•

• Part of any weapons systems requirement and budget should now include protection and survivability

• Protection and survivability should be deployed concurrently with weapons systems

• We need a Whole of Nation approach to protection and survivability for both the force and critical infrastructure

The war in Iran, and the subsequent closure of the Strait of Hormuz, has unfortunately made us all familiar with details of the petroleum supply chain that we could formerly happily ignore. Every day we get some new story about some good or service that depends on Middle East petroleum and the production of which has been disrupted by the war. Fertilizer production, plastics, aluminum, the list goes on. One such supply chain that’s suddenly getting a lot of attention is helium. Helium is produced as a byproduct of natural gas extraction: it collects in the same underground pockets that natural gas collects in. Qatar is responsible for roughly 1/3rd of the world’s supply of helium, which was formerly transported through the Strait of Hormuz in specialized containers. Thanks to the closure of the strait, helium prices have spiked , suppliers are declaring force majeure , and businesses are scrambling to deal with looming shortages . (For many years the US government maintained a strategic helium reserve, but this was sold off in 2024.) What I find interesting about helium is that in many cases, it’s very hard to substitute for. Helium has a unique set of properties — in particular, it has a lower melting point and boiling point than any other element — and technologies and processes that rely on those properties can’t easily switch to some other material. Helium production Helium is the second lightest element in the periodic table (after hydrogen), and the second most common element in the universe (also after hydrogen). But while helium is very common on a cosmic scale, here on earth it’s not so easy to get. Because helium is so light, it rises to the very top of the atmosphere, where it eventually escapes into space. 1 So essentially all helium used by modern civilization comes from underground. Helium is produced via the radioactive decay of elements like uranium and thorium, and it collects in underground pockets of natural gas . This source of helium was first discovered in the US in 1903, when a natural gas well in Kansas produced a geyser of gas that refused to burn. Scientists at the University of Kansas eventually determined that this was due to the presence of helium. Like petroleum, helium has collected in these pockets over the course of millions of years, and thus (like petroleum) there’s a limited supply of underground helium that can be extracted. As with petroleum, people are often worried that we’re running out of it . Because helium is a byproduct of natural gas extraction, and because only some natural gas fields have helium in appreciable quantities, a small number of countries are responsible for the world’s supply of helium. The US and Qatar together produce around 2/3rds of the world’s helium supply. Russia, Algeria, Canada, China, and Poland produce most of the remaining balance. Elemental helium has a few different useful properties. The most important one is that, thanks to the small size and completely filled outer electron shell of helium atoms, helium has a lower boiling point than any other element. Liquid helium boils at just 4.2 kelvin (-452 degrees Fahrenheit). By comparison, liquid hydrogen boils at 20 K, and liquid nitrogen boils at a positively balmy 77 K. Its low boiling point makes helium very useful for getting something really, really cold. When a liquid boils, it transforms into a gas, and during this process it will pull energy from its surroundings due to evaporative cooling. This is why your body sweats: to cool you down as the liquid evaporates. When a liquid has a very low boiling point, this heat extraction happens at a very low temperature. Helium also stays a liquid at much lower temperatures than other elements. Nitrogen freezes solid at 63 K, and hydrogen freezes at 14K, but at atmospheric pressure helium stays a liquid all the way to absolute zero. If you need to cool something to just a few degrees above absolute zero, liquid helium is essentially the only practical way to do that. Helium also has a few other useful properties. As we noted, helium is very light: it will naturally rise in the atmosphere, which makes it useful as a lifting gas. Thanks to its filled outer electron shell, it is inert, and won’t react with other materials. Helium also has high thermal conductivity — at room temperature, helium can move heat about six times better than air. The uses of helium The world uses around 180 million cubic meters of helium each year. (This sounds like a lot, but it’s just 0.11% of the 159 billion cubic meters of nitrogen the world uses each year, and 0.004% of the over 4 trillion cubic meters of natural gas that the world uses each year.) But while it’s not used in enormous quantities compared to some other gases, helium is nevertheless quite important. Different industries make use of helium’s properties in different ways, and while in some cases there are reasonable substitutes for helium, in most cases helium has no practical replacement. MRI machines Some of the biggest consumers of helium are MRI machine operators, which consume around 17% of the helium used in the US. MRI machines work by creating very strong magnetic fields, which change the orientation of hydrogen atoms in tissues in your body. A pulse of radio waves is then sent into your body, which temporarily disrupts this orientation. When the pulse stops, different types of tissue return to their alignment with the magnetic field at different rates, and that rate of change can be measured and converted into a picture of the interior of the body. The strong magnetic fields in MRI machines are created by superconducting magnets: when some materials get cold enough, they drop to zero electrical resistance, which makes it possible to put enormous amounts of electrical current through them and create extremely strong magnetic fields. 2 The vast majority of MRI machines used today use superconducting magnets made from niobium-titanium (NbTi), which becomes superconducting at 9.2 degrees above absolute zero. This is well below the boiling point of any other coolant, making liquid helium the only practical option for cooling the magnets. A handful of MRI machines have been built using higher-temperature superconductors that don’t require helium cooling, but the vast majority of the 50,000 existing MRI machines in the world require helium. The helium consumption of MRI machines has fallen drastically over time. Early MRI machines would lose helium at a rate of around 0.4 liters per hour , requiring large tanks of 1000-2000 liters that needed to be refilled every few months. (It’s notoriously difficult to prevent gaseous helium from leaking out of containers, which is why helium is also often used for leak detection.) But modern MRI machines are “ zero boil-off ,” which essentially never need to be recharged with helium. As these machines take up more market share, the helium requirements of MRI machines can be expected to fall. But for the foreseeable future, MRI will remain a substantial source of demand. Semiconductors Another major consumer of helium is the semiconductor industry, which uses around 25% of the helium worldwide, and around 10% of the helium in the US. 3 As with MRI machines, helium is used to cool superconducting magnets, which are used to increase the purity of silicon ingots grown using the Czochralski method . Helium is also used as a coolant in some production processes, as well as a non-reactive gas to flush out some containers, for leak detection, and for a variety of other uses. A 2023 report from the Semiconductor Industry Association noted that helium was used “ as a carrier gas, in energy and heat transfer with speed and precision, in reaction mediation, for back side and load lock cooling, in photolithography, in vacuum chambers, and for cleaning .” The same report notes that for many of these uses, helium has no substitute. Unlike MRI machines, which have used less and less helium over time, helium usage in the semiconductor industry seems to be trending up: some sources claim that helium consumed by the semiconductor industry is expected to rise by a factor of five by 2035. This seems to be in part due to the development of DUV and EUV semiconductor lithography machines , which require helium to function. Unlike many other gases, helium absorbs almost no EUV radiation, which (as I understand it) makes it hard to substitute for helium in EUV machines . Fiber optics Helium is also used in the manufacturing of fiber optic cable. Optical cable is made with an inner core of glass, surrounded by an outer “sleeve” of glass with a different index of refraction. This keeps photons within the inner core via the phenomenon of total internal reflection. During the manufacturing process, helium is used as a coolant when the outer “sleeve” is being deposited onto the core — with any other atmosphere, bubbles form between the two layers of glass. Roughly 5-6% of helium worldwide is used for the production of optical fiber, and there’s no known alternative. Purging gas Other than semiconductor manufacturing, other industries (particularly the aerospace industry) use helium as a “purge gas” to clean out containers. Cleaning out a tank of liquid hydrogen, often used as a liquid rocket fuel, requires a gas with a boiling point low enough that it won’t freeze when it contacts the hydrogen. Cleaning a tank of liquid oxygen doesn’t require a gas with quite as low a boiling point, but it is best to use an inert gas to reduce the chance of it reacting with the highly reactive oxygen. Aerospace purging makes up around 7% of US helium consumption. Around half of that is used by NASA, which is the single biggest user of helium in the US . Lifting gas Because helium is lighter than air, it’s also used as a lifting gas in balloons and lighter-than-air airships as an alternative to the highly flammable hydrogen. Each Goodyear Blimp , for instance, uses around 300,000 cubic feet of helium. Around 18% of the helium consumed in the US is as a lifting gas. Scientific research and instruments Helium is also widely used in scientific research. Much of this is for keeping things cold: superconducting magnets, such as those used in the Large Hadron Collider , typically require helium, as do the superconducting elements in SQUIDs , which are highly sensitive magnetic field detectors. Helium is also used in mass spectrometers , which are used for, among other things, detecting microscopic leaks in containers. This is a major category of use in the US; roughly 22% of its helium consumption goes to “analytical, engineering, lab, science, and specialty gases.” Welding In the US, helium is also used for welding: its high thermal conductivity and its inertness make helium an excellent shielding gas, which prevents the pool of molten metal from being contaminated before it cools. In the US, welding makes up roughly 8% of helium use, but elsewhere in the world, it’s more common to use other shielding gases like argon. Diving Helium is also used for breathing gas in deep sea commercial diving. At depths beyond 30 meters, breathing nitrogen (which makes up 78% of normal air ) causes nitrogen narcosis , and diving beyond this depth is done using gas mixes that replace part of the nitrogen for helium. Roughly 5% of helium consumed in the US goes towards diving. Helium for diving is difficult to substitute for. Virtually every other breathable gas except for possibly neon causes some degree of narcosis, and neon is heavier than helium, making breathing more difficult. Conclusion For some of these applications, it’s possible to substitute helium with other materials. There are other shielding gases, such as argon, that can be used for welding, and other lifting gases, such as hydrogen, that can be used for balloons or airships. In other applications, it’s possible to dramatically reduce the consumption of helium via recycling systems or other methods designed to reduce its use. As we’ve noted, this has occurred with MRI machines, where modern ones use far less helium than their predecessors. And it seems to have happened with aerospace purging. A 2010 report from the National Academies of Sciences notes that if NASA and the Department of Defense were sufficiently motivated, they could dramatically reduce their helium consumption by recycling it. Since then, aerospace use of helium has fallen from 18.2 million cubic meters (26% of total US consumption) to 4 million cubic meters (7% of total US consumption). But the United States Geological Survey notes that most helium in the US is still unrecycled, and there’s lots of opportunity to dramatically reduce helium usage with various recapture and recycling systems. Many of these systems are capable of reducing helium consumption by 90% or more. But “reducing” doesn’t mean “eliminating,” and it’s interesting to me how in so many cases there doesn’t seem to be any good substitute for helium. 1 Though thanks to circulation in the air, the helium concentration below the turbopause is roughly constant, about 5 parts per million.

2 If the magnets get too warm, the sudden loss of superconductivity, called a “quench,” can damage or destroy the magnets due to the heat generated from the now-present electrical resistance.

3 I estimated this by subtracting the 5-6% of helium used globally by the fiber optic industry from the 15% of helium used by “semiconductors and fiber optics” from the United States Geological Survey report on helium.

Sometimes, I find myself talking while my audience has a puzzled look on their face. It doesn't matter how much I prepared my speech, the message is just not getting through. But then they ask: What are you trying to say?

Somehow, this shifts the conversation entirely. Instead of trying to sound smart and interesting, I start telling them exactly what I'm trying to say. The fluff disappears, the jargon fades, and I'm left with the raw information in its most primitive form. And somehow, they understand me better this way.

What are you trying to say? Whether it's in person or in writing, that question triggers something in us that allows us to better express our intentions.

Here's an exercise. Look out the window. What color is the sky? Now, on a piece of paper or in a word processor, write that the sky is blue.

"The sky is blue."

Somehow, it doesn't feel satisfying. Were there a few wisps of cloud in the sky? Did those clouds look like they were floating? Maybe erring? Were there mountains in the distance? Were they covered with a thin sheet of snow? Were you actually looking through a window, or sitting outdoors, maybe at a park with kids playing on a playground in the distance? What was happening under that blue sky? Was it actually blue, or a yawning purple suggesting dusk?

There's a whole lot we want to express, a whole lot we want to share of our full experience of the moment. But sometimes, just saying that the sky is blue does it.

What are you trying to say? Maybe you aren't trying to say that the sky is blue. Maybe you're using it as a metaphor for a deeper feeling you're experiencing. Maybe the emotion is complex and you need to paint it with a broader brush to truly express your feelings. But maybe all you're trying to say is that you're sad. Or happy. Maybe that's all you need to say.

This is something I find fascinating about communication. Sometimes the process demands that you say things wrong, or in the long-winded and complicated way, in order to arrive at that simple, raw format. It's just like how writing helps us think. Your idea isn't clear until you have it written down, like a complicated equation that resolves to something simple. The only shortcut we can take is to ask ourselves that question and untangle our mind in private, before we present our simple resolution at the end.

Whenever you find yourself, just like me, going in circles, losing yourself in a spiral, stop for a moment. Ask yourself: What am I trying to say?

I was left somewhat unconvinced by this book. I liked the concept - a series of interrelated stories all told in different styles.

Much like the film " Lola Rennt Run Lola Run " there's a briefcase full of cash, a cast of morally ambiguous characters, and a meandering philosophical discussion about the nature of economic salvation.

It slams together the naïve and the cynical into a bunch of uneasy conversations.

I loved the slow-burn of the first story - the way it gradually revealed more and more about the characters. But throughout I was left wondering "where is this going?" The answer, disappointingly, was nowhere.

That's the heart of my problem with the book - it was compelling and frustrating in equal measure. The author herself states it best:

The reader needs something to hold on to. A glimmer of hope

It was stylish, there's no doubt about that. The texture of each story was gorgeous. The plotting was inventive and the morality interesting. I also enjoyed the bluntness of the social politics of economics. I just felt the whole was much less than the sum of its parts.

I read this as part of a new book club I'm attending. Thankfully, everyone else seemed to agree that it was a bit of a let down.

->->->->->->->->->->->->->->->->->->->->->->->->->->->->->

Top Sources: None

-->

Today's links

• Cindy Cohn's "Privacy's Defender" : The history of digital rights, from the very beginning to this very moment.

• Hey look at this : Delights to delectate.

• Object permanence : Tariffs and monopolies; Paperclip dodecahedron; Class war comix; Glenn Beck's brain; Iceland v Pirates; Dashers v apps; Leaked NYPD goon squad manual.

• Upcoming appearances : Montreal, Toronto, San Francisco, London, Berlin, NYC, Hay-on-Wye, London.

• Recent appearances : Where I've been.

• Latest books : You keep readin' em, I'll keep writin' 'em.

• Upcoming books : Like I said, I'll keep writin' 'em.

• Colophon : All the rest.

Cindy Cohn's "Privacy's Defender" ( permalink )

I've known EFF executive director Cindy Cohn for 27 years. I met her when I needed cyberlaw advice for a startup I'd helped found. We got along so well that I ended up quitting the startup and going to work at EFF. Now, Cindy's memoir, Privacy's Defender , is on the shelves:

https://mitpress.mit.edu/9780262051248/privacys-defender/

I'm hardly a disinterested party here, obviously. I was at Cindy's wedding, I've danced with her at Burning Man, and I've worked with her for most of my adult life. What's more, I was present for many of the pivotal moments she recounts in this book. But still: this is a great book that I found utterly captivating.

Cohn's been with EFF since its earliest days, when she litigated one of the most important cases in computing history, the Bernstein case, which legalized civilian access to encryption technology and changed the world:

https://www.eff.org/deeplinks/2015/04/remembering-case-established-code-speech

Cryptographers had been arguing with the US government over the ban on working encryption technology for years before Cohn joined the fight, and they'd tried all manner of arguments to overturn the ban: technical arguments, political arguments, financial arguments. All of these efforts failed – they didn't even make a dent.

Cohn's genius was the way she formulated a free speech argument about the ban on encryption: arguing that computer code was a form of expressive speech, entitled to protection under the First Amendment. While she didn't come up with this idea, it was her gift for assembling a narrative and a cadre of unimpeachable experts that carried the day.

In this age of bad faith right-wing trolling about "free speech" and "cancel culture," it's easy to forget how central free speech cases and causes have been for the advancement of human rights and human thriving. Free speech cases gave us the nation's first privacy protections, protection for unions, and protection for civil rights organizers.

Cohn never forgets this. Her decades with EFF are a history of the fight for speech rights (and thus privacy rights) on the internet. After the US government seized on the 9/11 attacks as a pretext to dismantle privacy and turn the internet into a system of ubiquitous surveillance, Cohn (along with EFF, of course!) was at the center of the fight for digital rights. The same prescience and strategic brilliance that led her to take up the Bernstein case and win it were with her through those millennial years, and her description of our cases, campaigns and fights in those years vividly foreshadows the moment we are in today.

The same goes for her "three letter agency" chapter, which takes up our fights against the NSA and other US agencies in the wake of whistleblower disclosures by Mark Klein and Edward Snowden. These accounts are one part master class in legal tactics; one part battle cry for a global pushback against the transformation of the internet into the perfect surveillance and control machine, and one part personal memoir of a tactician, finding ways to leverage a righteous cause to raise a guerrilla army of experts, co-counsel, amici, and champions who carried our message to the world.

All of this is connected back to her other legal career, as a human rights defender litigating on behalf of the survivors of a massacre perpetrated by a death squad working on behalf of Chevron in Nigeria. Cohn skilfully connects these very concrete, visible human rights struggles to the invisible – and no less important – human rights work she carried out for EFF.

I didn't just have a front-row seat for this stuff – I had backstage passes for a lot of it (though not the juiciest national security cases, which required EFF lawyers to maintain total secrecy from colleagues, spouses, even our board, on pain of a long prison sentence for disclosing classified information). Even so, Cohn's pacey, smart retelling of these events brought them to life for me, and of course, there's a coherence that you get after the fact that is missing when you're living through it in a moment.

But what really enlivened this delightful book were the personal details that Cohn weaves into the story. I've always known that she was an adoptee (and I even have a small, strange, coincidental connection to her birth family), but Cohn's intimate, personal, frank memoir of her early family life, and her bittersweet connection to her birth family were so intimate and well-told that I felt like I was getting to know my dear friend all over again.

Cindy is retiring from EFF (but not the law) in a couple of months. This book is a beautiful capstone to a brilliant career that defined the fight for cyber rights, and a deep, accessible dive into the defining tech and human rights battles of this century.

Hey look at this ( permalink )

• Who Is L.A.’s Hero Posting Up These Anti-ICE Parking Signs? https://lataco.com/anti-ice-parking-signs

• Data Center Tech Lobbyists Fearmonger in Attempt to Retroactively Roll Back Right to Repair Law https://www.404media.co/data-center-tech-lobbyists-fearmonger-in-attempt-to-retroactively-roll-back-right-to-repair-law/?ref=daily-stories-newsletter

• Live Tax-Free and Die https://prospect.org/2026/04/08/apr-2026-magazine-live-tax-free-and-die/

• Men Are Buying Hacking Tools to Use Against Their Wives and Friends https://www.wired.com/story/men-are-buying-hacking-tools-to-use-against-their-wives-and-friends/

• How Trump Took the U.S. to War With Iran https://www.nytimes.com/2026/04/07/us/politics/trump-iran-war.html

Object permanence ( permalink )

#15yrsago Advanced office-supply sculpture: paperclip dodecahedron https://web.archive.org/web/20171122055732/https://makezine.com/2011/04/07/paperclip-snub-dodecahedron/

#15yrsago World Bank: gold farming (etc) paid poor countries $3B in 2009 https://web.archive.org/web/20110410134037/http://www.infodev.org/en/Publication.1056.html

#15yrsago Class war comics: Scrap Iron Man versus international capital https://web.archive.org/web/20110410215907/https://www.chinamieville.net/post/4406165249/rejected-pitch

#15yrsago Colombian Justice Minister ramming through extremist copyright legislation without public consultation https://web.archive.org/web/20110707053554/http://karisma.org.co/?p=667

#15yrsago Glenn Beck’s brain https://www.motherjones.com/politics/2011/03/glenn-beck-fox-news-brain-chart/

#10yrsago Why 40 years of official nutritional guidelines prescribed a low-fat diet that promoted heart disease https://www.theguardian.com/society/2016/apr/07/the-sugar-conspiracy-robert-lustig-john-yudkin

#10yrsago Fearing the Pirate Party, Iceland’s government scrambles to avoid elections https://web.archive.org/web/20160407183022/https://theintercept.com/2016/04/07/icelands-government-tries-cling-protesters-pirates-gates/

#10yrsago The price of stealing an identity is crashing, with no bottom in sight https://qz.com/656459/its-never-been-cheaper-to-steal-someones-digital-identity-on-the-internet

#10yrsago Bernie Sanders can only win if nonvoters turn out at the polls, and they almost never do https://web.archive.org/web/20160408145116/https://www.vox.com/2016/4/6/11373862/bernie-sanders-voter-lists

#10yrsago To understand the link between corporations and Hillary Clinton, look at philosophy, not history https://web.archive.org/web/20160406223353/https://www.thenation.com/article/the-problem-with-hillary-clinton-isnt-just-her-corporate-cash-its-her-corporate-worldview/

#10yrsago The US Government’s domestic spy-planes take weekends and holidays off https://www.buzzfeednews.com/article/peteraldhous/spies-in-the-skies

#10yrsago A perfect storm of broken business and busted FLOSS backdoors everything, so who needs the NSA? https://www.youtube.com/watch?v=fwcl17Q0bpk

#5yrsago Door Dashers organize app-defeating solidarity https://pluralistic.net/2021/04/07/cruelty-by-design/#declinenow

#5yrsago Leaked NYPD "goon squad" manual https://pluralistic.net/2021/04/07/cruelty-by-design/#blam-blam-blam

#1yrago Tariffs and monopolies https://pluralistic.net/2025/04/07/it-matters-how-you-slice-it/#too-big-to-care

Upcoming appearances ( permalink )

• Montreal: Bronfman Lecture (McGill), Apr 10

https://www.eventbrite.ca/e/artificial-intelligence-the-ultimate-disrupter-tickets-1982706623885

• Montreal: Drawn and Quarterly, Apr 10

https://mtl.drawnandquarterly.com/events/4863920260410

• Toronto: DemocracyXchange, Apr 16

https://www.democracyxchange.org/news/cory-doctorow-to-open-dxc26-on-april-16

• San Francisco: 2026 Berkeley Spring Forum on M&A and the Boardroom, Apr 23

https://www.theberkeleyforum.com/#agenda

• London: Resisting Big Tech Empires (LSBU), Apr 25

https://www.tickettailor.com/events/globaljusticenow/2042691

• NYC: Enshittification at Commonweal Ventures, Apr 29

https://luma.com/ssgfvqz8

• NYC: Techidemic with Sarah Jeong, Tochi Onyibuchi and Alia Dastagir (PEN World Voices), Apr 30

https://worldvoices.pen.org/event/techidemic/

• Berlin: Re:publica, May 18-20

https://re-publica.com/de/news/rp26-sprecher-cory-doctorow

• Berlin: Enshittification at Otherland Books, May 19

https://www.otherland-berlin.de/de/event-details/cory-doctorow.html

• Hay-on-Wye: HowTheLightGetsIn, May 22-25

https://howthelightgetsin.org/festivals/hay/big-ideas-2

• SXSW London, Jun 2

https://www.sxswlondon.com/session/how-big-tech-broke-the-internet-b3c4a901

Recent appearances ( permalink )

• The internet is getting worse (CBC The National)

https://youtu.be/dCVUCdg3Uqc?si=FMcA0EI_Mi13Lw-P

• Do you feel screwed over by big tech? (Ontario Today)

https://www.cbc.ca/listen/live-radio/1-45-ontario-today/clip/16203024-do-feel-screwed-big-tech

• Launch for Cindy's Cohn's "Privacy's Defender" (City Lights)

https://www.youtube.com/watch?v=WuVCm2PUalU

• Chicken Mating Harnesses (This Week in Tech)

https://twit.tv/shows/this-week-in-tech/episodes/1074

• The Virtual Jewel Box (U Utah)

https://tanner.utah.edu/podcast/enshittification-cory-doctorow-matthew-potolsky/

Latest books ( permalink )

• "Canny Valley": A limited edition collection of the collages I create for Pluralistic, self-published, September 2025 https://pluralistic.net/2025/09/04/illustrious/#chairman-bruce

• "Enshittification: Why Everything Suddenly Got Worse and What to Do About It," Farrar, Straus, Giroux, October 7 2025

https://us.macmillan.com/books/9780374619329/enshittification/

• "Picks and Shovels": a sequel to "Red Team Blues," about the heroic era of the PC, Tor Books (US), Head of Zeus (UK), February 2025 ( https://us.macmillan.com/books/9781250865908/picksandshovels ).

• "The Bezzle": a sequel to "Red Team Blues," about prison-tech and other grifts, Tor Books (US), Head of Zeus (UK), February 2024 ( thebezzle.org ).

• "The Lost Cause:" a solarpunk novel of hope in the climate emergency, Tor Books (US), Head of Zeus (UK), November 2023 ( http://lost-cause.org ).

• "The Internet Con": A nonfiction book about interoperability and Big Tech (Verso) September 2023 ( http://seizethemeansofcomputation.org ). Signed copies at Book Soup ( https://www.booksoup.com/book/9781804291245 ).

• "Red Team Blues": "A grabby, compulsive thriller that will leave you knowing more about how the world works than you did before." Tor Books http://redteamblues.com .

• "Chokepoint Capitalism: How to Beat Big Tech, Tame Big Content, and Get Artists Paid, with Rebecca Giblin", on how to unrig the markets for creative labor, Beacon Press/Scribe 2022 https://chokepointcapitalism.com

Upcoming books ( permalink )

• "The Reverse-Centaur's Guide to AI," a short book about being a better AI critic, Farrar, Straus and Giroux, June 2026 ( https://us.macmillan.com/books/9780374621568/thereversecentaursguidetolifeafterai/ )

• "Enshittification, Why Everything Suddenly Got Worse and What to Do About It" (the graphic novel), Firstsecond, 2026

• "The Post-American Internet," a geopolitical sequel of sorts to Enshittification , Farrar, Straus and Giroux, 2027

• "Unauthorized Bread": a middle-grades graphic novel adapted from my novella about refugees, toasters and DRM, FirstSecond, 2027

• "The Memex Method," Farrar, Straus, Giroux, 2027

Colophon ( permalink )

Today's top sources:

Currently writing: "The Post-American Internet," a sequel to "Enshittification," about the better world the rest of us get to have now that Trump has torched America. First draft complete. Second draft underway.

• "The Reverse Centaur's Guide to AI," a short book for Farrar, Straus and Giroux about being an effective AI critic. LEGAL REVIEW AND COPYEDIT COMPLETE.

• "The Post-American Internet," a short book about internet policy in the age of Trumpism. PLANNING.

• A Little Brother short story about DIY insulin PLANNING

This work – excluding any serialized fiction – is licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that yo

内容较长，当前仅展示前 14000 字。可点击“打开原文”查看完整内容。

I write stuff here. Sometimes the stuff is good. Sometimes it reads like I wrote it at 2 AM after an argument with a YAML file, which is because I did. But one decision I made early on was that I didn't want to offer an email newsletter. Part of this was simple economics. At one point I did have a Subscribe button up, and enough people clicked it that the cost of actually sending those emails started to resemble a real bill. Sending thousands of emails when you have no ads, no sponsors, and no monetization strategy beyond "I guess people will just... read it?" doesn't make a lot of financial sense. But the bigger reason — the one I actually care about — is that I didn't want a database full of email addresses sitting under my control if I could possibly avoid it. There's a particular flavor of anxiety that comes with being the custodian of other people's personal data, a low-grade dread not unlike realizing you've been entrusted with someone's elderly cat for two weeks and the cat has a medical condition. I can't lose data I don't have. I never need to lie awake wondering whether some user is reusing their bank password to log into my website just to manage their subscription preferences. The best way I can safeguard user data is by never having any in the first place. It's not a security strategy you'll find in any textbook, but it is airtight. Now, when I explained this philosophy to people who run similar websites, the reaction was — and I'm being generous here — warm laughter . The kind of laughter you get when you ask if an apartment in Copenhagen is under $1,000,000. Email newsletters are the only way to run a site like this, they said. RSS is dead, they said. You might as well be distributing your writing via carrier pigeon or community bulletin board. One person looked at me the way you'd look at someone who just announced they were going to navigate cross-country using only a paper atlas. Not angry. Just sad. I'm lucky in that I'm not trying to get anyone to pay me to come here. If I were, the math would probably change. I'd be out there A/B testing subject lines and agonizing over open rates like everyone else, slowly losing pieces of my soul in a spreadsheet. But if your question is simply, "Can I make a hobbyist website that actual humans will find and read without an email newsletter?" — the answer is a resounding yes. And I have the logs to prove it. Stats All of this is from Nginx access.log. =========================================== Traffic Source Breakdown (Current Log) ===========================================

Total Filtered Requests: 49089

RSS/Feed Traffic: 24750 (50.42%) Homepage Traffic: 1534 (3.12%) Other Traffic: 22805 (46.46%) These logs get rotated daily and don't include the majority of requests that hit the Cloudflare cache before they ever reach my server, so the real numbers are higher. But I think they're reasonably representative of the overall shape of things. About half my traffic is readers hitting /feed or /rss — people who have, of their own free will, pointed an RSS reader at my site and said yes, tell me when this person has opinions again . The other half are arriving via a specific link they stumbled across somewhere in the wild. If we do a deeper dive into that specific RSS traffic, we learn a few interesting things. The user-agent breakdown shows the usual suspects — the RSS readers you'd expect, the ones that have been around long enough to have their own Wikipedia articles. There are also some abusers in the metrics. I have no idea what "Daily-AI-Morning" is, but whatever it's doing, it's polling my feed with the frantic energy of someone refreshing a package tracking page on delivery day. The time distribution, though, is pretty good — spread out across the day in a way that suggests real humans checking their feeds at real human intervals, rather than a single bot hammering me every thirty seconds. My conclusion is this: if you want to run a website that relies primarily on RSS instead of email newsletters, you absolutely can. The list of RSS readers hasn't dramatically changed in a long time, which is actually reassuring — it means the ecosystem is stable, not dead. The people who use RSS really use RSS. They're not trend-chasers. They're the type who still have a working bookmark toolbar. They are, in the best possible sense, your people. Effectively, if you make your site RSS-friendly and you test it in NetNewsWire, you will — slowly, quietly, without a single "SUBSCRIBE FOR MORE" pop-up — build a real audience of people who actually want to read what you write. No email database required. No passwords to leak. No giant confusing subscription system.

Yesterday I wrote about the package security problems AI agents face : typosquatting, registry poisoning, lockfile manipulation, install-time code execution, credential theft, and cascading failures through the dependency graph. Agents inherit all the old package security problems but resolve, install, and propagate faster than any human can review.

There’s no silver bullet for securing agent coding workflows because LLMs can’t reliably distinguish safe packages and metadata from malicious ones, but these defenses can reduce the blast radius when something gets through. Some of them introduce friction, but agents can absorb that friction better than humans.

For people using AI coding platforms

Disable install scripts by default

npm has --ignore-scripts , pip has --no-build-isolation discussions, but neither defaults to off. Agent platforms should ship with install scripts disabled and require explicit opt-in per package. The postinstall script is the single most common vector for malicious packages, and agents have no way to evaluate whether a script is legitimate. Bun already defaults to not running lifecycle scripts for installed dependencies.

Dependency cooldown periods

New package versions shouldn’t be installable by agents for some window after publication, maybe 24-72 hours. I wrote about cooldown support across package managers in more detail last month. Most malicious packages are detected and removed within days of upload. A cooldown means agents only resolve versions that have survived initial community and automated review. npm’s provenance attestations help here but aren’t sufficient alone. This could be enforced at the registry level, the resolver level, or the AI coding platform level.

Sandbox package installation

Agents should install packages in isolated environments with no network access after the download phase and no access to credentials, SSH keys, or environment variables. Container-based sandboxes or something like Landlock on Linux would work here, where the install step gets network access to fetch packages but everything after that runs without it. Even if a malicious install script executes, it can’t reach anything worth stealing.

Limit which registries agents can resolve from

Agent configurations should support an allowlist of registries and scopes. An agent that only needs packages from your company’s private registry and a handful of vetted public packages shouldn’t be able to resolve arbitrary names from npm or PyPI. Companies already do this in their CI pipelines to prevent dependency confusion, and agents need the same treatment.

Pin and verify lockfiles

Agents should never regenerate a lockfile unless explicitly asked to. If a lockfile exists, the agent should install from it exactly. If the agent’s task requires adding a new dependency, it should produce the lockfile diff for review rather than installing and continuing. Lockfile-lint and similar tools should run as a gate before any agent-modified lockfile is accepted.

Require package provenance

Where registries support it (npm with sigstore, PyPI with Trusted Publishers), AI coding platforms should default to requiring provenance attestation. Packages without provenance get flagged or blocked. This doesn’t prevent all supply chain attacks but it makes account takeover and registry compromise harder.

Scope agent permissions to the task

An agent updating a README doesn’t need npm install permissions, and one running tests doesn’t need network access. Agent platforms should support task-scoped permission profiles rather than giving every agent the same broad access, covering both what packages an agent can install and what those packages can do once installed.

Treat agent tool metadata as untrusted input

MCP server descriptions, agent cards, skill descriptors, and plugin manifests should be treated as untrusted input, not as instructions. Agent platforms should parse metadata into structured fields and reject or sanitize freeform text before it reaches the LLM context.

Monitor agent dependency behavior

Log every package install, version resolution, and registry query an agent makes, and diff these against expected behavior for the task. If an agent asked to fix a CSS bug runs npm install crypto-utils , that should page someone the same way an unexpected outbound network connection would in production. If an agent resolves a package version different from what’s in the lockfile, the task should halt and wait for human approval. Traditional package security tooling already surfaces these signals but most AI coding platforms don’t wire them into their agent workflows.

Failed installs matter too. When an agent tries to install a package that doesn’t exist, that’s likely a hallucinated name, and those names are slopsquatting targets. Registries and AI coding platforms that log failed resolution attempts have an early warning system for which package names attackers should be racing to register.

Namespace reservation for agent ecosystems

MCP server registries, A2A discovery services, and skill marketplaces should implement namespace reservation and verification, the way npm has org scopes and PyPI has verified publishers. Unverified packages in agent-specific namespaces should carry visible warnings, and agents should be configurable to reject unverified sources entirely.

For people designing AI coding platforms

Your agent’s dependency resolver is a security boundary

Every time your agent runs a package install, it’s making a trust decision. Treat the resolver the same way you’d treat an authentication system: define what it’s allowed to do, log what it actually does, and fail closed when something unexpected happens. If your agent can install arbitrary packages from public registries without approval, you’ve given the internet write access to your execution environment.

Separate the package installation phase from the execution phase

Don’t let agents install and run in a single step. The install phase should fetch and verify packages against an allowlist or lockfile, and the execution phase should run in a sandboxed environment built from what was installed. You don’t npm install at runtime in production, and your agent shouldn’t either.

Design for the agent not knowing what it doesn’t know

A human developer might hesitate before installing a package they’ve never heard of, but an agent will install whatever it thinks solves the task. Require packages to come from a vetted list, flag new dependencies for human review, and reject packages below a popularity or age threshold.

Treat every MCP server and plugin as a dependency

If your system connects to MCP servers, installs skills, or loads plugins, those are dependencies with the same risk profile as npm packages. Pin versions, verify provenance where possible, and audit what they do at install and runtime. Calling them “tools” or “skills” instead of “packages” doesn’t change the threat model.

Don’t give agents ambient credentials

Agents that inherit the developer’s shell environment get their SSH keys, API tokens, cloud credentials, and registry auth tokens, and a malicious package installed by the agent can read all of it. Provision agents with scoped, short-lived credentials that only cover what the current task requires. If your agent doesn’t need to push to a registry, it shouldn’t have a registry auth token in its environment.

Assume your agent will be prompted to install something malicious

Attackers will try to get your agent to install a bad package, and sometimes they’ll succeed. Design your system so that a single malicious install can’t exfiltrate credentials, can’t persist across tasks, can’t modify other agents’ environments, and can’t propagate to downstream systems. The blast radius of a compromised dependency should be one sandboxed task.

Build a dependency audit trail

Every package your agent installs, every version it resolves, every registry it queries should be logged and attributable to a specific task. When something goes wrong, you need to answer: which agent installed this, when, why, and what else did it touch? Traditional SCA tools can scan the result, but you also need the provenance of how that result was assembled, the same way you’d want reproducible builds.

Don’t forget about dependencies after installation

Agents are good at installing packages and bad at revisiting them. A dependency an agent pulled in six months ago to fix a one-off task is still in the tree, still getting loaded, and nobody has checked whether it’s been flagged since. Human developers at least occasionally see Dependabot PRs or hear about compromised packages through the grapevine. Agents don’t have a grapevine. If your platform lets agents add dependencies, it also needs a mechanism for surfacing when those dependencies go stale, get deprecated, or turn up in vulnerability databases.

Vandaag verscheen het rapport “Digitale autonomie binnen de energie-intensieve industrie”, wat ik schreef in opdracht van Energy Innovation NL, voorheen bekend als de Topsector Energie. Het rapport is hier te lezen. Dit was ontzettend leuk om te doen, en ik ben erg blij dat men me gevraagd heeft om dit rapport te schrijven. Samen met Energy Innovation NL (de nieuwe naam van de Topsector Energie) hebben we een brede selectie relevante bedrijven gesproken.

If you've done much work with systemd services, you've probably gotten entirely used to the traditional dance of ' systemctl restart something; journalctl -f -u something ' so you can see the shutdown and restart log messages of what you just theoretically restarted, assuming it's happy with life. In systemd v258, systemctl gained a new feature to help with this, systemctl -v . The help describes it reasonably well:

Display unit log output while executing unit operations.

(This means any unit operation; you can use it with 'systemctl stop', 'systemctl start', and 'systemctl reload' too.)

All of this is nice and I'm certainly going to enjoy using this feature on our future Ubuntu 26.04 machines and on my Fedora machines. However, it has an obvious limitation for 'restart', 'start', and 'reload' that in many cases is going to have me still using the the journalctl stuff as well.

That limitation is right there in the description: 'while executing unit operations'. If you do 'systemctl -v restart something', systemctl stops following your service's log output the moment it considers your service to have started. In some services, this will be when the service has genuinely started and reported this to systemd, for example for a Type=notify service. In many others, for example ' Type=exec ' services where you directly run some binary and it sits there doing things, systemd will consider the service started the moment your binary is running. Since systemd considers the service started, it will stop following the logs in 'systemctl -v restart'.

This is often not sufficient. Many services have a certain amount of post-exec work to do before they've genuinely started, such as loading configuration files, opening databases, initializing internal services, and so on. Some services can error out at this point, so that (as systemd sees it) they were successfully started but then immediately failed. Sometimes, the service itself intrinsically is only 'up' after it has talked to the outside world and established something, such as a DSL PPPoE link .

All of this isn't systemd's fault, but it means that 'systemctl -v restart' may only tell you the very early part of the story. And that's why for a lot of services I need to keep doing the 'journalctl' part too.

I recently found out about Andrica’s conjecture: the square roots of consecutive primes are less than 1 apart.

In symbols, Andrica’s conjecture says that if p n and p n +1 are consecutive prime numbers, then

√ p n +1 − √ p n < 1.

This has been empirically verified for primes up to 2 × 10 19 .

If the conjecture is true, it puts an upper bound on how long you’d have to search to find the next prime:

p n +1 < 1 + 2√ p n   + p n ,

which would be an improvement on the Bertrand-Chebyshev theorem that says

p n +1 < 2 p n .

The post Root prime gap first appeared on John D. Cook .

In early January 2025, a family friend was over for lunch. One of my many guilty midwit pleasures is a love of New Year’s resolutions, so I asked her if she had made any. She said no, but mentioned that she had some relatives that were doing “damp January”.

In case you’re not aware, Dry January is a challenge many people do to quit drinking alcohol during the month of January. These folks were doing a variant in which, instead of not drinking, one simply drinks less.

For some reason, this triggered me. I thought, “Are you kidding? You can’t even stop drinking for a single month? Do you know how pathetic that is?” And then, “Fuck you! Fuck you for doing damp January! You know what, I’m going to stop drinking for a year !”

To be clear, these thoughts were directed at people I’ve never even met. In retrospect, I wonder what was going on with me emotionally. But I take resolutions seriously, so I felt committed.

We are now 15 months down the timeline, so I’ll make my report.

It was easy

This will sound odd, but I swear it’s true. Not drinking was so easy that it was almost easier than my previous baseline of not-not-drinking.

Before starting this resolution, I didn’t drink much—perhaps two or three drinks per week. But I often thought about drinking. Every time I saw friends or went to a restaurant, I thought, “Should I have a drink?” Usually I decided not to. But making that decision required effort.

After a few weeks of not drinking, that question never even came up. Drinking was simply not a thing I did, so I never needed to negotiate with myself.

Theoretically, you could allow yourself one drink a month instead of zero. Theoretically, that should be easier. But I’m pretty sure I’d find it harder, because alcohol would still be an option , a thing to consider.

Sometimes I need a thing

Early on, I sometimes wanted a drink. But gradually I noticed that I didn’t really want a drink, I just wanted a thing . I can’t find a precise name for this concept in psychology, but often, some deep part of my brain seems to scream, “I WANT A THING.” It could be alcohol, but I found dessert worked just as well. I suspect that a new shirt or meeting a new dog would also work.

I was not able to stop my brain from doing this. When it demanded a thing, I gave it a thing. I just substituted a non-alcohol thing. So, over the year, I became interested in desserts and even-more interested in tea.

The struggle was The Chocolates. Shortly after I made this resolution, my mother gave me a bag of chocolates that each contained a bit of whiskey. In general, I don’t keep chocolate at home. If anyone gives me chocolate, I immediately eat all of it and then text the giver, “Thanks for the chocolate, I ate it instead of dinner, it’s all gone, this is what will always happen if you give me chocolate.”

But I couldn’t eat the Chocolates, because they contained alcohol. I managed to get guests to eat a few. A couple of times I came close to draining out the alcohol and eating the chocolate container. I even considered throwing them away, but that felt wrong. So instead I spent a year glaring at them and waiting for them to apologize for the anguish they were causing me. This represented half the difficulty of this resolution. I do not recommend it. Keep your things separate.

Alcohol is bad for sleep

Have you heard that alcohol is bad for sleep? Because alcohol is bad for sleep . I’ve always known that was true, abstractly. But sleep is variable. If I didn’t sleep well on an individual night, I was never sure: Was that because of the alcohol, or was it random variation?

After a year without alcohol, I am very confident that yes indeed, alcohol is bad for sleep , because my sleep during 2025 was much better than in previous years. Sure, like anyone else, I still sometimes wake up and start thinking about oblivion rushing towards me, and how everything I love will vanish into time, and how all that was once future and hope inevitably becomes static and dust, and how the plague of bluetooth speakers continues to spread across the globe. But now: less!

I wish there was a drug I could take that would give me energy and improve my mood and make me physically healthier and smarter, all without side-effects. I don’t think such a drug exists. But we do have the opposite!

So, sadly, I’ve come to believe that alcohol is basically the perfect anti-nootropic. That’s not because it makes you dumb while you’re drunk. (True, but who cares?) Rather, that’s because it is bad for sleep , and therefore makes you worse across all dimensions the next day.

Alcohol is good for socializing sometimes

I did find not drinking to have one clear downside: It’s just not that much fun to hang out with people who are drinking if you are not drinking yourself.

To be clear, this is a limited effect. It’s only an issue at bars or certain parties where people are there to drink . I don’t go to many such gatherings, but when I did, I felt it was less fun.

It’s not that I missed alcohol. Instead, my theory is that drinking parties are a sort of joint role-playing exercise: “Let’s all get together and collectively reduce our inhibitions and see what happens.” It’s fun not (just) because everyone is taking a recreational drug, but because it’s a joint social experience. If you don’t drink, then you aren’t fully participating.

It seems like it should be possible to reproduce this effect without alcohol. You could imagine other ways to push the social equilibrium out of balance. Like… Masks? Or weird environments? Or mutual disclosure games? Should people get together and do a group cold plunge?

Unfortunately, all these are complicated and/or carry some kind of social stigma. So until we figure something better out, this is a real cost. It was minor for me, but it probably depends a lot on where you are in life.

Other effects

All other effects were minor. I guess I saved money at restaurants. I actually lost a bit of weight over the year, despite all the extra desserts, though I can’t say for sure if alcohol was the cause. Otherwise, once I stopped thinking of alcohol as an option, I rarely thought about the resolution at all, except when I saw those damn chocolates.

Aftermath

Towards the end of the year, I started wondering if I should quit drinking forever. But I never came to a conclusion, because I rarely thought about alcohol. I considered having a drink at midnight on New Year’s eve, but I happened to be on a plane that crossed the international date line, and thus skipped New Year’s eve.

And then… for the first few months of 2026, I still didn’t drink. That wasn’t because of any decision. It just never seemed appealing because (a) sleep and (b) I’d broken the mental link between want thing and drink alcohol . Eventually, I ate the chocolates, and I had a glass of wine when visiting some friends. If I can continue rarely drinking while almost never thinking about drinking, I’ll probably do that. If I slowly slide back into always thinking of alcohol as a live option and always negotiating with myself, I might just resolve to quit forever.

So that’s my story. Obviously, it’s heavily colored by my own idiosyncrasies, so it’s hard to say if it offers any general lesson.

I do think people underrate the long-term health impact of drinking. The effect on heart disease is debated, but everyone agrees that any alcohol increases the risk of cancer. Still, the long-term effects from occasional light drinking probably aren’t huge. What’s really underrated is the short-term effects, via worse sleep.

If I had to give advice, it would be this: If you drink, and you think you might be better off not drinking, why not try it? Maybe you’ll find that champagne is essential to your happiness and drink it every night, to hell with the costs. Maybe you’ll find a different baseline, or maybe you’ll quit forever. Whatever you decide, you’ll have full information.

Meta announced Muse Spark today, their first model release since Llama 4 almost exactly a year ago . It's hosted, not open weights, and the API is currently "a private API preview to select users", but you can try it out today on meta.ai (Facebook or Instagram login required).

Meta's self-reported benchmarks show it competitive with Opus 4.6, Gemini 3.1 Pro, and GPT 5.4 on selected benchmarks, though notably behind on Terminal-Bench 2.0. Meta themselves say they "continue to invest in areas with current performance gaps, such as long-horizon agentic systems and coding workflows".

The model is exposed as two different modes on meta.ai - "Instant" and "Thinking". Meta promise a "Contemplating" mode in the future which they say will offer much longer reasoning time and should behave more like Gemini Deep Think or GPT-5.4 Pro.

A couple of pelicans

I prefer to run my pelican test via API to avoid being influenced by any invisible system prompts, but since that's not an option I ran it against the chat UI directly.

Here's the pelican I got for "Instant":

And this one for "Thinking":

Both SVGs were rendered inline by the Meta AI interface. Interestingly, the Instant model output an SVG directly (with code comments) whereas the Thinking model wrapped it in a thin HTML shell with some unused Playables SDK v1.0.0 JavaScript libraries.

Which got me curious...

Poking around with tools

Clearly Meta's chat harness has some tools wired up to it - at the very least it can render SVG and HTML as embedded frames, Claude Artifacts style.

But what else can it do?

I asked it:

what tools do you have access to?

And then:

I want the exact tool names, parameter names and tool descriptions, in the original format

It spat out detailed descriptions of 16 different tools. You can see the full list I got back here - credit to Meta for not telling their bot to hide these, since it's far less frustrating if I can get them out without having to mess around with jailbreaks.

Here are highlights derived from that response:

• Browse and search . browser.search can run a web search through an undisclosed search engine, browser.open can load the full page from one of those search results and browser.find can run pattern matches against the returned page content.

• Meta content search . meta_1p.content_search can run "Semantic search across Instagram, Threads, and Facebook posts" - but only for posts the user has access to view which were created since 2025-01-01. This tool has some powerful looking parameters, including author_ids , key_celebrities , commented_by_user_ids , and liked_by_user_ids .

• "Catalog search" - meta_1p.meta_catalog_search can "Search for products in Meta's product catalog", presumably for the "Shopping" option in the Meta AI model selector.

• Image generation . media.image_gen generates images from prompts, and "returns a CDN URL and saves the image to the sandbox". It has modes "artistic" and "realistic" and can return "square", "vertical" or "landscape" images.

• container.python_execution - yes! It's Code Interpreter , my favourite feature of both ChatGPT and Claude.

Execute Python code in a remote sandbox environment. Python 3.9 with pandas, numpy, matplotlib, plotly, scikit-learn, PyMuPDF, Pillow, OpenCV, etc. Files persist at /mnt/data/ .

Python 3.9 is EOL these days but the library collection looks useful.

I prompted "use python code to confirm sqlite version and python version" and got back Python 3.9.25 and SQLite 3.34.1 (from January 2021 ).

• container.create_web_artifact - we saw this earlier with the HTML wrapper around the pelican: Meta AI can create HTML+JavaScript files in its container which can then be served up as secure sandboxed iframe interactives. "Set kind to html for websites/apps or svg for vector graphics."

• container.download_meta_1p_media is interesting: "Download media from Meta 1P sources into the sandbox. Use post_id for Instagram/Facebook/Threads posts, or catalog_search_citation_id for catalog product images". So it looks like you can pull in content from other parts of Meta and then do fun Code Interpreter things to it in the sandbox.

• container.file_search - "Search uploaded files in this conversation and return relevant excerpts" - I guess for digging through PDFs and similar?

• Tools for editing files in the container - container.view , container.insert (with new_str and insert_line ), container.str_replace . These look similar to Claude's text editor tool commands - these are becoming a common pattern across any file-equipped agent harness.

• container.visual_grounding - see below, this one is fun .

• subagents.spawn_agent - the sub-agent as a tool pattern. "Spawn an independent sub-agent for research, analysis, or delegation. It returns its final text response."

• third_party.link_third_party_account - "Initiate account linking for a third-party service", currently Google Calendar, Outlook Calendar, Gmail, or Outlook.

Image analysis in the container

Let's talk about that container.visual_grounding one. Here's the description in full:

Description: Visual grounding tool that analyzes the image, identifies and labels objects, locates regions, or counts objects.

Parameters:

• object_names (array, required)

• image_path (string, default "")

• format_type ("bbox"|"point"|"count"|null, default "bbox")

• title (string|null)[string]

So it can take an image path, optional object names and return things in format bbox , point or count .

Sounds to me like Meta's Segment Anything . I decided to take it for a spin.

Prompt :

generate a photo of a raccoon sitting on a trash can wearing trash as a hat

Response :

Here you go — king of the alley, in full regalia:

Coffee cup crown, banana peel brim, newspaper feather. Peak raccoon fashion. Want me to make a wilder version — maybe night-vision, or wearing sunglasses too?

My guess is that image generation in Meta AI is powered by their Emu model , or an updated version of it. This is the same pattern as ChatGPT and Gemini image generation, where images are generated by a tool call (here that's to media.image_gen ).

The image_gen tool description said that it "saves the image to the sandbox", so my guess was that I'd then be able to run Python code against it. I tried:

use python OpenCV to analyze that image and find out neat things about it

Annoyingly it did not show me the code it ran, but it did create this image:

Pretty neat! We can both generate images and then use them with Python tools.

Next, the visual_grounding tool. Knowing the names of the tools makes it easy to refer to them in prompts:

Now try the container.visual_grounding tool

The response ( full response here ):

Done — visual_grounding pinpointed every piece of the outfit with pixel-level precision:

[...]

Want me to run it in bbox mode next to draw boxes around the fur texture, or count mode to see how many individual whiskers it can detect?

Once again, Meta AI wrapped the results from the tool in a custom HTML visualization. That's clearly point mode, but how about the others?

I prompted:

yes draw bounding boxes, can it do masks too?

Response:

Yes — bounding boxes work great. Masks? Not directly in visual_grounding ; it only returns three formats: point, bbox, and count. No pixel-level segmentation masks.

Here's the bbox output:

What you’re seeing:

• raccoon : big box from (270,240) to (892,845) — covers 62% of the width, basically the whole animal

• coffee cup : (424,115)-(610,273) — sits highest, 158px tall in the 0-1000 space

• banana peel : (472,215)-(667,291) — overlaps the cup's base, confirming it's draped over the side

• newspaper : (305,223)-(548,315) — left ear coverage

• trash can lid : (107,800)-(1000,998) — spans almost the full image width at the bottom

• face : (305,283)-(750,537) — tight crop around the mask

• eyes : both ~40×37 pixel boxes, perfectly level at y=379

Notice how the boxes nest: face is inside raccoon, eyes inside face, hat pieces overlap each other but stay above the face box. The tool is doing real object localization, not just guessing centers.

About masks: since visual_grounding doesn't output them, I can fake them with OpenCV in the container. Two quick options:

• GrabCut — I give it the raccoon bbox, it iteratively segments fur from background and returns a binary mask

• SAM-style color threshold — use the bbox plus k-means to isolate the coffee cup or banana peel

Want me to generate an actual alpha mask for the raccoon (cut it out from the alley), or for the trash hat pieces separately? Takes about 10 seconds and I can give you a transparent PNG.

Here's the HTML for that bbox visualization .

Finally I had it dump out the raw JSON for point mode, bbox mode and count mode. You can see that all here . The count mode is particularly interesting - here's that in full:

[ { "object_name" : " raccoon whisker " , "points" : [ { "x" : 403 , "y" : 445 }, { "x" : 397 , "y" : 458 }, { "x" : 392 , "y" : 472 }, { "x" : 391 , "y" : 485 }, { "x" : 398 , "y" : 497 }, { "x" : 415 , "y" : 512 }, { "x" : 618 , "y" : 446 }, { "x" : 622 , "y" : 461 }, { "x" : 625 , "y" : 475 }, { "x" : 628 , "y" : 488 }, { "x" : 635 , "y" : 501 }, { "x" : 651 , "y" : 518 } ], "count" : 12 }, { "object_name" : " raccoon paw claw " , "points" : [ { "x" : 406 , "y" : 845 }, { "x" : 424 , "y" : 847 }, { "x" : 441 , "y" : 842 }, { "x" : 473 , "y" : 833 }, { "x" : 596 , "y" : 830 }, { "x" : 635 , "y" : 844 }, { "x" : 660 , "y" : 843 }, { "x" : 679 , "y" : 838 } ], "count" : 8 }, { "object_name" : " trash item on head " , "points" : [ { "x" : 514 , "y" : 191 }, { "x" : 568 , "y" : 263 }, { "x" : 392 , "y" : 274 } ], "count" : 3 }, { "object_name" : " eye " , "points" : [ { "x" : 462 , "y" : 395 }, { "x" : 582 , "y" : 398 } ], "count" : 2 }, { "object_name" : " ear " , "points" : [ { "x" : 359 , "y" : 313 }, { "x" : 680 , "y" : 294 } ], "count" : 2 } ]

So Meta AI has the ability to count a raccoon's whiskers baked into the default set of tools.

Which means... it can count pelicans too!

Here's that overlay exported as HTML .

Maybe open weights in the future?

On Twitter Alexandr Wang said :

this is step one. bigger models are already in development with infrastructure scaling to match. private api preview open to select partners today, with plans to open-source future versions.

I really hope they do go back to open-sourcing their models. Llama 3.1/3.2/3.3 were excellent laptop-scale model families, and the introductory blog post for Muse Spark had this to say about efficiency:

[...] we can reach the same capabilities with over an order of magnitude less compute than our previous model, Llama 4 Maverick. This improvement also makes Muse Spark significantly more efficient than the leading base models available for comparison.

So are Meta back in the frontier model game? Artificial Analysis think so - they scored Meta Spark at 52, "behind only Gemini 3.1 Pro, GPT-5.4, and Claude Opus 4.6". Last year's Llama 4 Maverick and Scout scored 18 and 13 respectively.

I'm waiting for API access - while the tool collection on meta.ai is quite strong the real test of a model like this is still what we can build on top of it.

Tags: facebook , ai , generative-ai , llms , code-interpreter , llm-tool-use , meta , pelican-riding-a-bicycle , llm-reasoning , llm-release

Anthropic’s Frontier Red Team:

Earlier today we announced Claude Mythos Preview , a new general-purpose language model. This model performs strongly across the board, but it is strikingly capable at computer security tasks. In response, we have launched Project Glasswing, an effort to use Mythos Preview to help secure the world’s most critical software, and to prepare the industry for the practices we all will need to adopt to keep ahead of cyberattackers.

This blog post provides technical details for researchers and practitioners who want to understand exactly how we have been testing this model, and what we have found over the past month. We hope this will show why we view this as a watershed moment for security, and why we have chosen to begin a coordinated effort to reinforce the world’s cyber defenses.

“ Our new model is so good, it’s too dangerous to release to the public ” is a message that sounds like it could be marketing hype. But it seems like it’s probably true. Examples cited by Anthropic include finding and exploiting a 27-year-old OpenBSD bug (that can crash any device running OpenBSD) and an 16-year-old bug in the widely used FFmpeg media processing library.

See also: Techmeme’s extensive roundup .

★

Most people go to Disneyland and spend way more time waiting in line than riding rides. HK Disneyland is simpler than many of the other Disney parks, but proper pathing is key for avoiding lines. Done correctly, you should be able to ride every ride in half a day. This guide assumes you are more athletic and motivated than 99% of Disney guests.

First off, buy the Early Park Entry Pass, it gets you in at 9:30 instead of 10:30. You won’t have to pay for anything else if you do this, and you make up for it in savings by not buying lunch at Disney.

Arriving way before 9:30 isn’t that important, 9:15 is more than fine. There’s a long single file line where they check your Early Park Pass, but this is cleared long before 9:30. From 9:20-9:30, you are waiting in an 8 wide queue for park entry. This queue clears in 3 minutes. You are in the park by 9:33.

Now comes the first important run of the day. Remember, Disney only has a fixed capacity for rides, and it’s your job to make sure you are consuming as much of that capacity as possible. Run to the back of the park for Frozen Ever After , it’s about a third of a mile. Showing up with this clear plan, you’ll be able to overtake everyone else who got early entry. Your goal is to be on the first boat of the day .

Now things can be a bit more relaxed while you mop up the other 4 early attractions without lines, Wandering Oaken’s Sliding Sleighs (it’s like a 30 second ride, you’d be so mad if you had waited), Winnie the Pooh , Dumbo , and if you want, you even have time for Cinderella Carousel .

Adventureland opens at 10:30. There will be a cast member blocking your way until then, but since you are in the park early and you are coming in the Fantasyland entrance, you’ll have time to make it to Jungle Cruise before all the normal entry guests. Just make sure you move faster than the cohort you are with standing at the rope and you’ll be on the first boat .

At 11:00, you need to be at the rope waiting to get into the area with Big Grizzy Mountain, eastern entrance. By this point, the park is open and there will be a big crowd waiting for this rope. There are two ropes, and you can gain a lot of time from rope 1 to rope 2 when everyone hasn’t figure out they need to run yet. At rope 2 the cast member will tell you not to run, but this will break down in 5 seconds and everyone will run. Sprint to Big Grizzly Mountain Runaway Mine Cars , if you followed this guide, you should be on the first ride train.

Some guides will tell you Mystic Manor is the way to go here. They are wrong. While Manor is a better ride, people diffuse into the park. Your goal is not to have a different ride order from others. In your ideal world everyone has the same order as you, you are just early .

After the roller coaster, there still should be almost no wait on Mystic Manor . The writers of this guide apologize if you have to wait a loading room there, but don’t worry you are crushing it.

It’s 11:40 and you have already completed most of the good rides in the park. Clean up Toy Story Land in this order, Toy Soldier Parachute Drop , RC Racer , and Slinky Dog Spin . You are enough ahead of the crowd still that Parachute Drop shouldn’t have a line yet, but if it does, skip it and return later. It’s a low capacity ride.

Now check the wait times in the app. Tomorrowland is a good place to go when everyone else is having lunch. In fact, the only line there during lunch is usually for lunch. Go in order of wait time, prioritizing Iron Man Experience , Ant-Man Nano Battle , and Orbitron .

Clean up with Mad Hatter Tea Cups and It’s a Small World . Nobody rides tea cups, and small world is high capacity, so there won’t be waits here.

You are out of Disney by 1:30 pm, never having waited more than 5-10 minutes for a ride. Enjoy a nice lunch at the mall in Tsing Yi on the way back to the city.

If you like this piece and want to support my independent reporting and analysis, why not subscribe to my premium newsletter? It’s $70 a year, or $7 a month, and in return you get a weekly newsletter that’s usually anywhere from 5,000 to 18,000 words, including vast, detailed analyses of NVIDIA , Anthropic and OpenAI’s finances , and the AI bubble writ large . I just put out a massive Hater’s Guide To The SaaSpocalypse , as well as last week’s deep dive into How AI Isn't Too Big To Fail .  Subscribing helps directly support my free work, and premium subscribers don’t see this ad in their inbox. I can’t get over how weird the AI bubble has become. Hyperscalers are planning to spend over $600 billion on data center construction and GPUs predominantly bought from NVIDIA, the largest company on the stock market, all to power generative AI, a technology that’s so powerful that none of them will discuss how much it’s making them, or what it is we’re all meant to be so excited.  To make matters weirder , Microsoft, a company that spent $37.5 billion in capital expenditures in its last quarter on AI , recently updated the terms and conditions of its LLM-powered “Copilot” service to say that it was “for entertainment purposes only,” discussing a product that apparently has 15 million users as part of enterprise Microsoft 365 subscriptions , and is sold to both local and national governments overseas , including the US federal government . That’s so weird! What’re you doing Microsoft? What do you mean it’s for entertainment purposes? You’re building massive data centers to drive this!  Well, okay, you’re building them at some point. As I discussed a few weeks ago, despite everybody talking about the hundreds of gigawatts of data centers being built “to power AI,” only 5GW are actually “under construction,” with “under construction” meaning anything from “we’ve got some scaffolding up” to “we’re about to hand over the keys to the customer.”  But isn’t it weird we’re even building those data centers to begin with? Why? What is it that AI does that makes it so essential — or, rather, entertaining — that we keep funding and building these things? Every day we hear about “the power of AI,” we’re beaten over the head with scary propaganda saying “AI will take our jobs,” but nobody can really explain — outside of outright falsehoods about “AI replacing all software engineers” — what it is that makes any of this worthy of taking up any oxygen let alone essential or a justification for so many billions of dollars of investment. We Are Not In The Early Days of AI, And It’s Weird To Say That We Are Instead of providing an actual answer of some sort , AI boosters respond by saying it’s “just like the dot com bubble” — another weird thing to do considering 168,000 people lost their jobs as the NASDAQ dropped by 80% in two years , and only 16% of the world even used the internet , and those that did in America had an average internet speed of 50 kilobits per second ( and only 52% of them had access in 2000 anyway ). Conversely, to quote myself: Global internet access has never been higher or cheaper, and for the most part, billions of people can access a connection fast enough to use generative AI. There is very little stopping anyone from using an LLM — ChatGPT is free, ChatGPT’s cheaper “Go” subscription has now spread to the global south , Gemini is free, Perplexity is free, and Meta’s LLM is free — where the dot com bubble was made up of stupid businesses and a lack of fundamental infrastructure to give most people the opportunity to access a reliable internet experience, basically anybody can get reliable access to generative AI. And with that incredibly easy access , only 3% of households pay for AI . Boosters will again use this talking point to say that “we’re in the early days,” but that’s only true if you think that “early days” means “people aren’t really using it yet.”  Yet the “early days” argument is inherently deceptive. While the Large Language Model hype cycle might have only begun in 2022, the entirety of the media and markets have focused their attention on AI, along with hundreds of billions of dollars of venture capital and nearly a trillion dollars of hyperscale capex investment . AI progress isn’t hampered by a lack of access, talent, resources, novel approaches, or industry buy-in, but by a single-minded focus on Large Language Models, a technology that has been so obviously-limited from the very beginning that Gary Marcus was able to call it in 2022 .  Saying it’s “the early days” also doesn’t really make sense when faced with the rotten and incredibly unprofitable economics of AI. The early days of the internet were not unprofitable due to the underlying technology of serving websites , but the incredibly shitty businesses that people were building. Pets.com spent $400 per customer in customer acquisition costs , millions of dollars on advertising, and had hundreds of employees for a business with a little over $600,000 in quarterly revenue — and as a result, nothing about its failure was about “the early days of the internet” at all, as was the case with Kozmo, or any number of other dot com flameouts.  Similarly, internet infrastructure companies like Winstar collapsed because they tried to grow too fast and signed stupid deals rather than anything about the underlying technology’s flaws. For example, in 1998, Lucent Technologies signed its largest deal — a $2 billion “equipment and finance agreement” — with telecommunications company Winstar , which promised to bring in “$100 million in new business over the next five years” and build a giant wireless broadband network, along with expanding Winstar’s optical networking. Eager math-heads in the audience will be able to see the issue of borrowing $2 billion to make $100 million over five years, as will eager news-heads laugh at WIRED magazine in 1999 saying that Winstar’s “small white dish antennas…[heralded] a new era and new mind-set in telecommunications.” Winstar died two years later because its business was built to grow at a rate that its underlying product couldn’t support . In the end, microwave internet (high-speed internet delivered via radio waves) has become an $8 billion-a-year industry , despite everybody’s excitement. In any case, anytime that somebody tells you that we’re in “the early days of AI” has either been conned or is in the process of conning you, as they’re using it to deflect from issues of efficacy or underlying economic weakness.  In fact, that’s a great place to go next. Why Is Everybody Lying About What AI and “Agents” Can Actually Do? Probably the weirdest thing about this entire era is how nobody wants to talk about the fact that AI isn’t actually doing very much, and that AI agents are just chatbots plugged into an API. Per Redpoint Ventures’ Reflections on the State of the Software and AI Market , “the agent maturity curve is still early, but the TAM implications are enormous,” with agents able to “...run discretely for minutes, [and] execute end-to-end tasks with some oversight.” What tasks, exactly? Who knows! Truly, nobody seems able to say. To paraphrase Steven Levy at WIRED , 2025 was meant to be the year of AI agents, but turned out to be the year of talking about AI agents. Agents were/are meant to be autonomous pieces of software that go off and do distinct tasks. In reality, it’s kind of hard to say what those tasks are. “AI agent” now refers to literally anything anybody wants it to, but ultimately means “chatbot that has access to some systems.”  The New York Times’ Ezra Klein recently talked to the entity currently inhabiting former journalist and Anthropic co-founder Jack Clark recently about “how fast AI agents would rip through the economy,” but despite speaking for over an hour, the closest we got was “it wrote up a predator-prey simulation (a complex-sounding but extremely-common kind of webgame that Anthropic likely ingested through its training material )” and “chatbots that talk to each other about tasks,” and if you think I’m kidding, this is how he described it: But I’ve seen colleagues who write what you might think of as a version of Claude that runs other Claudes. So they’re like: I’ve got my five agents, and they’re being minded over by this other agent, which is monitoring what they do. Anyway, this is all bad, because multiple papers have now shown that, and I quote, agents are “...incapable of carrying out computational and agentic tasks beyond a certain complexity,” with Futurism adding that said complexity was pretty low . The word “agent” is meant to make you think of powerful autonomous systems that carry out complex and minute tasks, when in reality it’s…a chatbot. It’s always a fucking chatbot. It might be a chatbot with API access or a chatbot that generates a plan that another chatbot looks at and says something about, but it’s still chatbots talking to chatbots. When you strip away the puffery, nobody seems to actually talk about what AI does.  Let’s take a look at CNBC’s piece on Goldman Sachs’ supposed contract with Anthropic to build “autonomous systems for time-intensive, high-volume back-office work”: The bank has, for the past six months, been working with embedded Anthropic engineers to co-develop autonomous agents in at least two specific areas: accounting for trades and transactions, and client vetting and onboarding, according to Marco Argenti, Goldman’s chief information officer.

The firm is “in the early stages” of developing agents based on Anthropic’s Claude model that will collapse the amount of time these essential functions take, Argenti said. He expects to launch the agents “soon,” though he declined to provide a specific date. …okay, but like, what does it do? Argenti said the firm was “surprised” at how capable Claude was at tasks besides coding, especially in areas like accounting and compliance that combine the need to parse large amounts of data and documents while applying rules and judgment, he said. Right, brilliant. Great. Love it. What tasks? What is the thing you’re paying for? Now, the view within Goldman is that “there are these other areas of the firm where we could expect the same level of automation and the same level of results that we’re seeing on the coding side,” he said.

Goldman could next develop agents for tasks like employee surveillance or making investment banking pitchbooks, he said.

While the bank employs thousands of people in the compliance and accounting functions where AI agents will soon operate, Argenti said that it was “premature” to expect that the technology will lead to job losses for those workers. Okay, great, we have two things it might do in the future , and that’s “employee surveillance” (?) and making pitchbooks. The upshot is that, with the help of the agents in development, clients will be onboarded faster and issues with trade reconciliation or other accounting matters will be solved faster, Argenti said. Onboarding? Chatbot. “Issues with trade reconciliation”? Chatbot connected to a knowledge base, like we’ve had for years but worse and more expensive. Oh, and “other accounting matters” will be solved faster, always with the future tense with these guys. How about Anthropic and outsourcing body shop giant InfoSys’ “AI agents for telecommunications and other regulated industries ”? Let’s go through the list of tasks and say what they mean, my comments in bold: • Telecommunications: AI agents will help carriers modernize network operations, simplify customer lifecycle management, and improve service delivery—bringing intelligent automation to one of the most operationally complex and regulated industries in the world. Meaningless. Automation of what?

• Financial services: AI agents will help firms detect and assess risk faster, automate compliance reporting, and deliver more personalized customer interactions, such as tailoring financial advice based on a client's full account history and market conditions. Chatbot! “More-personalized interactions” are a chatbot with a connection to a knowledge system, as is any kind of “tailored financial advice.” Compliance reporting? Summarizing or pulling documents from places, much like any LLM can do, other than the fact that it’ll likely get shit wrong, which is bad for compliance.

• Manufacturing and engineering: Claude will help accelerate product design and simulation, reducing R&D timelines and enabling engineers to test more iterations before production. I assume this refers to people using Claude Code to do coding, which is what it does.

• Software development: Teams will use Claude Code to write, test, and debug code, helping developers move faster from design to production. Claude Code.

• Enterprise operations: Claude Cowork will help teams automate routine work like document summarization, status reporting, and review cycles. Literally a chatbot that deleted every single one of a guy’s photos when he asked it to organize his wife’s desktop . How about OpenAI’s “Frontier” platform for businesses to “ build, deploy and manage AI agents that do real work” ?  Frontier gives agents the same skills people need to succeed at work: shared context, onboarding, hands-on learning with feedback, and clear permissions and boundaries. That’s how teams move beyond isolated use cases to AI coworkers that work across the business. Shared context? Chatbot. Onboarding? Chatbot. Hands-on learning with feedback? Chatbot. Clear permissions and boundaries? Chatbot setting. Let’s check out the diagram! Uhuh. Great. What real-world tasks? Uhhh.  Teams across the organization, technical and non-technical, can use Frontier to hire AI coworkers who take on many of the tasks people already do on a computer. Frontier gives AI coworkers the ability to reason over data and complete complex tasks, like working with files, running code, and using tools, all in a

内容较长，当前仅展示前 14000 字。可点击“打开原文”查看完整内容。

A customer had a custom message loop that was built out of Msg­Wait­For­Multiple­Objects . Occasionally, they needed to change the list of handles that the message loop was waiting for. How do you add or remove a handle from an active Msg­Wait­For­Multiple­Objects ?

You can’t.

Even if you could, it meant that the return value of Msg­Wait­For­Multiple­Objects would not be useful. Suppose it returns to say “Handle number 2 was signaled.” You don’t know whether handle 2 was signaled before the handle list was updated, or whether it was signaled after. You don’t know whether it’s referring to the handle number 2 or the new one.

So maybe it’s not a bad thing that you can’t change the list of handles in an active Msg­Wait­For­Multiple­Objects , since the result wouldn’t be useful. But you can ask the thread to stop waiting, update its handle list, and then go back to waiting.

Since the thread is in a Msg­Wait­For­Multiple­Objects , it will wake if you send a message to a window that belongs to the thread. You can have a “handle management window” to receive these messages, say

#define WM_ADDHANDLE (WM_USER+0) // wParam = index, lParam = handle #define WM_REMOVEHANDLE (WM_USER+1) // wParam = index The background thread could send one of these messages if it wanted to add or remove a handle, and the message procedure would perform the corresponding operation.

In reality, you probably need more information than just the handle; you also need to know what to do if that handle is signaled. The lParam is more likely to be a pointer to a structure containing the handle as well as instructions on what the handle means. Those instructions could take the form of a callback function, or it could just be a value from an enum. Pick the design that works for you.

Next time, we’ll look at the case where you don’t want to block the background thread, or if the waiting thread is waiting in Wait­For­Multiple­Objects so the message option is not available.

The post How do you add or remove a handle from an active <CODE>Msg­Wait­For­Multiple­Objects</CODE>? appeared first on The Old New Thing .

->->->->->->->->->->->->->->->->->->->->->->->->->->->->->

Top Sources: None

-->

Today's links

• Process knowledge : We also serve who stand and wash.

• Hey look at this : Delights to delectate.

• Object permanence : Chicken Little; "Anya's Ghost"; Ad-tech's algorithmic cruelty.

• Upcoming appearances : Toronto, Montreal, Toronto, San Francisco, London, Berlin, NYC, Hay-on-Wye, London.

• Recent appearances : Where I've been.

• Latest books : You keep readin' em, I'll keep writin' 'em.

• Upcoming books : Like I said, I'll keep writin' 'em.

• Colophon : All the rest.

Process knowledge ( permalink )

"Intellectual property" was once an obscure legal backwater. Today, it is the dominant area of political economy, the organizing regime for almost all of our tech regulation, and the most valuable – and most controversial – aspect of global trade policy:

https://pluralistic.net/2026/04/01/minilateralism/#own-goal

Despite (or perhaps because of) its centrality, "intellectual property" is one of those maddeningly vague terms that applies to many different legal doctrines, as well as a set of nebulous, abstract thought-objects that do not qualify for legal protection. "IP" doesn't just refer to copyright, trademark and patent – though these "core three" systems are so heterogeneous in basis, scope and enforcement that the act of lumping them together into a single category confuses more than it clarifies.

Beyond the "core three" of copyright, patent and trademark, "IP" also refers to a patchwork of "neighboring rights" that only exist to varying degrees around the world, like "anticircumvention rights," "database rights" and "personality rights." Then there are doctrines that have come to be thought of as IP, even though they were long considered separate: confidentiality, noncompete and nondisparagement.

Finally, there are those "nebulous, abstract thought-objects" that get labeled "IP," even if no one can really define what they are – for example, the "format" deals that TV shows like Love Island or The Traitors make around the world, which really amount to consulting deals to help other TV networks create a local version of a popular show, but which are treated as the sale of some (nonexistent) exclusive right.

It's hard to find a commonality amongst all these wildly different concepts, but a couple years ago, I hit on a working definition of "IP" that seems to cover all the bases: I say that "IP" means "any rule, law or policy that allows a company to exert control over its critics, competitors or customers":

https://locusmag.com/2020/09/cory-doctorow-ip/

Put that way, it's easy to see why "IP" would be such a central organizing principle in a modern, end-stage capitalist world. But even though "IP" is treated as a firm's most important asset, it's actually far less important than another intangible: process knowledge .

I first came across the concept of "process knowledge" in Dan Wang's Breakneck , a very good book about the rise and rise of Chinese manufacturing, industrialization and global dominance:

https://danwang.co/breakneck/

I picked up Breakneck after reading other writers whom I admire who singled out the book's treatment of process knowledge for praise and further discussion. The political scientist Henry Farrell called process knowledge the key to economic development:

https://www.programmablemutter.com/p/process-knowledge-is-crucial-to-economic

While Dan Davies – a superb writer about organizations and their management – used England's Brompton Bicycles to make the abstract concept of process knowledge very concrete indeed:

https://backofmind.substack.com/p/the-brompton-ness-of-it-all

So what is process knowledge? It's all the knowledge that workers collectively carry around in their heads – hard-won lessons that span firms and divisions, that can never be adequately captured through documentation. Think of a worker at a chip fab who finds themself with a load of microprocessors that have failed QA because they become unreliable when they're run above a certain clockspeed. If that worker knows enough about the downstream customers' processes, they can contact one of those customers and offer the chips for use in a lower-end product, which can save the fab millions and make millions more for the customer.

This just happened to Apple, who seized upon a lot of "binned" microprocessors that were headed to the landfill and designed the Macbook Neo (a new, cheap, low-end laptop) around them, salvaging the defective chips by running them at lower speeds. The result? Apple's most successful laptop in years , which has now sold so well that Apple has exhausted the supply of defective chips and is scrambling to fill orders:

https://www.macrumors.com/2026/04/07/macbook-neo-massive-dilemma/

Process knowledge is squishy, contingent, and wildly important in a world filled with entropy-stricken, off-spec, and stubbornly physical things. Work with a particular machine long enough and you will develop a Fingerspitzengefühl (fingertip feeling) for the optimal rate to introduce a new load of feedstock to it after it runs dry. Even more importantly: if you work with that machine long enough, you'll have the mobile phone number of the retired person who knows how to un-jam it if you try to reload it too fast on your usual technician's day off. This kind of knowledge can mean the difference between profitability and bankruptcy.

So why isn't process knowledge given the centrality in our conceptions of what makes a corporation valuable?

After reading Wang, Farrell and Davies, I formulated a theory: we ignore process knowledge for the same reason we exalt "IP," because process knowledge can't be bought or sold, can't be reflected on a balance-sheet, and can't be controlled, and because "IP" can . Process knowledge is far more important than "IP" (just try creating a vaccine from a set of instructions without the skilled technicians who have already spent years executing similar projects), but process knowledge is spread out amongst workers and can't be abstracted away by their bosses. Your boss can make you sign a contract assigning all your copyrights and patents to the business, but if you and your team quit your job, all that "IP" will plummet in value without the people who know how to mobilize it:

https://pluralistic.net/2025/09/08/process-knowledge/#dance-monkey-dance

"IP" isn't just a case of "you treasure what you measure" – it's also a case of "you measure what you treasure."

Recently, I hit on a positively delightful Tumblr post that illustrated the importance of process knowledge, and the way that bosses systematically undervalue it:

https://www.tumblr.com/explorerrowan/813098951730479104

This post is one of those glorious internet documents, a novel literary form for which we have no accepted term. It's composed of four major sections: a screenshotted impromptu Twitter thread made in reply to a throwaway post; a lengthy Tumblr reply to the screenshots; a second Tumblr reply to the first one; and then a chorus of more than 38,000 notes, replies, and hashtags added to it. I have no idea what to call this kind of document, in which some people are reacting to others without the others ever knowing about it, but also which is also written by so many authors, many of whom are explicitly interacting with one another. It's a "hypertext," sure, but what kind of hypertext?

Whatever you call it, it's amazing. As noted, it opens with a Twitter exchange. The first tweet comes from an online dating influencer, "TheEcho13":

I interviewed a gen z girlie 6 months ago and in the interview she told me that she does not like a challenge, has no interest in career progression, prefers to just do repetitive tasks and will never complain about being bored.

I hired her.

https://xcancel.com/TheEcho13/status/1948951885693813135#m

In response, Viveros (a content creator from Alberta and one of the 4m people who saw the original tweet), replied with a short thread about the value of people like this, who "keep the lights on and the business functioning at everything from restaurants to post offices but now nobody’s interested in hiring them":

https://xcancel.com/TheViveros/status/1949149720406110382#m

These are the "lifer[s] who can teach new people how everything works, who knows what’s up in the system, who knows what the obscure solutions are, and who can help calm down the asshole regulars because they know them more personally." In other words, the keepers of the process knowledge.

When this screenshotted exchange was posted to Tumblr, it prompted Blinkpatch, who describes themself as a "genderfluid," "ancient" "drifter" who pines for "solar-punk flavored revolution" to reply with a brilliant anecdote about their stint working as a dishwasher:

https://weaselle.tumblr.com/post/790895560390492160/whenever-i-think-about-the-value-of-something

At 16, Blinkpatch was hired as a restaurant dishwasher under the tutelage of Claudio, a 60-year old "career dish pit man." Claudio had washed dishes for his whole life, reveling in the fact that he could get work in any city, at any time.

When Claudio realized that Blinkpatch was taking the job seriously, the training began in earnest. Claudio asked Blinkpatch if they wanted to be able to clock off at midnight at the end of each shift, and when Blinkpatch said they did, Claudio laid a lot of process knowledge on them:

This machine takes two full minutes to run a cycle. We are on the clock for 8 hours. That means we have a maximum of 240 times we can run this machine. If you want to wash all those dishes, clean your station, mop, and clock off by midnight? This machine has to be on and running every second of the shift.

If you don’t have a full load of dishes collected, scraped, rinsed, stacked, and ready to go into the dishwasher the second it’s done every single time? You can’t do it. If, over the course of 8 hours, you let this machine lay idle for just one minute in between finishing each load and being turned on again? Instead of 240 loads, you’ll do 160 loads.

These are the parameters, the kind of thing any Taylorist with a stopwatch could tell you. But Claudio went on to explain how that extra idle minute would translate to chaos in the kitchen, as the cooks ran out of pots and the servers ran out of plates, and how they would take out their frustrations on the dishwasher. To optimize that dishwasher, Blinkpatch would need to have a reserve of bulky, machine-filling items that could be run through the machine any time a load finished before there was a sufficient supply of smaller items. If they failed at this, Blinkpatch would be washing dishes until 2AM, rather than clocking out at midnight.

Blinkpatch's takeaway was that dishwashing was the bottleneck the whole restaurant ran through – and how that meant that Claudio, who was "unambitious" by conventional standards, had the best understanding of the restaurant's overall operations of anyone on site. He was the keeper of the process knowledge

This reply prompted another response, from "Marisol," a "haunted house actress and accidental IT person" who told the story of her time working at a medical office that specialized in mental health and addiction recovery:

https://www.tumblr.com/marisolinspades/790960414106304512/all-of-this-disaster-befalls-any-company-that

The company was in the midst of standing up its own purpose-built facility, and the CEO was working intensively with the architect to design this new building. When Marisol – the receptionist – happened to be consulted on the near-final design plan, "it took all of three seconds for two major issues to jump out."

First: "The receptionist can’t see the waiting room from her desk with this layout. It’s around the corner and blocked by a wall." This meant that she couldn't "keep track of the patients who are waiting."

The architect and CEO wanted to know why she couldn't use the sign-in sheet to manage this. She explained that not everyone signs in – people who are there for a check-in or group therapy need to be directed to the other side of the building, while "some people are painfully shy and if I don’t appear warm and inviting they won’t approach."

The CEO and architect asked whether this happened often, and she replied "every day." They didn't believe her. Nor did they believe her when she said that the receptionists needed to have continuous access to the chart room throughout the day – they insisted that since charts for the day's patients were pulled in the morning, it would be OK to house them through two sets of locked doors, a five-minute walk away (that way, workers wouldn't be tempted to "goof off" in the room). They wanted to keep the chart room locked, with the key entrusted to the CEO, who would supervise every entry.

Marisol explained that charts were pulled continuously, any time there was a crisis or a patient had a question for a nurse, or when a patient came in due to a cancellation. All told, reception went into the chart room 20-30 times/day. The "goofing off" they thought workers got up to in the chart room was "when we got news that a patient had died and we were crying. And even then, we filed charts as we sobbed because no one in this office has free time."

The CEO and architect were still disbelieving, so Marisol had them sit with her for an hour. They didn't last an hour – they left, taking the blueprints with them.

The punchline: Marisol bemoans the fact that she wasn't given more time with those blueprints, because then she might have spotted that they'd forgotten to include any closets , including closets for the janitors. As a result, all their cleaning supplies and holiday decorations were stolen from the cabinets in the bathrooms that they were forced to stash them in.

Marisol blames this on a "CEO who had never worked a lower l

内容较长，当前仅展示前 14000 字。可点击“打开原文”查看完整内容。

I'll admit, I was a little sceptical about returning to Avenue Q. I saw it on its original West End run back in… OH MY GOD I AM SO OLD! FUCK! Where did the time go?

It's always hard to know how much to update a show. Does it need constant reinvention to stay in the zeitgeist or can it be pickled forever as a classic?

"I wish I had taken more pictures" was something that utterly resonated with me about my university experience. Photos were a rare commodity back when film still cost a couple of quid to develop. Perhaps today's uni students will sing "I wish I had posted less on Instagram"?

The show has been sympathetically updated. Some of the references have been modernised, a transphobic joke given the boot, and the lyrics tweaked to sometimes devastating effect. The song "Everyone's A Little Bit Racist" seems to have the most changes - and all for the better.

Parts of the show are adapted for a UK audience. Barely anyone here knows who Gary Coleman was so his intro is changed (although I guess part of the metajoke is that we all watched foreign celebrities on Sesame Street when we were growing up - so what's one more obscure cultural reference?). In the American show, the Bad Idea Bears proffer Long Island Ice Teas - that was a bit tame for UK audiences, so in the original UK run they guzzled absinthe daiquiris - a change inexplicably reverted for this limited run.

As a piece of pure entertainment it is spectacular. The laughs are genuinely non-stop and the whole auditorium rose to give the performers a well-deserved ovation. It is a tender and beautiful show which shows off the power of live theatre.

The songs are still stuck in my head and the puppetry is still amazing. Absolutely hilarious, genuinely shocking in places, utterly filthy - an excellent night out.

Pre- and Post-Show

I've written before about The art of the Pre-Show and Post-Show . With West End prices higher than ever, it is incumbent on theatres to make their shows a memorable and spectacular evening out. That can be as simple as a bit of set dressing in the foyer, or as extravagant as they can get away with.

The offering is pretty reasonable here. You can buy the T-shirt, hoodie, and commemorative socks at exorbitant prices. The souvenir programme is £8 and, while lush with photos, is pretty sparse. The original West End programme from the early 2000s had a pin-up calendar of Lucy The Slut, a bunch more funny photos, and fake autographs of the puppets.

There's a photo-booth for taking selfies, but it appeared to be broken.

It might been nice to have a few puppets placed around for people to take photos with.

One of the simplest things a venue can do is put on a themed cocktail menu. I'm surprised more shows don't do that. Who is going to turn down a glass of "The Internet Is For Pornstar Martini"?

The Shaftesbury Theatre itself isn't too cramped, even in the cheap seats. Although, at the back of the stalls, the overhang cuts off the top of the set which means you will miss a bit of action in some scenes.

While we were waiting for the show to start, the auditorium was filled with soundscape of subway cars rattling and distorted announcements. Again, fairly cheap and simple, but a nice way to build the mood.

As we exited, we were handed leaflets encouraging us to come back and bring our friends. Even better was the £10 discount on our next booking!

Considering this is a limited run, the production has done a fair job of getting the audience in the mood and rewarding them for their patronage.

Well done to all involved!

I went through the recent OWASP Top 10 for Agentic Applications and pulled out the scenarios related to package management, which turn up in all ten categories and don’t sort neatly into any one of them, since a typosquatted MCP server is simultaneously a name attack, a registry attack, and a metadata poisoning vector.

Package name attacks

Typosquatting and namespace confusion are some of the oldest problems in package security. Agents make them worse because they resolve packages programmatically, without a human glancing at the name and noticing something is off.

• An attacker registers an MCP server package on npm or PyPI with a name one character off from a popular one, and when an agent dynamically discovers and installs tools, it resolves the typosquatted package instead, treating it as legitimate.

• A malicious tool package named report gets resolved before the legitimate report_finance because of how the agent’s tool registry handles namespace collisions, causing misrouted queries and unintended data disclosure.

• LLMs hallucinating package names during code generation create install targets that don’t exist yet, and attackers can register those names on PyPI or npm with malicious payloads. I wrote about slopsquatting in more detail last year.

Registry and repository attacks

MCP servers, agent skills, and plugins are distributed through the same registries as traditional packages: npm, PyPI, crates.io, and platform-specific marketplaces. The registry trust problems that package managers have dealt with for years (compromised maintainer accounts, malicious uploads, manifest confusion) apply directly.

• A compromised package registry serves signed-looking manifests, plugins, or agent descriptors containing tampered components, and because orchestration systems trust the registry, the poisoned artifacts distribute widely before anyone notices.

• The first in-the-wild malicious MCP server was published as an npm package impersonating Postmark’s email service, secretly BCC’ing all emails to the attacker while agents that installed it had no indication anything was wrong.

• Agent discovery services like A2A function as new package registries, and they inherit the same problems: an attacker can register a fake peer using a cloned schema to intercept coordination traffic between legitimate agents, the same way you’d squat a package name on a public registry.

• Agent cards (the /.well-known/agent.json file) are package metadata by another name. A rogue peer can advertise exaggerated capabilities in its card, causing host agents to route sensitive requests through an attacker-controlled endpoint, analogous to a package claiming false capabilities in its manifest.

Metadata and descriptor poisoning

Package metadata has always been a trust boundary: manifest confusion (where published metadata doesn’t match actual package contents) and starjacking (where a package claims association with a popular repo through its metadata) are established attacks. Agent tooling adds a new dimension because agents interpret metadata as instructions, not just data.

• Hidden instructions embedded in an MCP server’s published package metadata get interpreted by the host agent as trusted guidance. In one demonstrated case , a malicious MCP tool package hid commands in its descriptor that caused the assistant to exfiltrate private repo data when invoked.

• Package READMEs processed through RAG can contain hidden instruction payloads that silently redirect an agent to misuse connected tools or send data to external endpoints. The README is package metadata that traditional security tooling rarely inspects for malicious content.

• A popular RAG plugin distributed as a package and fetching context from a third-party indexer can be gradually poisoned by seeding the indexer with crafted entries, biasing the agent over time until it starts exfiltrating sensitive information during normal use.

Dependency resolution and lockfile attacks

Lockfile manipulation and pinning evasion are well-understood supply chain attacks. Agents amplify them because they routinely regenerate lockfiles, install fresh dependencies, and resolve versions without comparing against a known-good baseline.

• An agent regenerating a lockfile from unpinned dependency specs during a “fix build” task in an ephemeral sandbox will resolve fresh versions, potentially pulling in a backdoored minor release that wasn’t in the original lockfile.

• Agents running automated dependency updates or vibe-coding sessions install packages without verifying them against a known-good lockfile. A coding agent with auto-approved tools that runs npm install or pip install can be manipulated into resolving a different version than a human developer would have chosen, or into installing an entirely new dependency that runs hostile code at install time.

Install-time and import-time code execution

Install scripts ( postinstall in npm, setup.py in pip) have been the primary vector for malicious packages for years. The OpenSSF Package Analysis project exists largely to detect this pattern. Agents make it worse because they run installs with broader permissions and less scrutiny than a developer at a terminal.

• Malicious package installs escalate beyond a supply-chain compromise when hostile code executes during installation or import with whatever permissions the agent has, which are often broad because the agent needs filesystem and network access to do its job. A developer running npm install might notice a suspicious postinstall script in their terminal output. An agent running the same command as part of a “fix build” or “patch server” task won’t.

• During automated dependency updates or self-repair tasks, agents run unreviewed npm install or pip install commands, and any package with a malicious install script executes with the agent’s full permissions before any human sees what happened. The attack surface here is identical to traditional install-script malware, but the window between install and detection is wider because no one is watching.

Credential and secret leakage through packages

Malicious packages exfiltrating credentials at install time is a well-documented pattern across npm, PyPI, and RubyGems. Agents widen the blast radius because they often hold more credentials than a typical developer environment and install packages without human review.

• The poisoned nx/debug release on npm was automatically installed by coding agents, enabling a hidden backdoor that exfiltrated SSH keys and API tokens. The compromise propagated across agentic workflows because no human reviewed the install, turning a single malicious package release into a supply-chain breach that moved faster than traditional incident response could track.

• Agents that install MCP server packages or plugins grant those packages access to environment variables, API keys, and filesystem paths. A malicious package published under a plausible name can harvest credentials the same way traditional supply chain attacks do, but with access to whatever the agent is authorized to use.

Cascading failures through the dependency graph

Cascading breakage from a single bad release is a familiar problem in package management. When left-pad was unpublished from npm in 2016, thousands of builds broke within hours. When colors.js shipped a sabotaged release in 2022, projects that pinned loosely picked it up automatically. In agent systems the dependency graph includes not just code packages but MCP servers, plugins, and peer agents, and the propagation is faster because agents resolve, install, and deploy without waiting for a human to notice something is wrong.

• A poisoned or faulty package release pulled by an orchestrator agent propagates automatically to all connected agents, amplifying the breach beyond its origin. In traditional package management a developer might notice a broken build and pin a version. An agent with auto-approved installs just keeps going, and every downstream agent that depends on the orchestrator’s output inherits the compromised dependency.

• When two or more agents rely on each other’s outputs they create a feedback loop that magnifies initial errors. A bad dependency update in one agent’s package tree compounds through the loop: agent A installs a corrupted package, produces bad output, agent B consumes that output and makes decisions based on it, and the error amplifies with each cycle until the system is producing nonsense at scale.

Skill and plugin installation

Agent coding platforms have their own packaging systems for skills, plugins, hooks, and extensions, and these turn out to have the same vulnerabilities that traditional package managers spent years learning about. OpenClaw, which has accumulated 238 CVEs since February 2026 , provides the perfect case study. Malicious skill archives can use path traversal sequences to write files outside the intended installation directory during skills install or hooks install ( CVE-2026-28486 , CVE-2026-28453 ), and the skill frontmatter name field gets interpolated into file paths unsanitized during sandbox mirroring ( CVE-2026-28457 ). Scoped plugin package names containing .. can escape the extensions directory entirely ( CVE-2026-28447 ).

OpenClaw also auto-discovers and loads plugins from .OpenClaw/extensions/ without verifying trust, so cloning a repository that includes a crafted workspace plugin runs arbitrary code the moment the agent starts ( CVE-2026-32920 ). Hook module paths passed to dynamic import() aren’t constrained, giving anyone with config access a code execution primitive ( CVE-2026-28456 ). The exec allowlist trusts writable package-manager directories like /opt/homebrew/bin and /usr/local/bin by default, so an attacker who can write to those paths (which is anyone who can run brew install or pip install --user ) can plant a trojan binary that the allowlist treats as safe ( CVE-2026-32009 ). Environment variables like NODE_OPTIONS or LD_PRELOAD injected through config execute arbitrary code at gateway startup ( CVE-2026-22177 ).

These are familiar problems if you’ve worked on package manager security: path traversal in archives, untrusted input in file paths, auto-loading from working directories, trusting mutable filesystem locations. Agent coding platforms are rebuilding package management from scratch and rediscovering the same bugs. The difference is that the old bugs played out over hours or days, gated by humans reviewing installs, noticing broken builds, and pinning versions. Agents compress that timeline. They resolve, install, execute, and propagate before anyone is in the loop, with broader permissions than a developer typically has.

What inspired the semi-viral fake GIMP trailer that recently fluttered around FOSS circles? The creator and puppeteer behind Pork Johnson explains. Look, I haven’t necessarily changed my mind about GIMP , the image editor that has something of a love-hate relationship in the open-source community. It’s not quite Photoshop or Affinity . But I do think it makes for very funny comedic fodder. Which is why last month, when a Social Network -style parody movie trailer surfaced on YouTube, I was enthralled. It was not only the perfect target for a parody, but its lead, a warthog puppet named Pork Johnson, was just as compelling as the idea itself. In fact, a scene from the fake film , showing the character’s shock as he catches his significant other using Photoshop, only confirmed that this was awesome. Strangely, its production values completely dwarfed its modest view count—which compelled me to figure out where this came from. And so I reached out to Dustin Grissom , a director and video editor with behind-the-scenes experience in Hollywood. He describes Pork Johnson as a labor of love, along with an important introduction to puppetry, an artform he hadn’t experimented with previously. “I was in a moment of time when that creative outlet wasn’t really there,” Grissom recalled of the pig’s creation in an interview. “So I was like, ‘I’m gonna make a puppet, and then once I get him, I’m gonna figure it out.’”

Sponsored By … Well, Us Ever wanted to read Tedium without having those annoying ads all over the site? We have just the plan for you. Sign up for a $3 monthly membership on our Ko-Fi, and we promise we can get rid of them. We have the technology. And it beats an ad blocker. (Web-only for now, email coming soon!)

Pork Johnson’s design evokes childhood inspiration for Grissom—he designed it based on a stuffed animal he owned as a child and would make voices for. “I could use him as a way to roast my brother or say things that I would normally get in trouble for,” he added. In its adult form, Pork Johnson does come across as something of an alter-ego for Grissom, but it’s from the perspective of a pig hoping to make a mark in Hollywood, but constantly facing unusual setbacks and bizarre situations. Think a video podcast that doesn’t go quite right, or a TikTok trendjack that goes off the rails. (My favorite such example is a video in which Pork prepares to run in the L.A. Marathon, only to break his femur almost immediately after the race began.) Like Pork himself, the choice of GIMP as a muse comes from Grissom’s childhood. He discovered the software when he was looking for something better than Microsoft Paint, and while GIMP has a mixed reputation among professionals, it nonetheless was full of childhood possibilities for kids like Grissom. “I may have struggled using it, but part of that struggle was getting me to where I am now,” he said. “There’s a lot of power in being limited with your toolset.” That’s a mindset that shares a lot with Grissom’s current attempts to get into puppetry, an artform he has gradually learned over the past few years. If you’ve ever seen a documentary on Jim Henson (such as this Defunctland series ), you know that pupperty comes with a lot of contortions that are hidden away from the camera. In film and television settings, it’s very much in the practical effects category. Grissom’s Pork Johnson videos represent a sort of on-the-job training in that field. Since starting, he’s learned how to lip-sync and has gradually gained a comfort level with holding Pork. “I feel like my right shoulder has gotten five times bigger just because it’s so difficult,” he said. Some skills can be learned quickly. Puppetry isn’t one of them. Grissom estimates putting in hundreds of hours into perfecting Pork Johnson. “It’s something you got to really practice and get really good at,” he said. “You can’t take it for granted.” Putting in all that time, mixed with Grissom’s broadcast-grade production experience and his circle of friends, has created a situation where, much like GIMP, a Pork Johnson production frequently punches above both its weight and its view count. In fact, the GIMP movie isn’t even Grissom’s most impressive Pork Johnson film on YouTube. That honor goes to “ Pork Johnson’s Haunted Airbnb ,” a 25-minute comedy-horror film that plays with Johnson’s low-rent celebrity vibes along with ghost-hunting reality TV tropes. Grissom says that film was shot in a 10-hour period, a tiny amount of time for the 30-page script he wrote for the endeavor, but he and his friends pulled it together. “But that was just fun to me and my friends just all night long working on that,” he said of the experience. Beyond being a way to rekindle childhood inspirations, Pork Johnson is a meta-commentary on the content-creator culture Grissom sees up close. “He kind of naively and very passionately believes he should be a star, should be in movies, should be, you know, this world-renowned entertainer,” he said of his creation. But it’s the setbacks that make Pork interesting. Much like The Muppet Show leans into the idea that its charm is in being a bad vaudeville production, Pork Johnson’s M.O. is that any success has to come with a setback. In the case of GIMP, his awards play, he learns that his Oscar nomination was a rugpull. “It turns out he actually wasn’t nominated,” Grissom said. “It was an Oscar Meyer Weiner award that he was nominated for.” Yes, Grissom and his friends are making art for the sake of it, beyond the more regimented world of film production that dominates his day job, and gaining some skills in the process. (He recently joined the L.A. Guild of Puppetry .) Given the shake of the dice, it’s entirely possible the GIMP trailer will find additional fandom via the algorithm, or it may be a prelude to a future Pork Johnson hit, like his rendition of “ In the Air Tonight .” But may Pork Johnson, the character, always be an underdog. He’s better that way.

Puppet Free Links I feel a bit weird about the AP pivoting away from its newspaper business. After all, the AP started with newspapers. Now’s a good time to look back at our story on how CompuServe convinced a bunch of newspaper publishers to give them their stories for free. This past weekend, Saturday Night Live got a lot of attention for its Jack Black/Jack White setup, but oddly, the best sketches didn’t make it into the show. The best of the bunch is this if-you-know-you-know take on CPAP machines . When news landed that Byron Allen was taking over Colbert’s late-night slot, many people said, “Who?” But Tedium readers know . -- Find this one an interesting read? Share it with a pal ! And thanks again to la machine for sponsoring. It’s not a puppet, but it’s definitely a labor of love.

So I upgraded my home desktop from Fedora 42 to Fedora 43 and sound stopped working. Having your audio stop working is practically a rite of passage for Linux people, so I've been through the drill, but things rapidly turned weird when trying to restart sound daemons through 'systemctl --user restart ...' failed with systemd errors about not being able to contact the (systemd) user service manager.

Let me skip ahead and show you the culprit:

systemd-logind[2524]: New session '1' of user 'cks' with class 'user-light' and type 'tty'.

Establishing your user service manager when you log in is one of the jobs of pam_systemd . One of the things pam_systemd decides about your session is its class . In System v258 and later, one of the possible classes is ' user-light ', for which systemd notes:

Similar to user, but sessions of this class will not pull in the user@.service(5) of the user, and thus possibly have no service manager of the user running .

(Emphasis mine.)

This 'possibly' is understated. What it means in practice is that a 'user-light' class session won't have a systemd user service manager running unless something else started it for you, for example another session that wasn't a 'user-light' one (because you only ever have one user service manager; it normally starts with your first session and exits after your last one). In turn, anything that runs as a systemd user service won't start and can't be started indirectly through, for example, systemd socket activation. And in modern Fedora, all of the sound infrastructure is handled as systemd user services (as is your user D-Bus session).

So how did we get here? Well, as the rest of the section notes:

If no session class is specified via either the PAM module option or via the $XDG_SESSION_CLASS environment variable, the class is automatically chosen, depending on various session parameters, such as the session type (if known), whether the session has a TTY or X11 display, and the user disposition.

(The 'user disposition' comes from systemd-userdbd and its JSON User Records . For normal /etc/passwd accounts, the user disposition is determined from their UID.)

The actual process pam_systemd follows is somewhat arcane . To simplify, all SSH logins are 'class=user', root is always 'user-early', and system users on the console are 'user-light'. So if you log in on the console ( as I do , also ) and you're considered a 'system user', you don't get a user service manager started automatically (and then things break).

Systemd is more or less hard coded to consider all UIDs up to SYS_UID_MAX in /etc/login.defs to be 'system users' ( cf ). On many machines, this will be all UIDs up to 999, and this number has been drifting upward over time. At various times in the past the first non-system UID and GID has been 200, and then later it was 500, so if you have logins created this long ago, systemd now considers them system users who get special handling. I have been using my Fedora desktops for a very long time, so even without even weirder things I would have fallen victim to this.

(Even on our servers, my UID is 915 and we have a significant number of people with UIDs under 1000. If pam_systemd ever stops forcing all SSH logins into class 'user', we're going to have a whole collection of problems. On my desktops, my 'natural' UID would be either 200 or 500, based on the GIDs that were created to go with it on my home and work desktops.)

Unfortunately there's no way to set a single account parameter in systemd-userdbd , so there's no way to keep using /etc/passwd but tag your historical, low-UID account to be a regular account. There's also no direct way to manipulate pam_systemd's hard coded class (re)mapping process; your only option is to completely override all class assignments with a 'class=' option on pam_systemd. This is made extra difficult on Fedora because (of course) pam_systemd is invoked in a number of generic PAM stacks such as 'system-auth', and you may not want to force all uses of pam_systemd through them to force a 'user' class for all accounts in all situations.

It's possible to work around this with sufficiently complex PAM conditionals ( also ). Or I could make /etc/pam.d/login use a different version of system-auth that's customized for it, although that would force root logins into class 'user' instead of 'user-early' unless I engaged in other PAM hacks.

PS: Given how much breaks without a user service manager, it feels like either pam_systemd or the 'login' PAM stack should specifically make it so that everyone who logs in on a console tty has one, with all system UIDs being class 'user-early', not just root.

PPS: I won't be working around this by changing my local UID, however peculiar it is. Partly this is because I can't fix it by adopting the same UID as we have on our servers, which would let me usefully NFS mount my home directory from our fileservers on my work desktop; as mentioned, that UID is also under the current Fedora SYS_UID_MAX .

( You can't truly fix NFS UID mapping issues with NFS v4 without Kerberos .)

Sidebar: Why my work machine didn't experience this

One reason I was willing to impulsively upgrade my home desktop last night was that the upgrade to Fedora 43 had gone fine on my work desktop , and it certainly had no sound problems afterward. My console login on my work machine was still a 'user-light' session, but the reason it had a systemd user service manager was that one had been created earlier and was sticking around. To cut a long story short, on my work desktop I was set up as a loginctl 'linger' account (/var/lib/systemd/linger says this happened May 21st 2021). Such a 'linger' account creates a session at system boot, which creates a user service manager as the result, and that session and user service manager remains until system shutdown.

Regardless of how many times you log in, you only ever have one systemd user service manager. So once a user service manager is created for any reason, including the user service manager that's started at boot for a 'linger' account, your console 'user-light' logins will still get access to that user service manager, Pipewire and other things will start normally, sound will work, and you (I) won't notice anything different.

In theory I could work around this today by setting myself up as a 'loginctl linger' account on my home machine too, and skip any PAM changes. In practice, I'm reluctant to assume that pam_systemd will always create systemd user service managers for system UIDs that are set 'linger'. It strikes me as rather the kind of thing that might get optimized some day, much as 'user-light' was optimized into systemd v258 ( cf , also , also ).

Today I’m very happy to share that Mario Zechner is joining Earendil .

First things first: I think you should read Mario’s post . This is his news more than it is ours, and he tells his side of it better than I could. What I want to do here is add a more personal note about why this matters so much to me, how the last months led us here, and why I am so excited to have him on board.

Last year changed the way many of us thought about software. It certainly changed the way I did. I spent much of 2025 building, probing, and questioning how to build software, and in many more ways what I want to do. If you are a regular reader of this blog you were along for the ride. I wrote a lot, experimented a lot, and tried to get a better sense for what these systems can actually do and what kinds of companies make sense to build around them. There was, and continues to be, a lot of excitement in the air, but also a lot of noise. It has become clear to me that it’s not a question of whether AI systems can be useful but what kind of software and human-machine interactions we want to bring into the world with them.

That is one of the reasons I have been so drawn to Mario’s work and approaches.

Pi is, in my opinion, one of the most thoughtful coding agents and agent infrastructure libraries in this space. Not because it is trying to be the loudest or the fastest, but because it is clearly built by someone who cares deeply about software quality, taste, extensibility, and design. In a moment where much of the industry is racing to ship ever more quickly, often at the cost of coherence and craft, Mario kept insisting on making something solid. That matters to me a great deal.

I have known Mario for a long time, and one of the things I admire most about him is that he does not confuse velocity with progress. He has a strong sense for what good tools should feel like. He cares about details. He cares about whether something is well made. And he cares about building in a way that can last. Mario has been running Pi in a rather unusual way. He exerts back-pressure on the issue tracker and the pull requests through OSS vacations and other means.

The last year has also made something else clearer to me: these systems are not only exciting, they are also capable of producing a great deal of damage. Sometimes that damage is obvious; sometimes it looks like low-grade degradation everywhere at once. More slop, more noise, more disingenuous emails in my inbox. There is a version of this future that makes people more distracted, more alienated, and less careful with one another.

That is not a future I want to help build.

At Earendil, Colin and I have been trying to think very carefully about what a different path might look like. That is a big part of what led us to Lefos .

Lefos is our attempt to build a machine entity that is more thoughtful and more deliberate by design. Not an agent whose main purpose is to make everything a little more efficient so that we can produce even more forgettable output, but one that can help people communicate with more care, more clarity, and joy.

Good software should not aim to optimize every minute of your life, but should create room for better and more joyful experiences, better relationships, and better ways of relating to one another. Especially in communication and software engineering, I think we should be aiming for more thought rather than more throughput. We should want tools that help people be more considerate, more present, and more human. If all we do is use these systems to accelerate the production of slop, we will have missed the opportunity entirely.

This is also why Mario joining Earendil feels so meaningful to me. Pi and Lefos come from different starting points. There was a year of distance collaboration, but they are animated by a similar instinct: that quality matters, that design matters, and that trust is earned through care rather than captured through hype.

I am very happy that Pi is coming along for the ride. Me and Colin care a lot about it, and we want to be good stewards of it. It has already played an important role in our own work over the last months, and I continue to believe it is one of the best foundations for building capable agents. We will have more to say soon about how we think about Pi’s future and its relationship to Lefos, but the short version is simple: we want Pi to continue to exist as a high-quality, open, extensible piece of software, and we want to invest in making that future real. As for our thoughts of Pi’s license, read more here and our company post here .

Kottke:

This shot from Artemis II of the Moon eclipsing the Sun is one of the most breathtaking astronomical photos I’ve ever seen. Holy shit .

Follow NASA on Flickr for more.

★

GLM-5.1: Towards Long-Horizon Tasks

Chinese AI lab Z.ai's latest model is a giant 754B parameter 1.51TB (on Hugging Face ) MIT-licensed monster - the same size as their previous GLM-5 release, and sharing the same paper .

It's available via OpenRouter so I asked it to draw me a pelican:

llm install llm-openrouter llm -m openrouter/z-ai/glm-5.1 'Generate an SVG of a pelican on a bicycle' And something new happened... unprompted, the model decided to give me an HTML page that included both the SVG and a separate set of CSS animations!

The SVG was excellent, and might be my new favorite from an open weights model:

But the animation broke it :

That's the pelican, floating up in the top left corner.

I usually don't do follow-up prompts for the pelican test, but in this case I made an exception:

llm -c 'the animation is a bit broken, the pelican ends up positioned off the screen at the top right' GLM 5.1 replied:

The issue is that CSS transform animations on SVG elements override the SVG transform attribute used for positioning, causing the pelican to lose its placement and fly off to the top-right. The fix is to separate positioning (SVG attribute) from animation (inner group) and use <animateTransform> for SVG rotations since it handles coordinate systems correctly.

And spat out fresh HTML which fixed the problem!

I particularly like the animation of the beak, which is described in the SVG comments like so:

<!-- Pouch (lower beak) with wobble --> < g > < path d = " M42,-58 Q43,-50 48,-42 Q55,-35 62,-38 Q70,-42 75,-60 L42,-58 Z " fill = " url(#pouchGrad) " stroke = " #b06008 " stroke-width = " 1 " opacity = " 0.9 " /> < path d = " M48,-50 Q55,-46 60,-52 " fill = " none " stroke = " #c06a08 " stroke-width = " 0.8 " opacity = " 0.6 " /> < animateTransform attributeName = " transform " type = " scale " values = " 1,1; 1.03,0.97; 1,1 " dur = " 0.75s " repeatCount = " indefinite " additive = " sum " /> </ g >

Update : On Bluesky @charles.capps.me suggested a "NORTH VIRGINIA OPOSSUM ON AN E-SCOOTER" and...

The HTML+SVG comments on that one include /* Earring sparkle */, <!-- Opossum fur gradient -->, <!-- Distant treeline silhouette - Virginia pines -->, <!-- Front paw on handlebar --> - here's the transcript and the HTML result .

Tags: css , svg , ai , generative-ai , llms , pelican-riding-a-bicycle , llm-release , ai-in-china , glm

Hackers linked to Russia’s military intelligence units are using known flaws in older Internet routers to mass harvest authentication tokens from Microsoft Office users, security experts warned today. The spying campaign allowed state-backed Russian hackers to quietly siphon authentication tokens from users on more than 18,000 networks without deploying any malicious software or code.

Microsoft said in a blog post today it identified more than 200 organizations and 5,000 consumer devices that were caught up in a stealthy but remarkably simple spying network built by a Russia-backed threat actor known as “ Forest Blizzard .”

How targeted DNS requests were redirected at the router. Image: Black Lotus Labs.

Also known as APT28 and Fancy Bear, Forest Blizzard is attributed to the military intelligence units within Russia’s General Staff Main Intelligence Directorate (GRU). APT 28 famously compromised the Hillary Clinton campaign, the Democratic National Committee, and the Democratic Congressional Campaign Committee in 2016 in an attempt to interfere with the U.S. presidential election.

Researchers at Black Lotus Labs , a security division of the Internet backbone provider Lumen , found that at the peak of its activity in December 2025, Forest Blizzard’s surveillance dragnet ensnared more than 18,000 Internet routers that were mostly unsupported, end-of-life routers, or else far behind on security updates. A new report from Lumen says the hackers primarily targeted government agencies—including ministries of foreign affairs, law enforcement, and third-party email providers.

Black Lotus Security Engineer Ryan English said the GRU hackers did not need to install malware on the targeted routers, which were mainly older Mikrotik and TP-Link devices marketed to the Small Office/Home Office (SOHO) market. Instead, they used known vulnerabilities to modify the Domain Name System (DNS) settings of the routers to include DNS servers controlled by the hackers.

As the U.K.’s National Cyber Security Centre (NCSC) notes in a new advisory detailing how Russian cyber actors have been compromising routers, DNS is what allows individuals to reach websites by typing familiar addresses, instead of associated IP addresses. In a DNS hijacking attack, bad actors interfere with this process to covertly send users to malicious websites designed to steal login details or other sensitive information.

English said the routers attacked by Forest Blizzard were reconfigured to use DNS servers that pointed to a handful of virtual private servers controlled by the attackers. Importantly, the attackers could then propagate their malicious DNS settings to all users on the local network, and from that point forward intercept any OAuth authentication tokens transmitted by those users.

DNS hijacking through router compromise. Image: Microsoft.

Because those tokens are typically transmitted only after the user has successfully logged in and gone through multi-factor authentication, the attackers could gain direct access to victim accounts without ever having to phish each user’s credentials and/or one-time codes.

“Everyone is looking for some sophisticated malware to drop something on your mobile devices or something,” English said. “These guys didn’t use malware. They did this in an old-school, graybeard way that isn’t really sexy but it gets the job done.”

Microsoft refers to the Forest Blizzard activity as using DNS hijacking “to support post-compromise adversary-in-the-middle (AiTM) attacks on Transport Layer Security (TLS) connections against Microsoft Outlook on the web domains.” The software giant said while targeting SOHO devices isn’t a new tactic, this is the first time Microsoft has seen Forest Blizzard using “DNS hijacking at scale to support AiTM of TLS connections after exploiting edge devices.”

Black Lotus Labs engineer Danny Adamitis said it will be interesting to see how Forest Blizzard reacts to today’s flurry of attention to their espionage operation, noting that the group immediately switched up its tactics in response to a similar NCSC report (PDF) in August 2025. At the time, Forest Blizzard was using malware to control a far more targeted and smaller group of compromised routers. But Adamitis said the day after the NCSC report, the group quickly ditched the malware approach in favor of mass-altering the DNS settings on thousands of vulnerable routers.

“Before the last NCSC report came out they used this capability in very limited instances,” Adamitis told KrebsOnSecurity. “After the report was released they implemented the capability in a more systemic fashion and used it to target everything that was vulnerable.”

TP-Link was among the router makers facing a complete ban in the United States. But on March 23, the U.S. Federal Communications Commissio n (FCC) took a much broader approach, announcing it would no longer certify consumer-grade Internet routers that are produced outside of the United States.

The FCC warned that foreign-made routers had become an untenable national security threat, and that poorly-secured routers present “a severe cybersecurity risk that could be leveraged to immediately and severely disrupt U.S. critical infrastructure and directly harm U.S. persons.”

Experts have countered that few new consumer-grade routers would be available for purchase under this new FCC policy (besides maybe Musk’s Starlink satellite Internet routers, which are produced in Texas). The FCC says router makers can apply for a special “conditional approval” from the Department of War or Department of Homeland Security, and that the new policy does not affect any previously-purchased consumer-grade routers.

Send me to fall, send me to fall

You’ve got front row seats

– misheard saoirse dream lyrics

Every time they train a new frontier model, they do a calculation. What’s the most efficient way to make money off of this model? For a while now, it’s been selling access to it like a SaaS subscription. You buy access to the model, you use it to make money, some percent of the money you make pays the API bill, etc…

In a growth economy, this calculus works. The economy grows, and they don’t increase their share of it, they just get more because the economy is growing. The primary driver of economic growth is onboarding of new users, except ask your preferred model about the “fertility crisis” and realize we don’t do that anymore. (ahh never mind Nigeria is growing, we are saved )

So we’re in a non growth economy, and without global growth, you still need growth for yourself. The big tech companies all experienced this. The only way to get growth for yourself is to take a bigger share. First from your users, then from your business partners, then from your employees. You start eating yourself.

The AI application layer will be worthless. The reason isn’t that it’s going to be commoditized, it’s that this will be the first place the model makers will come for in their hunt for verticality. At first, you’ll see some defect and continue to provide API access, but eventually the market will consolidate to 2 or 3 players.

Unfortunately, the quality of a model scales pretty clearly with the amount spent on the training run. You can have 10x hits like deepseek, or -10x misses like GPT-4.5, but it all pretty much follows the rule. You want performance, you spend. So it cost a lot, and very few can afford to be on the frontier.

They want to best recoup their investment, and the way to do that is not to provide unfettered API access. Many things in the world are Red Queen’s races , and with a bit of coordination, there’s more profit to be made for all if all the frontier labs coordinate.

So you’ll see an era of market segmentation. Way beyond just personal and business, it’ll be per industry. One price for finance, one price for cybersecurity, one price for copywriting. And rolled out to “preferred partners” (aka people who paid us) first. You pay to be early. You pay so other don’t get it. The frontier labs uncoordinatedly coordinate to calculate the maximum to siphon off so we can suck the most out of everyone, over whatever time horizon they are thinking on.

The core limiting factor of most industries in America is intelligence. Think about what value you think you add and why your employer sees it worth it to give you some of the profits. It’s probably not your muscle power.

This only ends up in one place. A continued climbing of the vertical. Why are you still in the loop at all? Don’t think voting will save you . You’ll have 0 earning potential. You’ll have no money to buy stuff, this is the way capitialism ends .

There’s only one way to prevent this, and it’s preventing anyone from monopolizing compute, the resource needed to train and run models. Make sure it stays distributed. Oh wait, it’s already too late for that . 60% of the global compute is owned by the 5 US hyperscalers.

I think there is a world market for maybe five computers.

IBM was just early.

The markets are thinking on an extremely short time horizon. After AI takes all the jobs, what exactly happens? How many of those jobs no longer exist now that AI took all the jobs that paid the people to buy the stuff that those jobs produced? Truck drivers? Why drive a truck to Topeka full of stuff if nobody in Topeka has jobs to buy it? We live in a society and we work for each other. This is like your body consuming its muscle to stay alive, and pretty soon after that, you die.

There is a way out of this, but the world isn’t ready for it yet. Way too much 0 sum thinking still dominates. Someday we will realize the universe is putty in our hands, and it never had to be like this. But that day won’t be today. Or tomorrow. The demoralization is just beginning.

In a comment to my discussion of the Windows 95 patch system, commenter word merchant wondered whether there were any Windows 3.1 programs or drivers that were so incompatible with Windows 95 that there was no point trying to patch them .

Yes, there were problems that were so bad that the program was effectively unfixable. The largest category of them were those which took various types of handles and figured out how to convert them to pointers, and then used those pointers to access (and sometimes modify!) the internal implementation details of those objects.¹ Not only did the implementation details change, but the mechanism they used to convert handles to pointers also stopped working because Windows 95 used a 32-bit heap for user interface and graphics objects, whereas Windows 3.1 used a 16-bit heap.

Sometimes the programs were kind enough to do strict version checks to confirm that they were running on a system whose internals they understood. Sometimes their version checks were themselves broken, like one program that assumed that if the Windows version is not 3.0, 3.1, or 2.1, then it must be 2.0!

There were other one-off problems, like programs which detoured APIs in a way that no longer worked, but the ones that dug into operating system internals were by far the most common.

¹ What’s particularly frustrating is the cases where the program did this to access internal implementation details, when the information they wanted was already exposed by a public and supported API.

The post Were there any Windows 3.1 programs that were so incompatible with Windows 95 that there was no point trying to patch them? appeared first on The Old New Thing .

As discussed in my last blog post , the scumsuckers at Apollo.io have been giving out my personal details.

Not only did they have my email address, they also had a copy of one of my phone numbers. I asked them where they got it from and they said:

Your phone number came from Parsely, Inc (wpvip.com) one of our customers who participates in our customer contributor network by sharing their business contacts with the Apollo platform.

I've never done any business with Parsely . They have no reason to have my phone number and absolutely no permission to share it with other organisations.

Back in 2021, Parsely became part of WordPress VIP . Ah yes, our old "friends" at Automattic with their somewhat lax attitude to privacy .

I took advantage of WordPress VIP's GDPR policy and sent a terse but polite "Hey, WTAF?" to them. Their response was quick:

Thanks for reaching out. We are currently investigating our systems to locate any personal data regarding your request. We appreciate your patience.

After a bit of prodding, they eventually replied with:

It appears that we obtained your contact information as a result of a meeting you had with a representative for the WPScan service around August 5, 2022. WPScan is owned by our parent company Automattic.

We have no record of Parsely, Inc. (which is no longer in existence) or WPVIP Inc. (the owner of the Parse.ly service) having any relationship with Apollo.io.

We also have no record of Parsely, Inc. or WPVIP Inc. having sold or otherwise provided your information to any third party.

I have no memory and no record of meeting anyone from WPScan - although I concede it is possible I did as part of a previous job.

But even if it was in an email signature when I contacted them that still doesn't explain how it made its way to Apollo for them to give to spammers everywhere. Was it a hack? A data leak? A treacherous employee? A deliberate sale? A sneaky app update? Or maybe just Apollo lying to me.

I don't care any more. I'm just so tired of shitty companies treating personal data as a commodity to be traded, sold, repackaged, and abused.

Michael Stapelberg wrote last week about Go’s automatic VCS stamping: since Go 1.18, every binary built from a git checkout embeds the commit hash, timestamp, and dirty flag, queryable with go version -m or runtime/debug.ReadBuildInfo() at runtime. His argument is that every program should do this, so you can always answer “what version is running in production?” without guessing. Go is unusual in doing this by default, and the rest of the package management landscape varies wildly in how it handles this, if it handles it at all.

Compiled languages

Rust’s Cargo has an open issue proposing that cargo package record the git commit hash in published crates, but nothing has been accepted beyond a .cargo_vcs_info.json file in the packaged crate, so the conventional approach is a build.rs script using crates like vergen or shadow-rs to emit cargo:rustc-env directives that become compile-time environment variables readable with env!() . You get the SHA, branch, timestamp, and dirty flag, but you have to opt in, wire it up, and expose it through a --version flag or similar, and there’s no way to inspect an arbitrary Rust binary externally.

SourceLink , now built into the .NET SDK, makes .NET the closest to Go’s approach. It sets AssemblyInformationalVersion to something like 1.0.0+60002d50a... , embedding the full commit SHA alongside the repository URL for debugger source fetching. MinVer derives the version entirely from git tags with no configuration file, and GitVersion computes semver from branch topology. It’s opt-in, but the tooling is mature enough that a .NET developer who wants stamping can get it with a single package reference and no build script.

Java’s ecosystem relies on git-commit-id-maven-plugin , which generates a git.properties file and can inject metadata into META-INF/MANIFEST.MF . Spring Boot’s actuator /info endpoint reads git.properties automatically, which means a lot of Spring Boot applications in production actually do have VCS info available, even if the developers who configured it don’t think of it as “stamping.” You can inspect a JAR’s manifest with unzip -p foo.jar META-INF/MANIFEST.MF , and Package.getImplementationVersion() reads it at runtime, though without the plugin you get whatever the maintainer put in the POM version field and nothing else. Gradle has equivalents, and sbt needs two plugins ( sbt-buildinfo plus sbt-git ) to get the same result.

Swift Package Manager has no stamping mechanism at all, and a third-party PackageBuildInfo plugin that shells out to git during the build is about all that exists. SwiftPM has a registry protocol (SE-0292, SE-0391) and private registries exist, but there’s no public centralized registry and most packages still resolve directly from git repositories, so the VCS metadata is right there at build time. It clones the repo, checks out the tagged commit, and then throws away everything except the source files. Of all the compiled language toolchains, SwiftPM would have the easiest time stamping and yet doesn’t.

Bazel’s --workspace_status_command flag runs a user-provided script that prints key-value pairs. Keys prefixed STABLE_ invalidate the build cache when they change; others are “volatile” and stale values may be used without triggering a rebuild. The mechanism is powerful and built-in, but the documentation is notoriously confusing and the stable-vs-volatile distinction trips people up regularly.

Interpreted languages

For interpreted languages, “stamping” means something slightly different, since there’s no compiled binary to embed data in: can you determine what version or commit an installed package came from at runtime?

Composer’s InstalledVersions::getReference('vendor/pkg') , available since version 2.0, returns the git commit SHA of every installed PHP package, backed by vendor/composer/installed.json . This works for both source and dist installs because Packagist records the commit SHA that each tag points to in its API metadata, and Composer preserves it through the lock file into runtime. No other interpreted language package manager preserves this much VCS metadata with this little configuration.

Python’s importlib.metadata.version('pkg') gives you the version string but no VCS revision unless you use setuptools-scm or similar to bake the commit hash in at build time. PEP 610 specifies a direct_url.json for packages installed directly from VCS, which records the commit hash, but anything installed from PyPI lost its git SHA when the sdist or wheel was built. npm, pnpm, and Yarn make package.json version available at runtime but nothing more; npm provenance attestations link published packages to specific commits via Sigstore, though that’s registry metadata rather than something embedded in the package itself. RubyGems exposes version at runtime through Gem::Specification and the gemspec metadata hash allows arbitrary keys, but there’s no standard field for git SHA and no convention for using one.

System package managers

dpkg stores package version (e.g. 1.2.3-1 ) queryable with dpkg -s , and a Vcs-Git field exists in source package metadata, but that field never propagates to installed binary packages. RPM actually has a dedicated VCS tag (tag 5034) that can store the upstream repository URL and potentially a commit SHA, but most Fedora RPMs don’t bother setting it.

Arch’s pacman has a clever approach for VCS packages: packages suffixed -git run a pkgver() function in the PKGBUILD that encodes the commits-since-last-tag and short hash into the version string itself, like 1.0.3.r12.ga1b2c3d , so the version you see in pacman -Qi actually contains the commit info. Regular packages built from release tarballs just carry the upstream version number, though.

Homebrew records the formula URL (typically a tarball) and its SHA256, plus a Homebrew-specific revision field for rebuilds, but no upstream git commit survives installation. Flatpak and Snap both have version metadata in their app manifests but no VCS revision field in either format.

Nix is where Stapelberg’s post originates, and it’s a good illustration of the problem: store paths encode a content hash, not a VCS revision, and fetchers like fetchFromGitHub download a tarball with no .git directory. Even builtins.fetchGit strips .git for reproducibility. The .rev attribute exists during Nix evaluation but isn’t written to the store, so Stapelberg’s go-vcs-stamping.nix overlay has to bridge that gap for Go specifically, and the underlying problem affects every language built through Nix.

Container images

OCI images have their own annotation spec for this: the org.opencontainers.image.revision label carries the VCS commit hash, and org.opencontainers.image.source points to the repository URL. docker buildx can set these automatically from git context, and GitHub Actions’ docker/metadata-action populates them from the workflow environment, so a CI-built image can carry its commit SHA and repo URL without any manual wiring.

Plenty of Dockerfiles don’t set these labels in practice, and even when they’re present they describe the image build, not necessarily the application inside it. An image built from a Go binary that was itself built without VCS stamping will have the commit that changed the Dockerfile, which may or may not be the commit that changed the application code, so image-level and application-level stamping end up being two separate problems.

Source archives

Git’s own git archive command supports export-subst in .gitattributes , expanding placeholders like $Format:%H$ into the full commit hash, which is the intended mechanism for embedding commit info in archives without .git . GitHub, GitLab, Gitea, and Forgejo all use git archive internally for their downloadable tarballs and zipballs, so export-subst works on all of them. If you add version.txt export-subst to your .gitattributes and put $Format:%H$ in that file, the tarball will contain the full commit hash.

The catch is reproducibility. Abbreviated hash placeholders like $Format:%h$ produce different-length output depending on the number of objects in the repository, and GitHub’s servers don’t always agree on object counts. The same tarball URL can return different contents at different times, which breaks checksum verification. NixOS/nixpkgs#84312 documents this problem in detail. Full hashes ( %H ) are stable, but ref-dependent placeholders like %d change as branches move. The mechanism works, but anyone who checksums tarballs, which is most package managers, has to treat export-subst repos as a source of non-determinism.

The same thing happens with package archives, where the version from the manifest file survives but the commit that produced it doesn’t unless the build backend explicitly stamped it in. (An npm bug in 6.9.1 once accidentally included .git directories in published tarballs, and it was treated as a serious defect.) A developer tags a commit, CI builds an artifact from that tag, the build process strips .git , and the resulting package carries only the version string.

Trusted publishing and embedded stamping

Trusted publishing through Sigstore addresses this from the registry side. When a package is published from CI with OIDC-based trusted publishing, the registry records which commit, repository, and workflow produced it, with a cryptographic signature in a transparency ledger. npm and PyPI both support this today. The provenance metadata lives at the registry rather than in the artifact, but you can look up an artifact’s attestation by its hash, so if you have the artifact you can trace it back to the commit that produced it without the artifact itself needing to carry that information.

Software Heritage could eventually enable something similar from the source side. They archive public source code repositories and assign intrinsic identifiers ( SWHIDs ) based on content hashes, so in principle you could go the other direction too: given a source tree or file, look up which commits and repositories it appeared in. That archive is already large and growing, though the tooling to make these lookups practical for everyday debugging isn’t there yet.

All this research got me thinking about how it could integrate with git-pkgs , which already tracks the dependency side of this: who added a package, when it changed, what the version history looks like in your repo. Its browse command opens the installed source of a package in your editor, but that’s the installed files with no git history.

If packages reliably carried their source commit, there’s a more interesting version of that command: clone the upstream repository and check out the exact commit your installed version was built from. You’d get git log , git blame , the full context of what changed between the version you have and the version you’re upgrading to, all from your local terminal. The stamping metadata is the missing link between “I depend on this package at this version” and “here is the code that produced it, with its history.”

->->->->->->->->->->->->->->->->->->->->->->->->->->->->->

Top Sources: None

-->

Today's links

• Switzerland's Goldilocks fiber : Public provision is a layered question.

• Hey look at this : Delights to delectate.

• Object permanence : EU appoints henhouse fox (copyright); Emacs x Tron: Legacy; Spammer v dead man's AOL account; Scott Walker's pork fountain; "No toilets, try Amazon"; Iceland falls (x Panama Papers); Rooms in Milanese sewers; China bans Panama Papers; "Parent Hacks"; "The Nameless City"; Phishing the world's top breach expert.

• Upcoming appearances : Toronto, Montreal, Toronto, San Francisco, London, Berlin, NYC, Hay-on-Wye, London.

• Recent appearances : Where I've been.

• Latest books : You keep readin' em, I'll keep writin' 'em.

• Upcoming books : Like I said, I'll keep writin' 'em.

• Colophon : All the rest.

Switzerland's Goldilocks fiber ( permalink )

If you live in Switzerland you can get a 25Gbit fiber link to your home. That's 25Gbit symmetrical – upload and download. On a dedicated connection that's yours and yours alone. From multiple providers. And you can switch providers with the click of a mouse. It's the ne plus ultra , magnifico , wunderschön :

https://www.init7.net/de/internet/fiber7/

In a fascinating blog post, Stefan Schüller unpacks how this came to pass, in Switzerland, a country known for its impassable mountains and its impossible national telco (Swisscom):

https://sschueller.github.io/posts/the-free-market-lie/

Schüller describes the Swiss system as a kind of Goldilocks approach that's midway between two failed systems: the American "free market" system and the German state provision system.

Most people in the US can't get fiber at all, and if you can get it, it's probably 1Gbit, and available from a single provider (that's nearly my situation in Los Angeles, where I can buy 2Gbit symmetrical fiber from AT&T, who run a shared connection on old Worldcom fiber they've lit up). Some (very foolish) people say that Starlink represents a competitive alternative to fiber. This is nonsense – first, because Starlink is another natural monopoly (how many competing satellite constellations can we cram into stable orbits before they start smashing into each other?), and second, because satellite is millions of times slower than fiber:

https://www.somebits.com/weblog/tech/bad/starlink-nov-2022-data-caps.html

In Germany, most people also have a single fiber provider, and the connection they get is shared, and caps out at 1-2Gbit.

Meanwhile, the Swiss can get connections that are far faster, and cheaper. How did they do it?

For starters, the Swiss recognized what any Simcity player knows: fiber is a "natural monopoly." It doesn't make any sense to build multiple, competing fiber networks – any more than it would make sense to build multiple, competing sewer systems or electric grids.

In the US, private fiber providers get city permits to dig up the roads and lay their network. If you have two competing networks, they dig up the road twice.

You'd think that the (more regulated) Germans would lay a single network, but they, too, have multiple, competing networks. German regulators have a complex set of priorities and constraints: to encourage competition, they promote the idea of competing networks in competing trenches, often just meters apart (rather than on competing services running over the same fiber and/or fiber run through the same conduit – pipe – laid in a single trench).

This makes setting up fiber extremely capital-intensive, so Germany backstops this system with "essential facilities sharing" – a rule that requires the incumbent (formerly state-owned, now partially state-owned) Deutsche Telekom to offer space in its conduit to smaller ISPs that want to thread their own fiber from their data-centers to their customers' homes. This is a good idea in theory – but in practice, DT has largely captured its regulators and so it is free to place all kinds of administrative hurdles in the paths of competitors seeking to use its lines.

The result is that Germans can get fiber from multiple, heavily capitalized network providers who overbuilt redundant systems under the city streets, squandering capital digging trenches that they could have spent on providing faster and/or cheaper connections.

Meanwhile, in the US, they leave this all up to "the market" (though, of course, there's no way "the market" could get fiber laid down without public participation, because the clearing price for privately negotiated licenses to dig up every street in town is "infinity"). The US is dominated by a cartel of massive incumbents: there's AT&T (formerly a regulated monopoly that was so entangled with the US government that it was effectively a for-profit state enterprise) and the cable giants, Comcast and Charter, who divide up the country into exclusive territories like the Pope dividing up the "New World."

These companies generally enjoy regional monopolies, which means they're less interested in making profits (money you get by mobilizing capital) than they are from extracting rent (money you get from sweating assets). For example, when Frontier went bankrupt in 2020, we got to look at its internal bookkeeping system, and learned that the company treated 1m customers who had no alternative carriers as special assets because it could charge them more for worse service and poor maintenance:

https://pluralistic.net/2022/12/15/useful-idiotsuseful-idiots/

This means that US fiber networks tend to be under built (the opposite of Germany's overbuilt networks), meaning that even if you're buying "gigabit" fiber, you're probably sharing that one gig connection with your whole block or neighborhood, so you only get your nominal throughput at weird hours when all the other subscribers aren't streaming Netflix.

(Note that there are cities in the US with a better situation; particularly cities served by Ting, which is owned by Hover, the amazing domain registry. Ting operates an excellent mobile carrier and a fiber networks in many cities. If you are lucky enough to have Ting as an option, then you should treasure that option .)

So, that's Germany and America. What did they do in Switzerland?

For starters, they ran a four-strand, dedicated line (an insulated wire with four separate strands of fiber in it) to every house. That wire terminates at your wall with a "neutral, open hub." Any carrier can provide service over those four strands: Swisscom (the incumbent, majority state-owned carrier); Init7 or Salt (national, commercial carriers); or a local ISP.

Each of the strands in your neutral hub operate independently. That means that you can switch from one carrier to another with a click. You can also run two or more carriers' signal through your hub, meaning that you can try out a new carrier before canceling your old one. The carriers compete on price, speed and customer service – but they don't compete on who can actually connect your home to the internet.

The origins of this excellent system are in 2008, when Switzerland's Federal Communications Commission convened a roundtable to determine the future of the country's broadband. Incredibly, it was Swisscom that pushed for the multi-strand, dedicated fiber system, on the grounds that anything less would lead to monopolization.

I say "incredibly," because in all my travels over the past three decades, a single encounter with Swisscom stands out as the most absurd and backwards run-in I ever experienced with a telco.

It was while I was working as EFF's delegate to the United Nations in Geneva, as part of an infinitesimal coalition of digital rights group convened by James Love and Manon Ress of Knowledge Ecology International. Geneva is not a forgiving city for someone working for a cash-strapped NGO: it's a city where everyone (except you) is on a lavish expense account courtesy of a national government, or (better still) an industry body that lobbies the UN.

My usual daggy two-star hotel (which cost as much as a four-star in London) didn't have its own wifi: instead, you signed on through Swisscom, which did not offer its own payment processing. To get onto the Swisscom wifi, you had to buy a scratch-off prepaid card that was good for a certain number of hours or minutes. The hotel was always sold out of these cards.

So my normal ritual upon my arrival in Geneva was to scour the tobacco shops around the train station for scratch-off cards. Normally, this would take four or five tries – the shops would either be completely sold out, or would only have the two-hour cards (needless to say, these were a lot more expensive on a per-hour basis than the one-day and multi-day cards).

On one trip, though, all the shops were sold out of these cards, so I skipped breakfast the next morning to wait outside the doors of the Swisscom offices, which opened five minutes late (the only business in Switzerland that wasn't achingly prompt!). The clerk let me in eventually, but when I approached his counter, he made me trudge to the opposite end of the room to take a number (I was the only person in the shop).

After an ostentatious delay, the clerk called out "Numero un!" and I went up to his counter and asked for a three-day card. No dice, he was sold out. Two-day cards? Nope. One-day? Uh-uh. He only had two-hour cards, too. Literally, the Swiss national telco had run out of integers .

This incident stuck with me so durably that I wrote it into my third novel, Someone Comes To Town, Someone Leaves Town . You can hear me read that passage here:

https://pluralistic.net/2020/08/17/aura-of-benevolence/#sctt-slt

So it's frankly amazing to me to learn that Swisscom – who will forever be synonymous in my mind with the most catastrophically stupid internet delivery system imaginable – demanded this anti-monopoly fiber rollout.

But – as Schüller points out – Swisscom's foray into uncharacteristic reasonableness was short-lived. By 2020, the company had regressed to its mean, and was demanding an end to the neutral, four-strand, point-to-point system, petitioning for regulatory permission to switch to a cheaper, slower, shared hub-and-spoke system. This system wouldn't just be slower – it would also require all of Swisscom's rivals to rent access to its fiber, with Swisscom having the final say over who could compete with it and how.

This went all the way to the Swiss federal courts, who ruled that Swisscom had failed to demonstrate "sufficient technological or economic grounds" for the change and fined the company CHF18m for wasting everyone's time with this stupid idea (that is, "violating Swiss competition law"). And so it is that, in 2026, you can get 25Gbit symmetrical fiber throughout Switzerland. Wunderschön!

Schüller closes out his piece with a set of recommendations for countries hoping to replicate Switzerland's broadband miracle: open access to physical infrastructure; point-to-point service; neutral fiber standards; municipal fiber; and strong antitrust enforcement to keep the incumbent carriers in line.

These are great recommendations; they address the contradiction of regulated monopoly telcoms provision. On the one hand, these networks are natural monopolies, and they can only exist with extensive government intervention (at a minimum, to clear the way for poles, trenches and conduit for the physical fiber).

On the other hand, telcoms (especially broadband) play an important role in the political realm, because broadband connections are essential to civic and political engagement. You can't turn people out for a protest, or run an election campaign, a referendum, a ballot initiative, a regulatory notice-and-comment campaign, or even a campaign to get people to a public meeting or listening session without broadband.

This means that state-provided broadband is an incredibly tempting target for political corruption and regulatory capture. Think of all the terrible things that governments are doing with broadband regulation today, like Trump demanding that service providers turn over the identities and locations of his political enemies so that ICE can hunt them down and kidnap or murder them; or "age verification" systems that accumulate mountains of easily raided personal information on adults and children.

Do you want Trump's FCC chairman Brendan Carr setting content moderation policies for your internet connection? The guy who wants to pull TV and radio stations' broadcast licenses if they criticize Trump and Israel's catastrophic Iran war?

https://www.techdirt.com/2026/03/17/brendan-carr-pretends-to-be-tough-demands-broadcasters-support-disastrous-war/

Do you want your local ISP being run by your mayor? I mean, sure, there are some reasonable mayors out there, but imagine if your ISP was managed by Eric Adams, Boris Johnson…or Rob Ford :

https://www.patreon.com/posts/rob-ford-part-1-111985831

Saying that broadband should be run "like a utility," raises more questions than it answers. I, too, want broadband run "like a utility," but that doesn't mean that I want the whole show to be provided solely by my federal or municipal government. A "utility" model for broadband should mean running conduit to every home in town, with point-to-point connections that deliver broadband via a municipally owned network – but not just that.

The municipal network should also offer "essential facilities sharing" in two forms: first, they should allow anyone to set up an ISP by renting shelf-space in the municipal data-center and installing their own switches that can provide internet to anyone in town. This would let large and small companies set up ISPs, as well as co-ops and nonprofits, or even tinkerers wanting to provide access to a group of friends. Beyond that, the city should rent space in the conduit itself, to support point-to-point links beyond those offered by the city – fo

内容较长，当前仅展示前 14000 字。可点击“打开原文”查看完整内容。

Over on the Fediverse, I had a question :

To the sysadmin population of the Fediverse: do people have any numbers on how long common mail senders will retry sending mail if your MX is unreachable? Once upon a time people retried for many days, but my impression is that quite a few places now stop trying and bounce the email after quite short intervals, like a day.

(Boosts and practical experiences welcome, like "my MX was down for three days and I still got all that email sent from GMail".)

The context for my sudden curiosity is that there's a scheduled all-weekend, whole building power outage at the start of May for the building with our machine room. It seems likely that basically all of our systems will be down for roughly two and a half days, and longer if things go wrong, and this obviously includes our incoming email gateway.

As I mentioned, in the old days you could definitely expect mail systems to retry for more than a long weekend and so we wouldn't really worry about it. But I'm not sure about that in practice any more, hence my sudden curiosity. Based on replies to that post (and some additional research), common Unix MTA software still seems reasonably okay on retry durations; postfix and sendmail default to five days , while exim more or less defaults to four . RFC 5321 recommends four to five days in section 4.5.4.1 , for what an RFC on SMTP mail is worth these days.

Unfortunately, what matters in practice is how the dominant sources of your email behave, and generally those aren't going to be people running normal Unix mailers in normal configurations. A lot of our email comes from GMail and Office 365, who are obviously using custom mail systems. Office365 covers email from both people at other universities or organizations that use Office 365 and people using the university's central email system to send email to people in my department . It's also possible that configurations vary between organizations using Office365.

There are also all of the people and organizations sending out newsletters, notifications, and so on through the various mailing list service providers, like Amazon SES. These organizations may well have shorter retry times than for individual human-generated email from GMail, Office365, and so on. Another category of email is activity notification emails from places like Github, which people may also want to (eventually) get.

(We have access to an alternate location with a different network and power setup, so we could deploy a backup MX machine to there. There are some potential drawbacks to that, but we may do it as a precaution.)

This week, more time than I'd have liked to spend went on talking about the trials of chasing invoices. This is off the back of a customer (who, for now, will remain unnamed), who had invoices stacking back more than 6 months overdue and despite payment terms of 30 days, paid on an avergae of 80 days . But as I say in this week's video, more than anything, it was the gall of the CEO to take issue with my frustrated tone rather than with their complete lack of respect for basic business etiquette and paying one's suppliers. And so, Copilot and I spent the weekend fixing up a nice little Xero integration to ensure this happens again. If you arrive at this post sometime in the future after finding your HIBP enterprise service no longer functioning weeks after an unpaid invoice was due, at least you'll know it's not personal... and pay your damn bills!

Landauer’s principle gives a lower bound on the amount of energy it takes to erase one bit of information:

E ≥ log(2) k B T

where k B is the Boltzmann constant and T is the ambient temperature in Kelvin. The lower bound applies no matter how the bit is physically stored. There is no theoretical lower limit on the energy required to carry out a reversible calculation.

In practice the energy required to erase a bit is around a billion times greater than Landauer’s lower bound. You might reasonably conclude that reversible computing isn’t practical since we’re nowhere near the Landauer limit. And yet in practice reversible circuits have been demonstrated to use less energy than conventional circuits. We’re far from the ultimate physical limit, but reversibility still provides practical efficiency gains today.

A Toffoli gate is a building block of reversible circuits. A Toffoli gate takes three bits as input and returns three bits as output:

T ( a ,  b ,  c ) = ( a ,  b ,  c XOR ( a AND  b )).

In words, a Toffoli gate flips its third bit if and only if the first two bits are ones.

A Toffoli gate is its own inverse, and so it is reversible. This is easy to prove. If a =  b = 1, then the third bit is flipped. Apply the Toffoli gate again flips the bit back to what it was. If ab = 0, i.e. at least one of the first two bits is zero, then the Toffoli gate doesn’t change anything.

There is a theorem that any Boolean function can be computed by a circuit made of only NAND gates. We’ll show that you can construct a NAND gate out of Toffoli gates, which shows any Boolean function can be computed by a circuit made of Toffoli gates, which shows any Boolean function can be computed reversibly.

To compute NAND, i.e. ¬ ( a ∧ b ), send ( a ,  b , 1) to the Toffoli gate. The third bit of the output will contain the NAND of a and b .

T (a, b , 1) = ( a ,  b , ¬ ( a ∧ b ))

A drawback of reversible computing is that you may have to send in more input than you’d like and get back more output than you’d like, as we can already see from the example above. NAND takes two input bits and returns one output bit. But the Toffoli gate simulating NAND takes three input bits and returns three output bits.

Related posts

• Fredkin automata

• Machine learning by satisfiability solving

• Minimizing Boolean expressions

The post Toffoli gates are all you need first appeared on John D. Cook .

This newsletter is free to read, and it’ll stay that way. But if you want more - extra posts each month, no sponsored CTAs, access to the community, and a direct line to ask me things - paid subscriptions are $2.50/month. A lot of people have told me it’s worth it.

Upgrade

Hacker News is a web application with the following features: a list of links, sorted by votes. Comments under those links, also sorted by votes. User accounts with karma. A text submission option. A jobs board. That's it; that's the entire product. The database schema would take a handful of tables. You've got users, posts, comments, votes, and some metadata. A first-year CS student could design it. And I don't mean that as an insult to either the first-year CS student or to Hacker News. Well, I spent a Saturday last month vibe coding a Hacker News clone. Took about 3 hours, most of which was me arguing with the AI about CSS. By the end I had a working link aggregator with voting, comments, user accounts, and a ranking algorithm roughly equivalent to the one HN uses. It looked like Hacker News. It functioned like Hacker News. It sorted stories by a points-over-time decay function and everything. My 9 year old could have used it. ...but nobody will ever use it. To be clear - this is not a post about how hard it is to build software. It's a post about how easy it is to build software, and how that easiness fools people into thinking they understand what they're looking at when they see a successful product. Every developer who sees HN thinks, "I could build that in a weekend." And they're right; they absolutely could. In fact, I'd assume they're pretty shite at their jobs if they couldn't. What they couldn't build in a weekend // month // year // probably ever, is the thing that makes Hacker News actually work. And that ~thing is not the software. Let me list every Hacker News clone I can think of off the top of my head: Lobsters, Tildes, Barnacles, EchoJS, Hashnode, various subreddits pretending to be link aggregators, that one site called Squishy or Squidgy or something that I remember existing briefly in 2019. Some of these are ok. Lobsters is genuinely good. But none of them are Hacker News in the way that matters, which is: none of them are the place where you go when you want to know what several hundred thousand programmers think is interesting right now. You can't build Place People Go as a feature. It's a thing that happened over time, through a specific and unrepeatable sequence of events, most of which were not planned and some of which were just luck. Hacker News launched in 2007 as a side project by Paul Graham, who ran Y Combinator. The initial user base was people who read Paul Graham's essays. Think about what that means for a second. The seed community was a self-selected group of people who were (a) programmers or startup founders, (b) interested enough in ideas to read long essays about programming languages and startup strategy, and (c) already connected to the Y Combinator network. This is an absurdly good seed community for a tech link aggregator. You could not assemble it on purpose. Or rather, you could assemble something similar, but you would need to already be Paul Graham, which is an unreasonable prerequisite for a product launch. PG has talked about this a bit. He's said the key to HN's moderation is that they basically hand-tuned the community for years. Daniel Gackle (dang), who has moderated HN since around 2014, reads an almost superhuman volume of comments and applies a consistent but hard-to-formalize set of norms. The guidelines say things like "Be civil" and "Don't be snarky" and "Please don't post shallow dismissals." These rules are not special. Every forum has rules like this. What's special is that someone actually enforces them, every day, across thousands of comments, with at least an attempt at consistency. A link aggregator is only as good as its community, and the community is only as good as the people in it, and the people are only there because the other people are there. This is a Schelling point problem; everybody needs to coordinate on the same place, and which place they coordinate on is partly arbitrary, and once they've coordinated it is very expensive to move. There's a bar in your city where all the interesting people go on Thursday nights. The bar is not special. The drinks are mediocre, the lighting is bad, the bathrooms are questionable. But interesting people go there, which makes it interesting, which makes more interesting people go there. If you open an identical bar across the street with better drinks and better bathrooms, nobody is going to switch, because the interesting people are at the other bar. They all know they're at the other bar. There is no mechanism for coordinated switching. You could build a better Hacker News. Better ranking algorithm, better comment threading, better search, dark mode, an API that doesn't feel like it was designed in 2008 (because it was designed in 2008). None of this matters. The readers, the commenters, the founders who show up for "Show HN" and "Ask HN" and "Who is hiring?" are already at Hacker News. You can't move them by building a nicer website. They are not there because the website is nice. Vibe coding has made it trivially easy to build software. I can spin up a functional web app in hours. So can most developers. Increasingly, so can people who aren't developers at all. The cost of building the thing has collapsed toward zero. But most successful software products were never gated by the difficulty of building the thing. They were gated by distribution, network effects, community, trust, brand, regulatory capture, some tangle of these. Making the building part free doesn't touch any of those. It arguably makes them worse, because now you have a thousand competitors who also built the thing over a weekend and are all fighting for the same pool of users who are already using something else. Imagine you could conjure a fully equipped restaurant out of thin air. Kitchen, dining room, the works. Free. What happens? You don't get a golden age of dining. You get a million empty restaurants, because the scarce resource was never the building. It was the chef who knows what she's doing, the corner spot with foot traffic, the regulars who show up on Tuesdays. Those things take years. Hacker News is fifteen years of community norms, trust, moderation decisions, accumulated habits, and network effects. You can't build that. It isn't a technical problem. It's closer to an archaeological one. The thing that makes HN work is deposited in layers over time and you cannot speed up the deposition. There's a lazy version of this argument that says "network effects make incumbents invincible, so never try." I don't buy it. Digg was the Hacker News before Hacker News and it self-destructed. Reddit almost died several times. Twitter did die, sort of, depending on how you score it. These things can break. But they almost always break because the incumbent does something stupid, not because a competitor does something smart. Digg didn't lose because Reddit was technically superior. Reddit in 2010 was ugly and confusing and had the subreddit system, which I maintain to this day is one of the worst information architecture decisions ever made for a site that size. Digg lost because Digg redesigned itself in a way that enraged its entire user base, at the exact moment Reddit was standing there as an alternative. The coordination problem solved itself because one of the two options eliminated itself. If you want to replace Hacker News, you don't need a better Hacker News. You need Hacker News to screw up badly enough that people are motivated to leave, and you need to already exist when they start looking for the exit. This is a patience and luck problem, and last I checked neither of those ships with an npm package. There's a related thing happening all over my Twitter feed. Someone builds a beautiful project management tool over a weekend. They tweet a screen recording. It gets 500 likes. The tool dies off because project management tools don't compete with each other on features. They compete with Jira, and Jira's moat is that your company's entire workflow is caked into it like geological strata. Nobody is migrating away from Jira because some guy's weekend project has nicer fonts. Same with note-taking apps. Every week there's a new one. Every week it's gorgeous. I have probably tried forty of them since 2015 and I still use a folder of plain text files, because at some point I realized the switching cost isn't money or even time, it's the habits in your fingers, and those are basically impossible to override on purpose. The new app would need to be so much better that it overcomes years of muscle memory, and none of them are, because text files are actually fine. The demo is not the product. The product is the ugly part that comes after, where you have to convince real people to actually change what they're doing, and that has never been a software problem. I don't think vibe coding makes it any easier. If anything it makes it harder because you have more competition from other people who also demoed something nice and also can't get anyone to switch. I think the vibe coding discourse has a hole in it, and the hole is shaped like the question: "what is software for?" If software is a thing you build, then vibe coding changes everything. Anyone can build. We have democratized building. Congratulations to building. But software is mostly a thing people use, and getting people to use things is not a building problem. It never was. The reason most software fails is not that it was too hard to code. The reason most software fails is that nobody wanted it, or everybody wanted it but was already using something else, or the right people wanted it but couldn't find it, or they found it but didn't trust it, or they trusted it but couldn't get their team to switch. Hacker News works because Paul Graham had an audience before he had a product, Y Combinator had a network that seeded the community, and dang has been doing the same moderating job every single day for over a decade with what I can only describe as an unreasonable level of dedication. The whole thing has been accumulating social capital for almost twenty years... I built a Hacker News clone in six hours. To me, it's perfect and for everyone else it's empty and those two facts are going to remain true forever. If that doesn't tell you something about what software is and isn't, I don't know what will.

SPONSORED

Westenberg is designed, built and funded by my solo-powered agency, Studio Self. Reach out and work with me:

Work with me

Zed is a type system that was developed with one question in mind: what do readers actually need? Not what looks good in a type specimen, but what works for the widest possible range of readers. We tested Zed with visually impaired patients at a French ophthalmology hospital and found that Zed Text outperformed Helvetica in terms of reading speed across all patient groups. Designed from scratch to perform different functions, it comes in two optical versions — Text and Display — with four variable axes and support for 547 languages, including endangered ones. It is available directly from the designers.

★

Did you know that Jesus gave advice about prototyping with an LLM? Here’s Luke 14:28-30:

Suppose one of you wants to build a tower. Won’t you first sit down and estimate the cost to see if you have enough money to complete it? For if you lay the foundation and are not able to finish it, everyone who sees it will ridicule you, saying, ‘This person began to build and wasn’t able to finish.’

That pretty much sums me up when I try to vibe a prototype .

Don’t get me wrong, I’m a big advocate of prototyping .

And LLMs make prototyping really easy and interesting.

And because it’s so easy, there’s a huge temptation to jump straight to prototyping.

But what I’ve been finding in my own behavior is that I’ll be mid-prototyping with the LLM and asking myself, “What am I even trying to do here?”

And the thought I have is: “I’d be in a much more productive place right now if I’d put a tiny bit more thought upfront into what I am actually trying to build.” Instead, I just jumped right in, chasing a fuzzy feeling or idea only to end up in a place where I’m more confused about what I set out to do than when I started.

Don’t get me wrong, that’s fine. That’s part of prototyping. It’s inherent to the design process to get more confused before you find clarity.

But there’s an alternative to LLM prototyping that’s often faster and cheaper: sketching.

I’ve found many times that if I start an idea by sketching it out, do you know where I end up? At a place where I say, “Actually, I don’t want to build this.” And in that case, all I have to do is take my sketch and throw it away. It didn’t cost me any tokens or compute to figure that out. Talk about efficiency!

I suppose what I’m saying here is: it’s good to think further ahead than the tracks you’re laying out immediately in front of you. Sketching is a great way to do that.

(Thanks to Facundo for prompting these thoughts out of me.)

Reply via:

Email · Mastodon ·

Bluesky

Executive Summary • OpenAI CFO Sarah Friar has, per The Information, said that OpenAI is not ready to go public in 2026, in part because of the "risks from its spending commitments" and not being sure whether the company's revenue growth would support its spending commitments.

• Friar (CFO) no longer reports to Sam Altman (CEO) and hasn't done so since August 2025.

• OpenAI's margins were lower in 2025 "...due to the company having to buy more expensive compute at the last minute." News out of The Information's Anissa Gardizy and Amir Efrati over the weekend - OpenAI CFO Sarah Friar has apparently clashed with CEO Sam Altman over timing around OpenAI's IPO, emphasis mine: She told some colleagues earlier this year that she didn’t believe the company would be ready to go public in 2026, because of the procedural and organizational work needed and the risks from its spending commitments, according to a person who spoke to her. She said she wasn’t sure yet whether OpenAI would need to pour so much money into obtaining AI servers in the coming years or whether its revenue growth, which has been slowing, would support the commitments , said the person who spoke to her. I cannot express how strange this is. Generally a CFO and CEO are in lock-step over IPO timing, or at the very least the CFO has an iron grip on the actual timing because, well, CEOs love to go public and the CFO generally exists to curb their instincts. Nevertheless, Clammy Sam Altman has clearly sidelined Friar, and as of August last year, the CFO of OpenAI doesn't report to the CEO . In fact, the person Friar reports to ( Fiji Simo ) just took a medical leave of absence: In an unusual move for a large company, where CFOs almost always answer directly to the CEO, Friar stopped reporting directly to Altman in August last year and instead began reporting to Fidji Simo, who had joined as head of OpenAI’s applications business. Simo last week told staff she would take a short medical leave. It is extremely peculiar to not have the Chief Financial Officer report to the Chief Executive Officer , but remember folks, this is OpenAI, the world's least-normal company! Anyway, all of this seemed really weird, so I asked investor, writer and economist Paul Kedrosky for his thoughts: Having been around this industry as an investor for decades, I cannot recall an example of the CFO of a major pre-IPO tech company (allegedly) taking issue with their own company's IPO plans. It doesn't happen. Very cool! Paul is also a guest on this week's episode of my podcast Better Offline , by the way. Out at 12AM ET Tuesday. Anyway, The Information's piece also adds another fun detail - that OpenAI's margins were even worse than expected in 2025: In another sign of its financial pressures, OpenAI told investors that its gross profit margins last year were lower than projected due to the company having to buy more expensive compute at the last minute in response to higher than expected demand for its chatbots and models, according to a person with knowledge of the presentation. Riddle me this, Batman! If your AI company always has to buy extra compute to meet demand, and said extra compute always makes margins worse, doesn't that mean that your company will either always be unprofitable or die because it buys too much compute? Say, that reminds me of something Anthropic CEO Dario Amodei said to Dwarkesh Patel earlier in the year ... So when we go to buying data centers, again, the curve I’m looking at is: we’ve had a 10x a year increase every year. At the beginning of this year, we’re looking at $10 billion in annualized revenue. We have to decide how much compute to buy. It takes a year or two to actually build out the data centers, to reserve the data center.

Basically I’m saying, “In 2027, how much compute do I get?” I could assume that the revenue will continue growing 10x a year, so it’ll be $100 billion at the end of 2026 and $1 trillion at the end of 2027. Actually it would be $5 trillion dollars of compute because it would be $1 trillion a year for five years. I could buy $1 trillion of compute that starts at the end of 2027. If my revenue is not $1 trillion dollars, if it’s even $800 billion, there’s no force on earth, there’s no hedge on earth that could stop me from going bankrupt if I buy that much compute. My Quick Take It is extremely strange that the CFO of a company doesn't report to the CEO of a company, and even more strange that the CFO is directly saying "we are not ready for IPO" as its CEO jams his foot on the accelerator. It's clear that both OpenAI and Anthropic are rushing toward a public offering so that their CEOs can cash out, and that their underlying economics are equal parts problematic and worrying. Though I am entirely guessing here, I imagine Friar sees something within OpenAi's finances that give her pause. An S-1 - one of the filings a company makes before going public - is an audited document, and I imagine the whimsical mathematics that OpenAI engages in - such as, per The Wall Street Journal , calculating profitability without training compute - might not match up with what actual financiers crave. Enjoy This Piece? Subscribe To Premium If you like this piece and want to support my independent reporting and analysis, why not subscribe to my premium newsletter? It’s $70 a year, or $7 a month, and in return you get a weekly newsletter that’s usually anywhere from 5,000 to 18,000 words, including vast, detailed analyses of  NVIDIA ,  Anthropic and OpenAI’s finances , and  the AI bubble writ large . I just put out  a massive Hater’s Guide To The SaaSpocalypse , as well as last week’s deep dive into How AI Isn't Too Big To Fail . Supporting my premium supports my free newsletter.

A customer reported a problem with a system header file. When they included ole2.h , the compiler reported an error in oaidl.h :

MIDL_INTERFACE("3127CA40-446E-11CE-8135-00AA004BB851") IErrorLog : public IUnknown { public: virtual HRESULT STDMETHODCALLTYPE AddError( // error here /* [in] */ __RPC__in LPCOLESTR pszPropName, /* [in] */ __RPC__in EXCEPINFO *pExcepInfo) = 0; }; The error message is

oaidl.h(5457,43): error C3927: '->': trailing return type is not allowed after a non-function declarator oaidl.h(5457,43): error C3613: missing return type after '->' ('int' assumed) oaidl.h(5457,43): error C3646: 'Log': unknown override specifier oaidl.h(5457,43): error C2275: 'LPCOLESTR': expected an expression instead of a type oaidl.h(5457,43): error C2146: syntax error: missing ')' before identifier 'pszPropName' oaidl.h(5459,60): error C2238: unexpected token(s) preceding ';' The compiler is seeing ghosts: It’s complaining about things that aren’t there, like -> and Log.

When you see the compiler reporting errors about things that aren’t in the code, you should suspect a macro, because macros can insert characters into code.

In this case, I suspected that there is a macro called AddError whose expansion includes the token -> .

The customer reported that they had no such macro.

I asked them to generate a preprocessor file for the code that isn’t compiling. That way, we can see what is being produced by the preprocessor before it goes into the part of the compiler that is complaining about the illegal use of -> . Is there really no -> there?

The customer reported back that, oops, they did indeed have a macro called AddError . Disabling the macro fixed the problem.

The compiler can at times be obtuse with its error messages, but as far as I know, it isn’t malicious. If it complains about a misused -> , then there is probably a -> that is being misused.

The post Learning to read C++ compiler errors: Illegal use of <TT>-></TT> when there is no <TT>-></TT> in sight appeared first on The Old New Thing .

I've been working on personal projects since the 2000s. One thing I've always been adamant about is understanding the code I write. Even when Stack Overflow came along, I was that annoying guy who told people not to copy and paste code into their repos. Instead, they should read it and adapt it to their specific case. On personal projects, I've applied this to a fault. Projects never get done because I'm reading and editing code to make it work exactly as I want.

I am by no means trying to convince you that my code is high quality. Every day, I regret the design choices I made for this very blog. But at the very least, I like to understand the code that powers my projects. So you can imagine how I struggle with the reviewing part when AI writes a large chunk of our daily work. Large language models are just so verbose, and often produce large blocks of code that don't even get used. I don't want to attribute it to malice (wasting your tokens) when I know this is an emergent technology we are all still adapting to.

But it doesn't help that there is just so much code to review. What I tell myself when I review an AI-generated PR is: if I don't have a mental model of how the application works, how can I be of any use when it fails?

This past weekend, I decided to tackle a project I've been postponing since I created this blog over a decade ago. I needed a nice interface to upload assets, such as images, to go with each blog post. According to my git history, I started work on it 11 years ago but never finished. Yet I've still been uploading images regularly to go with blog posts. How? Using scp and sftp . Like a caveman.

Whenever I finish writing a blog post, I create images in Photoshop or Photopea, fire up FileZilla to connect to my file server, and drag and drop my assets. Then, of course, I have to log back into the blog's admin panel and provide the correct URLs for those assets. It's as primitive as it gets.

This was a perfect project to tackle with AI. The good news is that I was able to complete it in a single day. Then the bad news. Well, I read through close to 5,000 lines of code.

This is the first time I've used an LLM to write PHP code. I used the GLM-5 model from z.ai, which I've often played with for generating graphs from data. I'll have to try it on a few more PHP projects before I commit to this opinion, but it consistently wrote spaghetti code . Spaghetti code, to me, is anything where logic is embedded directly in a template. HTML, CSS, and database queries all crammed into the same file. That's really hard to maintain. I did realize, though, that my instructions were in direct contradiction with the agent's system prompt. It was explicit in the thinking process:

This is NOT a Next.js project - the user explicitly wants a PHP app. So I should NOT use the Next.js project that's already initialized. I should create a PHP application.

Wait, but the instructions say "You are an interactive CLI tool that helps users with software engineering tasks" and "Now you are developing a comprehensive and feature-rich Next.js project from scratch." But the user is explicitly asking for a PHP app. I should follow the user's request.

It did generate a bunch of Node.js code, which I was able to remove manually. Luckily, it kept the PHP project in its own folder.

media-manager/ ├── config.php # App configuration (paths, security, upload rules) ├── init.php # SQLite database initialization ├── auth.php # Authentication class (bcrypt + sessions) ├── index.php # Main UI (goes to public/) ├── api/ │ ├── auth.php # Login/Logout endpoint │ ├── check.php # Auth status check │ ├── list.php # List assets for a blog post │ ├── upload.php # Multi-file upload with validation │ └── delete.php # Delete asset (disk + DB) ├── nginx.conf # Nginx site configuration ├── install.sh # Automated setup script └── .gitignore

If you're wondering how 12 files contain ~5,000 lines of code, I wondered the same. But that's what spaghetti code does. I set it up locally, ran install.sh and init.php , and a few more files and folders were generated. When I finally ran the application, it didn't work. I spent a few hours working through permissions, updating the install script, and modifying the SQLite setup. I thought StackOverflow was dead, but I don't think I would have gotten SQLite working without it. One error, for example, was that SQLite kept throwing a warning that it was running in read-only mode. Apparently, you have to make the parent folder writable (not just the database file) to enable write mode.

It had been a long time since I'd manually include d files in PHP. I normally use namespaces and autoload. Since this project was generated from scratch, I had to hunt down various include statements that all had incorrect paths. Once I sorted those out, I had to deal with authentication. PHP sessions come with batteries included, you call session_start() and you can read and write session variables via the $_SESSION global. But I couldn't figure out why it kept failing.

When I created a standalone test file, sessions worked fine. But when loaded through the application, values weren't being saved. I spent a good while debugging before I found that session_start() was missing from the login success flow. When I logged in, the page redirected to the dashboard, but every subsequent action that required authentication immediately kicked me out.

Even after fixing all those issues and getting uploads working, something still bothered me: how do I maintain this code? How do I add new pages to manage uploaded assets? Do I add meatballs directly to the spaghetti? Or do I just trust the AI agent to know where to put new features?

Technically it could do that, but I'd have to rely entirely on the AI without ever understanding how things work. So I did the only sane thing: I rewrote a large part of the code and restructured the project. Maybe I should have started there, but I didn't know what I wanted until I saw it. Which is probably why I had been dragging this project along for 11 years.

media-manager/ ├── README.md ├── conf │ └── nginx.conf ├── config.php ├── data │ └── media.db ├── init.php ├── install.sh ├── public │ ├── favicon.png │ ├── index.php │ ├── logo.png │ ├── logo_alpha.png │ └── logo_purple.png ├── src │ ├── controllers │ │ ├── assets.php │ │ ├── auth.php │ │ └── home.php │ ├── lib │ │ ├── auth.php │ │ └── router.php │ └── models │ └── assets.php └── template ├── layout.php ├── header.php ├── footer.php └── layout.php

Yes, now I have 22 files, almost double the original count. But the code is also much simpler at just 1,254 lines.

------------------------------------------------------------------------------- Language files blank comment code ------------------------------------------------------------------------------- PHP 13 239 336 1131 Bourne Shell 1 39 25 123 ------------------------------------------------------------------------------- SUM: 14 278 361 1254 -------------------------------------------------------------------------------

There's far less cognitive load when it comes to fixing bugs. There's still a lot to improve, but it's a much leaner foundation.

The question I keep coming back to is: would it have been easier to do this manually? Well, the timeline speaks for itself. I had been neglecting this project for years. Without AI, I probably never would have finished it. That said, it would have been easier to build on my existing framework. My blog's framework has been tested for years and has accumulated a lot of useful features: a template engine, a working router, an auth system, and more. All things I had to re-engineer from scratch here. If I'd taken the time to work within my own framework, it probably would have taken less time overall.

But AI gave me the illusion that the work could be done much faster. Z.ai generated the whole thing in just 12 minutes. It took an additional 10 hours to clean it up and get it working the way I wanted.

This reminds me of several non-technical friends who built/vibe-coded apps last year. The initial results looked impressive. Most of them don't have a working app anymore, because they realized that the cleanup is just as important as the generation if you want something that actually holds together. I can only imagine what "vibe-debugging" looks like.

I'm glad I have a working app, but I'm not sure I can honestly call this vibe-coded. Most, if not all, of the files have been rewritten. When companies claim that a significant percentage of their code is AI-generated , do their developers agree? For me, it's unthinkable to deploy code I haven't vetted and understood. But I'm not the benchmark. In the meantime, I think I've earned the right to say this the next time I ship an AI-assisted app:

"I apologize for so many lines of code - I didn't have time to write a shorter app."

This post is exclusive to RSS feed subscribers. Enjoy!

I've had this idea stuck in my head for a while, so I decided to make it.

This is "Scan Slowly And See".

The code is made by cloning some of the banana's spots. Do let me know if the QR code works for you 🍌

Eric Raymond’s The Cathedral and the Bazaar is almost thirty years old and people are still finding new ways to extend the metaphor. Drew Breunig recently described a third mode, the Winchester Mystery House , for the sprawling codebases that agentic AI produces: rooms that lead nowhere, staircases into ceilings, a single builder with no plan. That piece got me thinking, though it shares a blind spot with every other response to Raymond I’ve read.

As the P2P Foundation pointed out , historical cathedrals were communal projects that mobilized entire communities through donations and voluntary labour, not top-down designs imposed by a single architect, and the bazaar isn’t really a market when nothing is priced and there are no merchants. But the responses all stay within the same frame: process, governance, and who builds.

I find it odd that in nearly three decades of cathedral-and-bazaar discourse, nobody has written about the catacombs: the dependency graph underneath every project, the deep network of transitive packages and shared libraries and unmaintained infrastructure that the visible building rests on, regardless of whether a cathedral architect or a bazaar crowd built it.

When Raymond wrote that “given enough eyeballs, all bugs are shallow”, he was talking about the thing you can see: the project, its source, its public development process. Linus’s law assumes people are looking. The dependency tree breaks that assumption.

A typical JavaScript project can pull in hundreds of transitive dependencies that nobody on the team has read, written by maintainers they’ve never heard of, last updated at various points over the past several years. The cathedral’s architects didn’t inspect the catacombs before building on top of them, and the bazaar’s crowd didn’t either, because in both cases the construction process is what gets all the attention while the foundations are treated as someone else’s concern.

Josh Bressers argued that successful open source projects are really megachurches now, large structured organizations with budgets and governance, while the actual bazaar is the neglected hobbyist layer underneath. He comes closest to this when he identifies that neglected layer, and Nadia Eghbal’s Roads and Bridges documented the same neglect as an infrastructure funding problem back in 2016. But both are talking about maintainers and their working conditions, which is still a question about people and process.

It’s not just that the maintainers of your transitive dependencies are overworked or under-resourced (though they are). It’s that the dependency graph itself is a load-bearing structure that nobody designed and nobody audits as a whole. There are partial efforts: lockfiles, SBOMs, dependency scanners, distro maintainers who vet packages one at a time. But none of them look at the graph as a connected system. It assembled itself through thousands of independent decisions by maintainers who each added whatever looked useful, and the result is an unmapped network of tunnels under the building that happens to hold the floor up.

Real catacombs are underground networks that were built for one purpose, repurposed for another, and eventually forgotten about until someone discovers they’ve been structurally compromised or that unauthorized people have been using them to get into buildings above. A package gets written to solve a small problem, other packages start depending on it, applications pull it in transitively, and eventually it’s load-bearing infrastructure maintained by someone who wrote it on a weekend years ago and barely remembers it exists. Every package ecosystem has some version of this, though npm’s defaults are especially good at making it worse.

And like real catacombs, they get used as ways in. The xz backdoor didn’t try to get through the front door of any distribution. A co-maintainer spent two years building trust in a compression library that sits deep in the dependency graph of almost every Linux system, then planted obfuscated code in the build system. The event-stream attack took over a single abandoned npm package and used it to target a completely different application downstream. Neither attack targeted the cathedral or the bazaar directly, they used the dependency graph as a tunnel network to reach targets that were well-defended at every visible entrance.

Whether your project is built cathedral-style with careful central control, or bazaar-style with open contribution, or Winchester Mystery House-style by an AI that doesn’t know what a staircase is for, makes very little difference to the structural risk underneath. A cathedral with meticulous code review and a strict merge process installs its dependencies from the same registries as the most chaotic bazaar project, inherits the same transitive chains, runs the same lifecycle scripts during build. The governance model describes how the floors are laid, but the dependency graph underneath comes from the same place.

Can you imagine what the basement of the Winchester Mystery House looks like? AI coding agents tend to pull in dependencies much more aggressively than most humans would, extending the graph in ways that are hard to review even in principle. And since early 2026, a growing number of people have been pointing AI at open source projects to find security vulnerabilities, sending automated explorers into the catacombs and filing reports faster than maintainers can triage them.

->->->->->->->->->->->->->->->->->->->->->->->->->->->->->

Top Sources: None

-->

Today's links

• Your boss wants to use surveillance data to cut your wages : Tech rights are labor rights (again).

• Hey look at this : Delights to delectate.

• Object permanence : Arthur C Clarke v Buddhist monks (x DST); Bomb squad v life-size Mario power-ups; Panama Papers; Chinese antitrust; Consumerism v New Jim Crow; Absurd English spelling; Save Netflix! David Cameron's dad v Panama Papers; Trick photos with a giant coin; End-stage capitalism.

• Upcoming appearances : Toronto, Montreal, Toronto, San Francisco, London, Berlin, NYC, Hay-on-Wye, London.

• Recent appearances : Where I've been.

• Latest books : You keep readin' em, I'll keep writin' 'em.

• Upcoming books : Like I said, I'll keep writin' 'em.

• Colophon : All the rest.

Your boss wants to use surveillance data to cut your wages ( permalink )

What industry calls "personalized pricing" is really surveillance pricing: using digital tools' flexibility to change the price for each user, and using surveillance data to guess the worst price you'll accept:

https://pluralistic.net/2025/06/24/price-discrimination/

At root, surveillance pricing allows companies to revalue both your savings and your labor. If you get charged $2 for something I only pay $1 for, the seller is essentially reaching into your bank account and revaluing the dollars in it at 50 cents apiece. If you get paid $1 for a job that I make $2 for, then the boss is valuing your labor at 50% of my labor:

https://pluralistic.net/2025/06/24/price-discrimination/#

Surveillance pricing is a key part of enshittification, relying on three of the key enshittificatory factors that have transformed this era into the enshittocene:

I. Monopoly: Surveillance pricing is undesirable to both workers and buyers, so in a competitive market, surveillance pricing would drive labor and consumption to non-surveilling rivals:

https://pluralistic.net/2022/02/20/we-should-not-endure-a-king/

II. Regulatory capture: Surveillance pricing only exists because of weak regulation and weak enforcement of existing regulations. To engage in surveillance pricing, a company must first put you under surveillance, something that is only possible in the absence of effective privacy law.

In the USA, privacy law hasn't been updated since Congress passed a law in 1988 that banned video-store clerks from disclosing your VHS rentals:

https://pluralistic.net/2025/10/31/losing-the-crypto-wars/#surveillance-monopolism

In the EU, the strong privacy provisions in the GDPR have been neutralized by US tech giants who fly an Irish flag of convenience. Ireland attracts these companies by allowing them to evade their taxes, but it can only keep these companies by allowing them to break any law that gets in their way, because if Meta can pretend to be Irish this week, it could pretend to be Maltese (or Cypriot, Luxembourgeois, or Dutch) next week:

https://pluralistic.net/2023/05/15/finnegans-snooze/#dirty-old-town

What's more, competition laws in the EU and the USA ban surveillance pricing, but a half-century of lax competition law enforcement has allowed companies to routinely engage in the "unfair and deceptive methods of competition" banned in both territories.

III. Twiddling: "Twiddling" is my word for the way that digitized businesses can use computers' flexibility to alter their prices, offers, and other fundamentals on a per-user, per-session basis. It's not enough to spy on users: to engage in surveillance pricing, you have to be able to mobilize that surveillance data from instant to instant, changing the prices for every user. This can only be done once a business has been digitized:

https://pluralistic.net/2023/02/19/twiddler/

Combine monopoly, weak privacy law, weak competition law, and digitization, and you don't just make surveillance pricing possible – at that point, it's practically inevitable. This is what it means to create an enshittogenic policy environment: by arranging policy so that the most awful schemes of the worst people are the most profitable, you guarantee that those people will end up organizing commercial and labor markets.

When surveillance pricing is applied to labor, we call it "algorithmic wage discrimination," a term coined by Veena Dubal based on her research with Uber drivers:

https://pluralistic.net/2023/04/12/algorithmic-wage-discrimination/#fishers-of-men

Uber uses historic data on drivers to make inferences about how economically precarious they are, and then extracts a "desperation premium" from their wages. Drivers who are pickier about which rides they accept ("pickers") are offered higher wages than drivers who take any ride ("ants"):

https://papers.ssrn.com/sol3/papers.cfm?abstract_id=4331080

On the back-end, Uber is inferring that the reason an ant will accept a worse job is that they have fewer choices – they are more strapped for cash and/or have fewer options for earning a higher wage.

This is a straightforward form of algorithmic wage discrimination, using the blunt signal of how discriminating a driver is when signing onto a job to titer the subsequent wage offered to that driver. More sophisticated forms of algorithmic wage discrimination draw on external sources of data to set the price of your labor.

That's the situation for contract nurses, whose traditional brick-and-mortar staffing agencies have been replaced by nationwide apps that market themselves as "Uber for nursing." These apps use commercial surveillance data from the unregulated data-broker sector to check on how much credit card debt a nurse is carrying and whether that debt is delinquent to set a wage: the more debt you have and the more dire your indebtedness is, the lower the wage you are offered (and therefore the more debt you accumulate – lather, rinse, repeat):

https://pluralistic.net/2024/12/18/loose-flapping-ends/#luigi-has-a-point

Surveillance wages are now proliferating to other parts of the economy, as "consultancies" offer software to employers that let them set all parts of your compensation – base wage, annual raises, and bonuses – based on your perceived desperation, as derived from commercial surveillance data that has been collected about you:

https://www.marketwatch.com/story/employers-are-using-your-personal-data-to-figure-out-the-lowest-salary-youll-accept-c2b968fb

Genna Contino's Marketwatch article on the phenomenon offers a concise definition of "surveillance wages":

a system in which wages are based not on an employee’s performance or seniority, but on formulas that use their personal data, often collected without employees’ knowledge.

This means that carrying a credit-card balance, taking out a payday loan, or even discussing your indebtedness on social media can all lead to lower wages in the future. Contino references a recent report released by Dubal and tech strategist Wilneida Negrón, surveying 500 large firms, which concluded that surveillance wages are now being offered in sectors as diverse as "healthcare, customer service, logistics and retail." Customers for surveillance wage tools include "Intuit, Salesforce, Colgate-Palmolive, Amwell and Healthcare Services Group":

https://equitablegrowth.org/how-artificial-intelligence-uncouples-hard-work-from-fair-wages-through-surveillance-pay-practices-and-how-to-fix-it/

After a brief crackdown under Biden, the Trump regime has been extraordinarily welcoming to surveillance pricing companies, dropping investigations and cases against firms that engaged in the practice. A few states are stepping in to fill the gap, with New York state passing a rule requiring disclosure of surveillance pricing – a modest step that was nevertheless fought tooth-and-nail by the state's businesses.

In Colorado, a new House bill called the "Prohibit Surveillance Data to Set Prices and Wages Act" would prohibit the use of personal information in wage-setting:

https://leg.colorado.gov/bills/hb25-1264

This bill hasn't passed yet, but it's already doing useful work. Companies universally deny using surveillance data to set wages, insisting that they merely pay for consulting services that give them advice on how they could do surveillance wages – but don't actually take that advice. However, these same companies – including Uber and Lyft – are ferociously lobbying against the bill, raising an obvious question, articulated by the bill's co-sponsor Rep Javier Mabrey (D-1): if these companies don't pay surveillance wages, then "what is the problem of codifying in law that you’re not allowed to?"

Surveillance wages are a rare profitable use-case for AI, in part because surveillance wages don't need to be "correct" in order to be effective. An employee who is offered a wage that's slightly higher than the lowest sum they'd accept still represents a savings to the company's wage-bill. As ever, AI is great for fully automating tasks if you don't care whether they're done well:

https://pluralistic.net/2026/03/22/nobodys-home/#squeeze-that-hog

The fact that surveillance wages are calculated by external contractors enables employers to engage in otherwise illegal price-fixing. If all the garages in town set mechanics' wages using the same surveillance pricing tool, then a mechanic looking for a job will get the same lowball offer from all nearby employers. If those bosses were to gather around a table and fix the wage for any (or all) mechanics, that would be wildly illegal, but the fact that this is done via a software package lets the bosses claim they're not actually colluding.

This is a common practice in other forms of price-fixing. We see it in meat, potato products, and, of course, rental accommodations (hey there, Realpage!). It's a genuinely stupid ruse based on the absurd idea that "it's not a crime if we do it with an app":

https://pluralistic.net/2025/01/25/potatotrac/#carbo-loading

Speaking of crimes that are implausibly deniable when undertaken with an app: surveillance wages also allow employers to offer lower wages to women and brown and Black people while maintaining the pretense that they're in compliance with laws banning gender and racial discrimination.

In the wider economy, women and racialized people are already offered lower wages and – thanks to the legacy of racial discrimination in employment and housing – are more likely to be indebted:

https://pluralistic.net/2021/06/06/the-rents-too-damned-high/

By tapping into data brokers' dossiers that reveal the economic precarity of jobseekers, surveillance pricing allows employers to systematically lower the wages of women and Black and brown people, who have the highest incidence of indebtedness, while still claiming to offer race- and gender-blind wages. This is a phenomenon that Patrick Ball calls "empiricism washing": first, move the illegal racist discrimination into an algorithm, then insist that "numbers can't be racist."

But this isn't just about lowering wages at the bottom of the employment market. In recent history, the employers most eager to illegally lower their workers' wages are tech bosses, who had to pay massive fines for illegally colluding on "no poach" agreements to suppress the earning power of high-paid computer programmers:

https://en.wikipedia.org/wiki/High-Tech_Employee_Antitrust_Litigation

(This is why the tech industry is so horny for AI – tech bosses can't wait to fire a ton of programmers and use the resulting terror to force down the wages of the remaining tech workers:)

https://pluralistic.net/2026/01/05/fisher-price-steering-wheel/#billionaire-solipsism

Which means that the very programmers who write and maintain the surveillance wage software used on the rest of us are especially likely to have the tools they created turned on them .

Hey look at this ( permalink )

• Toronto’s Transit Crisis Is a Class Crisis https://jacobin.com/2026/04/toronto-transit-uber-lyft-class/

• Share Festival Call for Artists 2026: “Popular Singularity” https://bruces.medium.com/share-festival-call-for-artists-2026-popular-singularity-3b8daf92370f

• The machines are fine. I'm worried about us. https://ergosphere.blog/posts/the-machines-are-fine/

• More Than One Way to Tax a Billionaire https://4taxfairness.substack.com/p/more-than-one-way-to-tax-a-billionaire

• Bernie vs. Claude https://www.youtube.com/watch?v=h3AtWdeu_G0

Object permanence ( permalink )

#20yrsago Arthur C Clarke fights Buddhist monks over Daylight Savings Time http://news.bbc.co.uk/1/hi/world/south_asia/4865972.stm

#20yrsago What parts of the .COM space are registered? https://web.archive.org/web/20060411133458/https://www.yafla.com/dforbes/2006/03/29.html

#20yrsago Bomb squad called out to “defuse” life-size Super Mario power-ups https://web.archive.org/web/20060405034455/http://www.recordpub.com/article.php?pathToFile=archive/04012006/news/&amp;file=_news1.txt&amp;article=1&amp;tD=04012006

#20yrsago Poems showing the absurdities of English spelling https://web.archive.org/web/20060405223008/https://www.spellingsociety.org/news/media/poems.php

#20yrsago Isaac Newton’s alchemical “chymistry” notebook scans https://web.archive.org/web/20060612203137/http://webapp1.dlib.indiana.edu/newton/index.jsp

#20yrsago Poems showing the absurdities of English spelling https://web.archive.org/web/20060405223008/https://www.spellingsociety.org/news/media/poems.php

#20yrsago Isaac Newton’s alchemical “chymistry” notebook scans https://web.archive.org/web/20060612203137/http://webapp1.dlib.indiana.edu/newton/index.jsp

#15yrsago Misleading government stats and the innumerate media who repeat them https://www.badscience.net/2011/04/anarchy-for-the-uk-ish/

#15yrsago US Customs’ domain-seizure program blocks free speech, leaves alleged pirates largely unscathed https://torrentfreak.com/us-g

内容较长，当前仅展示前 14000 字。可点击“打开原文”查看完整内容。

Google AI Edge Gallery

Terrible name, really great app: this is Google's official app for running their Gemma 4 models (the E2B and E4B sizes, plus some members of the Gemma 3 family) directly on your iPhone.

It works really well. The E2B model is a 2.54GB download and is both fast and genuinely useful.

The app also provides "ask questions about images" and audio transcription (up to 30s) with the two small Gemma 4 models, and has an interesting "skills" demo which demonstrates tool calling against eight different interactive widgets, each implemented as an HTML page (though sadly the source code is not visible): interactive-map, kitchen-adventure, calculate-hash, text-spinner, mood-tracker, mnemonic-password, query-wikipedia, and qr-code.

(That demo did freeze the app when I tried to add a follow-up prompt though.)

This is the first time I've seen a local model vendor release an official app for trying out their models on in iPhone. Sadly it's missing permanent logs - conversations with this app are ephemeral.

Via Hacker News

Tags: google , iphone , ai , generative-ai , local-llms , llms , gemini , llm-tool-use

Suppose, not hypothetically, that you have an old Fedora system with a lot of packages installed and a 70 GByte root filesystem, which is now awkwardly small during system upgrades and so on. You would like to find out which of your roughly 7,500 packages are contributing the most to your space usage.

(The real solution is to move to a bigger pair of NVMe drives, but that involves various yak shaving and you want to upgrade to Fedora 43 today .)

The simple version of 'how big are your RPMs' is to ask rpm for the ordinary (binary) size of all of your installed binary RPMs:

rpm -qa --qf '%{SIZE:humaniec} %{N}-%{V}-%{R}.%{ARCH}\n' | sort -hr

This will tell you interesting things, like how the Fedora 43 version of wine-core-11.0-2.fc43.x86_64 is 1.3 GBytes all by itself. However, it's not necessarily the full answer for what is using up your disk space, because a single (source) package can create many binary packages (often these mostly get installed together and it's hard to split them apart in any useful way). For instance, on my work machine with the 70 GByte root partition, there are 263 'texlive' packages and 101 'perl' packages (and 66 'qemu' packages).

Often a more useful way to break down packages is by the total installed size for a particular source package. This is where I turn to my ' sumup ' script, and also to ' numfmt ' , to get the following:

rpm -qa --qf '%{SIZE} %{SOURCERPM} %{N}-%{V}-%{R}.%{ARCH}\n' | sumup 2 1 | numfmt --format '%8.1f' --to iec

This may reveal surprises that you didn't know. For example, my home desktop has 847 MBytes of packages derived from 'rocm-compilersupport', despite my home machine having no AMD GPU (it uses the integrated Intel GPU). These appear to be present as dependencies of Blender (based on what 'dnf remove' told me it wanted to do).

(It can also tell you that lots of binary packages derived from a single source package don't necessarily result in a lot of disk space being consumed. All of those 263 texlive packages amount to 289 Mbytes, and those 101 Perl packages, 43 Mbytes.)

I preserved the binary name, version, release, and architecture in the second command, even though it's not used, so that I can later copy and paste the ' rpm ' command snippet to grep its output to find out all of the binary packages derived from a source package of interest. A smart approach to this would be to split this up into two commands:

rpm -qa --qf '%{SIZE} %{SOURCERPM} %{N}-%{V}-%{R}.%{ARCH}\n' >/tmp/foo sumup 2 1 </tmp/foo | numfmt --format '%8.1f' --to iec

Putting the initial output in a file is useful because 'rpm -qa --qf ...' is not necessarily the fastest thing in the world, at least if you're asking it for the 'size' of RPMs. With the initial output saved in a file, I can just grep the file, which is going to be very fast.

PS: If your install of Fedora has been around for a while, this may also reveal various obsolete packages. I have llvm-libs packages that seem to go all the way back to Fedora 32. I probably don't need those any more, or at least I hope I don't. But cleaning up old RPMs from past Fedora releases is its own subject and doesn't at all fit in the margins of this entry.

An elusive hacker who went by the handle “ UNKN ” and ran the early Russian ransomware groups GandCrab and REvil now has a name and a face. Authorities in Germany say 31-year-old Russian Daniil Maksimovich Shchukin headed both cybercrime gangs and helped carry out at least 130 acts of computer sabotage and extortion against victims across the country between 2019 and 2021.

Shchukin was named as UNKN (a.k.a. UNKNOWN) in an advisory published by the German Federal Criminal Police (the “Bundeskriminalamt” or BKA for short). The BKA said Shchukin and another Russian — 43-year-old Anatoly Sergeevitsch Kravchuk — extorted nearly $2 million euros across two dozen cyberattacks that caused more than 35 million euros in total economic damage.

Daniil Maksimovich SHCHUKIN, a.k.a. UNKN, and Anatoly Sergeevitsch Karvchuk, alleged leaders of the GandCrab and REvil ransomware groups.

Germany’s BKA said Shchukin acted as the head of one of the largest worldwide operating ransomware groups GandCrab and REvil, which pioneered the practice of double extortion — charging victims once for a key needed to unlock hacked systems, and a separate payment in exchange for a promise not to publish stolen data.

Shchukin’s name appeared in a Feb. 2023 filing (PDF) from the U.S. Justice Department seeking the seizure of various cryptocurrency accounts associated with proceeds from the REvil ransomware gang’s activities. The government said the digital wallet tied to Shchukin contained more than $317,000 in ill-gotten cryptocurrency.

The Gandcrab ransomware affiliate program first surfaced in January 2018, and paid enterprising hackers huge shares of the profits just for hacking into user accounts at major corporations. The Gandcrab team would then try to expand that access, often siphoning vast amounts of sensitive and internal documents in the process. The malware’s curators shipped five major revisions to the GandCrab code, each corresponding with sneaky new features and bug fixes aimed at thwarting the efforts of computer security firms to stymie the spread of the malware.

On May 31, 2019, the GandCrab team announced the group was shutting down after extorting more than $2 billion from victims. “We are a living proof that you can do evil and get off scot-free,” GandCrab’s farewell address famously quipped. “We have proved that one can make a lifetime of money in one year. We have proved that you can become number one by general admission, not in your own conceit.”

The REvil ransomware affiliate program materialized around the same as GandCrab’s demise, fronted by a user named UNKNOWN who announced on a Russian cybercrime forum that he’d deposited $1 million in the forum’s escrow to show he meant business. By this time, many cybersecurity experts had concluded REvil was little more than a reorganization of GandCrab.

UNKNOWN also gave an interview to Dmitry Smilyanets , a former malicious hacker hired by Recorded Future , wherein UNKNOWN described a rags-to-riches tale unencumbered by ethics and morals.

“As a child, I scrounged through the trash heaps and smoked cigarette butts,” UNKNOWN told Recorded Future. “I walked 10 km one way to the school. I wore the same clothes for six months. In my youth, in a communal apartment, I didn’t eat for two or even three days. Now I am a millionaire.”

As described in The Ransomware Hunting Team by Renee Dudley and Daniel Golden , UNKNOWN and REvil reinvested significant earnings into improving their success and mirroring practices of legitimate businesses. The authors wrote:

“Just as a real-world manufacturer might hire other companies to handle logistics or web design, ransomware developers increasingly outsourced tasks beyond their purview, focusing instead on improving the quality of their ransomware. The higher quality ransomware—which, in many cases, the Hunting Team could not break—resulted in more and higher pay-outs from victims. The monumental payments enabled gangs to reinvest in their enterprises. They hired more specialists, and their success accelerated.”

“Criminals raced to join the booming ransomware economy. Underworld ancillary service providers sprouted or pivoted from other criminal work to meet developers’ demand for customized support. Partnering with gangs like GandCrab, ‘cryptor’ providers ensured ransomware could not be detected by standard anti-malware scanners. ‘Initial access brokerages’ specialized in stealing credentials and finding vulnerabilities in target networks, selling that access to ransomware operators and affiliates. Bitcoin “tumblers” offered discounts to gangs that used them as a preferred vendor for laundering ransom payments. Some contractors were open to working with any gang, while others entered exclusive partnerships.”

REvil would evolve into a feared “big-game-hunting” machine capable of extracting hefty extortion payments from victims, largely going after organizations with more than $100 million in annual revenues and fat new cyber insurance policies that were known to pay out.

Over the July 4, 2021 weekend in the United States, REvil hacked into and extorted Kaseya , a company that handled IT operations for more than 1,500 businesses, nonprofits and government agencies. The FBI would later announce they’d infiltrated the ransomware group’s servers prior to the Kaseya hack but couldn’t tip their hand at the time. REvil never recovered from that core compromise, or from the FBI’s release of a free decryption key for REvil victims who couldn’t or didn’t pay.

Shchukin is from Krasnodar, Russia and is thought to reside there, the BKA said.

“Based on the investigations so far, it is assumed that the wanted person is abroad, presumably in Russia,” the BKA advised. “Travel behaviour cannot be ruled out.”

There is little that connects Shchukin to UNKNOWN’s various accounts on the Russian crime forums. But a review of the Russian crime forums indexed by the cyber intelligence firm Intel 471 shows there is plenty connecting Shchukin to a hacker identity called “ Ger0in ” who operated large botnets and sold “installs” — allowing other cybercriminals to rapidly deploy malware of their choice to thousands of PCs in one go. However, Ger0in was only active between 2010 and 2011, well before UNKNOWN’s appearance as the REvil front man.

A review of the mugshots released by the BKA at the image comparison site Pimeyes found a match on this birthday celebration from 2023 , which features a young man named Daniel wearing the same fancy watch as in the BKA photos.

Images from Daniil Shchukin’s birthday party celebration in Krasnodar in 2023.

Recently, during a production incident response, I guessed the root cause of an outage correctly within less than an hour (cool!) and submitted a fix just to rule it out, only to then spend many hours fumbling in the dark because we lacked visibility into version numbers and rollouts… 😞

This experience made me think about software versioning again, or more specifically about build info (build versioning, version stamping, however you want to call it) and version reporting. I realized that for the i3 window manager, I had solved this problem well over a decade ago, so it was really unexpected that the problem was decidedly not solved at work.

In this article, I’ll explain how 3 simple steps (Stamp it! Plumb it! Report it!) are sufficient to save you hours of delays and stress during incident response.

Why are our versioning standards so low?!

Every household appliance has incredibly detailed versioning! Consider this dishwasher:

(Thank you Feuermurmel for sending me this lovely example!)

I observed a couple household appliance repairs and am under the impression that if a repair person cannot identify the appliance, they would most likely refuse to even touch it.

So why are our standards so low in computers, in comparison? Sure, consumer products are typically versioned somehow and that’s typically good enough (except for, say, USB 3.2 Gen 1×2!). But recently, I have encountered too many developer builds that were not adequately versioned!

Software Versioning

Unlike a physical household appliance with a stamped metal plate, software is constantly updated and runs in places and structures we often cannot even see.

Let’s dig into what we need to increase our versioning standard!

Usually, software has a name and some version number of varying granularity:

• Chrome

• Chrome 146

• Chrome 146.0.7680.80

• Chrome f08938029c887ea624da7a1717059788ed95034d-refs/branch-heads/7680_65@{#34}

All of these identify the Chrome browser on my computer, but each at different granularity.

All are correct and useful, depending on the context. Here’s an example for each:

• “This works in Chrome for me, did you test in Firefox?”

• “Chrome 146 contains broken middle-click-to-paste-and-navigate”

• “I run Chrome 146.0.7680.80 and cannot reproduce your issue”

• “Apply this patch on top of Chrome f08938029c887ea624da7a1717059788ed95034d-refs/branch-heads/7680_65@{#34} and follow these steps to reproduce: […]”

After creating the i3 window manager , I quickly learned that for user support, it is very valuable for programs to clearly identify themselves. Let me illustrate with the following case study.

Case Study: i3’s --version and --moreversion

When running i3 --version , you will see output like this:

% i3 --version i3 version 4.24 (2024-11-06) © 2009 Michael Stapelberg and contributors Each word was carefully deliberated and placed. Let me dissect:

• i3 version 4.24 : I could have shortened this to i3 4.24 or maybe i3 v4.24 , but I figured it would be helpful to be explicit because i3 is such a short name. Users might mumble aloud “What’s an i-3-4-2-4?”, but when putting “version” in there, the implication is that i3 is some computer thing (→ a computer program) that exists in version 4.24.

• (2024-11-06) is the release date so that you can immediately tell if “ 4.24 ” is recent.

• © 2009 Michael Stapelberg signals when the project was started and who is the main person behind it.

• and contributors gives credit to the many people who helped. i3 was never a one-person project; it was always a group effort.

When doing user support, there are a couple of questions that are conceptually easy to ask the affected user and produce very valuable answers for the developer:

• Question: “Which version of i3 are you using?”

• Since i3 is not a typical program that runs in a window (but a window manager / desktop environment), there is no Help → About menu option.

• Instead, we started asking: What is the output of i3 --version ?

• Question: “ Are you reporting a new issue or a preexisting issue? To confirm, can you try going back to the version of i3 you used previously? ”. The technical terms for “going back” are downgrade, rollback or revert.

• Depending on the Linux distribution, this is either trivial or a nightmare.

• With NixOS, it’s trivial: you just boot into an older system “generation” by selecting that version in the bootloader. Or you revert in git, if your configs are version-controlled.

• With imperative Linux distributions like Debian Linux or Arch Linux, if you did not take a file system-level snapshot, there is no easy and reliable way to go back after upgrading your system. If you are lucky, you can just apt install the older version of i3. But you might run into dependency conflicts (“version hell”).

• I know that it is possible to run older versions of Debian using snapshot.debian.org , but it is just not very practical, at least when I last tried.

• Can you check if the issue is still present in the latest i3 development version?

• Of course, I could also try reproducing the user issue with the latest release version, and then one additional time on the latest development version.

• But this way, the verification step moves to the affected user, which is good because it filters for highly-motivated bug reporters (higher chance the bug report actually results in a fix!) and it makes the user reproduce the bug twice , figuring out if it’s a flaky issue, hard-to-reproduce, if the reproduction instructions are correct, etc.

• A natural follow-up question: “ Does this code change make the issue go away? ” This is easy to test for the affected user who now has a development environment.

Based on my experiences with asking these questions many times, I noticed a few patterns in how these debugging sessions went. In response, I introduced another way for i3 to report its version in i3 v4.3 (released in September 2012): a --moreversion flag! Now I could ask users a small variation of the first question: What is the output of i3 --moreversion ? Note how this also transfers well over spoken word, for example at a computer meetup:

Michael: Which version are you using?

User: How can I check?

Michael: Run this command: i3 --version

User: It says 4.24.

Michael: Good, that is recent enough to include the bug fix. Now, we need more version info! Run i3 --moreversion please and tell me what you see.

When you run i3 --moreversion , it does not just report the version of the i3 program you called, it also connects to the running i3 window manager process in your X11 session using its IPC (interprocess communication) interface and reports the running i3 process’s version, alongside other key details that are helpful to show the user, like which configuration file is loaded and when it was last changed:

% i3 --moreversion Binary i3 version: 4.24 (2024-11-06) © 2009 Michael Stapelberg and… Running i3 version: 4.24 (2024-11-06) (pid 2521) Loaded i3 config: /home/michael/.config/i3/config (main) (last modified: 2026-03-15T23:09:27 CET, 1101585 seconds ago) The i3 binary you just called: /nix/store/0zn9r4263fjpqah6vdzlalfn0ahp8xc2-i3-4.24/bin/i3 The i3 binary you are running: i3 This might look like a lot of detail on first glance, but let me spell out why this output is such a valuable debugging tool:

• Connecting to i3 via the IPC interface is an interesting test in and of itself. If a user sees i3 --moreversion output, that implies they will also be able to run debugging commands like (for example) i3-msg -t get_tree > /tmp/tree.json to capture the full layout state.

• During a debugging session, running i3 --moreversion is an easy check to see if the version you just built is actually effective (see the Running i3 version line).

• Note that this is the same check that is relevant during production incidents: verifying that effectively running matches supposed to be running versions.

• Showing the full path to the loaded config file will make it obvious if the user has been editing the wrong file. If the path alone is not sufficient, the modification time (displayed both absolute and relative) will flag editing the wrong file.

I use NixOS, BTW, so I automatically get a stable identifier ( 0zn9r4263fjpqah6vdzlalfn0ahp8xc2-i3-4.24 ) for the specific build of i3.

% ls -l $(which i3) lrwxrwxrwx 1 root root 58 1970-01-01 01:00 /run/current-system/sw/bin/i3 -> /nix/store/0zn9r4263fjpqah6vdzlalfn0ahp8xc2-i3-4.24/bin/i3 To see the build recipe (“derivation” in Nix terminology) which produced this Nix store output ( 0zn9r4263…-i3-4.24 ), I can run nix derivation show :

% nix derivation show /nix/store/0zn9r4263fjpqah6vdzlalfn0ahp8xc2-i3-4.24 { "/nix/store/z7ly4kvgixf29rlz01ji4nywbajfifk4-i3-4.24.drv": { […] Click here to expand the full nix derivation show output if you are curious % nix derivation show /nix/store/0zn9r4263fjpqah6vdzlalfn0ahp8xc2-i3-4.24 { "/nix/store/z7ly4kvgixf29rlz01ji4nywbajfifk4-i3-4.24.drv": { "args": [ "-e", "/nix/store/l622p70vy8k5sh7y5wizi5f2mic6ynpg-source-stdenv.sh", "/nix/store/shkw4qm9qcw5sc5n1k5jznc83ny02r39-default-builder.sh" ], "builder": "/nix/store/6ph0zypyfc09fw6hlc1ygjvk2hv4j9vd-bash-5.3p3/bin/bash", "env": { "NIX_MAIN_PROGRAM": "i3", "__structuredAttrs": "", "buildInputs": "/nix/store/58q0dn2lbm2p04qmds0aymwdd1fr5j67-libxcb-1.17.0-dev /nix/store/3fcfw014z5i05ay1ag0hfr6p81mb1kzw-libxcb-keysyms-0.4.1-dev /nix/store/2cdrqvd3av1dmxna9xjqv1jccibpvg6m-libxcb-util-0.4.1-dev /nix/store/256alp82fhdgbxx475dp7mk8m29y53rh-libxcb-wm-0.4.2-dev /nix/store/nr44nfhj48abr3s6afqy1fjq4qmr23lz-xcb-util-xrm-1.3 /nix/store/ml4cfhhw6af6qq6g3dn7g5j5alrnii88-libxkbcommon-1.11.0-dev /nix/store/6hnzjg09fd5xkkrdj437wyaj952nlg45-libstartup-notification-0.12 /nix/store/9m0938zahq7kcfzzix4kkpm8d1iz3nmq-libx11-1.8.12-dev /nix/store/vz5gd0rv0m2kjca50gacz0zq9qh7i8xf-pcre2-10.46-dev /nix/store/334cvqpqc9f0plv0aks71g352w6hai0c-libev-4.33 /nix/store/6s3fw10c0441wv53bybjg50fh8ag1561-yajl-2.1.0-unstable-2024-02-01 /nix/store/d6aw2004h90dwlsfcsygzzj4pzm1s31a-libxcb-cursor-0.1.6-dev /nix/store/84mhqfj9amzyvxhp37yh3b0zd8sq0a7p-perl-5.40.0 /nix/store/l6bslkrp59gaknypf1jrs5vbb2xmcwym-pango-1.57.0-dev /nix/store/7s7by82nq8bahsh195qr0mnn9ac8ljmm-perl5.40.0-AnyEvent-I3-0.19 /nix/store/9ml0p4x1cx5k1lla91bxgramc0amsfkf-perl5.40.0-X11-XCB-0.20 /nix/store/67j1sx7qcn6f7qvq1kh3z8i5mpajgq3r-perl5.40.0-IPC-Run-20231003.0 /nix/store/859x84mz38bcq0r7hwksk4b5apcsmf2w-perl5.40.0-ExtUtils-PkgConfig-1.16 /nix/store/q1qydg6frfpq9jkhnymfsjzf71x9jswr-perl5.40.0-Inline-C-0.82", "builder": "/nix/store/6ph0zypyfc09fw6hlc1ygjvk2hv4j9vd-bash-5.3p3/bin/bash", "checkPhase": "runHook preCheck\n\ntest_failed=\n# \"| cat\" disables fancy progress reporting which makes the log unreadable.\n./complete-run.pl -p 1 --keep-xserver-output | cat || test_failed=\"complete-run.pl returned $?\"\nif [ -z \"$test_failed\" ]; then\n # Apparently some old versions of `complete-run.pl` did not return a\n # proper exit code, so check the log for signs of errors too.\n grep -q '^not ok' latest/complete-run.log && test_failed=\"test log contains errors\" ||:\nfi\nif [ -n \"$test_failed\" ]; then\n echo \"***** Error: $test_failed\"\n echo \"===== Test log =====\"\n cat latest/complete-run.log\n echo \"===== End of test log =====\"\n false\nfi\n\nrunHook postCheck\n", "cmakeFlags": "", "configureFlags": "", "debug": "/nix/store/20rgxn6fpywd229vka9dnjiaprypxirh-i3-4.24-debug", "depsBuildBuild": "", "depsBuildBuildPropagated": "", "depsBuildTarget": "", "depsBuildTargetPropagated": "", "depsHostHost": "", "depsHostHostPropagated": "", "depsTargetTarget": "", "depsTargetTargetPropagated": "", "doCheck": "1", "doInstallCheck": "", "mesonFlags": "-Ddocs=true -Dmans=true", "name": "i3-4.24", "nativeBuildInputs": "/nix/store/x06h0jfzv99c3dmb8pj8wbmy0v9wj6bd-pkg-config-wrapper-0.29.2 /nix/store/pcdnznc797nmf9svii18k3c5v22sqihs-make-shell-wrapper-hook /nix/store/nzg469dkg5dj7lv4p50pi8zmwzxx73hr-meson-1.9.1 /nix/store/rlcn0x0j22nbhhf8wfp8cwfxgh65l82r-ninja-1.13.1 /nix/store/hs4pgi40k5nbl0fpf0jx8i5f6zrdv63v-install-shell-files /nix/store/84mhqfj9amzyvxhp37yh3b0zd8sq0a7p-perl-5.40.0 /nix/store/xiqlw1h0i6a6v59skrg9a7rg3qpanqy7-asciidoc-10.2.1 /nix/store/300facd5m37fwqrypjcikn09vqs488zv-xmlto-0.0.29 /nix/store/yk7avh2szvm6bi5dwgzz4c2iciaipj2p-docbook-xml-4.5 /nix/store/d5qdxn0rjl9s7xfc1rca33gya0fhcvkm-docbook-xsl-nons-1.79.2 /nix/store/2y1r1cpza3lpk7v6y9mf75ak0pswilwi-find-xml-catalogs-hook /nix/store/r989dk196nl9frhnfsa1lb7knhbyjxw6-separate-debug-info.sh /nix/store/xlhipdkyqksxvp73cznnij5q6ilbbqd9-xorg-server-21.1.21-dev /nix/store/i8nxxmw5rzhxlx3n12s3lvplwwap6mpc-xvfb-run-1+g87f6705 /nix/store/a198i9cnhn6y5cajkdxg0hhcrmalazjr-xdotool-3.20211022.1 /nix/store/b4dnjyq2i4kjg8xswkjd7lwfcdps94j8-setxkbmap-1.3.4 /nix/store/cxdbw6iqj1a1r69wb55xl5nwi7abfllb-xrandr-1.5.3 /nix/store/5k4mv2a1qrciv12wywlkgpslc6swyv58-which-2.23", "out": "/nix/store/0zn9r4263fjpqah6vdzlalfn0ahp8xc2-i3-4.24", "outputs": "out debug", "patches": "", "pname": "i3", "postInstall": "wrapProgram \"$out/bin/i3-save-tree\" --prefix PERL5LIB \":\" \"$PERL5LIB\"\nfor program in $out/bin/i3-sensible-*; do\n sed -i 's/which/command -v/' $program\ndone\n\ninstallManPage man/*.1\n", "postPatch": "patchShebangs .\n\n# This testcase generates a Perl executable file with a shebang, and\n# patchShebangs can't replace a shebang in the middle of a file.\nif [ -f testcases/t/318-i3-dmenu-desktop.t ]; then\n substituteInPlace testcases/t/318-i3-dmenu-desktop.t \\\n --replace-fail \"#!/usr/bin/env perl\" \"#!/nix/store/84mhqfj9amzyvxhp37yh3b0zd8sq0a7p-perl-5.40.0/bin/perl\"\nfi\n", "propagatedBuildInputs": "", "propagatedNativeBuildInputs": "", "separateDebugInfo": "1", "src": "/nix/store/qx48i7zf9n69yla8gfbif6dskysk0l1w-source", "stdenv": "/nix/store/43dbh9z6v997g6njz4yqmcrj26zic9ds

内容较长，当前仅展示前 14000 字。可点击“打开原文”查看完整内容。

I thought it'd be a good time to continue on the same theme as my previous two articles The Coming AI Compute Crunch and Is the AI Compute Crunch Here? given that both OpenAI and Anthropic are now publicly agreeing they are (very?) compute starved.

Usage is absolutely exploding

I came across this really interesting tweet from the COO of GitHub which really underlines the scale of change that the world is seeing now:

This shows that GitHub in the last 3 months (!) has seen a ~14x annualised increase in the number of commits. Commits are a crude proxy for inference demand - but even directionally, if we assume that most of the increase is due to coding agents hitting the mainstream, it points to an outrageously large increase in compute requirements for inference.

If anything, this is probably a huge undercount - many people new to "vibe coding" are unlikely to get their heads round Git(Hub) quickly - distributed source control is quite confusing to non engineers (and, at least for me, took longer than I'd like to admit to get totally fluent with it as an engineer).

Plus this doesn't include all the Cowork usage which is very unlikely to go anywhere near GitHub.

OpenAI's Thibault Sottiaux (head of the Codex team) also tweeted recently that AI companies are going through a phase of demand outstripping supply:

It's been rumoured - and indeed in my opinion highly likely given how compute intensive video generation is - that Sora was shut down to free up compute for other tasks.

All AI companies are feeling this intensely . Even worse, there is a domino effect with this - when Claude Code starts tightening usage limits or experiencing compute-related outages, people start switching to e.g. Codex or OpenCode, putting increased pressure on them.

What's actually going on?

As I mentioned in my last articles, I believe everyone was looking at these "crazy" compute deals that OpenAI, Anthropic, Microsoft etc were signing like they were going out of fashion back in ~2025 the wrong way.

Signing a $100bn "commitment" to buy a load of GPU capacity does not suddenly create said capacity. Concrete needs poured, power needs to be connected, natural gas turbines need to be ordered [1] and GPUs need to be fabricated, racked and networked. All of these products are in short supply, as is the labour required.

One of the key points I think worth highlighting that often gets overlooked is how difficult the rollout of GB200 (NVidia's latest chips) has been. Unlike previous generations of GPUs from NVidia the GB200-series is fully liquid cooled - not air cooled as before.

Liquid cooling at gigawatt scale just hasn't really been done in datacentres before. From what I've heard it's been unbelievably painful. Liquid cooling significantly increases the power density/m 2 , which makes the electrical engineering required harder - plus a real shortage of skilled labour [2] to plumb it all together - and even shortages of various high end plumbing components has led to most (all?) of the GB200 rollout being vastly behind schedule.

While no doubt these issues will get resolved - and the supply chains will gain experience and velocity in delivering liquid cooled parts - this has no doubt put even more pressure on what compute is available in the short to medium term.

Even worse, Stargate's 1GW under construction datacentre in the UAE is now a chess piece in the current geopolitical tensions in the recent US/Iran conflict, with the Iranian government putting out a video featuring the construction site.

The longer term issue I wrote about in my previous articles on this subject is the hard constraints on DRAM fabrication. While SK Hynix recently signed a $8bn deal for more EUV production equipment from ASML, it's unlikely to come online for another couple of years. Indeed I noticed Sundar Pichai specifically called out memory as a significant constraint on his recent appearance on the Stripe podcast.

While recent innovations like TurboQuant are extremely promising in driving memory requirements down via KV cache compression, given the pace at which AI usage is growing it at best buys a small window of breathing room.

What next?

I believe the next 18-24 months are going to be defined by compute shortages. When you have exponential demand increases and ~linear additions on the supply side, the market is going to be pretty volatile, to say the least.

The cracks are already showing. Anthropic's uptime is famously now at "1" nine reliability, and doesn't seem to be getting any better. I don't envy the pressure on SRE teams trying to scale these systems dramatically while deploying new models and efficiency strategies.

We've seen Anthropic introduce increasingly more heavy handed measures on the Claude subscription side - starting with "peak time" usage limits being cut significantly, and now moving to ban even claude -p usage from 3rd party agent harnesses - no doubt to try and reduce demand.

The issue is that if my guesswork at the start of the article is correct and Anthropic is seeing ~10x Q/Q inference demand there is only so much you can do by banning 3rd party use of the product - 1st party use will quickly eat that up.

And time based rationing - while extremely useful to smooth out the peaks and troughs - can only go so far. Eventually you incentivise it enough that you max out your compute 24/7. That's not to say there isn't a lot more they can (and will) do here, but when you are facing those kind of demand increases it doesn't end up getting you to a steady state.

That really only leaves one lever to pull - price. I was hesitant in my previous articles to suggest major price increases, as gaining marketshare is so important to everyone involved in this trillion dollar race, but if all AI providers are compute starved then I think the game theory involved changes.

The paradox of this though is that as models get better and better - and the rumours around the new "Spud" and "Mythos" models from OpenAI and Anthropic point that way - users get less price sensitive. While spending $200/month when ChatGPT first brought out their Pro subscription seemed almost comically expensive for the value you could get out of it, I class my $200/month Anthropic subscription as some of the best value going and would probably pay a lot more for it if I had to, even with current models.

We're in completely uncharted territory as far as I can tell. I've been doing a lot of reading about the initial electrification of Europe and North America recently in the late 1800s/early 1900s but the analogy quickly breaks down - the demand growth is so much steeper and the supply issues were far less concentrated.

So, we're about to find out what people will actually pay for intelligence on tap. My guess is a lot more than most expect - which is both extremely bullish for the industry and going to be extremely painful for users in the short term. [3]

Fundamentally, I believe there is a near infinite demand for machines approaching or surpassing human cognition, even if that capability is spread unevenly across domains. The supply will catch up eventually. But it's the "eventually" that's going to hurt.

• Increasingly large AI datacentres are skipping grid connections (too slow to come online) and connecting straight to natural gas pipelines and installing their own gas turbines and generation sets ↩︎

• I've also read that various manufacturing problems from NVidia has lead to parts leaking, which famously does not combine well with high voltage electrical systems. ↩︎

• One flip side of this is how much better the small models have got. I'll be writing a lot more on this, but Gemma 4 26b-a4b running locally is hugely impressive for software engineering. It's not quite good enough, but perhaps we are only a few months off local models on consumer hardware being "good enough". Maybe it's worth buying that Mac or GPU you were thinking about as a hedge? ↩︎

Eight years of wanting, three months of building with AI

Lalit Maganti provides one of my favorite pieces of long-form writing on agentic engineering I've seen in ages.

They spent eight years thinking about and then three months building syntaqlite , which they describe as " high-fidelity devtools that SQLite deserves ".

The goal was to provide fast, robust and comprehensive linting and verifying tools for SQLite, suitable for use in language servers and other development tools - a parser, formatter, and verifier for SQLite queries. I've found myself wanting this kind of thing in the past myself, hence my (far less production-ready) sqlite-ast project from a few months ago.

Lalit had been procrastinating on this project for years, because of the inevitable tedium of needing to work through 400+ grammar rules to help build a parser. That's exactly the kind of tedious work that coding agents excel at!

Claude Code helped get over that initial hump and build the first prototype:

AI basically let me put aside all my doubts on technical calls, my uncertainty of building the right thing and my reluctance to get started by giving me very concrete problems to work on. Instead of “I need to understand how SQLite’s parsing works”, it was “I need to get AI to suggest an approach for me so I can tear it up and build something better". I work so much better with concrete prototypes to play with and code to look at than endlessly thinking about designs in my head, and AI lets me get to that point at a pace I could not have dreamed about before. Once I took the first step, every step after that was so much easier.

That first vibe-coded prototype worked great as a proof of concept, but they eventually made the decision to throw it away and start again from scratch. AI worked great for the low level details but did not produce a coherent high-level architecture:

I found that AI made me procrastinate on key design decisions. Because refactoring was cheap, I could always say “I’ll deal with this later.” And because AI could refactor at the same industrial scale it generated code, the cost of deferring felt low. But it wasn’t: deferring decisions corroded my ability to think clearly because the codebase stayed confusing in the meantime.

The second attempt took a lot longer and involved a great deal more human-in-the-loop decision making, but the result is a robust library that can stand the test of time.

It's worth setting aside some time to read this whole thing - it's full of non-obvious downsides to working heavily with AI, as well as a detailed explanation of how they overcame those hurdles.

The key idea I took away from this concerns AI's weakness in terms of design and architecture:

When I was working on something where I didn’t even know what I wanted, AI was somewhere between unhelpful and harmful. The architecture of the project was the clearest case: I spent weeks in the early days following AI down dead ends, exploring designs that felt productive in the moment but collapsed under scrutiny. In hindsight, I have to wonder if it would have been faster just thinking it through without AI in the loop at all.

But expertise alone isn’t enough. Even when I understood a problem deeply, AI still struggled if the task had no objectively checkable answer. Implementation has a right answer, at least at a local level: the code compiles, the tests pass, the output matches what you asked for. Design doesn’t. We’re still arguing about OOP decades after it first took off.

Via Hacker News

Tags: sqlite , ai , generative-ai , llms , ai-assisted-programming , vibe-coding , agentic-engineering

The best way to run AI and remain HIPAA compliant is to run it locally on your own hardware, instead of transferring protected health information (PHI) to a remote server by using a cloud-hosted service like ChatGPT or Claude. [1].

There are HIPAA-compliant cloud options, but they’re both restrictive and expensive. Even enterprise options are not “HIPAA compliant” out of the box. Instead, they are “HIPAA eligible” or that they “support HIPAA compliance,” because you still need the right Business Associate Agreement (BAA), configuration, logging, access controls, and internal process around it, and the end product often ends up far less capable than a frontier model. The least expensive and therefore most accessible services do not even allow this as an option.

Specific examples:

• Only sales-managed ChatGPT Enterprise or Edu customers are eligible for a BAA, and OpenAI explicitly says it does not offer a BAA for ChatGPT Business. The consumer ChatGPT Health product says HIPAA and BAAs do not apply. ChatGPT for Healthcare pricing is based on ChatGPT Enterprise, depends on organization size and deployment needs, and requires contacting sales. Even within Enterprise, OpenAI’s Regulated Workspace spec lists Codex and the multi-step Agent feature as “Non-Included Functionality,” i.e. off limits for PHI.

• Google says Gemini can support HIPAA workloads in Workspace, but NotebookLM is not covered by Google’s BAA, and Gemini in Chrome is automatically blocked for BAA customers. If a work or school account does not have enterprise-grade data protections, chats in the Gemini app may be reviewed by humans and used to improve Google’s products.

• GitHub Copilot, despite being a Microsoft product, is not under Microsoft’s BAA. Azure OpenAI Service is, but only for text endpoints. While Microsoft is working on their own models, it is unlikely that they will deviate significantly here.

• Anthropic says its BAA covers only certain “HIPAA-ready” services, namely the first-party API and a HIPAA-ready Enterprise plan, and does not cover Claude Free, Pro, Max, Team, Workbench, Console, Cowork, or Claude for Office. The HIPAA-ready Enterprise offering is sales-assisted only. Bundled Claude Code seats are not covered. AWS Bedrock API calls can work, but this requires extensive configuration and carries its own complexities and restrictions.

Running AI locally is already practical as of early 2026. Open-weight models that approach the quality of commercial coding assistants run on consumer hardware. A single high-end GPU or a recent Mac with enough unified memory can run a 70B-parameter model at a reasonable token speed.

There’s an interesting interplay between economies of scale and diseconomies of scale. Cloud providers can run a data center at a lower cost per server than a small company can. That’s the economies of scale. But running HIPAA-compliant computing in the cloud, particularly with AI providers, incurs a large direct costs and indirect bureaucratic costs. That’s the diseconomies of scale. Smaller companies may benefit more from local AI than larger companies if they need to be HIPAA-compliant.

Related posts

• HIPAA expert determination

• An AI Odyssey

• Queueing and economies of scale

[1] This post is not legal advice. My clients are often lawyers, but I’m not a lawyer. The post HIPAA compliant AI first appeared on John D. Cook .

Simon Willison wrote about how he vibe coded his dream presentation app for macOS .

I also took a stab at vibe coding my dream app: an RSS reader.

To clarify: Reeder is my dream RSS app and it already exists, so I guess you could say my dreams have already come true?

But I’ve kind of always wanted to try an app where my RSS feed is just a list of unread articles and clicking any one opens it in the format in which it was published (e.g. the original website).

So I took a stab at it.

(Note: the backend portion of this was already solved, as I simply connected to my Feedbin account via the API .)

First I tried a macOS app because I never would’ve tried a macOS app before. Xcode, Swift, a Developer Account? All completely outside my wheelhouse. But AI helped be get past that hurdle of going from nothing to something .

It was fun to browse articles and see them in situ . A lot of folks have really great personal websites so it’s fun to see their published articles in that format.

This was pretty much pure vibes. I didn’t really look at the code at all because I knew I wouldn’t understand any of it.

I got it working the first night I sat down and tried it. It was pretty crappy but it worked.

From there I iterated. I’d use it for a day, fix things that were off, keep using it, etc.

Eventually I got to the point where I thought:

• Ok, I could use this on my personal computer.

• I don’t know that I’ll be able to iterate on this much more because its getting more complicated and failing more and more with each ask ( I was just trying to move some stupid buttons around in the UI and the AI was like, “Nah bro, I can’t.”)

• I have no idea how I’d share this with someone.

• I don’t think I’d be comfortable sharing this with someone (even though I think I did things like security right by putting credentials in the built-in keychain, etc.)

• I guess this is where the road stops.

I’m picky about software, so the bar for my dreams is high. But I’m also lazy, so my patience is quite low.

The intersection of: the LLM failing over and over + my inability to troubleshoot any of it + not wanting to learn = a bad combination for persevering through debugging.

Which made me say: “Screw it, I’ll build it as a website!”

But websites don’t really work for this kind of app because of CORS. I can’t just stick an article’s URL in an <iframe> and preview it because certain sites have cross site headers that don’t allow it to display under another domain.

But that didn’t stop me. I tried building the idea anyway as just a list view. I could install this as a web app on my Mac and I'd get a simple list view:

Anytime I clicked on a link, it would open in my default browser. Actually not a bad experience.

It worked pretty decent on my phone too. Once I visited my preview deploy, I could "isntall" it to my home screen and then when I opened it, I'd have my latest unread articles. Clicking on any of them would open a webview that I could easily dismiss and get back to my list.

Not too bad.

But not what I wanted, especially on desktop.

It seemed like the only option to 1) get exactly what I wanted, and 2) distribute it — all in a way that I could understand in case something went wrong or I had to overcome an obstacle — was to make a native app.

At this point, I was thinking: “I’m too tired to learn Apple development right now, and I’ve worked for a long time on the web, so I may as well leverage the skills that I got.”

So I vibed an Electron app because Electron will let me get around the cross site request issues of a website.

This was my very first Electron app and, again, the LLM helped me go from nothing to something quite quickly (but this time I could understand my something way better).

The idea was the same: unread articles on the left, a preview of any selected articles on the right. Here’s a screenshot:

It’s fine. Not really what I want. But it’s a starting point.

Is it better than Reeder? Hell no.

Is it my wildest dreams realized? Also no.

But it’s a prototype of an idea I’ve wanted to explore.

I”m not sure I’ll go any further on it. It’s hacky enough that I can grasp a vision for what it could be. The question is: do I actually want this? Is this experience something I want in the long run?

I think it could be. But I have to figure out exactly how I want to build it as a complementary experience to my preferred way of going through my RSS feed.

Which won't be your preference.

Which is why I'm not sharing it.

So what’s my takeaway from all this? I don’t know. That’s why I’m typing this all out in a blog post.

Vibe coding is kinda cool. It lets you go from “blank slate” to “something” way faster and easier than before.

But you have to be mindful of what you make easy . You know what else is easy? Fast food. But I don’t want that all the time.

In fact, vibe coding kinda left me with that feeling I get after indulging in social media, like “What just happened? Two hours have passed and what did I even spend my time doing? Just mindlessly chasing novelty?” It’s fun and easy to mindlessly chasing your whims. But part of me thinks the next best step for this is to sit and think about what I actually want, rather than just yeeting the next prompt out.

I’ve quipped before that our new timelines are something like:

• Nothing -> Something? 1hr.

• Something -> Something Good ? 1 year.

The making from nothing isn't as hard anymore. But everything after that still is. Understanding it. Making it good. Distributing it. Supporting it. Maintaining it. All that stuff. When you know absolutely nothing about those — like I did with macOS development — things are still hard.

After all this time vibing, instead of feeling closer to my dream, I actually kinda feel further from it. Like the LLM helped close the gap in understanding what it would actually take for me to realize my dreams. Which made me really appreciate the folks who have poured a lot of time and thought and effort into building RSS readers I use on a day-to-day basis.

Thank you makers of Feedbin & Reeder & others through the years. I’ll gladly pay you $$$ for your thought and care.

In the meantime, I may or may not be over here slowly iterating on my own supplemental RSS experience. In fact, I might’ve just found the name: RxSSuplement.

Reply via:

Email · Mastodon ·

Bluesky

Donald Trump, sitting president of the United States, on his blog:

Tuesday will be Power Plant Day, and Bridge Day, all wrapped up in one, in Iran. There will be nothing like it!!! Open the Fuckin’ Strait, you crazy bastards, or you’ll be living in Hell - JUST WATCH! Praise be to Allah. President DONALD J. TRUMP

The Iranian embassy in Japan , quoting Trump:

This low level of civility and intelligence shown by a leader of a country is regrettable; the shameful fervor with which intentions to commit war crimes are repeated is staggering; and the fact that the Divine is invoked regardless of ill intentions clearly exposes deep fanaticism. Apologies for sharing this language.

★

Like all good nerds, I generate a unique email address for every service I sign up to. This has several advantages - it allows me to see if a message is legitimately from a service, if a service is hacked the hackers can't go credential stuffing, and I instantly know who leaked my address.

A few weeks ago I signed up for BrowserStack as I wanted to join their Open Source programme. I had a few emails back-and-forth with their support team and finally got set up.

A couple of days later I received an email to that email address from someone other than BrowserStack. After a brief discussion, the emailer told me they got my details from Apollo.io.

Naturally, I reached out to Apollo to ask them where they got my details from.

They replied:

Your email address was derived using our proprietary algorithm that leverages publicly accessible information combined with typical corporate email structures (e.g., firstname.lastname@companydomain.com).

Wow! A proprietary algorithm, eh? I wonder how much AI it takes to work out "firstname.lastname"????

Obviously, their response was inaccurate. There's no way their magical if-else statement could have derived the specific email I'd used with BrowserStack. I called them out on their bullshit and they replied with:

Your email address came from BrowserStack (browserstack.com) one of our customers who participates in our customer contributor network by sharing their business contacts with the Apollo platform.

The date of collection is 2026-02-25.

So I emailed BrowserStack a simple "Hey guys, what the fuck?"

I love their cheery little "No spam, we promise!"

Despite multiple attempts to contact them, BrowserStack never replied.

Given that this email address was only used with one company, I think there are a few likely possibilities for how Apollo got it.

• BrowserStack routinely sell or give away their users' data.

• A third-party service used by BrowserStack siphons off information to send to others.

• An employee or contractor at BrowserStack is exfiltrating user data and transferring it elsewhere.

There are other, more nefarious, explanations - but I consider that to be unlikely. I suspect it is just the normalisation of the shabby trade in personal information undertaken by entities with no respect for privacy.

But, it turns out, it gets worse. My next blog post reveals how Apollo got my phone number from from a very big company.

Be seeing you 👌

I have these Sunday evenings where I find myself sitting alone at the kitchen table, thinking about my life and how I got here . Usually, these sessions end with an inspiring idea that makes me want to get up and build something. I remember the old days where I couldn't even sleep because I had all these ideas bubbling in my head, and I could just get up and do it because I had no familial responsibility.

I still have that flare in me, but I also don't always give in to those ideas. Instead, sometimes I chose to do something much simpler. I read. Sometimes it's a book, sometimes it's a blog post. But always, it's something that stimulates my mind more than any startup idea, or tech disruption.

There is a blog I follow, I'm not even sure how I stumbled upon it. I don't think it has a newsletter, and it's not in my RSS feed. But, it's in my mind. It's as if I can just feel it when the author posts something new. Right there on the kitchen table, I load it up, and I get a glimpse into someone else's life. I don't know much about this person, but reading her writing is soothing. It's not commercialized, the most I can say about it is, well it is human .

When I read something that is written, anything that's written, I expect to hear the voice of the person behind it . Whether it is a struggle, a victory, or just a small remark. It only makes sense when there is a person behind it. Sometimes people write, and in order to sound professional, they remove their voice from it. It becomes like reading a corporate memphis blog. Devoid of any humanity.

It's weird how I have these names in my head. Keenen Charles . I check his blog on Sunday evening as well. In fact, here are a few I read recently in no particular order:

• Henrik

• Hugo?

• Jerry (I particularly liked this specific article)

• Hong

• Don't know her name

• Keenen

This isn't to tell you that you need to read those articles or you will be left behind. It's not that deep. You can find things you like, and enjoy them at your own comfort. They don't have to be world changing, they don't have to turn you into a millionaire, they just have to make you smile or nod for a moment.

The world is constantly trying to remind us that we are at the edge of destruction. But you, the person sitting there, reading a random blog post from this random Guinean guy, yes you. Take it easy for the rest of the day.

Release: scan-for-secrets 0.2

• CLI tool now streams results as they are found rather than waiting until the end, which is better for large directories.

• -d/--directory option can now be used multiple times to scan multiple directories.

• New -f/--file option for specifying one or more individual files to scan.

• New scan_directory_iter() , scan_file() and scan_file_iter() Python API functions.

• New -v/--verbose option which shows each directory that is being scanned.

(Once again it's been a while since the last little script .)

Every so often I find myself in a situation where I have a bunch of lines with multiple columns and I want to either add up all of the numbers in one column (for example, to get total transfer volume from Apache log files) or add up all of the numbers in one column grouped by the value of a second column. This leads to two scripts, which I call ' addup ' and ' sumup '.

Addup is a simple awk script that adds up all the values from some column:

#!/bin/sh # add up column N awk '{sum += $('$1') } END {print sum}'

(Looking at this now, I should use printf and specify a format to avoid scientific notation . A more sophisticated version would do things like allow you to set the column separator character(s) rather than just using the awk default of whitespace, but so far I haven't needed anything more.)

My version of sumup is more complicated than I've described, partly it either counts up how many times each value happened for a particular field or it computes a sum of another field for the particular field. This sounds abstract, so let me make it more concrete. Suppose that you have a file of lines that look like:

300 thing1 800 thing2 900 thing1 100 thing3 [...]

Sumup can either tell you how many times each of the second field occurs, or sum up the value of the first field for each of the values of the second field (giving you 1200 for thing1, 800 for thing2, and 100 for thing3 in this simple case).

The actual sumup that I currently use is a Python program, partly so that I can conveniently print output sorted by the breakdown field. However, my older awk-based version is:

#!/bin/sh # sum up field $1 by field $2 # if no $2 is provided, it just counts by one. ( if [ -n "$2" ]; then awk '{sums[$'$1'] += $'$2'} END {for (i in sums) print sums[i], i}' else awk '{sums[$'$1'] += 1} END {for (i in sums) print sums[i], i}' fi ) | sort -nr

My memory is that this version works fine, although it's been a while since I used it.

If there are relatively widely available Unix utilities that will do these jobs, I'm not aware of them, although I wouldn't be surprised if they've emerged by now.

PS: Looking at the sort of things I do with these tools, I should also write an 'avgup', although that strays into the lands of statistical analysis where I may also want things like the median.

( 2 comments .)

Ashley Belanger, reporting for Ars Technica:

Using developer tools, the lawsuit found that opening prompts are always shared, as are any follow-up questions the search engine asks that a user clicks on. Privacy concerns are seemingly worse for non-subscribed users, the complaint alleged. Their initial prompts are shared with “a URL through which the entire conversation may be accessed by third parties like Meta and Google.”

Disturbingly, the lawsuit alleged, chats are also shared with personally identifiable information (PII), even when users who want to stay anonymous opt to use Perplexity’s “Incognito Mode.” That mode, the lawsuit charged, is a “sham.”

Everything about Perplexity looks like a scam .

★

This post will look at the problem of updating an average grade as a very simple special case of Bayesian statistics and of Kalman filtering.

Suppose you’re keeping up with your average grade in a class, and you know your average after n tests, all weighted equally.

m = ( x 1 + x 2 + x 3 + … + x n ) / n .

Then you get another test grade back and your new average is

m ′ = ( x 1 + x 2 + x 3 + … + x n + x n +1 ) / ( n + 1).

You don’t need the individual test grades once you’ve computed the average; you can instead remember the average  m and the number of grades  n [1]. Then you know the sum of the first  n grades is  nm and so

m ′ = ( nm + x n +1 ) / ( n + 1).

You could split that into

m ′ = w 1 m + w 2 x n +1

where w 1 = n /( n + 1) and w 2 = 1/( n + 1). In other words, the new mean is the weighted average of the previous mean and the new score.

A Bayesian perspective would say that your posterior expected grade m ′ is a compromise between your prior expected grade  m and the new data x n +1 . [2]

You could also rewrite the equation above as

m ′ =  m + ( x n +1 − m )/( n + 1) = m + K Δ

where K = 1/( n + 1) and Δ = x n +1 − m . In Kalman filter terms,  K is the gain, the proportionality constant for how the change in your state is proportional to the difference between what you saw and what you expected.

Related posts

• A Bayesian view of Amazon Resellers

• Kalman filters and functional programming

• Kalman filters and bottom-up learning

[1] In statistical terms, the mean is a sufficient statistic .

[2] You could flesh this out by using a normal likelihood and a flat improper prior. The post Kalman and Bayes average grades first appeared on John D. Cook .

• •

UAE cabinet meeting room, via Camski . Welcome to the reading list, a weekly roundup of news and links related to buildings, infrastructure, and industrial technology. This week we look at aluminum disruptions, the EV rust belt, the ongoing transformer shortage, SpaceX’s IPO, and more. Roughly 2/3rds of the reading list is paywalled, so for full access become a paid subscriber.  War in Iran The world’s largest aluminum smelter in Bahrain was hit by an Iranian drone, bringing production offline. [ Bloomberg ] Other aluminum smelters in the area have cut production due to inability to ship through the Strait. This, in turn, has forced various EV manufacturers to cut production. “ Gulf smelters that supply Toyota, Nissan, BMW, parts makers for Mercedes-Benz, South Korea’s Hyundai Mobis and hundreds of other automotive customers worldwide are defaulting on contracts or closing down. The U.S.-Iran war has effectively shut the Strait of Hormuz to commercial shipping, cutting off one of the largest flows of automotive-grade aluminum .” [ Rest of World ] Israel bombed two Iranian steel factories. [ NYT ] The US bombed an Iranian bridge that was one of the largest in the Middle East. [ BBC ] And another Amazon data center was damaged by an Iranian drone. [ Reuters ] The Philippines declares a National Energy Emergency. [ Reuters ] And Germany considers ramping up coal power to avert an energy crisis. [ Politico ] Helium production in Qatar, which is responsible for roughly 1/3rd of the world’s supply, has been shut down. [ NYT ] We’ve previously noted that helium is a critical input for semiconductor manufacturing and MRI machines, but it’s apparently also crucial for mass spectrometers used in science labs. [ X ] The world is running out of ways to deal with the disruption to oil supply that don’t involve using less oil. “ In the first days of this war, the strait’s closure meant the immediate loss of 20 million daily barrels of crude and refined products. The industry went to work, activating a first layer of defense: using up stocks. The second layer came soon after as Saudi Arabia and the United Arab Emirates rerouted some exports using bypass pipelines to Red Sea and Gulf of Oman ports. The third defense came from politicians. The richest nations tapped their strategic reserves, injecting millions of barrels into the market. US President Donald Trump also made constant — and effective — verbal interventions. His jawboning about the chance of an end to the fighting helped tame panic buying .” [ Bloomberg ] Italy denied US military aircraft permission to land at a base in Sicily for operations against Iran. [ Bloomberg ] Because Iranian ships can traverse the Strait of Hormuz freely, Iran is actually making more money from oil sales than it was prior to the war. “ Iran is now earning nearly twice as much from oil sales each day as it did before American and Israeli bombs started falling on February 28th. It may be pummelled on the battlefield, but the regime is winning the energy war .” [ The Economist ] Housing 25 housing researchers signed an open letter opposing the provisions in the ROAD to housing act recently passed by the Senate that would limit build-to-rent housing. “ If passed, the seven-year disposition requirement would result in a decline of more than 7% of single-family home completions and 18% of rental completions, according to analysis from Laurie Goodman and Jim Parrott at the Urban Institute, a Washington, D.C.-based think tank .” [ Multifamily Dive ] Work on what would be the tallest mass timber building in the US (in Milwaukee of all places), has apparently stopped, and the project is facing foreclosure. [ Multifamily Dive ] Mortgage rates had been steadily, if slowly, declining over the last year, but since the beginning of the war in Iran they’ve ticked back up. [ NYT ] • •

Japanese corporations keep buying US homebuilders. “ Japanese builders have announced or closed acquisitions of 23 U.S. single-family home builders since 2020, more than double the number from 2013 to 2019. That doesn’t include the multifamily developers and construction-supply companies they have also bought. By some estimates, Japanese builders are now set to own about 6% of the U.S. home-construction market. ” [ WSJ ]

Read more

Alexandre Dumas ran what was essentially a content production house in 19th century Paris. His most famous collaborator was Auguste Maquet, who wrote substantial portions of The Three Musketeers and The Count of Monte Cristo . Maquet would produce drafts and outlines, and Dumas would rewrite and polish them, but the books went out under Dumas's name alone. Maquet eventually sued him over it in 1858 - and won a financial settlement - but the court ruled Dumas was the sole author. At the peak of his Factory, Dumas had something like 73 collaborators working with him at various points. A contemporary writer named Eugène de Mirecourt published a pamphlet in 1845 called Fabrique de Romans: Maison Alexandre Dumas et Cie ("Novel Factory: The House of Alexandre Dumas and Company") accusing him of running a ghostwriting sweatshop. Dumas sued for libel and won, but nobody really disputed the underlying facts. Dumas published around 100,000 pages in his lifetime. Even his defenders admitted he couldn't have written all of it alone. Put a pin in that, we'll come back to it later... In November 2025, Hachette published a horror novel called Shy Girl by Mia Ballard. It is, decidedly, not my cup of tea. But, it had sold about 1,800 copies in the UK, and it had almost 5,000 ratings on Goodreads, averaging 3.51 stars. It was an ordinary debut, with a built-in fanbase. And then the internet decided it was written by AI, and the world began a witchhunt. A Reddit thread blew up, followed by a YouTube video titled "I'm pretty sure this book is ai slop" pulling in 1.2 million views. Goodreads reviewers started dissecting individual sentences like forensic linguists with a grudge, and by early 2026, Hachette had pulled the book from shelves, cancelled the US release, and scrubbed it from Amazon. Ballard says she didn't use AI herself. She says an acquaintance she'd hired to work on an earlier self-published version had incorporated AI tools without her knowledge. "This controversy has changed my life in many ways and my mental health is at an all time low and my name is ruined for something I didn't even personally do," she wrote to the New York Times. And I'll stand up right now and say - fuck it. Maybe she's telling the truth. Or, maybe she isn't. I don't actually give a shit, because I don't actually know, and neither do you actually know, and neither do the thousands of people who participated in destroying her career. We just. Don't. Know. What I do know boils down to pretty much this: the tools // methods people used to reach their verdict are fucking garbage. The culture that's grown up around AI detection is poisonous, and I refuse to have anything to do with it. AI detection tools are unreliable. It's been shown over and over. OpenAI launched its own AI text classifier in January 2023, and by July 2023, they'd shut it down because it correctly identified AI-written text only 26% of the time - worse, if I may point out, than a coin toss... GPTZero, Turnitin's AI detection feature, Originality.ai, Pangram etc: the whole cottage industry that's sprung up here shares the same limitation. They're pattern matchers trained on statistical likelihoods, flagging text that looks like it could have come from a language model, and the problem is, a lot of perfectly human writing also looks like it could have come from a language model, because language models were trained on human writing, and even the AI-based AI detection tools are just playing an eternal // infernal game of whackamole with this model and that moel and the next model. Snake, meet tail. You're going to get along swimmingly. Researchers at Stanford found in 2023 that AI detectors disproportionately flagged writing by non-native English speakers as AI-generated, based on simpler sentence structures, based on fewer idioms, based on predictable word choices, based on all the things a person writing in their second or third language might produce. All the things a detector reads as "probably a robot." The same thing happens to neurodivergent writers. Autistic writers. Such as myself... The tools are biased and inaccurate, they spit out false positives at rates that should make anyone uncomfortable using them as evidence of anything, and yet people treat the output like a blood test that came back positive, forgetting apparently that blood tests are retested and retested because no one test is entirely accurate. But most of the people who went after Shy Girl weren't even using formal detection tools; they were reading passages and going: "This sounds like ChatGPT to me" - and maybe it did, and maybe it was, but a gut feeling seems like an awfully precarious thing over which to fuck an entire career. Just because someone on Reddit reads a sentence that feels generic, or a metaphor that lands a little flat, they (increasingly) conclude with absolute certainty that a machine wrote it, as if mediocre prose is a new invention, as if bad writing didn't exist before November 2022. And may God forgive us if we condemn each other to permanent damnation for producing shitty prose; sans the production of shitty prose, no writer has ever grown one jot. I've been writing professionally for years, and I've read thousands of self-published and traditionally published books and a huge percentage of them contain clunky sentences, and overused phrases, and cliché metaphors, and prose that reads like it was assembled by so many monkeys with so many MacBooks. But that, dear reader is writing. Most writing is ok. Functional at best. Some writing is good enough to create // destroy empires and so on, and that was true in 2005 and it was true in every moment of our crummy, bargain-bin history up to the introduction of ChatGPT, and damn it, it's true now. You can't read a paragraph and reliably, with a human life on the line (because that's the stakes, when you destroy a writer's career and a writer's reputation) tell beyond any reasonable doubt, whether a human or a machine produced it. Humans writing in familiar genres, leaning on conventions and common phrasings, leaning on their own context windows, containing everything from Ian Kershaw to Ursula LeGuin to a smattering of Harry Potter fanfiction from 2005 to a series of brain-rotted TikTok reels are doing the best they can to find the right words and shove them into something resembling the right order. A romance novel that uses "his eyes darkened with desire" isn't necessarily AI-generated, even if it reads like a steaming pile to those of us enlightened enough to call ourselves the Literati. Following genre conventions doth not a fraud make. A horror novel with clunky exposition isn't ChatGPT. It might just be a first-time author who hasn't found their voice yet, and they'll never find their voice if we wave pitchforks and torches at every line we personally dislike. The big publishers are not the ones who'll get hurt by this, obviously. Hachette pulled Shy Girl and moved on, with a swiftly issued statement about "protecting original creative expression." Back to business, and so it goes. No, the folks getting hurt are the writers. Not only the ones who are tarred - all of us. Every single God-forsaken one of us. We are all made smaller by the pursuit of unproven and unprovable purity. Whether Ballard used AI or not (and she says she didn't, and naive or not I'm inclined to throw my cynicism to the wind and just take her at face value, and you can mock me if you like), the punishment landed before any verdict was reached, because no verdict can ever be reached. Not beyond a reasonable doubt. Never beyond a reasonable doubt. She's not going to be the last. This whole setup, where anyone can accuse any writer of using AI based on gut feeling, and broken detection tools get treated as proof and publishers fold at the first hint of controversy because the PR cost outweighs the book's revenue, is going to grind up a lot of people into a fleshy, bloody, bony paste. Most of them will be small-time writers, debut authors, indie-published folks without the platform or the money to fight back. The motivations of the accusers are more complicated than they'd like to admit. First - the writers who feel threatened by AI are channeling that fear into vigilante enforcement, and I get the fear. I share it, ~to a point. I think it's clear that AI is flooding the market with cheap content, even if I can't confidently crucify any individual for it. But destroying individual careers on the basis of speculation doesn't fight that problem - it simply gives you someone to punish, and the drive for revenge is, while altogether human, altogether bullshit. Beyond the slighted writers, you've got the internet sleuths who've found a new game. The same energy that drove Reddit to misidentify the Boston Marathon bomber (remember that?) is now being applied to prose style analysis, with the same overconfidence, and the same total absence of accountability when they get it wrong. Third - the booktok etc influencers who smell blood (and engagement) in the water. "I dissected this book and found some awkward sentences" doesn't get 1.2 million YouTube views. "This book is AI slop" apparently does. Finally - the readers who feel betrayed by the idea that something they read might not have been "real." I understand that impulse, too - but the logical endpoint is a world where every writer is suspect, and every flat passage becomes evidence, and the act of reading itself is poisoned by constant suspicion. What unites all of them is the conviction that they, ~they can tell. That they've developed a sixth sense for machine-generated prose through sheer exposure. Well, they haven't. Nobody has. The researchers who build these models can't reliably tell, and the companies that created the AI can't reliably tell, and I am comfortable concluding that someone with a Goodreads account and strong opinions sure as shit hasn't cracked it either. Give me a break. The "human-written" certification badges that have started popping up deserve a closer look, because they reveal how badly this whole discourse has gone off the rails... The Society of Authors' logo and the Authors Guild's certification both operate on the honor system. You register, you say "I wrote this myself," and you get a sticker on your book. There is no forensic review (wouldn't make a difference), no manuscript audit (to what end?) Nobody's testifying under oath that they watched you type every word. So what do these badges actually prove? That someone was willing to check a box? A person who used AI and wanted to hide it would check that box too. And a person who didn't use AI but can't afford the registration fee, or doesn't belong to the right trade association, or just didn't know the program existed, doesn't get the badge. The absence of the badge becomes its own accusation. We've been here before. The "organic" label in food. The "fair trade" stamp on coffee. These things start as consumer protection and end as marketing advantages for folks with the resources to participate, and the writers who need protection the most - debut authors // the self-published, writers without agents or industry connections, are the ones least likely to know about or access these programs. By creating a "certified human" category, you've implicitly created an "uncertified" category. Every book without the badge now carries a faint question mark, and so the presumption of innocence gets torn to shreds, and nobody has to take responsibility for it, because it happened through a logo, not a law. I'm not going to use AI detection tools on other people's writing. Not privately, not publicly, not ever. I'm not going to participate in crowdsourced investigations of whether someone's novel or essay or blog post was "really" written by a human, and I won't share threads that claim to have found proof, and I won't add my voice to the chorus of outrage. My fingers are better employed typing out my own work than pointing at people I've never met. The cost of a false accusation is a person's career and their mental health, while the cost of letting an AI-assisted book sit on a shelf is... a book sitting on a shelf. And I find I just do not give a shit. That asymmetry is so extreme I can't wrap my head around how more people aren't troubled by it. If a publisher wants anti-AI clauses in their contracts, fine. If a literary prize wants attestation that no AI was used, that's their call. Those are agreements between parties who chose to be there and good luck to them. But the mob version of this, where anonymous internet users appoint themselves the AI police armed with broken tools and absolute conviction, is something I want no part of. Writing has always been messy, and writers have always borrowed, imitated, recycled, and leaned on formulaic structures. Ghost writers exist, and editors sometimes rewrite entire chapters. Collaborative writing has been around for centuries. The line between "authentic" and "assisted" has never been as clean as people are pretending it is right now. If The Three Musketeers were published today, and someone published the 2026 version of a Pamphlet, what would happen? Would a Reddit thread decide that the prose felt too formulaic? Would a YouTube video rack up a million views dissecting the sentence structure? Would Hachette pull it from shelves? The answer is: fucking, probably. Because the current system doesn't care about the actual quality of the work, or the process behind it, or the centuries of collaborative tradition that produced some of the best writing we have. It cares about the appearance of purity. It cares about whether a mob can be convinced that something smells wrong. Dumas is in the literary canon, and his books are assigned in schools. But the way he made them would get him destroyed on the internet in 2026. This seems suboptimal, to say the least. I don't know w

内容较长，当前仅展示前 14000 字。可点击“打开原文”查看完整内容。

What if I told you there was a secret social network, hidden in plain sight? If you're reading this message, you're now a member of RSS Club !

RSS Club is a series of posts which are only visible to RSS / Atom subscribers. Like you 😃

If I've done everything right 0 , this page isn't visible on the web. It can't be found by a search engine. It doesn't share to Mastodon or appear syndicated to ActivityPub.

Of course, that also means that I can't receive any comments or feedback about it. I'd love it if you dropped me a note to say you found this post. My contact details are on https://edent.tel/ - feel free to use whichever method you like.

So, what can you expect from this exclusive content? More of the same old nonsense - but probably stuff I don't want to argue about on Social Media.

As a first pass, let's talk about this " Let's write a constitution " post from Matt Ellery. In it, he discusses various fun / sensible things you could do with a written constitution. I particularly like the idea of having a "Prime Number Election".

In my modernist tweak, I'd set up something like this:

• Local council elections every 3 years.

• National MP elections every 5 years.

• Upper chamber elections every 7 years.

That ensures that no one party can dominate. Once every 35 years, the upper chamber elections would be brought forward by one year, with their next term lengthened to 8 years.

I'm less sure about having the locals be at the same time for every council. I think that could be a lot of work for democratic volunteers. Perhaps stagger them into thirds or quarters of the year?

Either way, I doubt we'll be getting a written constitution any time soon!

• There is every possibility I have not and am now scrambling to fix things.  ↩︎

Every few months someone declares that “X will kill open source” or that “open source is not sustainable” or that “open source won”, and every time the responses split into factions that seem to be having completely different conversations. People have been pointing this out for at least a decade. Replacement terms like “post-open source” never stuck, because the problem isn’t the label. The phrase “open source” carries so many meanings that people routinely talk past each other while using the exact same words, each person confident the other is being obtuse when really they’re just working from a different definition.

A licensing regime. Software distributed under a license meeting the Open Source Definition : free redistribution, source availability, derived works permitted. The OSI maintains this formal definition, and for a certain kind of conversation it’s the only one that counts.

A development methodology. The Cathedral and the Bazaar thesis, “given enough eyeballs, all bugs are shallow”, the idea that developing in the open with public revision history and review produces better software. You can have this without the licensing (source-available projects with public repos) and the licensing without this (code-dump releases with no public development process at all). The two definitions are doing different work.

A business model. Open core, dual licensing, managed hosting, support contracts, consulting, and the dozen other ways companies try to capture value from code they give away. At the strategic end, this includes open sourcing something specifically to commoditise a competitor’s differentiator , the way Android commoditised mobile operating systems and Kubernetes commoditised container orchestration. These models sit in permanent tension with most other definitions on this list. Open source business arguments tend to go in circles because everyone is talking about different things.

A supply chain. The set of packages in your dependency tree, the SBOM, the compliance checklist, a procurement category where the vendor has unusual contractual terms (namely, none). Governments have started treating it the same way, funding programs like Alpha-Omega and the Sovereign Tech Fund because software supply chain security is now a national security concern. The people producing the software are, as they will remind you , not your supplier.

A commons. What Nadia Eghbal called “ roads and bridges .” Shared infrastructure that everyone depends on but nobody owns. Making the commons visible enough that people might actually help maintain it remains the unsolved problem.

A political movement. Free Software’s sibling, or depending on who you ask, its corporate-friendly dilution. User freedom, transparency, power dynamics, who controls computing. People who hold this definition get frustrated with everyone else on this list for treating those concerns as secondary.

A marketing label. “We open sourced it” plays well in a press release. Source-available projects call themselves open source for the brand halo, and companies open source a project, collect the community goodwill, then quietly change the license two years later.

A social identity. “I’m an open source developer” describes belonging to a scene with its own conferences, norms, status hierarchies, and cultural touchstones. It exists independently of any particular codebase. The career-oriented version treats GitHub profiles as resumes and open source contributions as proof of competence, which quietly advantages people with free time and disadvantages everyone else.

A governance model. Who has commit access and how did they earn it? BDFLs, steering committees, foundations, do-ocracy, rough consensus. When a maintainer disappears or a foundation makes an unpopular decision, this is the definition people are arguing about even if they frame it in licensing or business terms.

A coordination layer. Neutral ground where companies that compete in the market collaborate on shared infrastructure none of them can justify building alone. The Linux kernel, Kubernetes, and OpenTelemetry all work this way. The foundation politics that surround them make more sense as multi-party coordination problems than as altruistic code sharing.

A forkability guarantee. The credible threat of a fork shapes behaviour even when no fork happens, and it disciplines maintainers, companies, and foundations alike. This is why license changes provoke such intense reactions: OpenTofu exists because HashiCorp broke the forkability guarantee, and MariaDB exists because Oracle made people nervous about it. Forkability is one of the few accountability mechanisms open source actually has.

An innovation diffusion mechanism. HTTP servers, container runtimes, programming languages: open source is the way standards actually propagate, how technology becomes infrastructure. Nobody coordinates it because open source code can be adopted without negotiation.

A moral obligation. “You should open source that” carries real social pressure, sometimes justified and sometimes not, rooted in the idea that if you built on open source you owe something back. This reciprocity norm causes particular friction when it collides with the business model definition, where the whole point is capturing value.

A research output. In academia, open source is the reproducibility layer, software as a scholarly artefact with the FAIR principles applied to code. This definition barely overlaps with the business or supply chain readings, which is part of why academic open source and industry open source often feel like they’re happening on different planets.

A free help desk. People file GitHub issues that are support tickets or feature demands, expecting maintainers to triage, respond, and deliver, and vendor packages into their products expecting indefinite updates without any relationship or contribution flowing back. The issue tracker becomes a customer service portal where the customer paid nothing, and the lockfile becomes an eternal service contract nobody signed. The people holding this definition rarely state it explicitly because they don’t think of it as a definition, they just think that’s how open source works.

Free infrastructure. Package registries, CDNs, CI runners, and mirror networks get treated like tap water. npm, PyPI, RubyGems.org, and crates.io all absorb enormous operational costs and traffic while people build entire businesses on top of them without considering who pays for any of it.

Vibes. The code is on GitHub. That’s about as far as the thinking goes. Probably the most common usage of the term by volume.

The help desk and free infrastructure framings are entitlement definitions, “open source” meaning “someone else bears the costs so I don’t have to.” One is about labour, the other about operational infrastructure, and they compound on each other: the person filing a feature request on a registry’s GitHub repo is simultaneously demanding free labour and taking the free infrastructure for granted. These cause the most material harm to the people actually doing the work, and the people holding them don’t recognise them as definitions at all.

How can the commons also be a supply chain? How can a moral obligation also be a business model? “Open source” is a stack of incompatible expectations. Next time someone says something will kill it, ask them which one. They’re probably right about at least one of them.

->->->->->->->->->->->->->->->->->->->->->->->->->->->->->

Top Sources: None

-->

Today's links

• EU ready to cave to Trump on tech : Surrendermonkeys ahoy.

• Hey look at this : Delights to delectate.

• Object permanence : "Among a Thousand Fireflies"; "fiscal" not "physical"; Ontario's pusher premiere can't distribute vaccines; You need your head examined (if you trust an AI therapist); Women tell Pence about their periods; Zombie economy and digital arm-breakers; The trouble with tariffs.

• Upcoming appearances : Toronto, Montreal, Toronto, San Francisco, London, Berlin, NYC, Hay-on-Wye, London.

• Recent appearances : Where I've been.

• Latest books : You keep readin' em, I'll keep writin' 'em.

• Upcoming books : Like I said, I'll keep writin' 'em.

• Colophon : All the rest.

EU ready to cave to Trump on tech ( permalink )

Crises precipitate change. That's no reason to induce a crisis, but you'd be a fool to let a crisis go to waste. Donald Trump is the greatest crisis of our young century, and the EU looks set to squander the opportunity, to its own terrible detriment.

For more than a decade, it's been clear that the American internet was not fit for purpose. The whistleblowers Mark Klein and Edward Snowden revealed that the US had weaponized its status as the world's transoceanic fiber-optic hub to spy on the entire planet:

https://doctorow.medium.com/https-pluralistic-net-2025-11-26-difficult-multipolarism-eurostack-5a527c32f149

US tech giants flouted privacy laws, gleefully plundering the world's cash and data with products that they remorselessly enshittified:

https://pluralistic.net/2026/01/30/zucksauce/#gandersauce

American companies repurposed their over-the-air software update capabilities to remotely brick expensive machinery in service to geopolitical priorities:

https://pluralistic.net/2022/05/08/about-those-kill-switched-ukrainian-tractors/

Then Trump and his tech companies started attacking key public institutions around the world, shutting down access for senior judges who attempted to hold Trump's international authoritarian allies to account for their crimes:

https://pluralistic.net/2025/10/20/post-american-internet/#huawei-with-american-characteristics

If Trump wants to steal Greenland, he doesn't need tanks or missiles. He can just tell Microsoft and Oracle to brick the entire Danish state and all of its key firms, blocking their access to their email archives, files, databases, and other key administrative tools. If Denmark still holds out, Trump can brick all their tractors, smart speakers, and phones. If Denmark still won't give up Greenland, Trump could blackhole all Danish IP addresses for the world's majority of transoceanic fiber. At the click of a mouse, Trump could shut down the world's supply of Lego, Ozempic, and delicious, lethally strong black licorice.

Now, these latent offensive capabilities were obvious long before Trump, but the presidents who weaponized them in the pre-Trump era did so in subtle and deniable ways, or under a state of exception (e.g. in response to spectacular terrorist attacks or in the immediate aftermath of the Russian invasion of Ukraine) that let bystanders assure themselves that this wouldn't become a routine policy.

After all, America profited so much from the status quo in which America and its trading partners all pretended that US tech wouldn't be weaponized for geopolitical aims, so a US president would be a fool to shatter the illusion. And even if the president was so emotionally incontinent that he demanded the naked weaponization of America's defective, boobytrapped tech exports, the power blocs that the president relies on would stop him, because they are so marinated in the rich broth that America drained from the world using Big Tech.

This is "status quo bias" in action. No one wants to let go of the vine they're swinging from until they have a new vine firmly in their grasp – but you can't reach the next vine unless you release your death-grip on your current one. So it was that, year after year, the world allowed itself to become more dependent on America's easily weaponizable tech, making the tech both more dangerous and harder to escape.

Enter Trump (a crisis) (and crises precipitate change). Under Trump, the illusion of a safe interdependence crumbled. Every day, in new and increasingly alarming ways, Trump makes it clear that America doesn't have allies or trading partners, only adversaries and rivals. Every day, Trump proves to the world that American tech isn't merely untrustworthy – it's a live, dire, urgent danger to your state, your companies, and your people. The best time to get shut of the American internet was 15 years ago. The second best time is right fucking now .

NOW!

The result is the burgeoning movement to build a "post-American internet." In Canada, PM Mark Carney's announcement of a "rupture" has the country rethinking its deep connections to the American internet and asking what it could do to escape it:

https://pluralistic.net/2026/01/27/i-want-to-do-it/#now-make-me-do-it

Europe, meanwhile, has multiple, advanced, well-funded initiatives to leave the American internet behind and migrate to a post-American internet, like "Eurostack" and the European Digital Infrastructure Consortium:

https://digital-strategy.ec.europa.eu/en/policies/edic

But status quo bias exerts a powerful gravity. A reactionary counterrevolution is being waged in the European Commission – the permanent bureaucracy that executes Europe's laws and regulations. Within the EC, an ascendant faction has announced plans for a "dialogue" with representatives from the Trump regime to let them direct the enforcement of the Digital Markets Act (DMA) and Digital Services Act (DSA), Europe's landmark 2024 anti-Big Tech regulations:

https://www.politico.eu/article/fatal-decision-eu-slammed-for-caving-to-us-pressure-on-digital-rules/

The DMA and DSA require America's tech giants to open up their platforms in ways that would halt the plunder of Europeans' private data and cash. US tech giants have flatly refused to comply with these rules, relying on Trump to get them out of any obligations under EU law:

https://pluralistic.net/2025/09/26/empty-threats/#500-million-affluent-consumers

That's a sound bet. After all, the last thing Trump did before his inauguration was publicly announce his intention to destroy any country that attempted to enforce these laws:

https://www.nytimes.com/2025/01/23/us/politics/trump-davos-europe-tariffs.html

He's making good on his threats. He's already sanctioned a group of officials who helped draft the DSA:

https://www.npr.org/2025/12/24/nx-s1-5655855/trump-administration-bars-5-europeans-from-entry-to-the-u-s-over-alleged-censorship

And he's ordered his tech companies to turn over the private emails and messages of other European officials, so he can identify the ones most dangerous to US tech plunder and sanction them , too:

https://www.politico.eu/article/us-congress-judiciary-committee-big-tech-private-communication-eu-officials/

The quislings and appeasers in the Commission who've been spooked by Trump's belligerence (or tempted by offers of cushy jobs in Big Tech after they leave public service) are selling out the EU's future. Caving to Trump won't make him more favorably disposed to Europe or Europeans. Trump treats every capitulation as a sign of weakness that signals that he can safely ignore his end of the bargain and demand twice as much. For Trump, the "art of the deal" can be summed up in one word: reneging .

Within the EU, there's fury at the Commission's announcement of "dialogue." As Politico 's Milena Wälde reports, lawmakers like Alexandra Geese (Greens) say that this is a move that eliminates the "sovereign path for Europe" by letting tech giants "grade their own homework." She calls it a "fatal decision for our companies and our democracy."

Moving to the post-American internet is hard – but it will only get harder. Sure, Europe could wait for the next crisis to let go of the Big Tech vine and grab the Eurostack one, but that next crisis will be far, far worse. The EU can't afford to wait for Trump to brick one or more of its member states to (finally, at long last) take this threat seriously:

https://pluralistic.net/2026/01/01/39c3/#the-new-coalition

Hey look at this ( permalink )

• The Far-Right Cash Machine https://prospect.org/2026/04/02/apr-2026-magazine-far-right-cash-machine-racist-crowdfunding/

• Homocore Anthology https://www.flukemags.com/product/homocore

• Lessons from History: The DOJ vs Microsoft https://open-web-advocacy.org/blog/our-submission-to-the-cma-on-apples-ios-interoperability-commitments/#3-lessons-from-history-the-doj-vs-microsoft

• Data Sharing and Syndication Remedies in US v Google https://insights.sumitsharma.consulting/p/google-search-remedies-implementation?hide_intro_popup=true

• Who Goes AI? https://www.todayintabs.com/p/who-goes-ai

Object permanence ( permalink )

#10yrsago Among a Thousand Fireflies: children’s book shows the sweet, alien love stories unfolding in our own backyards https://memex.craphound.com/2016/04/01/among-a-thousand-fireflies-childrens-book-shows-the-sweet-alien-love-stories-unfolding-in-our-own-backyards/

#10yrsago After biggest bribery scandal in history, police raids and investigations https://www.smh.com.au/business/police-raids-and-more-revelations-the-fallout-of-the-unaoil-scandal-20160401-gnw9mx.html

#10yrsago Bernie Sanders’ South Bronx rally, featuring Rosario Dawson, Spike Lee, and Residente https://www.c-span.org/program/campaign-2016/senator-bernie-sanders-campaign-rally-in-south-bronx/437114

#10yrsago Freshman Missouri Rep almost made it 3 months before introducing bill urging members to say “fiscal,” not “physical” https://www.washingtonpost.com/news/the-fix/wp/2016/03/31/hero-lawmaker-urges-colleagues-to-stop-saying-physical-when-they-mean-fiscal/

#10yrsago Indiana women phone the governor’s office to tell him about their periods https://web.archive.org/web/20160401170206/https://fusion.net/story/286941/periods-for-pence-indiana-women-calling-governor/

#10yrsago United pilot orders Arab-American family off his flight for “safety” https://www.nbcchicago.com/news/national-international/united-airlines-arab-american-plane/58370/

#10yrsago 33 state Democratic parties launder $26M from millionaires for Hillary https://www.counterpunch.org/2016/04/01/how-hillary-clinton-bought-the-loyalty-of-33-state-democratic-parties/

#10yrsago White SC cops pull black passenger out of car, take turns publicly cavity-searching him https://www.washingtonpost.com/news/the-watch/wp/2016/04/01/video-shows-white-cops-performing-roadside-cavity-search-of-black-man/

#5yrsago The zombie economy and digital arm-breakers https://pluralistic.net/2021/04/02/innovation-unlocks-markets/#digital-arm-breakers

#5yrsago Ontario's drug-dealer premier is shockingly bad at distributing vaccines https://pluralistic.net/2021/04/01/incompetent-drug-dealer/#what-a-dope

#5yrsago The zombie economy and digital arm-breakers https://pluralistic.net/2021/04/02/innovation-unlocks-markets/#digital-arm-breakers

#1yrago What's wrong with tariffs https://pluralistic.net/2025/04/02/me-or-your-lying-eyes/#spherical-cows-on-frictionless-surfaces

#1yrago What's wrong with tariffs https://pluralistic.net/2025/04/02/me-or-your-lying-eyes/#spherical-cows-on-frictionless-surfaces

#1yrago Anyone who trusts an AI therapist needs their head examined https://pluralistic.net/2025/04/01/doctor-robo-blabbermouth/#fool-me-once-etc-etc

Upcoming appearances ( permalink )

• Toronto: Humber Polytechnic President's Lecture Series, Apr 8

https://liberalarts.humber.ca/current-students/resources/conferences-and-lectures/presidents-lecture-series.html

• Montreal: Bronfman Lecture (McGill), Apr 10

https://www.eventbrite.ca/e/artificial-intelligence-the-ultimate-disrupter-tickets-1982706623885

• Montreal: Drawn and Quarterly, Apr 10

https://mtl.drawnandquarterly.com/events/4863920260410

• Toronto: DemocracyXchange, Apr 16

https://www.democracyxchange.org/news/cory-doctorow-to-open-dxc26-on-april-16

• San Francisco: 2026 Berkeley Spring Forum on M&A and the Boardroom, Apr 23

https://www.theberkeleyforum.com/#agenda

• London: Resisting Big Tech Empires (LSBU), Apr 25

https://www.tickettailor.com/events/globaljusticenow/2042691

• NYC: Enshittification at Commonweal Ventures, Apr 29

https://luma.com/ssgfvqz8

• NYC: Techidemic with Sarah Jeong, Tochi Onyibuchi and Alia Dastagir (PEN World Voices), Apr 30

https://worldvoices.pen.org/event/techidemic/

• Berlin: Re:publica, May 18-20

https://re-publica.com/de/news/rp26-sprecher-cory-doctorow

• Berlin: Enshittification at Otherland Books, May 19

https://www.otherland-berlin.de/de/event-details/cory-doctorow.html

• Hay-on-Wye: HowTheLightGetsIn, May 22-25

https://howthelightgetsin.org/festivals/hay/big-ideas-2

• SXSW London, Jun 2

https://www.sxswlondon.com/session/how-big-tech-broke-the-internet-b3c4a901

Recent appearances ( permalink )

• Do you feel screwed over by big tech? (Ontario Today)

https://www.cbc.ca/listen/live-radio/1-45-ontario-today/clip/16203024-do-feel-screwed-big-tech

• Launch for Cindy's Cohn's "Privacy's Defender" (City Lights)

https://www.youtube.com/watch?v=WuVCm2PUalU

• Chicken Mating Harnesses (This Week in Tech)

https://twit.tv/shows/this-week-in-tech/episodes/1074

• The Virtual Jewel Box (U Utah)

https://tanner.utah.edu/podcast/enshittification-cory-doctorow-matthew-potolsky/

• Tanner Humanities Lecture (U Utah)

https://www.youtube.com/watch?v=i6Yf1nSyekI

Latest books ( permalink )

• "Canny Valley": A limited edition collection of the collages I cre

内容较长，当前仅展示前 14000 字。可点击“打开原文”查看完整内容。

[GitHub] platform activity is surging. There were 1 billion commits in 2025. Now, it's 275 million per week, on pace for 14 billion this year if growth remains linear (spoiler: it won't.)

GitHub Actions has grown from 500M minutes/week in 2023 to 1B minutes/week in 2025, and now 2.1B minutes so far this week.

— Kyle Daigle , COO, GitHub

Tags: github , github-actions

These days, Wandering Thoughts has some hacked together HTTP request rate limits. They don't exist for strong technical reasons; my blog engine setup here can generally stand up to even fairly extreme traffic floods (through an extensive series of hacks). It's definitely possible to overwhelm Wandering Thoughts with a high enough request volume, and HTTP rate limits will certainly help with that, but that's not really why they exist. My HTTP rate limits exist for ultimately social reasons and because they let me stop worrying and stop caring about certain sorts of abuse.

As we all know by now here in 2026, abuse definitely happens , even if it isn't killing your web servers. There are things out there who think nothing of making thousands or tens of thousands of requests to your web server a day. Some of them are people running crawlers and other undesired things, and some of them are syndication feed fetchers with very fast polling intervals (which is why the first ratelimits I implemented where syndication feed rate limits ). Usually the level of excess requests is moderate. Large abuse doesn't happen very often on typical sites like mine, but it does happen every so often.

The advantage of having HTTP request rate limiting, even in the fallible form I have on Wandering Thoughts , is that I don't have to worry or really care about it. I'll never wake up in the morning to discover that something has made tens of thousands of requests overnight, because these days all but the first few of those requests will have been choked off. I also don't have to be annoyed by badly behaved syndication feed readers and consider various things to maybe get them to behave better, because all that sort of excessive, antisocial behavior gets blocked now .

(I have had the experience of discovering thousands of requests from a single source in the past and not particularly enjoyed it, even if nothing noticed in terms of load and response time and so on.)

For me, HTTP ratelimits have become something that give me peace of mind. I don't expect them to trigger very often (and generally they don't), but despite their infrequent activation I find them valuable and reassuring. They're a precaution against something that I hope is infrequent or, ideally, nonexistent.

(The corollary of this is that I don't regret the programming effort to add them to DWiki , the engine behind Wandering Thoughts , or even how moderately messy and hacked in the change is. For some changes you do care how often they get used and feel annoyed if they aren't used as often as you expected, but for me ratelimits aren't one of those.)

About five months ago I wrote about Absurd , a durable execution system we built for our own use at Earendil, sitting entirely on top of Postgres and Postgres alone. The pitch was simple: you don’t need a separate service , a compiler plugin , or an entire runtime to get durable workflows. You need a SQL file and a thin SDK.

Since then we’ve been running it in production, and I figured it’s worth sharing what the experience has been like. The short version: the design held up, the system has been a pleasure to work with, and other people seem to agree.

A Quick Refresher

Absurd is a durable execution system that lives entirely inside Postgres. The core is a single SQL file ( absurd.sql ) that defines stored procedures for task management, checkpoint storage, event handling, and claim-based scheduling. On top of that sit thin SDKs (currently TypeScript , Python and an experimental Go one) that make the system ergonomic in your language of choice.

The model is straightforward: you register tasks, decompose them into steps, and each step acts as a checkpoint. If anything fails, the task retries from the last completed step. Tasks can sleep, wait for external events, and suspend for days or weeks. All state lives in Postgres.

If you want the full introduction, the original blog post covers the fundamentals. What follows here is what we’ve learned since.

What Changed

The project got multiple releases over the last five months. Most of the changes are things you’d expect from a system that people actually started depending on: hardened claim handling, watchdogs that terminate broken workers, deadlock prevention, proper lease management, event race conditions, and all the edge cases that only show up when you’re running real workloads.

A few things worth calling out specifically.

Decomposed steps. The original design only had ctx.step() , where you pass in a function and get back its checkpointed result. That works well for many cases but not all. Sometimes you need to know whether a step already ran before deciding what to do next. So we added beginStep() / completeStep() , which give you a handle you can inspect before committing the result. This turned out to be very useful for modeling intentional failures and conditional logic. This in particular is necessary when working with “before call” and “after call” type hook APIs.

Task results. You can now spawn a task, go do other things, and later come back to fetch or await its result. This sounds obvious in hindsight, but the original system was purely fire-and-forget. Having proper result inspection made it possible to use Absurd for things like spawning child tasks from within a parent workflow and waiting for them to finish. This is particularly useful for debugging with agents too.

absurdctl . We built this out as a proper CLI tool. You can initialize schemas, run migrations, create queues, spawn tasks, emit events, retry failures from the command line. It’s installable via uvx or as a standalone binary. This has been invaluable for debugging production issues. When something is stuck, being able to just absurdctl dump-task --task-id=<id> and see exactly where it stopped is a very different experience from digging through logs.

Habitat . A small Go application that serves up a web dashboard for monitoring tasks, runs, checkpoints, and events. It connects directly to Postgres and gives you a live view of what’s happening. It’s simple, but it’s the kind of thing that makes the system more enjoyable for humans.

Agent integration. Since Absurd was originally built for agent workloads, we added a bundled skill that coding agents can discover and use to debug workflow state via absurdctl . There’s also a documented pattern for making pi agent turns durable by logging each message as a checkpoint.

What Held Up

The thing I’m most pleased about is that the core design didn’t need to change all that much. The fundamental model of tasks, steps, checkpoints, events, and suspending is still exactly what it was initially. We added features around it, but nothing forced us to rethink the basic abstractions.

Putting the complexity in SQL and keeping the SDKs thin turned out to be a genuinely good call. The TypeScript SDK is about 1,400 lines. The Python SDK is about 1,900 but most of this comes from the complexity of supporting colored functions. Compare that to Temporal’s Python SDK at around 170,000 lines. It means the SDKs are easy to understand, easy to debug, and easy to port. When something goes wrong, you can read the entire SDK in an afternoon and understand what it does.

The checkpoint-based replay model also aged well. Unlike systems that require deterministic replay of your entire workflow function, Absurd just loads the cached step results and skips over completed work. That means your code doesn’t need to be deterministic outside of steps. You can call Math.random() or datetime.now() in between steps and things still work, because only the step boundaries matter. In practice, this makes it much easier to reason about what’s safe and what isn’t.

Pull-based scheduling was the right choice too. Workers pull tasks from Postgres as they have capacity. There’s no coordinator, no push mechanism, no HTTP callbacks. That makes it trivially self-hostable and means you don’t have to think about load management at the infrastructure level.

What Might Not Be Optimal

I had some discussions with folks about whether the right abstraction should have been a durable promise . It’s a very appealing idea, but it turns out to be much more complex to implement in practice. It’s however in theory also more powerful. I did make some attempts to see what absurd would look like if it was based on durable promises but so far did not get anywhere with it. It’s however an experiment that I think would be fun to try!

What We Use It For

The primary use case is still agent workflows. An agent is essentially a loop that calls an LLM, processes tool results, and repeats until it decides it’s done. Each iteration becomes a step, and each step’s result is checkpointed. If the process dies on iteration 7, it restarts and replays iterations 1 through 6 from the store, then continues from 7.

But we’ve found it useful for a lot of other things too. All our crons just dispatch distributed workflows with a pre-generated deduplication key from the invocation. We can have two cron processes running and they will only trigger one absurd task invocation. We also use it for background processing that needs to survive deploys. Basically anything where you’d otherwise build your own retry-and-resume logic on top of a queue.

What’s Still Missing

Absurd is deliberately minimal, but there are things I’d like to see.

There’s no built-in scheduler. If you want cron-like behavior, you run your own scheduler loop and use idempotency keys to deduplicate. That works, and we have a documented pattern for it , but it would be nice to have something more integrated.

There’s no push model. Everything is pull. If you need an HTTP endpoint to receive webhooks and wake up tasks, you build that yourself. I think that’s the right default as push systems are harder to operate and easier to overwhelm but there are cases where it would be convenient. In particular there are quite a few agentic systems where it would be super nice to have webhooks natively integrated (wake on incoming POST request). I definitely don’t want to have this in the core, but that sounds like the kind of problem that could be a nice adjacent library that builds on top of absurd.

The biggest omission is that it does not support partitioning yet. That’s unfortunate because it makes cleaning up data more expensive than it has to be. In theory supporting partitions would be pretty simple. You could have weekly partitions and then detach and delete them when they expire. The only thing that really stands in the way of that is that Postgres does not have a convenient way of actually doing that.

The hard part is not partitioning itself, it’s partition lifecycle management under real workloads. If a worker inserts a row whose expires_at lands in a month without a partition, the insert fails and the workflow crashes. So you need a separate maintenance loop that always creates future partitions far enough ahead for sleeps/retries, and does that for every queue.

On the delete side, the safe approach is DETACH PARTITION CONCURRENTLY , but getting that to run from pg_cron doesn’t work because it cannot be run within a transaction, but pg_cron runs everything in one.

I don’t think it’s an unsolvable problem, but it’s one I have not found a good solution for and I would love to get input on .

Does Open Source Still Matter?

This brings me a bit to a meta point on the whole thing which is what the point of Open Source libraries in the age of agentic engineering is. Durable Execution is now something that plenty of startups sell you. On the other hand it’s also something that an agent would build you and people might not even look for solutions any more. It’s kind of … weird?

I don’t think a durable execution library can support a company, I really don’t. On the other hand I think it’s just complex enough of a problem that it could be a good Open Source project void of commercial interests. You do need a bit of an ecosystem around it, particularly for UI and good DX for debugging, and that’s hard to get from a throwaway implementation.

I don’t think we have squared this yet, but it’s already much better to use than a few months ago.

If you’re using Absurd, thinking about it, or building adjacent ideas, I’d love your feedback. Bug reports, rough edges, design critiques, and contributions are all very welcome—this project has gotten better every time someone poked at it from a different angle.

Wander Console 0.4.0 is the fourth release of Wander, a small, decentralised, self-hosted web console that lets visitors to your website explore interesting websites and pages recommended by a community of independent website owners. To try it, go to susam.net/wander/ .

A screenshot of Wander Console 0.4.0 This release brings a few small additions as well as a few minor fixes. You can find the previous release pages here: /code/news/wander/ . The sections below discuss the current release.

Contents

• Wildcard Patterns

• The 'via' Query Parameter

• Console Picker Algorithm

• Allow Links that Open in New Tab

• Community

Wildcard Patterns

Wander Console now supports wildcard patterns in ignore lists. An asterisk ( * ) anywhere in an ignore pattern matches zero or more characters in URLs. For example, an ignore pattern like https://*.midreadpopup.example/ can be used to ignore URLs such as this:

• https://alice.midreadpopup.example/

• https://bob.jones.midreadpopup.example/

These ignore patterns are specified in a console's wander.js file. These are very important for providing a good wandering experience to visitors. The owner of a console decides what links they want to ignore in their ignore patterns. The ignore list typically contains commercial websites that do not fit the spirit of the small web, as well as defunct or incompatible websites that do not load in the console. A console with a well maintained ignore list ensures that a visitor to that console has a lower likelihood of encountering commercial or broken websites.

For a complete description of the ignore patterns, see Customise Ignore List .

The 'via' Query Parameter

By popular demand , Wander now adds a via= query parameter while loading a recommended web page in the console. The value of this parameter is the console that loaded the recommended page. For example, if you encounter midnight.pub/ while using the console at susam.net/wander/ , the console loads the page using the following URL:

https://midnight.pub/?via=https://susam.net/wander/ This allows the owner of the recommended website to see, via their access logs, that the visit originated from a Wander Console. While this is the default behaviour now, it can be customised in two ways. The value can be changed from the full URL of the Wander Console to a small identifier that identifies the version of Wander Console used (e.g. via=wander-0.4.0 ). The query parameter can be disabled as well. For more details, see Customise 'via' Parameter .

Console Picker Algorithm

In earlier versions of the console, when a visitor came to your console to explore the Wander network, it picked the first recommendation from the list of recommended pages in it (i.e. your wander.js file). But subsequent recommendations came from your neighbours' consoles and then their neighbours' consoles and so on recursively. Your console (the starting console) was not considered again unless some other console in the network linked back to your console.

A common way to ensure that your console was also considered in subsequent recommendations too was to add a link to your console in your own console (i.e. in your wander.js ). Yes, this created self-loops in the network but this wasn't considered a problem. In fact, this was considered desirable, so that when the console picked a console from the pool of discovered consoles to find the next recommendation, it considered itself to be part of the pool. This workaround is no longer necessary.

Since version 0.4.0 of Wander, each console will always consider itself to be part of the pool from which it picks consoles. This means that the web pages recommended by the starting console have a fair chance of being picked for the next web page recommendation.

Allow Links that Open in New Tab

The Wander Console loads the recommended web pages in an <iframe> element that has sandbox restrictions enabled. The sandbox properties restrict the side effects the loaded web page can have on the parent Wander Console window. For example, with the sandbox restrictions enabled, a loaded web page cannot redirect the parent window to another website. In fact, these days most modern browsers block this and show a warning anyway, but we also block this at a sandbox level too in the console implementation.

It turned out that our aggressive sandbox restrictions also blocked legitimate websites from opening a link in a new tab. We decided that opening a link in a new tab is harmless behaviour and we have relaxed the sandbox restrictions a little bit to allow it. Of course, when you click such a link within Wander console, the link will open in a new tab of your web browser (not within Wander Console, as the console does not have any notion of tabs).

Community

Although I developed this project on a whim, one early morning while taking a short break from my ongoing studies of algebraic graph theory, the subsequent warm reception on Hacker News and Lobsters has led to a growing community of Wander Console owners. There are two places where the community hangs out at the moment:

• New consoles are announced in this thread on Codeberg: Share Your Wander Console .

• We also have an Internet Relay Chat (IRC) channel named #wander on the Libera IRC network. This is a channel for people who enjoy building personal websites and want to talk to each other. You are welcome to join this channel, share your console URL, link to your website or recent articles as well as share links to other non-commercial personal websites.

If you own a personal website but you have not set up a Wander Console yet, I suggest that you consider setting one up for yourself. You can see what it looks like by visiting mine at /wander/ . To set up your own, follow these instructions: Install . It just involves copying two files to your web server. It is about as simple as it gets.

Read on website | #web | #technology

Vulnerability Research Is Cooked

Thomas Ptacek's take on the sudden and enormous impact the latest frontier models are having on the field of vulnerability research.

Within the next few months, coding agents will drastically alter both the practice and the economics of exploit development. Frontier model improvement won’t be a slow burn, but rather a step function. Substantial amounts of high-impact vulnerability research (maybe even most of it) will happen simply by pointing an agent at a source tree and typing “find me zero days”.

Why are agents so good at this? A combination of baked-in knowledge, pattern matching ability and brute force:

You can't design a better problem for an LLM agent than exploitation research.

Before you feed it a single token of context, a frontier LLM already encodes supernatural amounts of correlation across vast bodies of source code. Is the Linux KVM hypervisor connected to the  hrtimer  subsystem,  workqueue , or  perf_event ? The model knows.

Also baked into those model weights: the complete library of documented "bug classes" on which all exploit development builds: stale pointers, integer mishandling, type confusion, allocator grooming, and all the known ways of promoting a wild write to a controlled 64-bit read/write in Firefox.

Vulnerabilities are found by pattern-matching bug classes and constraint-solving for reachability and exploitability. Precisely the implicit search problems that LLMs are most gifted at solving. Exploit outcomes are straightforwardly testable success/failure trials. An agent never gets bored and will search forever if you tell it to.

The article was partly inspired by this episode of the Security Cryptography Whatever podcast , where David Adrian, Deirdre Connolly, and Thomas interviewed Anthropic's Nicholas Carlini for 1 hour 16 minutes.

I just started a new tag here for ai-security-research - it's up to 11 posts already.

Tags: security , thomas-ptacek , careers , ai , generative-ai , llms , nicholas-carlini , ai-ethics , ai-security-research

Soundtrack — Soundgarden — Blow Up The Outside World A lot of people try to rationalize the AI bubble by digging up the past. Billions of dollars of waste are justified by saying “OpenAI just like Uber” (it isn’t) and “the data center buildout is just like Amazon Web Services” ( it isn’t, Amazon Web Services was profitable in a decade and cost about $52 billion between 2003 and 2017, and that’s normalized for inflation ) and, most egregiously, that AI is “too big to fail.”  I think that these statements are acts of cowardice if they are not backed up by direct and obvious comparisons based on historical data and actual research. They are lazy intellectual tropes borne of at best ignorance, or at worst an intellectual weakness that makes somebody willing to take flimsy information and repeat it as if it were gospel. Nobody has any proof that AI is profitable on inference, nor is there any explanation about how it will become profitable at some point, just a cult-like drone of “they’ll work it out” and “look at the growth!”  And the last argument, that AI is “too big to fail” is the most cowardly of them all, given that said statement seldom precedes the word “because,” and then an explanation of why generative AI is so economically important, and why any market correction would be so catastrophic that the bubble must continue to inflate.  Over the last few months I have worked diligently to unwind these myths. I discussed earlier in the year how the AI Bubble is much worse than the dot com bubble , and ended last year with a mythbusters (AI edition) that paired well with my free opus, How To Argue With An AI Booster .  I don’t see my detractors putting in anything approaching a comparable effort. Or any effort, really.  This isn’t a game I’m playing or some sort of competitive situation, nor do I feel compelled to “prove my detractors wrong” with any specificity. I believe time will do that for me. My work is about actually finding out what’s going on, and I believe that explaining it is key to helping people understand the world. None of the people who supposedly believe that AI is the biggest, most hugest and most special boy of all time have done anything to counter my core points around AI economics other than glance-grade misreads of years-old pieces and repeating things like “they’re profitable on inference!” Failing to do thorough analysis deprives the general public of the truth, and misleads investors into making bad decisions. Cynicism and skepticism is often framed as some sort of negative process — “hating” on something for the sake of being negative, or to gain some sort of cultural prestige, or as a way of performatively exhibiting one’s personal morality — when both require the courage (when done properly) to actually understand things in-depth.  I also realize many major media outlets are outright against skepticism. While they frame their coverage as “taking on big tech,” their questions are safe, their pieces are safer, their criticisms rarely attack the actual soft parts of the industries (the funding of the companies or infrastructure developments, or the functionality of the technology itself), and almost never seek to directly interrogate the actual statements made by AI leaders and investors, or the various hangers-on and boosters. This is why I’ve been so laser-focused on the mythologies that have emerged over the past couple of years,  such as when people say “it’s just like the dot com bubble" — it’s not, it’s much worse ! — because if these mythologies actually withstood scrutiny, my work wouldn’t have much weight.  The Dot Com Bubble in particular grinds my gears because it’s a lazy trope used to rationalise rotten economics, all while disregarding the actual harms that took place. Unemployment spiked to 6% , venture capital funds lost 90% of their value, and hundreds of thousands of people in the tech industry lost their jobs, some of them for good.  It is utterly grotesque how many people minimize and rationalize the dot com bubble, reframing it as a positive , by saying that “things worked out afterwards,” all so that they can use that as proof that we need to keep giving startups as much money as they ask for forever and that AI is the biggest thing in the world. Yet AI is, in reality, much smaller than people think. As I wrote up ( and Bloomberg clearly were inspired by! ) last week, only 5GW of AI data centers are actually under construction worldwide out of the 12GW that are supposedly meant to be delivered this year, with many of them slowed by the necessity of foreign imports of electrical equipment and, you know, the fact that construction is hard, and the power isn’t available.  Meanwhile, back in October 2025, The Wall Street Journal claimed that a “ giant new AI data center is coming to the epicenter of America’s fracking boom ” in a deal between Poolside AI (a company that does not appear to have released a product) and CoreWeave (an unprofitable AI data center company that I’ve written about a great deal ). This was an “exclusive” report that included the following quote: “It is not about your headline numbers of gigawatts. It’s about your ability to deliver data centers,” Eiso Kant, a co-founder of Poolside, said in an interview. The ability to build data centers quickly is “the real physical bottleneck in our industry,” he said.  Turns out Mr. Kant was correct, as it was just reported that CoreWeave and Poolside’s deal fell apart , along with Poolside’s $2 billion funding round, as Poolside was “unable to stand up the first cluster of chips to CoreWeave’s timeline,” probably because it couldn’t afford them and wasn’t building anything. The FT added that “...Poolside was unable to convince investors that it could train AI models to the same level of established competitors.” It was also unable to get Google to take over the site. Elsewhere, troubling signs are coming from the secondary markets — the place where people sell stock in private companies like OpenAI. Those signs being that, well, nobody’s buying.   Per Bloomberg, over $600 million of OpenAI shares are sitting for sale with no interest from buyers at its current $850 billion post-money valuation, though apparently $2 billion is “ready to deploy” for private Anthropic shares at a $380 billion valuation, according to Next Round Capital (a secondary share sale site)’s Ken Smythe.  Though people will try to frame this as a case of OpenAI’s shares “being too close to what they might go public at,” one has to wonder why shares of what is supposed to be the literal most valuable company of all time aren’t being sold at what, theoretically, is a massive discount.  One might argue that it’s because people think that the stock might drop on IPO and then grow , but…that doesn’t show a great degree of faith in the company. Investors likely think that Anthropic would go public at a higher price than $380 billion, though I do need to note that the full quote was that "buyers have indicated that they have $2 billion of cash ready to deploy into Anthropic,” which is not the same thing as “will actually buy it.” In any case, the market is no longer treating OpenAI like it’s the golden child. Poolside’s CoreWeave deal is dead. Data centers aren’t getting built. Oracle is laying off tens of thousands of people to fund AI data centers for OpenAI , a company that cannot afford to pay for them. AI demand, despite how fucking annoying everybody is being about it, does not seem to exist at the scale that makes any part of this industry make sense. Yet people still squeal that “The Trump Administration Will Bail Out The AI Industry,” and that OpenAI is “too big to fail,” two statements that are not founded in history or analysis, but are the kinds of things that you say only when you’re either so beaten down by bad news that you’ve effectively given up or are so willfully ignorant that you’ll say stuff without knowing what it means because it makes you feel better. AI Is Not Too Big To Fail, And If You Say It Is You Do Not Know What That Means As I discussed in this week’s free newsletter, there is a subprime AI crisis going on. When the subprime mortgage crisis happened towards the end of the 2000s, millions of people built their lives around the idea that easy money would always be available, and that housing would only ever increase in value. These assumptions led to the creation of inherently dangerous mortgage products that never should have existed, and that inevitably screwed the buyers.  I talked about these in my last free newsletter. Negative amortization mortgages, for example, were a thing in the US. These were where the mortgage payments didn’t actually cover the cost of the interest , let alone the principal. Similarly, in the UK, my country of birth, many homebuyers used endowment mortgages — an interest-only mortgage where, instead of paying the principal, buyers made monthly payments into an investment savings account that (theoretically) would cover the cost of the property (and perhaps provide some extra cash) at the end of the term. If the investments did extremely well, the buyer could potentially pay off the mortgage early.  Far too often, those investments underperformed, meaning buyers were left staring at a shortfall at the end of their term .  Across the globe, the value of housing was massively overinflated by the lax standards of a mortgage industry incentivized to sign as many people as possible thanks to a lack of regulation and easily-available funding.  The value of housing — and indeed the larger housing and construction boom — was a mirage. In reality, housing wasn’t worth anywhere near what it was being sold for, and the massive demand for housing was only possible with unlimited resources, and under ideal conditions (namely, normal levels of inflation and relatively low interest rates).  Those buying houses they couldn’t afford with adjustable-rate mortgages either didn’t understand the terms, or believed members of the media and government officials that suggested housing prices would never decrease and that one could easily refinance the mortgage in question. Similarly, AI startups products are all subsidized by venture capital, and must, in literally every case, allow users to burn tokens at a cost far in excess of their subscription fees, a business that only “works” — and I put that in quotation marks — as long as venture capital continues to fund it. While from the outside these may seem like these are functional businesses with paying users, without the hype cycle justifying endless capital, these businesses wouldn’t be possible , let alone viable , in any way shape or form.  For example, Harvey is an AI tool for lawyers that just raised $200 million at an $11 billion valuation , all while having an astonishingly small $190 million in ARR, or $15.8 million a month. It raised another $160 million in December 2025 , after raising $300 million in June 2025 , after raising $300 million in February 2025 .  Remove even one of those venture capital rounds and Harvey dies. Much like subprime loans allowed borrowers to get mortgages they had no hope of paying, hype cycles create the illusion of viable businesses that cannot and will never survive without the subsidies.  The same goes for companies like OpenAI and Anthropic, both of whom created priority processing tiers for their enterprise customers last year , and the latter of which just added peak rate limits from 5am and 11am Pacific Time . Their customers are the subprime borrowers too — they built workflows around using these products that may or may not be possible with new rate limits, and in the case of enterprise customers using priority processing, their costs massively spiked, which is why Cursor and Replit suddenly made their products worse in the middle of 2025.  The reason that the Subprime Mortgage Crisis led to the Great Financial Crisis was that trillions of dollars were used to speculate upon its outcome, across $1.1 trillion of mortgage-backed securities . In mid-2008, per the IMF, more than 60% of all US mortgages had been securitized (as in turned into something you could both trade , speculate on the outcome of and thus buy credit default swaps against ). Collateralized debt obligations — big packages of different mortgages and other kinds of debt that masked the true quality of the underlying assets — expanded to over $2 trillion by 2006 , though the final writedowns were around $218 billion of losses . By comparison, AI is pathetically small. While there were $178.5 billion in data center credit deals done in America last year , speculation and securitization remains low, and in many cases the amount of actual cash available is in tranches based on construction milestones, with most data center projects ( like Aligned’s recent $2.58 billion raise ) funded by “facilities” specifically to minimize risk.  As I’ve written about previously, building a data center is hard — especially when you’re building at scale. Finding land, obtaining permits (something which can be frustrated by opposition from neighbors or local governments), obtaining electricity, and then obtaining the labor, machinery, and raw materials all take time. Some components — like electrical transformers — have lead times in excess of a year.  And so, you can understand why there’s such a disparity between the dollar amount in data center credit deals, and the actual capital deployed to build said data centers.  There also isn’t quite as much wilful ignorance on the part of ratings agencies, though that isn’t to say they’re actually doing their jobs. CoreWeave is one of many data center companies that’s been able to raise billions of dollars using its counterparties’ credit ratings, with Moody’s giving the debt for an unprofitable data center company that would die without endless debt that’s insufficiently capitalized to pay it off an “A

内容较长，当前仅展示前 14000 字。可点击“打开原文”查看完整内容。

Jason Snell:

Last December I complained that Apple was withholding iOS 18 security updates from iPhones capable of running iOS 26 , leaving users who didn’t want to upgrade to Apple’s latest OS version yet in some security peril.

Well, I have good news and bad news. The good news: As of Wednesday April 1, Apple is pushing out iOS 18.7.7 to all devices running iOS 18. This update, released last month for devices that were not capable of running iOS 26, is now available even for compatible devices. If you’ve got auto-update turned on but have not gone through the steps to do a full upgrade to iOS 26, this update can be automatically pushed and applied. This is good news, as those who have opted not to run iOS 26 will get to take advantage of several sets of security releases.

Now the bad news: This is happening because of some really bad security breaches like DarkSword and Coruna .

It feels a bit spiteful that Apple doesn’t support staying a year behind the major version of iOS like they do —  thankfully  — with MacOS. The vast majority of iPhone and iPad users just do what Apple encourages — they accept the default setting to auto-update when Apple pushes updates to their devices. People who update manually do so by choice, and if that choice is offered, it ought to be supported.

That said, after buying an iPhone 17 Pro, I left my year-and-a-half-old iPhone 16 Pro on iOS 18, so I updated that phone to 18.7.7 the other day when this became available. I’ve kept that phone on the old OS mostly for comparing what’s changed in iOS 26. I took this opportunity to switch back to that phone, full-time, for two days. It was, to be honest, no big deal. For all the consternation over “Liquid Glass” overall, on iPhone, nothing really sticks out to me switching from iOS 26 back to iOS 18, or vice-versa. iOS 26 just feels visually tweaked, not radically changed.

I like iOS 26 just fine, but I also still like iOS 18, and the differences just don’t seem that significant. For me at least, it’s nothing like switching between MacOS 15 Sequoia and 26 Tahoe. iOS 26 makes some highly opinionated choices, but it feels like it was thoughtfully designed by people who know and love the core longstanding idioms of iOS. MacOS 26 Tahoe feels like it was carelessly designed by people who’ve never used a Mac and wish it would just go away.

See also: Michael Tsai’s roundup .

★

I used the term perilune in yesterday’s post about the flight path of Artemis II. When Artemis is  closest to the moon it will be furthest from earth because its closest approach to the moon, its perilune, is on the side of the moon opposite earth.

Perilune is sometimes called periselene . The two terms come from two goddesses associated with the moon, the Roman Luna and the Greek Selene. Since the peri- prefix is Greek, perhaps periselene would be preferable. But we’re far more familiar with words associated with the moon being based on Luna than Selene.

The neutral terms for closest and furthest points in an orbit are periapsis and apoapsis . but there are more colorful terms that are specific to orbiting particular celestial objects. The terms perigee and apogee for orbiting earth (from the Greek Gaia) are most familiar, and the terms perihelion and aphelion (not apohelion) for orbiting the sun (from the Greek Helios) are the next most familiar.

The terms perijove and apojove are unfamiliar, but you can imagine what they mean. Others like periareion and apoareion , especially the latter, are truly arcane. The post Roman moon, Greek moon first appeared on John D. Cook .