Wish's River of News

Security updates for Thursday [LWN.net]

I still love my Keurig coffee maker. The coffee is delicious and hot and it's truly a technology marvel. So simple and easy to learn.

15:07

Security updates have been issued by AlmaLinux (brotli, curl, kernel, python-wheel, and python3.12), Debian (containerd), Fedora (gnupg2, pgadmin4, phpunit10, phpunit11, phpunit12, phpunit8, phpunit9, and yarnpkg), Mageia (expat), Oracle (qemu-kvm and util-linux), Red Hat (kernel, kernel-rt, opentelemetry-collector, and python3.12-wheel), SUSE (abseil-cpp, dpdk, freerdp, glib2, ImageMagick, java-11-openj9, java-17-openj9, java-1_8_0-ibm, java-1_8_0-openj9, java-1_8_0-openjdk, java-21-openj9, kernel, libsoup, libsoup-3_0-0, openssl-3, patch, python-Django, rekor, rizin, udisks2, and xrdp), and Ubuntu (gh, linux, linux-aws, linux-azure, linux-azure-5.15, linux-gcp, linux-gke, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-intel-iotg, linux-intel-iotg-5.15, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-nvidia-tegra, linux-nvidia-tegra-5.15, linux-oracle, linux-raspi, linux, linux-aws, linux-azure, linux-gcp, linux-oem-6.17, linux-oracle, linux-raspi, linux-realtime, linux, linux-gke, linux-gkeop, linux-hwe-6.8, linux-oracle, linux-oracle-6.8, linux-raspi, linux-fips, linux-aws-fips, linux-azure-fips, linux-gcp-fips, linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency, linux-realtime, linux-intel-iot-realtime, and linux-realtime, linux-realtime-6.8, linux-raspi-realtime).

14:35

The Agentic Commerce Revolution [Radar]

For 30 years, digital commerce has been a destination. We “go to” a website, a marketplace, or an app. In this single, bundled environment, we handle discovery, comparison, and checkout. The entire architecture of the web, from product pages to payment gateways, is built on this assumption.

This assumption is now facing its first real challenge.

The agentic AI landscape is rapidly unbundling this entire process:

Discovery is expanding from a search bar into a conversation. Tools like Shopify Magic, for example, are already turning simple support chats into discovery opportunities, guiding users to the right product conversationally.
Comparison is shifting from a human-driven “20-tab” research process to an autonomous high-speed task. Klarna’s AI assistant already demonstrates this, autonomously comparing products, summarizing reviews, and finding cheaper alternatives—compressing a user’s manual research into a single query.
Checkout is becoming a delegated, background API call. This final automated step—where the agent, not the human, finalizes the purchase—is precisely what breaks the assumption of human-present intent that our entire global payment system is built on.

This is not a distant future. A 2025 BearingPoint survey of over 320 C-suite executives suggests more than half of B2B sales will occur through conversational interfaces by 2028. When your customer is an AI, your website’s “user experience” is often bypassed. Your new front door is an API.

The Accountability Gap

This shift creates a fundamental accountability gap. The entire global payment system is built on the assumption that a human is present to provide intent, review a cart, and click “Buy.” When an autonomous agent initiates payment, that assumption breaks.

It also introduces a profound hurdle of consumer trust, raising the question of whether users will be willing to delegate this power at all.

These gaps—both technical and human—create fundamental questions that current systems cannot answer:

Authorization: How can we verify that a user gave an agent specific authority for a particular purchase?
Authenticity: How can a merchant trust that an agent’s request reflects the user’s true intent, free from errors or AI hallucinations?
Auditability: How can we create a nonrepudiable chain of proof when a failure occurs, regardless of whether it stems from agent error or malicious fraud? How can a bank, a merchant, and a user all look at the same auditable record to determine what was authorized versus what actually happened?

Without answers, we’re building on assumptions rather than verification. The race to build the smartest agent has distracted the industry from the much harder problem: building a payment infrastructure that can trust them.

Two Philosophies to Solve for Trust

The accountability gap has forced a choice. With the old model broken, the industry is splitting into two distinct, divergent philosophies to solve for trust. This isn’t merely a technical debate but a strategic one about the direction of agentic commerce.

The two philosophies emerging focus on either immediate convenience or provable verification.

Philosophy 1: The conversational checkout (convenience first)

This approach, championed by OpenAI’s Agentic Commerce Protocol (ACP) and its partner Stripe, focuses on solving the most immediate problem: reducing friction for a human-present purchase.

Its core goal: To convert a successful conversational recommendation into an immediate sale, without forcing the user to leave the chat.
The analogy: The “in-chat impulse buy.” It’s the digital equivalent of placing a “Buy Now” button right in the middle of your conversation.
How it works: It uses secure payment tokens (SPTs). When you agree to buy, the agent securely procures a single-use token from a provider (like Stripe) and passes it to the merchant. The agent never sees your credit card, and the merchant gets a secure payment for one specific cart.
Best for: B2C ecommerce and simple human-in-the-loop transactions (e.g., “Find me that wallet on Etsy and buy it”).
The limitation: It’s a “walled garden” optimized for a single, immediate, human-approved transaction. It is not designed for complex, autonomous, or “human-absent” tasks.

Philosophy 2: The autonomous trust layer (verification first)

This approach, championed by Google, Shopify, and a broad coalition of tech and retail partners, takes a foundational full stack approach.

While the Agent Payments Protocol (AP2) handles the secure handshake of money, the newly released Universal Commerce Protocol (UCP) standardizes the rest of the shopping lifecycle, including discovery, inventory, cart negotiation, and fulfillment.

Its core goal: To create a universal “operating system” for agentic commerce. Unlike the walled-garden approach, UCP and AP2 function like HTTP and SSL for the AI era: UCP provides the common language for agents to read catalogs and build carts, while AP2 provides the cryptographic security to pay for them.
The analogy: The “corporate purchase order” for AI. It creates a formal process for authorization, documentation, and verification that can be audited by any party (a bank, a merchant, a regulator).
How it works: It relies on verifiable digital credentials (VDCs) to handle both human-present and autonomous scenarios:
- Human not present: For autonomous tasks, the user signs an Intent Mandate (preapproved rules, e.g., “Buy these sneakers, under $300”) upfront. The agent uses this presigned authority to execute the purchase without waking the user.
- Human present: For high-stakes decisions, the user can review the specific items and cryptographically sign a Cart Mandate, providing a verified “final click.”
  UCP standardizes how these mandates are passed between the agent and the merchant, creating a nonrepudiable chain of proof without the merchant needing to integrate with a specific model provider.
Best for: B2B procurement, high-value transactions, regulated industries, and complex “human-absent” tasks (e.g., “Execute this multipart supply order when my inventory drops below 10%”).
The limitation: It’s an open, complex ecosystem. Its adoption relies on a massive “chicken-and-egg” problem: Merchants, banks, and agent developers all need to adopt these open standards to make the network effect kick in.

Beyond Plumbing: The New Application Layer

While the protocol debate is important, it’s just the plumbing. The protocols solve the how (secure trust), but the real complexity lies in the what. The true significance of these frameworks is how they unlock this “application layer” to handle ambiguity, negotiation, and complex tasks in a way that is finally production-ready.

First, these frameworks solve the “Tokyo penthouse” problem by replacing blind trust with an interactive approval loop.

The common fear is giving an agent an autonomous $15,000 Intent Mandate for a vague vacation. It’s a fear that stems from treating the agent like a magical all-or-nothing button rather than a collaborative tool. It assumes we would blindly trust it with a high-stakes ambiguous task, ignoring the same common-sense review steps we’d use with a human assistant.

Want Radar delivered straight to your inbox? Join us on Substack. Sign up here.

Instead, the process is a collaboration between the agent and the user:

Soft planning: The agent’s application does the flexible, creative work: “I’ve drafted an itinerary for $14,800. It includes your flights, a 4-star hotel, and that sake distillery tour you mentioned. Would you like to review and approve this?”
Human review: The user then reviews and refines this plan.
Hard verification: Only when the user gives final, explicit approval does the protocol (the mandate) come into play. The agent generates a final, unambiguous Cart Mandate for the specific hotel and airline, which the user cryptographically signs.

This is the key: The agent’s soft intelligence is thus anchored by the protocol’s hard verification.

Second, this new trust layer unlocks capabilities that were previously impossible, like true agent-led price optimization. This highlights a fundamental difference between the two philosophies.

The conversational checkout (ACP) model is a price-taker. It’s simply a secure token to buy a specific item at its current price.
The autonomous trust layer (AP2) model is a price-optimizer, specifically when acting autonomously. An Intent Mandate for “these shoes, under $100” is a verifiable letter of authorization.

This mandate empowers the agent to act on your behalf. It can hunt for sales, query multiple vendors, or wait for a price drop. It has the provable authority to execute the purchase if, and only if, it meets the signed constraints—all without needing to bother the user for a final “click.”

Third, and perhaps most strategically significant, is the battle for data sovereignty: The app store versus the open web.

The architecture you choose dictates who owns the customer relationship.

The conversational checkout (ACP) model leans toward an app store philosophy. To participate efficiently, the incentive structure encourages merchants to upload their catalogs and inventory logic directly into the AI platform’s ecosystem. The agent becomes the primary interface, and the merchant becomes a fulfillment node. It offers incredible distribution, but at the cost of commoditization.

The autonomous trust layer (UCP + AP2) defends the open web model. UCP does not ask you to upload your catalog to a central AI authority. Instead, it provides a standard way for you to expose your inventory and logic on your own infrastructure (via a standard /.well-known/ucp discovery endpoint).

In this model, the agent “visits” your API just as a browser visits your website. It negotiates capabilities in real time by asking questions like “Do you support loyalty points?” or “Can you ship to Alaska?” This ensures that even in an AI-first world, the business remains the merchant of record, retaining full control over pricing, presentation, and the customer relationship.

Finally, for architects, the most critical takeaway is how these protocols drive a fundamental decoupling of the commerce stack.

This decoupling breaks the traditional, monolithic approach, where one inflexible application bundles a fast-moving conversational layer, a product catalog, and a slow-moving secure payment vault. This all-in-one model creates an unworkable development conflict.

The future stack solves this by composing three separate services, using the protocols as their secure communication layer:

The conversational layer: The agent itself, built for creativity and speed
The payment vault: A hardened, separate service for credentials and mandates
The merchant API: The machine-readable, queryable catalog

This separation of concerns is the core architectural takeaway. It allows your conversational layer team to move fast and innovate, while your payment vault team can remain slow, secure, and methodical. The protocols provide the verifiable handshake between them.

The C-Suite Call to Action

This shift is happening now. A wait and see approach is not a neutral strategy because it carries the immense risk of being structurally outpaced. This new reality demands immediate, parallel action across the C-suite.

For the CTO and head of engineering, the directive is to prepare for a “headless” future. The traditional website, meticulously designed for human eyes, is on the path to becoming a legacy channel.

Their new front door will be a machine-readable API. While UCP currently offers the most comprehensive blueprint for this—handling inventory, real-time pricing, and fulfillment in a standardized format—the core imperative is architectural decoupling. They must begin separating their commerce logic from the visual frontend now. This ensures the business is ready to serve an autonomous B2B agent (via UCP) or feed a conversational platform (via ACP) without rebuilding the stack for every new model.

This engineering shift is useless without a marketing counterpart. The CMO and head of marketing must begin solving the problem of “agent SEO.” This isn’t a battle for keywords but a new discipline focused on making a brand’s products and reputation perfectly machine-readable. Their new battleground is the structured data, verifiable reviews, and precise product attributes that an agent can parse. When an agent is the new gatekeeper, visual appeal and advertising copy become secondary. They are no longer competing for the #1 spot on a Google search page but for the #1 unambiguous recommendation from a trusted agent.

Finally, the CFO and head of commerce must prepare the business to operate in this new two-speed world. Their risk, fraud, and compliance systems are about to split. They will need one model for high-volume, low-friction “conversational checkouts” (the ACP-style) and a second, more robust, auditable model for high-value B2B “autonomous purchases” (the AP2-style). This will fundamentally change their reconciliation and risk-modeling processes.

Conclusion: The Real Battle Isn’t the Protocol

Any debate between ACP, AP2, and UCP and which protocol is “best” misses the point. We aren’t witnessing a zero-sum competition but a market evolving into necessary parallel models. While the technical depths of UCP deserve their own analysis, its existence alone confirms that the architecture of commerce is decoupling.

These protocols provide the foundational solution to trust, but they are ultimately just the plumbing. The real winners will be the businesses that look beyond the specs and recognize this as an organizational challenge, not just a technical one. Success belongs to the teams that can break down internal silos, enabling the CTO, CMO, and CFO to execute a single, unified agent-first strategy.

14:07

CodeSOD: Brillant Python Programmers [The Daily WTF]

Sandra from InitAg (previously) tries to keep the team's code quality up. The team she's on uses CI, code reviews, linting and type checking, and most important: hiring qualified people. Overall, the team's been successful recently. Recently.

The company got its start doing data-science, which meant much of the initial code was written by brilliant PhDs who didn't know the first thing about writing software. Most of that code has been retired, but it is impossible to dispatch all of it.

Which brings us to Stan. Stan was a one-man dev-team/sysadmin for a mission critical piece of software. No one else worked on it, no one else looked at it, but that was "okay" because Stan was happy to work evenings and weekends without anyone even suggesting it. Stan loved his work, perhaps a little too much. And as brilliant as Stan was, when it came to software engineering, he was at best "brillant".

Which brings us to a file called utils/file_io.py. As you might gather from the full name there, this is a "utility" module stuffed with "file and IO" related functions. Let's look at a few:

def del_rw(action, name, exc):
    """
    See https://stackoverflow.com/questions/21261132/shutil-rmtree-to-remove-readonly-files
    Is used by shutil.rmtree to remove read only files as well
    """
    os.chmod(name, stat.S_IWRITE)
    os.remove(name)

This, I think, is a case of "maybe this shouldn't be a function?" Given that it's only two lines, it's more clear what you're doing if you just include the lines. Also, it takes three parameters and uses one of them.

def safe_rmtree(remove_dir, minimum_parent_dir, min_parent_parts=2):
    """
    Recursively removes all files in a directory that should contain the min parent dir
    :param remove_dir:
    :param minimum_parent_dir:
    :param min_parent_parts: nr of folders that the parent should contain to avoid removing eg C:
    :return:
    """
    if not os.path.exists(remove_dir):
        print(f"WARNING in safe_rmtree: {remove_dir} does not exist, nothing is removed")
        return

    remove_path = pathlib.Path(remove_dir)
    minimum_parent_path = pathlib.Path(minimum_parent_dir)

    if not minimum_parent_path.is_dir():
        raise AssertionError("Min parent dir not a valid dir {}".format(minimum_parent_dir))

    if len(minimum_parent_path.parts) <= min_parent_parts:
        raise AssertionError(
            "Unsafe removal of {}: minimum parent dir is too short {}".format(
                remove_dir, minimum_parent_dir
            )
        )

    if minimum_parent_path in remove_path.parents:
        print("REMOVE {}".format(remove_dir))
        shutil.rmtree(remove_dir, onerror=del_rw)  # use del_rw to also remove read only files
    else:
        raise AssertionError(
            "Unsafe removal of {}: does not contain minimum parent dir {}".format(
                remove_dir, minimum_parent_dir
            )
        )

    time.sleep(0.1)

I definitely don't like this. We do at least use all of our parameters. While the documentation doesn't really make it clear what they all do, this will remove a directory if and only if the directory is contained under minimum_parent_dir, and the minimum_parent_dir is at least min_parent_parts levels deep.

I understand, broadly, why you want some checks around a potentially destructive operation, but I have to wonder about why this is the set of checks we added.

Also, why the tenth of a second sleep at the end? shutil isn't doing things on background threads, it just manipulates the file-system via syscalls.

Now, what's notable about this one is that we're using the pathlib.Path API for interacting with file paths. This is the correct way to do things in Python, which is why this method is just funny:

def file_name_from_path(path, extension=False):
    """
    Get the name of a file (without the extension) given a path
    :param path:
    :param extension: default false, but if true fn will include extension
    :return: a string with the file name (optional extension)
    """
    basename = ntpath.basename(path)

    if extension is True:
        return basename
    else:
        return os.path.splitext(basename)[0]

This reinvents methods that are already in pathlib.Path. I also like that the documentation contradicts itself: this returns the name of the file (without the extension) except when it also returns the extension.

def create_dir(new_dir, remove_data=False, verbose=False):
    """
    Create a new directory. NOTE: this function only creates one new folder, the root
    folder must already exist.
    :param new_dir: directory to create
    :param remove_data: if yes, remove existing data in folder.
    :param verbose:
    :return: a string containing the new directory
    """

    if remove_data and os.path.exists(new_dir):
        shutil.rmtree(new_dir)
        time.sleep(0.1)

    if os.path.exists(new_dir):
        if verbose:
            print("Output directory {} already exists".format(new_dir))
    else:
        os.makedirs(new_dir)

    return new_dir

This function creates a new directory and possibly deletes the old one. Not "safely", though, but hey, that random sleep is back.

def dirs_in_dir(data_dir, contains=""):
    """
    Get the paths of all directories in a directory containing a set of characters, the basename
    :param data_dir: directory for which to list all paths with a base name
    :param contains: characters that should be in the name of the directory
    :return: a list of all directory paths
    """
    if not os.path.exists(data_dir):
        print("Warning in get_dirs_in_dir: directory {} does not exist".format(data_dir))
        return

    dir_paths = [
        os.path.join(data_dir, d)
        for d in os.listdir(data_dir)
        if (os.path.isdir(os.path.join(data_dir, d)) and contains.lower() in d.lower())
    ]

    return dir_paths

This is another reinvention of functionality that already exists in pathlib.Path. I'd say, "And they already know about that!" but they clearly don't; they copied code off StackOverflow and didn't read it.

How about writing to a log file in possibly the slowest way possible?

def write_to_log(text_string, file_path, level="INFO", code="I_NOTDEFINED", entry="PROJ"):
    print(f"Log: {text_string}", flush=True)
    if not os.path.exists(file_path):
        file = open(file_path, "w")
        file.close()

    lookup_dict = error_lookup_dict
    responsible = lookup_dict[code]["responsible"]

    with open(file_path, "a") as file:
        dt_string = datetime.datetime.now().strftime("%Y-%m-%d %H:%M:%S")
        log_text = "{}; {}; {}; {}; {}; {}".format(
            dt_string, entry, level, responsible, code, text_string + "\n"
        )
        file.write(log_text)

Most logging frameworks open a file when you start, and keep the handle open until you're done logging. This one not only checks if it exists, but reopens it again and again for every write. And while it's at it, it also prints what it's logging. And Python has a built-in logging framework that definitely handles all these features.

Finally, what file_io library would be complete without a way to call shell commands?

def run_command_window(cmd, log_path=None):
    std_output = []

    updated_env = {**os.environ, "PYTHONPATH": str(config.repos_dir)}

    with Popen(
        cmd,
        stdout=PIPE,
        bufsize=1,
        universal_newlines=True,
        shell=sys.platform == "linux",
        env=updated_env,
    ) as p:
        for line in p.stdout:
            print(line, end="", flush=True)  # process line here
            std_output.append(line)

            if log_path:
                with open(log_path, "a") as log:
                    log.write(line)

    return p.returncode, std_output

Broadly speaking, if you're trying to automate things via Python, you might come up with something very much like this. But I draw your attention to their updated_env which populates a PYTHONPATH variable: they're calling Python code by shelling out and launching a new interpreter.

Sandra writes:

This is one of the better files in the project.
Thankfully, this one has a happy ending: management is well aware that this project is legacy garbage, and has authorized a full-scale rework to make it maintainable. Whether the guy doing the work escapes with his sanity intact is another question

Honestly, as "I don't actually know Python but I'm very smart," code goes, this isn't so bad. I mean, it's terrible, but it's clearly written. Even the parts that shouldn't have been written are clean and easy to understand. That, I suppose, just makes it worse, doesn't it. Picking through the code that needs to be thrown away will be harder than one expects because you can't just go, "kill it with fire," you have to think about what you're throwing away.

[Advertisement] Keep the plebs out of prod. Restrict NuGet feed privileges with ProGet. Learn more.

13:35

Pluralistic: All laws are local (05 Feb 2026) [Pluralistic: Daily links from Cory Doctorow]

->->->->->->->->->->->->->->->->->->->->->->->->->->->->-> Top Sources: None -->

Today's links

All laws are local: And no law knows how evitable it is.
Hey look at this: Delights to delectate.
Object permanence: Whisky PC; Anitfeatures; Silicon Roundabout; Steampunk Etch-A-Sketch; MLMs as mirror-world organizers.
Upcoming appearances: Where to find me.
Recent appearances: Where I've been.
Latest books: You keep readin' em, I'll keep writin' 'em.
Upcoming books: Like I said, I'll keep writin' 'em.
Colophon: All the rest.

All laws are local (permalink)

About halfway through Thomas Piketty's 2013 barnstorming Capital in the 21st Century, Piketty tosses off a little insight that skewered me on the spot and never let me go: the notion that any societal condition that endures beyond a generation becomes "eternal" in the popular consciousness:

https://memex.craphound.com/2014/06/24/thomas-pikettys-capital-in-the-21st-century/

Piketty was referring to "primogeniture," the ancient practice of automatically passing the family fortune onto the eldest son (or, if no son was available, the eldest nephew). Primogeniture did important work by keeping dynastic fortunes intact, rather than dividing them up among all children of some baron or lord or other guillotineable monster.

Primogeniture persisted until the age of colonization, when Europe's "great powers" stole the rest of the world. In that moment, the size of Europe's great fortunes expanded by orders of magnitude. This vast increase in the wealth of Europe's most murderous, remorseless looters made primogeniture obsolete. There was so much blood-soaked money available to the nobility that every son could found a "great house."

After a couple generations' worth of this, the colonies were exhausted. There were no more lands to conquer, which meant that every son could no longer expect to found his own fortune. But for these chinless masters of the universe, a world where every son of every rich man wouldn't get his own dynasty was incomprehensible. To do otherwise was literally unimaginable. It was unnatural.

For Piketty, this explained World War I: the world's chinless inbred monsters embarking upon an orgy of bloodletting to relieve one another of the lands – and peoples – they'd claimed as their property in order to carry on the "eternal" tradition of every son starting his own fortune.

It's a very important idea, and a provocative explanation for one of the 20th Century's defining events. That's why it struck me so hard when I first read it, but the reason it stuck with me for the decade-plus since I encountered that it is a vital observation about the human condition: as a species, we forget so much. Something that was commonplace a generation ago becomes unimaginable today, and vice versa.

Even people who lived through those years forget who they were and what they took for granted in those days. Think, for example, of all those evangelicals who would vote for Satan himself if he promised to hang any woman who obtained an abortion; the same evangelicals who, just a few decades ago, viewed anti-abortionism as a politically suspect form of crypto-papacy:

https://pluralistic.net/2021/12/18/schizmogenesis/

Perhaps the reason Piketty's primogeniture-based explanation for WWI struck me so forcefully and durably is that I imbibed a prodigious amount of science fiction as a boy, including the aphorism that "all laws are local, and no law knows how local it is":

https://locusmag.com/feature/cory-doctorow-a-cosmopolitan-literature-for-the-cosmopolitan-web/

In other words, things that seem eternal and innate to the human condition to you are apt to have been invented ten minutes before you started to notice the world around you and might seem utterly alien to your children. As Douglas Adams put it:

Anything that is in the world when you're born is normal and ordinary and is just a natural part of the way the world works. Anything that's invented between when you're fifteen and thirty-five is new and exciting and revolutionary and you can probably get a career in it. Anything invented after you're thirty-five is against the natural order of things.

https://en.wikiquote.org/wiki/Douglas_Adams

This notion is much on my mind right now because the world is (to me, at least) unassailably in a state of change, and everything is up for grabs. Europe went from 15 years behind on its climate goals to ten years ahead of schedule after the supply of Russian gas dried up and Europeans found themselves shivering in the dark. The massive leap in EU solar means that the (seemingly) all-powerful fossil fuel lobby has absolutely, comprehensively eaten shit, something that was unthinkable just a few years ago:

https://pluralistic.net/2025/09/23/our-friend-the-electron/#to-every-man-his-castle

Indeed, this happened so fast that many people (including many Europeans) haven't even noticed that it happened. Back in December, when I was at CCC in Hamburg, I talked to a bunch of European activists, close watchers of the Commission and the Parliament, who were completely convinced that Europe would never spurn the fossil fuel sector – despite the fact that it had already happened.

Indeed, it may be that intimate familiarity with European politics is a liability when things change. Spend enough time observing up close how supine European politicians and their Eurocrats are and you may find yourself so reflexively conditioned to view them as spineless corporate lackeys and thus unable to notice when they finally dig up a vertebra or two.

Smart financiers are familiar with Stein's Law: "anything that can't go on forever eventually stops." Change happens. Eternal verities might be fifteen minutes older than you. Pink used to be the color of ferocious masculinity, whereas blue was so girly as to be practically titular:

https://en.wikipedia.org/wiki/Gendered_associations_of_pink_and_blue

Real talk: I have serious, debilitating chronic pain. One of the reasons I'm so prolific is that the only time I stop noticing how much I hurt is when I'm lost in work (compartmentalization is a hell of a drug, and while it's not always healthy, it has its upsides). Ask anyone with chronic pain and they'll tell you that treating pain eventually becomes your hobby, a bottomless well of esoteric dives into various "modalities" of pain treatment.

Thus it is that I've found myself on one or two psychologists' couches, learning about different mental approaches to living with constant pain. One of the most useful pieces of advice I've gotten was to attend closely to how my pain changes – how it ebbs and flows. The point is that if pain changes, that means that it can change. It feels eternal, but it comes and goes. Maybe someday it will go altogether. And even if it doesn't, it may improve. It probably will, at least for a while.

Things change.

Our current crop of cowardly, weak appeasers – in Congress, in Parliament, in the European Parliament – have, at various times (and very recently), found their spines. The factions within them that militated for the kind of bold action that might meet this moment have, from time to time, won the day. We have lived through total transformations in our politics before, and that means we might live through them again:

https://hypertext.niskanencenter.org/p/the-fragmentation-flywheel

Sure, it's easy and tempting to assume that our leaders will always suck as hard as they suck now. But latent in that assumption is that the leaders who presided over big, incredible transformations were exceptional people. Maybe they were and maybe they weren't, but I'm here to tell you, ten minutes' worth of research into the biographies of the "heroes" of our history will reveal them to have been every bit as capable of monstrousness, cowardice, cruelty and pig-ignorant bigotry as any of today's rotating cast of fascist goons:

https://truthout.org/articles/disrupting-the-myth-of-franklin-d-roosevelt-in-the-age-of-trump-sanders-and-clinton/

The question isn't merely "How do we elect better leaders?" It's "How do we make our leaders follow us?" Today's Democrats are unserious quislings who keep bringing a squirt-gun to a mass-casualty assault-rifle spree-shooting. How do we terrorize these cowards into rising to the moment? If we want Congressional Democrats to form a Nuremburg Caucus and start holding hearings on who they're going to put in the dock when the Trump regime collapses, we're going to have to drive them to it.

And we can! The Democrats who gave us the New Deal weren't braver or more moral than the self-dealing millionaires in Congress today – they were more afraid of their base.

Things change.

Some years ago, I gave a speech at Consumer Reports headquarters in Poughkeepsie, trying to get them to refuse to give a passing grade to any product with DRM, on the grounds that the manufacturer could alter how that device worked at any time in the future, meaning that no matter how well a device worked now, it might turn into a pile of shit at any time in the future:

https://www.soundguys.com/the-sonos-app-death-spiral-132873/

They didn't take me up on this suggestion, obviously. They made the (seemingly) reasonable point that people bought Consumer Reports to find out what to buy, not to be told that they shouldn't buy anything. Every product in many key categories came with DRM, meaning that their recommendation would have had to be "just don't buy any of it."

But today, consumer review sites do sometimes recommend nothing:

https://www.mozillafoundation.org/en/blog/privacy-nightmare-on-wheels-every-car-brand-reviewed-by-mozilla-including-ford-volkswagen-and-toyota-flunks-privacy-test/

And of course, there's some precedent here. Somewhere between the emergence of the evidence for seatbelts and the appearance of seatbelts in most makes and models of cars, there would have been a time when the answer to "which car should I buy?" was "don't buy a car, they're all unsafe at any speed."

Things change. Today, every car has a seatbelt, and they'd continue to do so, even if we did away with regulations requiring seatbelts. Driving a car without a seatbelt would be as weird and terrible as using a radium suppository:

https://pluralistic.net/2024/09/19/just-stop-putting-that-up-your-ass/#harm-reduction

Things change. The nine-justice Supreme Court isn't an eternal verity. It didn't come down off a mountain on two stone tablets. It's about ten seconds old:

https://en.wikipedia.org/wiki/Judiciary_Act_of_1869

Tomorrow, it will be different:

https://pluralistic.net/2020/09/20/judicial-equilibria/#pack-the-court

Our eternals are all ephemerals. The idea that we should tax capital gains at half the rate of wages? It was practically invented yesterday. You know who thought we should tax all income at the same rate? That noted Bolshevik, Ronald fuckin' Reagan:

https://archive.thinkprogress.org/flashback-reagan-raised-capital-gains-taxes-to-the-same-level-as-wage-taxes-for-first-time-444438edf242/

We're living through a time of change. Much of it is calamitous. Some of it wondrous:

https://pluralistic.net/2025/06/28/mamdani/#trustbusting

It's so easy to slip into the habit of thinking that nothing will change, that our politicians will never fear us more than they love the money and power they get from catering to the Epstein class. I'm not denying that this is how they view the world today, but there was a time in living memory when it wasn't true. If it changed before, it can change again:

https://pluralistic.net/2026/01/15/how-the-light-gets-in/#theories-of-change

Things change.

Hey look at this (permalink)

The Scourge of Online Sports Betting https://prospect.org/2026/02/04/feb-2026-magazine-sports-scourge-online-betting-fanduel-draftkings/
ICE has offices in 5 Canadian cities. Here’s what it can — and can’t — do https://www.cbc.ca/lite/story/9.7073273
RIP, Fobazi M Ettarh https://bsky.app/profile/fobettarh.bsky.social/post/3me34k3rtvc2j
The Roots of the Youth Sports Gold Rush https://prospect.org/2026/02/05/feb-2026-magazine-youth-sports-private-equity/

Object permanence (permalink)

#20yrsago UK nurses want to supply clean blades and cutting advice to self-harmers https://web.archive.org/web/20060206205108/http://www.timesonline.co.uk/article/0,,2087-2025748,00.html

#20yrsago PC built into whisky bottle https://web.archive.org/web/20060210043104/https://metku.net/index.html?sect=view&n=1&path=mods/whiskypc/index_eng

#15yrsago Startups of London’s “Silicon Roundabout” https://www.theguardian.com/technology/2011/feb/06/tech-startup-internet-entrepreneurs

#15yrsago Antifeatures: deliberate, expensive product features that no customer wants https://mako.cc/copyrighteous/antifeatures-at-the-free-technology-academy

#15yrsago Steampunk Etch-a-Sketch https://www.reddit.com/r/pics/comments/erbnf/a_steampunk_etchasketch_we_made_for_a_friend_this/

#10yrsago There’s a secret “black site” in New York where terrorism suspects are tortured for years at a time https://web.archive.org/web/20160205143012/https://theintercept.com/2016/02/05/mahdi-hashi-metropolitan-correctional-center-manhattan-guantanamo-pretrial-solitary-confinement/

#10yrsago Error 53: Apple remotely bricks phones to punish customers for getting independent repairs https://www.theguardian.com/money/2016/feb/05/error-53-apple-iphone-software-update-handset-worthless-third-party-repair?CMP=Share_iOSApp_Other

#10yrsago Toronto City Council defies mayor, demands open, neutral municipal broadband https://www.michaelgeist.ca/2016/02/toronto-city-council-sides-with-crtc-in-rejecting-mayor-torys-support-of-bell-appeal/

#5yrsago Amazon's brutal warehouse "megacycle" https://pluralistic.net/2021/02/05/la-bookseller-royalty/#megacycle

#5yrsago AT&T customer complains…via WSJ ad https://pluralistic.net/2021/02/05/la-bookseller-royalty/#go-aaron-go

#1yrago MLMs are the mirror-world version of community organizing https://pluralistic.net/2025/02/05/power-of-positive-thinking/#the-socialism-of-fools

Upcoming appearances (permalink)

Salt Lake City: Enshittification at the Utah Museum of Fine Arts (Tanner Humanities Center), Feb 18
https://tanner.utah.edu/center-events/cory-doctorow/
Montreal (remote): Fedimtl, Feb 24
https://fedimtl.ca/
Victoria: 28th Annual Victoria International Privacy & Security Summit, Mar 3-5
https://www.rebootcommunications.com/event/vipss2026/
Berkeley: Bioneers keynote, Mar 27
https://conference.bioneers.org/
Berlin: Re:publica, May 18-20
https://re-publica.com/de/news/rp26-sprecher-cory-doctorow
Berlin: Enshittification at Otherland Books, May 19
https://www.otherland-berlin.de/de/event-details/cory-doctorow.html
Hay-on-Wye: HowTheLightGetsIn, May 22-25
https://howthelightgetsin.org/festivals/hay/big-ideas-2

Recent appearances (permalink)

How the Internet Got Worse (Masters in Business)
https://www.youtube.com/watch?v=auXlkuVhxMo
Enshittification (Jon Favreau/Offline):
https://crooked.com/podcast/the-enshittification-of-the-internet-with-cory-doctorow/
Why Big Tech is a Trap for Independent Creators (Stripper News)
https://www.youtube.com/watch?v=nmYDyz8AMZ0
Enshittification (Creative Nonfiction podcast)
https://brendanomeara.com/episode-507-enshittification-author-cory-doctorow-believes-in-a-new-good-internet/
Enshittification with Plutopia
https://plutopia.io/cory-doctorow-enshittification/

Latest books (permalink)

"Canny Valley": A limited edition collection of the collages I create for Pluralistic, self-published, September 2025
"Enshittification: Why Everything Suddenly Got Worse and What to Do About It," Farrar, Straus, Giroux, October 7 2025
https://us.macmillan.com/books/9780374619329/enshittification/
"Picks and Shovels": a sequel to "Red Team Blues," about the heroic era of the PC, Tor Books (US), Head of Zeus (UK), February 2025 (https://us.macmillan.com/books/9781250865908/picksandshovels).
"The Bezzle": a sequel to "Red Team Blues," about prison-tech and other grifts, Tor Books (US), Head of Zeus (UK), February 2024 (thebezzle.org).
"The Lost Cause:" a solarpunk novel of hope in the climate emergency, Tor Books (US), Head of Zeus (UK), November 2023 (http://lost-cause.org).
"The Internet Con": A nonfiction book about interoperability and Big Tech (Verso) September 2023 (http://seizethemeansofcomputation.org). Signed copies at Book Soup (https://www.booksoup.com/book/9781804291245).
"Red Team Blues": "A grabby, compulsive thriller that will leave you knowing more about how the world works than you did before." Tor Books http://redteamblues.com.
"Chokepoint Capitalism: How to Beat Big Tech, Tame Big Content, and Get Artists Paid, with Rebecca Giblin", on how to unrig the markets for creative labor, Beacon Press/Scribe 2022 https://chokepointcapitalism.com

Upcoming books (permalink)

"Unauthorized Bread": a middle-grades graphic novel adapted from my novella about refugees, toasters and DRM, FirstSecond, 2026
"Enshittification, Why Everything Suddenly Got Worse and What to Do About It" (the graphic novel), Firstsecond, 2026
"The Memex Method," Farrar, Straus, Giroux, 2026
"The Reverse-Centaur's Guide to AI," a short book about being a better AI critic, Farrar, Straus and Giroux, June 2026

Colophon (permalink)

Today's top sources:

Currently writing: "The Post-American Internet," a sequel to "Enshittification," about the better world the rest of us get to have now that Trump has torched America (1005 words today, 22660 total)

"The Reverse Centaur's Guide to AI," a short book for Farrar, Straus and Giroux about being an effective AI critic. LEGAL REVIEW AND COPYEDIT COMPLETE.
"The Post-American Internet," a short book about internet policy in the age of Trumpism. PLANNING.
A Little Brother short story about DIY insulin PLANNING

This work – excluding any serialized fiction – is licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.

Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.

How to get Pluralistic:

Blog (no ads, tracking, or data-collection):

Newsletter (no ads, tracking, or data-collection):

Mastodon (no ads, tracking, or data-collection):

Medium (no ads, paywalled):

Twitter (mass-scale, unrestricted, third-party surveillance and advertising):

https://mostlysignssomeportents.tumblr.com/tagged/pluralistic

Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):

"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla

READ CAREFULLY: By reading this, you agree, on behalf of your employer, to release me from all obligations and waivers arising from any and all NON-NEGOTIATED agreements, licenses, terms-of-service, shrinkwrap, clickwrap, browsewrap, confidentiality, non-disclosure, non-compete and acceptable use policies ("BOGUS AGREEMENTS") that I have entered into with your employer, its partners, licensors, agents and assigns, in perpetuity, without prejudice to my ongoing rights and privileges. You further represent that you have the authority to release me from any BOGUS AGREEMENTS on behalf of your employer.

ISSN: 3066-764X

12:49

The Merdas Touch [George Monbiot]

Here is the real reason why Keir Starmer’s government refuses to let us have a fair electoral system.

By George Monbiot, published in the Guardian 4^th February 2026

Don’t let the Labour party say one more word about “splitting the vote”, in the forthcoming byelection or at any other time. With proportional representation, no one would ever need to worry about splitting the vote again. No one would need to choose the lesser evil to keep the greater evil out of office. We could vote for the parties we actually wanted. But the Labour government won’t hear of it. It insists we retain the unfair, ridiculous first-past-the-post system, then blames us for the likely results.

This is not because proportional representation is unpopular – far from it. Last year’s British Social Attitudes survey showed that 36% of people want to keep the electoral system as it is, while 60% want to change it. But as we are not allowed to vote on how we should vote, the decision is left in the hands of the corrupt old system’s beneficiaries.

In 2022, the Labour party conference voted in favour of proportional representation. At the end of 2024, so did a majority of MPs, including a majority of Labour MPs. Keir Starmer himself, while vying to become party leader, pointed out how unfair the current system is. But from the moment he was chosen, he refused to countenance any attempt to change it.

Why? For the very reason he highlighted: that the system is unfair. First past the post allows the two traditional parties of government to threaten and cajole us, warning that we’ll split the vote if we don’t support them. The splitting-the-vote argument is not a result of the system. It is the point of the system.

But now of course, as the old alliances shatter, first past the post has a different effect. An analysis in October suggested that on just 27% of the vote (roughly in the middle of its polling over the past year), Reform UK would win 48% of the seats, allowing it to take power with a small coalition partner. If Reform UK forms the next government, it will be for one reason and one reason alone: our electoral system.

So why is Starmer’s government so determined to keep it? Before the last election, the reason was obvious. In 2024, Labour gained just 33.7% of the vote: the smallest share for any party winning a general election since the second world war. Yet it took 63% of the seats in parliament: a massive majority.

But now the reason has changed. Thanks to Starmer’s Merdas Touch, which has turned the golden opportunity (grossly unfair as it is) of a 174-seat majority into a great steaming pile of excrement, Labour knows it is highly unlikely to win the next election. But it also knows this: that under proportional representation, it would be more or less wiped out.

This is what we’re seeing in the opinion polls ahead of May’s Welsh Senedd vote. That election will be conducted under a new and much fairer voting structure, called the “closed proportional list system”. The number of seats will be quite an accurate representation of the number of votes. What do we learn? That in Cymru, where Labour has been almost hegemonic for a century, it will, on current trends, end up with about 10% of the seats. Cast into the outer darkness, in other words.

But under the existing system, in a general election in 2029, Labour could channel its efforts into particular constituencies and emerge – despite a very small share of the total vote – with a respectable minority. It could be the official opposition. It might even be able to cobble a coalition together and limp on in government for a while. In other words, the difference between a fair system and an unfair one is the difference between Labour being booted into the Kuiper Belt, and Labour continuing to look like a serious player.

There is no way Reform UK could, on current trends, win a general election under proportional representation. The last election was tilted unfairly against that party: it took just five seats, despite winning 14.3% of the vote. Nigel Farage complained bitterly about it. Now, he has changed his tune. Last year he pointed out that “first past the post can be your enemy, but there comes an inversion point at which it becomes your friend”.

So this is how the real horror show begins: with Reform UK taking office on an even smaller share of the vote than Labour received in 2024. The only reason the UK did not become ungovernable after the grotesque results of the last election is that Keir Starmer’s government is so elusive and so bland. We might detest many of its works, but not so fiercely as to occupy the capital, refuse to pay our taxes, call a general strike or use the other tactics deployed by people in countries where their will has been thwarted.

But if Farage’s extreme and divisive party were to win on a similar proportion of the votes, the response would not be so muted. We would find ourselves in a country in which the great majority of people adamantly did not want to live under a Reform UK government, voted to ensure they did not, but found themselves doing so anyway. If that happens, it will be entirely on this Labour government, and its self-interested refusal to change the electoral system. So much for “country before party”.

But hey-ho: this horrific prospect grants the current government leverage over us. It can use the existing system to threaten that if we don’t vote Labour, we will get Farage. In our panic, we might forget that it is this system, and this system alone, that makes the threat real. As the Gorton and Denton byelection approaches, Labour is getting its excuses in early: if Reform wins, it will be the Greens’ fault, for “splitting the vote”. It warns us that “only Labour can beat Reform”. This isn’t true: the bookies currently think the Greens will win. If so, it will be because, while Labour offers disappointment and frustration, and Reform offers hatred and division, they offer hope and inspiration.

There’s only one way we are going to get the electoral system we want, and that is to vote for the parties we want. Organise. Defy the threats. Vote in hope. Recognise that the situation has changed. And then we might never need to make a depressing choice again.

www.monbiot.com

12:07

First package written in Algol 68 lands in Gentoo [Planet GNU]

To my knowledge Gentoo just became the first GNU/Linux distro ever packaging and distributing a program that happens to be written in Algol 68... have no doubt, others will follow shortly ;)

https://packages.gentoo.org/packages/dev-util/godcc

Backdoor in Notepad++ [Schneier on Security]

Hackers associated with the Chinese government used a Trojaned version of Notepad++ to deliver malware to selected users.

Notepad++ said that officials with the unnamed provider hosting the update infrastructure consulted with incident responders and found that it remained compromised until September 2. Even then, the attackers maintained credentials to the internal services until December 2, a capability that allowed them to continue redirecting selected update traffic to malicious servers. The threat actor “specifically targeted Notepad++ domain with the goal of exploiting insufficient update verification controls that existed in older versions of Notepad++.” Event logs indicate that the hackers tried to re-exploit one of the weaknesses after it was fixed but that the attempt failed.

Make sure you’re running at least version 8.9.1.

11:28

Grrl Power #1432 – Dead leg [Grrl Power]

Sure, an actual Black Hole can probably absorb a lot of energy before it destabilizes. In fact, as far as I know, they can absorb an unlimited amount of energy. I allow for some wiggle room there because maybe if 6,000 pulsars were somehow aimed at a black hole, (you know, the energy jets that come off of pulsars that emit 100,000 times the energy of our sun,) so if that much energy hit one all at once, maybe that could fuck it up. Probably not, but two black holes nearly hitting each other has to have an effect. Maybe a huge black hole can rip a little one to bits and invert its event horizon? I don’t know.

But the pixie’s singularity spell isn’t a true black hole. It’s limited by the magic used to create it, and it was actually designed to suck up a lot of shit, hold it for a few seconds, then barf it all back out once the pixie had relocated either it or herself. Maxima figured if that was the case, then disrupting the containment might light it off early. And she didn’t even have to use her own energy beam.

Here is Gaxgy’s painting Maxima promised him. Weird how he draws almost exactly like me.

I did try and do an oil painting version of this, by actually re-painting over the whole thing with brush-strokey brushes, but what I figured out is that most brushy oil paintings are kind of low detail. Sure, a skilled painter like Bob Ross or whoever can dab a brush down a canvas and make a great looking tree or a shed with shingles, but in trying to preserve the detail of my picture (eyelashes, reflections, etc) was that I had to keep making the brush smaller and smaller, and the end result was that honestly, it didn’t really look all that oil-painted. I’ll post that version over at Patreon, just for fun, but I kind of quit on it after getting mostly done with re-painting Max.

Patreon has a no-dragon-bikini version of of the picture as well, naturally.

Double res version will be posted over at Patreon. Feel free to contribute as much as you like.

10:42

Making it whole [Seth's Blog]

Integrity is the act of being in and of itself, from every angle.

As we see the bait-and-switch of the online networks and monopolists, it’s easy to imagine that nothing with integrity stays that way very long. The systems we support almost always end up trading a straightforward clarity about what they do for a facade that’s easy to fall into and hard to get out of.

Big businesses usually succumb to short-term compromises that corrupt the mission that built their brand in the first place.

The opportunity, then, is to find a career path that’s a whole. In calculus, the integral takes an infinite number of tiny slices and reassembles them into a coherent result. Each slice is infinitesimal, almost nothing on its own, yet the accumulation produces something real. We don’t need each moment to be grand. We need it to be of the same function. Showing up consistently in small ways that cohere.

In the movies, there’s plenty of stirring music when the hero has to make their choice. But in our lives, there isn’t a single moment. Instead, there are a million of them.

The way we show up will rarely be perfect. But perfect isn’t the point. Countless tiny decisions add up to a whole. It helps to be clear about the purpose of the work we’re here to do.

In the words of Hugh MacLeod, “The market for something to believe in is infinite.”

PS I just finished the first draft of my new book, THE KNOT, which will publish this September from Authors Equity. If you’re interested in pre-ordering the audiobook and being part of a small beta-test community, I’ve built a page explaining how you can join us. I’ll take this link down once the cohort is full.

09:49

Irregular Webcomic! #3028 [Irregular Webcomic!]

Irregular Webcomic! #3028

09:07

watervole @ 2026-02-05T08:37:00 [Judith Proctor's Journal]

Theo's 16 months old now.

When he saw his Dad through the window yesterday, he went and picked up his socks, shoes and jacket ready to put them on :)

He has a couple of 'proto' words now. I think 'ah da' may mean 'grandad', and 'duh' is duck.

He's got diarrhoea this week (really on the spectacular, lots of laundry, level) and hence can't go to nursery until it clears up. So we've been looking after him. Luckily, he's in a good mood in spite of the horrendous nappies and is happy to play and to have books read to him.

He goes through phases with books. Sometimes, he isn't interested at all, and some days it's book after book, with favourites on repeat.

'Hairy Maclary From Donaldson's Dairy' is one of the best children's books ever!

comments

05:00

Binary Star [xkcd.com]

02:42

Dirk Eddelbuettel: rfoaas 2.3.3: Limited Rebirth [Planet Debian]

The original FOAAS site provided a rather wide variety of REST access points, but it sadky is no more (while the old repo is still there). A newer replacement site FOASS is up and running, but with a somewhat reduced offering. (For example, the two accessors shown in the screenshot are no more. C’est la vie.)

Recognising that perfect may once again be the enemy of (somewhat) good (enough), we have rejigged the rfoaas package in a new release 2.3.3. (The precding version number 2.3.2 corresponded to the upstream version, indicating which API release we matched. Now we just went ‘+ 0.0.1’ but there is no longer a correspondence to the service version at FOASS.)

Accessor functions for each of the now available access points are provided, ans the random sampling accessor getRandomFO() now picks from that set.

My CRANberries service provides a comparison to the previous release. Questions, comments etc should go to the GitHub issue tracker. More background information is on the project page as well as on the github repo

This post by Dirk Eddelbuettel originated on his Thinking inside the box blog. If you like this or other open-source work I do, you can sponsor me at GitHub.

02:21

The Horror Of Hormones [QC RSS]

horrormones

01:42

Come With Me If You Want a Painting [Whatever]

Me (peering at the painting on my dentist’s waiting room wall): This painting is new since the last time I was here.

Dentist: Probably.

Me: And done by the star of the Terminator films!

Dentist: What?

Me (points to the signature in the corner of the painting): Linda Hamilton.

Dentist: Dude, shut up.

For the record: Probably indeed not that Linda Hamilton. Probably also not the two Linda Hamiltons I found online who are primarily artists. One of them does “flower art” while the other does more abstract paintings. Her signature doesn’t match this one here. But in my deepest of hearts I will believe that my dentist has a painting of ducks and ponds done by the celebrated actress. Because life is more fun that way.

— JS

00:49

[$] LWN.net Weekly Edition for February 5, 2026 [LWN.net]

Inside this week's LWN.net Weekly Edition:

Front: Sigil; Eurydice; Sub-schedulers for sched_ext; Swap table; Futex robust lists; Tyr.
Briefs: openSUSE governance; Git 2.53.0; LibreOffice 26.2; Open Source Award; Quotes; ...
Announcements: Newsletters, conferences, security updates, patches, and more.

00:21

Microsoft has killed widgets six times [OSnews]

Gadgets, desk accessories, widgets – whatever you they were called, they were a must-have feature for various operating systems for a while. Windows in particular has tried making them happen six times, and every time, they failed to really catch on and ended up being killed, only for the company to try again a few years later.

Microsoft has been trying to solve the same UX problem since 1997: how to surface live information without making you launch an app. They’ve shipped six different implementations across nearly 30 years. Each one died from a different fundamental flaw – performance, security, screen space, privacy, engagement. And each death triggered the same reflex: containment.
↫ Pavel Osadchuk

There’s quite a few memories in this article. I never actually used Active Desktop back when it came out, because I seem to remember the channels feature was either not available in The Netherlands or the available channels were American stuff we didn’t care about. The sidebar in Vista had a lot of potential, and I did like the feature, but there weren’t a lot of great widgets and we hadn’t entered the era of omnipresent notifications begging for out attention just yet, so use cases remained elusive.

Now Metro, that’s where things came together, at least for me. I was en enthusiastic Windows Phone user – I imported two Windows Phone devices from the US to be an early adopter – and I still consider its live tiles with notifications and other useful information to be the most pleasant user interface for a mobile device, bar none. It may have taken Microsoft six tries, but they nailed it with that one, and I’m still sad the Windows Phone user interface lost out to whatever iOS and Android offered.

On desktops and laptops, though, it’s a different story, and I don’t think the Metro tiles concept ever made any sense there. Widgets as they exist in Windows now mostly seem like an annoying distraction, and I’ve never seen anyone actually use them. Does anyone even keep them enabled at all?

Microsoft Research releases LiteBox, a new library operating system [OSnews]

Microsoft Research, in collaboration with various others, has just released LiteBox, a library operating system.

LiteBox is a sandboxing library OS that drastically cuts down the interface to the host, thereby reducing attack surface. It focuses on easy interop of various “North” shims and “South” platforms. LiteBox is designed for usage in both kernel and non-kernel scenarios.

LiteBox exposes a Rust-y nix/rustix-inspired “North” interface when it is provided a Platform interface at its “South”. These interfaces allow for a wide variety of use-cases, easily allowing for connection between any of the North–South pairs.
↫ LiteBox GitHub Page

Suggested use-cases are running unmodified Linux applications on Windows, sandboxing Linux applications on Linux, running OP-TEE applications on Linux, and more. It’s written in Rust, and the code is available on GitHub under an MIT license.

00:00

News from the most-quoted blogs on Hacker News. Writeup is here.

Liver Me Timbers [Penny Arcade]

Here's a news page with stories from the most-quoted blogs on Hacker News. A brilliant idea. All I did was give each item a category, and shortened the URL. The brief writeup is here.

I mean, where to start.

Wednesday, 04 February

23:35

Protecting Our Right to Sue Federal Agents Who Violate the Constitution [Deeplinks]

Federal agencies like Immigration and Customs Enforcement (ICE) and Customs and Border Protection (CBP) have descended into utter lawlessness, most recently in Minnesota. The violence is shocking. So are the intrusions on digital rights. For example, we have a First Amendment right to record on-duty police, including ICE and CBP, but federal agents are violating this right. Indeed, Alex Pretti was exercising this right shortly before federal agents shot and killed him. So were the many people who filmed agents shooting and killing Pretti and Renee Good – thereby creating valuable evidence that contradicts false claims by government leaders.

To protect our digital rights, we need the rule of law. When an armed agent of the government breaks the law, the civilian they injure must be made whole. This includes a lawsuit by the civilian (or their survivor) against the agent, seeking money damages to compensate them for their injury. Such systems of accountability encourage agents to follow the law, whereas impunity encourages them to break it.

Unfortunately, there is a gaping hole in the rule of law: when a federal agent violates the U.S. Constitution, it is increasingly difficult to sue them for damages. For these reasons, EFF supports new statutes to fill this hole, including California S.B. 747.

The Problem

In 1871, at the height of Reconstruction following the Civil War, Congress enacted a landmark statute empowering people to sue state and local officials who violated their constitutional rights. This was a direct response to state-sanctioned violence against Black people that continued despite the formal end of slavery. The law is codified today at 42 U.S.C. § 1983.

However, there is no comparable statute empowering people to sue federal officials who violate the U.S. Constitution.

So in 1971, the U.S. Supreme Court stepped into this gap, in a watershed case called Bivens v. Six Unknown FBI Agents. The plaintiff alleged that FBI agents unlawfully searched his home and used excessive force against him. Justice Brennan, writing for a six-Justice majority of the Court, ruled that “damages may be obtained for injuries consequent upon a violation of the Fourth Amendment by federal officials.” He explained: “Historically, damages have been regarded as the ordinary remedy for an invasion of personal interests in liberty.” Further: “The very essence of civil liberty certainly consists of the right of every individual to claim the protection of the laws, whenever he receives an injury.”

Subsequently, the Court expanded Bivens in cases where federal officials violated the U.S. Constitution by discriminating in a workplace, and by failing to provide medical care in a prison.

In more recent years, however, the Court has whittled Bivens down to increasing irrelevance. For example, the Court has rejected damages litigation against federal officials who allegedly violated the U.S. Constitution by strip searching a detained person, and by shooting a person located across the border.

In 2022, the Court by a six-to-three vote rejected a damages claim against a Border Patrol agent who used excessive force when investigating alleged smuggling. In an opinion concurring in the judgment, Justice Gorsuch conceded that he “struggle[d] to see how this set of facts differs meaningfully from those in Bivens itself.” But then he argued that Bivens should be overruled because it supposedly “crossed the line” against courts “assuming legislative authority.”

Last year, the Court unanimously declined to extend Bivens to excessive force in a prison.

The Solution

At this juncture, legislatures must solve the problem. We join calls for Congress to enact a federal statute, parallel to the one it enacted during Reconstruction, to empower people to sue federal officials (and not just state and local officials) who violate the U.S. Constitution.

In the meantime, it is heartening to see state legislatures step forward fill this hole. One such effort is California S.B. 747, which EFF is proud to endorse.

State laws like this one do not violate the Supremacy Clause of the U.S. Constitution, which provides that the Constitution is the supreme law of the land. In the words of one legal explainer, this kind of state law “furthers the ultimate supremacy of the federal Constitution by helping people vindicate their fundamental constitutional rights.”

This kind of state law goes by many names. The author of S.B. 747, California Senator Scott Wiener, calls it the “No Kings Act.” Protect Democracy, which wrote a model bill, calls it the “Universal Constitutional Remedies Act.” The originator of this idea, Professor Akhil Amar, calls it a “converse 1983”: instead of Congress authorizing suit against state officials for violating the U.S. Constitution, states would authorize suit against federal officials for doing the same thing.

We call these laws a commonsense way to protect the rule of law, which is a necessary condition to preserve our digital rights. EFF has long supported effective judicial remedies, including support for nationwide injunctions and private rights of action, and opposition to qualified immunity.

We also support federal and state legislation to guarantee our right to sue federal agents for damages when they violate the U.S. Constitution.

23:14

I'm going to WordCamp Europe in June in Poland. Can't wait.

Smart AI Policy Means Examining Its Real Harms and Benefits [Deeplinks]

No one else can see this message. You are the only real person. The rest of us are alien robots sent here to test you.

22:49

The phrase "artificial intelligence" has been around for a long time, covering everything from computers with "brains"—think Data from Star Trek or Hal 9000 from 2001: A Space Odyssey—to the autocomplete function that too often has you sending emails to the wrong person. It's a term that sweeps a wide array of uses into it—some well-established, others still being developed.

Recent news shows us a rapidly expanding catalog of potential harms that may result from companies pushing AI into every new feature and aspect of public life—like the automation of bias that follows from relying on a backward-looking technology to make consequential decisions about people's housing, employment, education, and so on. Complicating matters, the computation needed for some AI services requires vast amounts of water and electricity, leading to sometimes difficult questions about whether the increased fossil fuel use or consumption of water is justified.

We are also inundated with advertisements and exhortations to use the latest AI-powered apps, and with hype insisting AI can solve any problem.

Obscured by this hype, there are some real examples of AI proving to be a helpful tool. For example, machine learning is especially useful for scientists looking at everything from the inner workings of our biology to cosmic bodies in outer space. AI tools can also improve accessibility for people with disabilities, facilitate police accountability initiatives, and more. There are reasons why these problems are amenable to machine learning and why excitement over these uses shouldn’t translate into a perception that just any language model or AI technology possesses expert knowledge or can solve whatever problem it’s marketed as solving.

EFF has long fought for sensible, balanced tech policies because we’ve seen how regulators can focus entirely on use cases they don’t like (such as the use of encryption to hide criminal behavior) and cause enormous collateral harm to other uses (such as using encryption to hide dissident resistance). Similarly, calls to completely preempt state regulation of AI would thwart important efforts to protect people from the real harms of AI technologies. Context matters. Large language models (LLMs) and the tools that rely on them are not magic wands—they are general-purpose technologies. And if we want to regulate those technologies in a way that doesn’t shut down beneficial innovations, we have to focus on the impact(s) of a given use or tool, by a given entity, in a specific context. Then, and only then, can we even hope to figure out what to do about it.

So let’s look at the real-world landscape.

AI’s Real and Potential Harms

Thinking ahead about potential negative uses of AI helps us spot risks. Too often, the corporations developing AI tools—as well as governments that use them—lose sight of the real risks, or don’t care. For example, companies and governments use AI to do all sorts of things that hurt people, from price collusion to mass surveillance. AI should never be part of a decision about whether a person will be arrested, deported, placed into foster care, or denied access to important government benefits like disability payments or medical care.

There is too much at stake, and governments have a duty to make responsible, fair, and explainable decisions, which AI can’t reliably do yet. Why? Because AI tools are designed to identify and reproduce patterns in data that they are “trained” on. If you train AI on records of biased government decisions, such as records of past arrests, it will “learn” to replicate those discriminatory decisions.

And simply having a human in the decision chain will not fix this foundational problem. Studies have shown that having a human “in the loop” doesn’t adequately correct for AI bias, both because the human tends to defer to the AI and because the AI can provide cover for a biased human to ratify decisions that agree with their biases and override the AI at other times.

These biases don’t just arise in obvious contexts, like when a government agency is making decisions about people. It can also arise in equally life-affecting contexts like medical care. Whenever AI is used for analysis in a context with systemic disparities and whenever the costs of an incorrect decision fall on someone other than those deciding whether to use the tool. For example, dermatology has historically underserved people of color because of a focus on white skin, with the resulting bias affecting AI tools trained on the existing and biased image data.

These kinds of errors are difficult to detect and correct because it’s hard or even impossible to understand how an AI tool arrives at individual decisions. These tools can sometimes find and apply patterns that a human being wouldn't even consider, such as basing diagnostic decisions on which hospital a scan was done at. Or determining that malignant tumors are the ones where there is a ruler next to them—something that a human would automatically exclude from their evaluation of an image. Unlike a human, AI does not know that the ruler is not part of the cancer.

Auditing and correcting for these kinds of mistakes is vital, but in some cases, might negate any sort of speed or efficiency arguments made in favor of the tool. We all understand that the more important a decision is, the more guardrails against disaster need to be in place. For many AI tools, those don't exist yet. Sometimes, the stakes will be too high to justify the use of AI. In general, the higher the stakes, the less this technology should be used.

We also need to acknowledge the risk of over-reliance on AI, at least as it is currently being released. We've seen shades of a similar problem before online (see: "Dr. Google"), but the speed and scale of AI use—and the increasing market incentive to shoe-horn “AI” into every business model—have compounded the issue.

Moreover, AI may reinforce a user’s pre-existing beliefs—even if they’re wrong or unhealthy. Many users may not understand how AI works, what it is programmed to do, and how to fact check it. Companies have chosen to release these tools widely without adequate information about how to use them properly and what their limitations are. Instead they market them as easy and reliable. Worse, some companies also resist transparency in the name of trade secrets and reducing liability, making it harder for anyone to evaluate AI-generated answers.

Other considerations may weigh against AI uses are its environmental impact and potential labor market effects. Delving into these is beyond the scope of this post, but it is an important factor in determining if AI is doing good somewhere and whether any benefits from AI are equitably distributed.

Research into the extent of AI harms and means of avoiding them is ongoing, but it should be part of the analysis.

AI’s Real and Potential Benefits

However harmful AI technologies can sometimes be, in the right hands and circumstances, they can do things that humans simply can’t. Machine learning technology has powered search tools for over a decade. It’s undoubtedly useful for machines to help human experts pore through vast bodies of literature and data to find starting points for research—things that no number of research assistants could do in a single year. If an actual expert is involved and has a strong incentive to reach valid conclusions, the weaknesses of AI are less significant at the early stage of generating research leads. Many of the following examples fall into this category.

Machine learning differs from traditional statistics in that the analysis doesn’t make assumptions about what factors are significant to the outcome. Rather, the machine learning process computes which patterns in the data have the most predictive power and then relies upon them, often using complex formulae that are unintelligible to humans. These aren’t discoveries of laws of nature—AI is bad at generalizing that way and coming up with explanations. Rather, they’re descriptions of what the AI has already seen in its data set.

To be clear, we don't endorse any products and recognize initial results are not proof of ultimate success. But these cases show us the difference between something AI can actually do versus what hype claims it can do.

Researchers are using AI to discover better alternatives to today’s lithium-ion batteries, which require large amounts of toxic, expensive, and highly combustible materials. Now, AI is rapidly advancing battery development: by allowing researchers to analyze millions of candidate materials and generate new ones. New battery technologies discovered with the help of AI have a long way to go before they can power our cars and computers, but this field has come further in the past few years than it had in a long time.

AI Advancements in Scientific and Medical Research

AI tools can also help facilitate weather prediction. AI forecasting models are less computationally intensive and often more reliable than traditional tools based on simulating the physical thermodynamics of the atmosphere. Questions remain, though about how they will handle especially extreme events or systemic climate changes over time.

For example:

The National Oceanic and Atmospheric Administration has developed new machine learning models to improve weather prediction, including a first-of-its-kind hybrid system that uses an AI model in concert with a traditional physics-based model to deliver more accurate forecasts than either model does on its own. to augment its traditional forecasts, with improvements in accuracy when the AI model is used in concert with the physics-based model.
Several models were used to forecast a recent hurricane. Google DeepMind’s AI system performed the best, even beating official forecasts from the U.S. National Hurricane Center (which now uses DeepMind’s AI model).

Researchers are using AI to help develop new medical treatments:

Deep learning tools, like the Nobel Prize-winning model AlphaFold, are helping researchers understand protein folding. Over 3 million researchers have used AlphaFold to analyze biological processes and design drugs that target disease-causing malfunctions in those processes.
Researchers used machine learning simulate and computationally test a large range of new antibiotic candidates hoping they will help treat drug-resistant bacteria, a growing threat that kills millions of people each year.
Researchers used AI to identify a new treatment for idiopathic pulmonary fibrosis, a progressive lung disease with few treatment options. The new treatment has successfully completed a Phase IIa clinical trial. Such drugs still need to be proven safe and effective in larger clinical trials and gain FDA approval before they can help patients, but this new treatment for pulmonary fibrosis could be the first to reach that milestone.
Machine learning has been used for years to aid in vaccine development—including the development of the first COVID-19 vaccines––accelerating the process by rapidly identifying potential vaccine targets for researchers to focus on.

AI Uses for Accessibility and Accountability

AI technologies can improve accessibility for people with disabilities. But, as with many uses of this technology, safeguards are essential. Many tools lack adequate privacy protections, aren’t designed for disabled users, and can even harbor bias against people with disabilities. Inclusive design, privacy, and anti-bias safeguards are crucial. But here are two very interesting examples:

AI voice generators are giving people their voices back, after losing their ability to speak. For example, while serving in Congress, Rep. Jennifer Wexton developed a debilitating neurological condition that left her unable to speak. She used her cloned voice to deliver a speech from the floor of the House of Representatives advocating for disability rights.
Those who are blind or low-vision, as well as those who are deaf or hard-of-hearing, have benefited from accessibility tools while also discussing their limitations and drawbacks. At present, AI tools often provide information in a more easily accessible format than traditional web search tools and many websites that are difficult to navigate for users that rely on a screen reader. Other tools can help blind and low vision users navigate and understand the world around them by providing descriptions of their surroundings. While these visual descriptions may not always be as good as the ones a human may provide, they can still be useful in situations when users can’t or don’t want to ask another human to describe something. For more on this, check out our recent podcast episode on “Building the Tactile Internet.”

When there is a lot of data to comb through, as with police accountability, AI is very useful for researchers and policymakers:

The Human Rights Data Analysis Group used LLMs to analyze millions of pages of records regarding police misconduct. This is essentially the reverse of harmful use cases relating to surveillance; when the power to rapidly analyze large amounts of data is used by the public to scrutinize the state there is a potential to reveal abuses of power and, given the power imbalance, very little risk that undeserved consequences will befall those being studied.
An EFF client, Project Recon, used an AI system to review massive volumes of transcripts of prison parole hearings to identify biased parole decisions. This innovative use of technology to identify systemic biases, including racial disparities, is the type of AI use we should support and encourage.

It is not a coincidence that the best examples of positive uses of AI come in places where experts, with access to infrastructure to help them use the technology and the requisite experience to evaluate the results, are involved. Moreover, academic researchers are already accustomed to explaining what they have done and being transparent about it—and it has been hard won knowledge that ethics are a vital step in work like this.

Nor is it a coincidence that other beneficial uses involve specific, discrete solutions to problems faced by those whose needs are often unmet by traditional channels or vendors. The ultimate outcome is beneficial, but it is moderated by human expertise and/or tailored to specific needs.

Context Matters

It can be very tempting—and easy—to make a blanket determination about something, especially when the stakes seem so high. But we urge everyone—users, policymakers, the companies themselves—to cut through the hype. In the meantime, EFF will continue to work against the harms caused by AI while also making sure that beneficial uses can advance.

22:35

godcc 1.0 released [Planet GNU]

I am happy to announce the first release of godcc, version 1.0.

The tarball godcc-1.0.tar.gz is now available at https://jemarch.net/godcc-1.0.tar.gz.

godcc (https://jemarch.net) is a full-fledged command-line interface to Compiler Explorer instances such as https://godbolt.org. It currently supports getting listings, compiling source files and formatting sources.

Happy godccing!

21:14

What the Puck?! [The Stranger]

Do you need to get something off your chest? Submit an I, Anonymous and we'll illustrate it! by Anonymous

Between the Torrent and Heated Rivalry, Seattle hockey fans are starting to see a heap of new faces at local games. I love to see it! Hockey is the best! Welcome! But I have two requests: 1) Please stay in your seat when the puck is in play, and 2) please stop asking the players to kiss.

I’m not mad. There’s no way you’d know if you’ve never been to a hockey game. But in hockey, it’s customary to wait until the whistle blows before getting up or returning to your seat. Usually, there is an usher at the top of each row to remind fans to wait, but because Climate Pledge doesn’t seem to staff the Torrent games as heavily as they do the Kraken games (AND WHY NOT???), there are not enough staffers to teach newbies the rules. So we have to hold ourselves accountable.

I say this with love. The puck is hard, frozen, and fast. It does occasionally end up flying into the stands, and if you’re the jack-ass blocking the view, you might get hurt or cause someone else to get hurt. So once you get your beer or garlic fries or Piroshky Piroshky (yes, they have Piroshky Piroshky at the games!), wait at the top of the stairs until the game is stopped. Please. Thank you.

As for the kissing thing, I get it. Heated Rivalry is pretty good (needs more hockey, but whatever), and it’s great that it appears to have helped grow both the game and the communities within the sport for LGBTQ players and fans. But the players we're watching? They're professionals. They're adults. And yes, in the PWHL, some of them are married! And there are likely gay players in the NHL, too! But they will kiss if they want to kiss. Not because you discovered your hockey kink. (Those lil’ shorty hockey pants with no shirt is a hot look, right?)

Do you need to get something off your chest? Submit an I, Anonymous and we'll illustrate it! Send your unsigned rant, love letter, confession, or accusation to ianonymous@thestranger.com. Please remember to change the names of the innocent and the guilty.

20:28

Slog AM: Route 8 Needs More Than Just a Bus Lane, Trump Reduces Number of ICE Thugs in Minnesota, Layoffs at Washington Post Have Begun [The Stranger]

The Stranger's morning news roundup. by Charles Mudede

I’m not against Mayor Katie Wilson’s directive to place a bus lane on Denny Way to help Route 8 meet its schedule. But the deeper problem with that route is that its service area is too large: from Mount Baker all the way to Lower Queen Anne. So, the addition of a bus lane, though welcome, may prove to be inadequate. What’s also needed to make trips on Denny Way more dependable is an additional route that only runs between Lower Queen Anne and 15th Ave on Capitol Hill. This is the fact of the matter: The bulk of the riders who use Route 8 board in South Lake Union (the tech center) and exit around Broadway (where a lot of tech workers live). After those key points, the line is rarely crowded or faces bad traffic.

CHARLES MUDEDE

The weather? Not looking good, mate. Expect a fucking high of 60 (in early February!), a little wind here and there, and, if lucky, a few scattered clouds. It seems we hardly had a winter this time around, and the days are already getting longer, and the chances of snow are being tossed into a furnace like that sleigh in Citizen Kane.

Trump badly wants to shred to pieces an EPA report that was completed in 2009 and contained hard, scientific evidence of how “greenhouse gas emissions, including from vehicles and fossil fuel power plants, [negatively impact] public health and welfare.” What we must ask ourselves, however, is this: Can Trump’s ferocious determination to pollute our environment as much as possible be entirely reduced to the goal of increasing profits for fossil fuel capitalists? Or is there something more to it?

The key concept presented in a 2008 book, Malfeasance: Appropriation Through Pollution, by the late French philosopher Michel Serres, is this: Pollution is a form of ownership, a form of property. Structurally, this is one of the most original economic concepts conceived by a thinker who wasn't a Marxist. Quickly as possible: Serres asserted that pollution is a form of ownership because it's a form of power. Trump, for example, represents the capitalist’s right to pollute, the right to destroy trees, the right to make water undrinkable, to produce acid rain, to fill the sky with carbon. And so resistance to this less recognized form of property (“I can trash this, therefore it's mine”) also challenges the other and more conventional form: “I paid for this, therefore it's mine.”

CNN reports that the Washington Post, which is owned by Jeff Bezos, who paid $75 million for a worthless documentary about Melania Trump, laid off a third of its newsroom. The paper is dismantling much of the paper’s sports section, entirely gutting its books section, and reducing the size of its international coverage. What’s this about democracy dying in darkness? Look at the bright side: We still have Melania.

New: Washington Post Executive Editor Matt Murray and HR Chief Wayne Connell tell employees to stay home for a zoom webinar ahead of “significant actions across the company.” Widely expected layoffs are scheduled to begin today.

[image or embed]
— Ben Mullin (@benmullin.bsky.social) February 4, 2026 at 3:13 AM

Say It Ain’t So: Sir “Lifestyles of the Rich and Famous,” the late Robin Leach, is in the Epstein files. He is alleged to not only have participated in orgies from hell but strangled a girl to death. One thing is for sure, if you are rich and famous, then tentacular Epstein likely had one or two or three or four or more hands in your business. The amazing celebrities and billionaires will be those who somehow managed not to be sucked into this gigantic-sized black hole, which, for the elite, has a satanic island as its center or power. This cosmological metaphor is reinforced by the good number of world-famous physicists who were attracted to Epstein.

Into the Epstein black hole also goes one of my favorite Sesame Street sketches, “Lifestyle of the Big and Little.”

Trump plans to reduce the number of ICE thugs in Minnesota from around 3000 to around 2300. Tom Homan, the border czar, stated that the reduction is due in part to an agreement he struck with state and local officials. They will now turn over arrested immigrants to ICE. But the real reason for the deescalation is found in the fact that Trump thought Minneapolis would be a walk in the park. But instead it became a right mess: people blowing whistles all of the fucking time, people resisting on every level, thugs killing US citizens. Why didn’t these city people just roll over like regular Democrats?

Seattle

[image or embed]
— The Web Optimist (@weboptimist.bsky.social) February 3, 2026 at 10:17 AM

Speaking of Dems. The spending bill that ended a partial government shutdown yesterday, basically kicked the ICE can down the road. Dems and the White House now have two weeks to figure out the future of Trump’s private army. Will it be fully funded? Will it be somewhat defanged? We can be certain of one thing: it will not be abolished.

A friend who self-identifies as “dirty little rat, scurrying about looking for a community (and cheese),” has this to say to me and my city, Seattle: “Call the homies, they need you as much as you need them. Even unseen, we are all struggling and need each other. Full homo.”

Let’s conclude Slog AM with some cold dub tech by Iceland’s Yagya:

19:42

Pullout Politics [The Stranger]

Fertility tracking is part of a slate of high-risk, low-reward family planning methods that have lately taken on a new sheen in the eyes of the federal government. After shutting down the department that supervises federal family planning funding and setting the conditions to erode abortion and pregnancy care nationwide, the Trump administration is now evangelizing a single type of birth control: fertility awareness methods, which include everything from cycle-tracking to digital apps. by Megan Burbank

Earlier this year, a company called Natural Cycles introduced their new wristband. For just $129.99, the wristband would sync with their app and offer the wearer “digital birth control,” tracking people’s fertility based on their body temperature and cycle.

Sound too good to be true? It was. The app, and the animating principle behind it—quit hormonal birth control! there’s a better, easier way!—is part of a slate of high-risk, low-reward family planning methods that have lately taken on a new sheen in the eyes of the federal government. After shutting down the department that supervises federal family planning funding and setting the conditions to erode abortion and pregnancy care nationwide, the Trump administration is now evangelizing a single type of birth control: fertility awareness methods, which include everything from cycle-tracking to digital apps.

Cycle-tracking has been around for a long time, largely for people trying to conceive. If you’re struggling to get pregnant, doctors might encourage you to track the window in your menstrual cycle when you’re most likely to be fertile. But as birth control, fertility awareness is much more likely than other methods to result in unintended pregnancy, and that may be precisely the point: Given the right wing’s pronatalist agenda and ongoing obsession with the birth rate, a birth control method that doesn’t work is a feature, not a bug.

Right-wing activists—most recently in the New York Times—claim that fertility awareness methods are a reasonable alternative to gold-standard birth control methods like the IUD or the subdermal implant, because, as one proponent put it, women “don’t need to put these extra chemicals and devices into their bodies to figure out what’s going on. They can do it in a natural way.”

This is, in a medical sense, terrible advice. “Fertility awareness” refers to several approaches that require users to do things like monitor their body temperature and cervical mucus thickness to estimate when their most fertile windows are, and to avoid sex during those times or use a barrier method like condoms. When used with barrier methods, says Sarah Prager, professor of obstetrics and gynecology at the University of Washington, this can work. But for most people, fertility tracking is “difficult and impractical,” she says.

Because fertility awareness methods rely on accurate cycle tracking, says Prager, and “if somebody has irregular cycles, these methods can’t be used.” Available research also suggests that fertility awareness methods just don’t work as well as other forms of birth control.

All birth control methods have two rates of failure: one with typical use (how most people use the method), and one with perfect use (how the Pleasures to Have in Class do). For some set-it-and-forget-it methods, like IUDs or the subdermal implant, these numbers are virtually identical: It’s hard to take your birth control incorrectly when it’s embedded in your bicep tissue. Fertility awareness methods, on the other hand, have the biggest gap between perfect and typical use, and, by their sheer complexity, provide users many chances for things to go sideways. Prager puts it this way: “They’re just not reliable when used by the majority of people, because most people cannot use them reliably.”

Fertility awareness methods work so poorly that they’ve been a source of scandal even in the politically secular Femtech world. In 2018, Olivia Sudjic chronicled at the Guardian her experience using Natural Cycles, which touted itself as 93 percent effective with typical use. Despite following the instructions, Sudjic was one of many users who ended up pregnant. She had an abortion, realizing much too late that “the ideal Cycler is a narrow, rather old-fashioned category of person”—someone in a committed relationship, with a stable routine that allows for assiduous cycle-tracking: “Shift-workers, world-travellers, the sickly, the stressed, insomniacs and sluts be advised.”

Even some proponents of fertility awareness methods acknowledge this tension. Samantha Kopy, a fertility awareness method instructor quoted extensively in the New York Times piece, said these methods are challenging to use “if you have pretty flippant reasons for avoiding pregnancy—just like, ‘Oh, we kind of want to travel,’ or, ‘We’d like to save for a better car.’”

But even setting aside the judgment in this statement (any reason to not want to get pregnant is a good one), it seems the difficulty is the point. After all, Kopy’s class is organized by Whole Mission, a religious family planning organization whose managing director is a moral theology teacher at a Catholic high school. Not someone I’d turn to as an authority on reproductive health.

As it so often does, in pushing fertility awareness methods, the right is also exploiting very real concerns within reproductive health care: frustration with the side effects of birth control. If you’re a sexually active person with the capacity to get pregnant, by the time you’re on the off-ramp from your fertile years, you will likely have spent an enormous chunk of your life with some combination of a rod in your arm, a cheerfully named IUD in your uterus, an alarm on your phone reminding you to take your teeny-tiny pink pill, a shot in your lower back, a NuvaRing in your refrigerator, a box of condoms under your bed, or something else entirely.

Reliable, long-acting birth control is a miracle of modern medicine, but the burden of Not Getting Pregnant can be a maximalist odyssey, one that makes you feel like you’re living in thrall to the whims of your own reproductive system. It’s natural to look for an out to the Groundhog Day rigamarole that is having a uterus and not wanting a baby to show up in it. But it won’t come from an agenda that’s designed to fail.

After all, no one tastes the rainbow of synthetic progesterone because they want to “figure out what’s going on” or understand the beauty of their fertility. They do it for two reasons: because it’s medically indicated or because they don’t want to get pregnant.

The good news is that unlike most of the modalities pushed by MAHA grifters like Olivia Nuzzi’s sexting buddy, hormonal birth control has been rigorously studied, and is safe and effective. That’s the signal Prager hopes her patients will hear within the noise of medical misinformation.

Studies have examined the overall mortality rates for people with uteruses, comparing people who’ve never used hormonal birth control and people who’ve used it. “Mortality is actually lower for people who have ever used hormonal contraception,” says Prager. This is likely because of the major health risks that come with every pregnancy, whether wanted or not.

The scientific truth is that it’s always much safer to be on birth control than to be pregnant—especially in a country with wide health disparities and increasingly fewer pregnancy care providers as the fallout of losing Roe carries on. No amount of fearmongering about birth control can change that.

19:28

Neil Munro: Ningle Tutorial 14: Pagination, Part 1 [Planet Lisp]

Introduction

Hello and welcome back, I hope you all had a good festive season, I took a break last month as I usually get very busy in December, but lest you think I had stopped posting, I have prepared a two part lesson this time: Pagination. We are first going to look at rolling your own pagination, but we will then look at integrating a package I wrote ningle-pager, to simplify the code. This way if my package doesn't fit your needs, you have the information required to build your own solution.

In practical terms, something like a microblogging app would use infinite scrolling, but we don't have anywhere enough data to present that as a lesson right now, and besides pagination has a lot of uses, Google and Amazon use it for their products, so it must be pretty useful!

Theory

In SQL, there is the ability to LIMIT results, but also, the ability to start from an OFFSET, which ultimately does the heavy lifting for us. We have previously looked at SXQL, which is a thin layer upon SQL, so we can use (limit 50) and (offset 100) (or whatever values we want) to interact with the database, we will also use GET parameters like ?page=2&limit=50 (or something). So with this information we know the url patterns and we know what SXQL forms we want to use, we just have to design how our application will work internally.

Our solution will define an interface, any controller that needs to be paginated will:

Accept a page keyword parameter
Accept a limit keyword parameter
Return a values list that has 3 items, the results, the total count, and the offset.

The work will touch the models, the controllers, and the templates:

Models

We are gonna get deep into the weeds with clos in how we implement our pagination in this part, there's multiple methods so we will take each implementation one by one. You can learn more about how OOP is implemented in my older videos.

generic Method

We start with a generic definition, we already had one, but we are modifying it. Fun fact, the generic method defines all the parameters a method might use, but not all methods must use the arguments, which comes in real handy for us later:

(defgeneric posts (user &key offset limit count)
  (:documentation "Gets the posts"))

Here we have a generic method, generic methods do nothing on their own, they help us define what a method should do, but of course under certain circumstances how a method does what it does may need to change, this allows us to implment different specialised concrete methods, we will look at this below.

What we have done with this generic method is add key arguments offset, limit, and count, as we saw previously, all this does is declare a :documentation form.

:around method

As you may, or may not know, the Common Lisp Object System (clos for short) allows us to define, as we have done previously primary methods, these are methods that specialise on one (or more) of the parameters. When passed arguments at the point the method is called, the method matching the parameter type of the arguments passed will trigger. That is why our posts method specifies user to be a user object, or null and handles the logic in different ways. It also allows us to define auxiliary methods, which are known as :before, :after, and :around. The :before methods will run, well, before the related primary method is called, with each :before method being called by its most specific signature to its least. :after methods are the total opposite, they run after a primary method is run, and they run from the least specific version to the most specific. They would be where we might want to add signals, or logging, we could have a :before, and :after around the mito:save-dao that we use and the :before method sends a pre-save signal while the :after sends a post-save signal.

It is not, however the :before/:after methods we care about here, we in fact will write an :around, which is a more fundamental building block. :around methods control, how, when, or even if, a primary method gets called, the other methods can't control this. As previously discussed they have a specific order in which they run, so if we wanted to... say... capture arguments and do some processing on them because, I dunno, we should never trust user input, prior to running our primary method, an :around method is what we would need to use.

The real "magic" of how to do what we want to do is use an :around method. We will look at the complete implementation a little bit later, but we need to pause and ensure we really understand about method combination in Common Lisp.

As we mentioned in the defgeneric, not every method needs to use or specialise on every parameter, and in this :around method you will notice that the count is absent, that is by design, because the :around method will compute it and pass it onto the next method in the chain, instead it uses &allow-other-keys to allow these key arguments to be accepted, but also since they are unnamed, the compiler won't emit a warning that they're not used.

Our implementation is here:

(defmethod posts :around (user &key (offset 0) (limit 50) &allow-other-keys)
  (let ((count (mito:count-dao 'post))
        (offset (max 0 offset))
        (limit (max 1 limit)))
    (if (and (> count 0) (>= offset count))
      (let* ((page-count (max 1 (ceiling count limit)))
             (corrected-offset (* (1- page-count) limit)))
        (posts user :offset corrected-offset :limit limit))
      (call-next-method user :offset offset :limit limit :count count))))

The first thing to note is the obvious :around keyword that comes after the posts name, this is how we declare a method as an :around method. The next thing to notice is that the count parameter is not declared, instead we use the &allow-other-keys, as discussed above. This method will modify some variables or recalculate the offset if it was invalid before either calling itself (to perform the recalculations) or call the next method with, well, call-next-method.

We begin with a let form that will get the number of items by using mito:count-dao, we determine the offset by getting the max of 0 or the offset, we also define limit as the max of 1 and limit.

The key check here is in the if form, which checks that both the count is larger than zero (> count zero) and the offset is bigger than the count (>= offset count), this tells us that an invalid condition exists, we can't request an offset to be larger than the number of items, so we have to handle it. Under these circumstances we need to get the new page-count by calculating (max 1 (ceiling count limit)), this will round up the result of dividing count by limit, and returns that, or 1.

Once we have that we can calculate a corrected offset by using the formula (* (1- page-count) limit), to run through how this formula works, here are some examples, if we assume limit is defined as 50, we can increment the page-count by one each time to see how this calculation works:

Page 1: (* (1- 1) 50) -> (* 0 50) -> 0
Page 2: (* (1- 2) 50) -> (* 1 50) -> 50
Page 3: (* (1- 3) 50) -> (* 2 50) -> 100

With this calculation done we can recursively call the method again, this time with the correct values, which brings us to our base case, calling the next method via call-next-method with the appropriate values which handily brings us to the specific methods now. We can actually dramatically simplify our primary methods thanks to the :around method.

Something to bear in mind, our count here is real easy, cos we are just returning all posts, but a more complex application may need more complex logic to determine what and how you are counting.

user method

Since we don't need to handle any error state or recovery (because the :around method handles it), we can actually write simple methods that perform a query and return the results. We have also simplified the way in which we run queries, turns out the sxql:yield returns multiple values, the first is the SQL string, the second is a list of params to be spliced into it (to avoid sql injection attacks), so we set up a multiple-value-bind form to capture these, and we put our SQL together, we previously used :? which was fine, as that is the character used to be a place holder, but this way is nicer to write. The things you learn, eh?

Please note however, where in our :around method we didn't specify the count parameter that the generic method defines, in this primary method, we do!

All we do it use a values form to return the result of running the sql, with the parameters bound to it, the count (number of items total) and the offset from where it starts returning results from.

(defmethod posts ((user user) &key offset limit count)
  (multiple-value-bind (sql params)
        (sxql:yield
              (sxql:select
                  (:post.*
                    (:as :user.username :username)
                    (:as (:count :likes.id) :like_count)
                    (:as (:count :user_likes.id) :liked_by_user))
                  (sxql:from :post)
                  (sxql:left-join :user :on (:= :post.user_id :user.id))
                  (sxql:left-join :likes :on (:= :post.id :likes.post_id))
                  (sxql:left-join (:as :likes :user_likes)
                                  :on (:and (:= :post.id :user_likes.post_id)
                                            (:= :user_likes.user_id (mito:object-id user))))
                  (sxql:group-by :post.id)
                  (sxql:order-by (:desc :post.created_at))
                  (sxql:offset offset)
                  (sxql:limit limit)))
      (values
          (mito:retrieve-by-sql sql :binds params)
          count
          offset)))

This makes our primary method much tighter, it runs a query and returns results, the :around method handles the recalculation logic (which is shared between this primary method and the next). Nice and simple.

null method

So having seen the form of our new primary methods above, we follow the same patern for the primary method where the user is null. As before this primary method accepts the count parameter.

(defmethod posts ((user null) &key offset limit count)
  (multiple-value-bind (sql)
      (sxql:yield
        (sxql:select
            (:post.*
              (:as :user.username :username)
              (:as (:count :likes.id) :like_count))
            (sxql:from :post)
            (sxql:left-join :user :on (:= :post.user_id :user.id))
            (sxql:left-join :likes :on (:= :post.id :likes.post_id))
            (sxql:group-by :post.id)
            (sxql:order-by (:desc :post.created_at))
            (sxql:limit limit)
            (sxql:offset offset)))
    (values
        (mito:retrieve-by-sql sql)
        count
        offset)))

The query is simpler, and we do not need to actually pass any variables into the SQL string, so we don't need the params value returned from the multiple-value-bind, which means we also don't need to use the :binds key argument into mito:retrieve-by-sql.

And that's it, that's our models done!

Controllers

Our controller will be the index controller we built previously, but we need to modify it quite a bit to parse and process the information we need, pagination has a lot of data, and we will need to ensure our templates can present the UI and data in a easy to use manner.

The controller will be so radically different as to be entirely new, it may be easier for you to delete the existing index controller and replace it with what we write here.

The first thing the controller needs to do is grab the GET parameters and validate them, we follow a basic formula to achieve this for the two parameters we need (page, and limit):

(or (parse-integer (or (ingle:get-param "page" params) "1") :junk-allowed t) 1)
(or (parse-integer (or (ingle:get-param "limit" params) "50") :junk-allowed t) 50)

As you can see these are basically identical the only thing that differs are the default values, in the case of page it is "1"/1 for limit it is "50"/50. To run through the logic we have some basic possibilities we need to handle.

In the case where there is no parameter which will be the case if no page=x is in url, or the value of page is not numeric (such as a word, page=hi or something) the result of (ingle:get-param "page" params) will be nil.

In the case where page is provided and is a number, the process is the same, but (ingle:get-param "page" params) would return a number as a string.

We can see how that would evaluate here:

(or (parse-integer (or (ingle:get-param "page" params) "1") :junk-allowed t) 1)
(or (parse-integer (or nil "1") :junk-allowed t) 1)
(or (parse-integer "1" :junk-allowed t) 1)
(or 1 1)
1

The process repeats for the "limit" parameter. It's a lot of checking and handling, it would be nice if there were a library to handle this for us, but I have not yet found one, perhaps that will be our next topic!

NOTE! In this example we are permitting arbitrary limit values (we are learning), in practice, this should be limited to a maximum value to prevent users from requesting a page that may result in a Denial Of Service type event. What the exact value should be really depends on the data, it might be fine to get thousands of numbers in one go, but if your models are complicated, a smaller number may be better.

You could do something like this to limit... the limit: (limit (min 100 (max 1 limit)))

The let binding will therefore look like this

(let ((user (gethash :user ningle:*session*))
      (page (or (parse-integer (or (ingle:get-param "page" params) "1") :junk-allowed t) 1))
      (limit (or (parse-integer (or (ingle:get-param "limit" params) "50") :junk-allowed t) 50)))
  ...)

With those parameters validated, we can focus on building our paginated controller. Thanks to the work we did in the models we can pull the values out of the posts method with multiple-value-bind:

(let ((user (gethash :user ningle:*session*))
      (page (or (parse-integer (or (ingle:get-param "page" params) "1") :junk-allowed t) 1))
      (limit (or (parse-integer (or (ingle:get-param "limit" params) "50") :junk-allowed t) 50)))
  (multiple-value-bind (posts count offset) (ningle-tutorial-project/models:posts user :offset (* (1- page) limit) :limit limit)
    ...))

This enables us to now calculate the various values we need to pass through into a template to render the paginator, we need to generate 6 values.

page

The page variable is a way to determine what the current page is, it is calculated like so:

(1+ (floor offset limit))

From the offset we get from the multiple-value-bind we round down the value of dividing offset by the limit and add 1 to the value. If we assume, for example, an offset of 50 and a limit of 50, we can see how the page is determined.

(1+ (floor 50 50))
(1+ 1)
2

If we want to see something larger:

(1+ (floor 250 50))
(1+ 5)
6

page count

The page-count variable is a way to determine the total number of pages:

(max 1 (ceiling count limit))

Again, from the multiple-value-bind we get the count object, so we can expand this, assuing count is 250 and limit is 50.

(max 1 (ceiling 500 50))
(max 1 10)
10

In this manner, given a total number and a page size we want to split it into, we can see the total number of pages.

previous page number

Unlike the previous two calculations, prev-page can legitiately be nil. In the case we are already on the first page there's no way for there to be a previous page, so nil is fine. If we need to have some binary conditional logic where nil is acceptable when is our friend.

(when (> page 1) (1- page))

Wwhen the page is bigger than one, return one less than the value of page, because this is a when (1- page) will be returned, or nil will be.

page number

The inverse of the above:

(when (< page page-count) (1+ page))

When the page is smaller than the total number of pages, return one more than the value of page, or nil.

range start

Range start is to help the UI, typically in paginators, especially in large ones, there's a first, last, and current location, but often the current location has some pages to the left and right, this is the range. Now there's no real right number for the ranges, but I settled on 2.

(max 1 (- page 2))

Assuming page is 1, max will return 1, but if we are on, say, page 15, the location the range starts at is 13.

range end

Range end behaves like range start, except in the other direction, but we need to ensure we get the minimum of the page-count, in case we are on the last page.

(min page-count (+ page 2))

With these defined we can put them in a let* form.

(let ((user (gethash :user ningle:*session*))
      (page (or (parse-integer (or (ingle:get-param "page" params) "1") :junk-allowed t) 1))
      (limit (or (parse-integer (or (ingle:get-param "limit" params) "50") :junk-allowed t) 50)))
  (multiple-value-bind (posts count offset) (ningle-tutorial-project/models:posts user :offset (* (1- page) limit) :limit limit)
    (let* ((page (1+ (floor offset limit)))
           (page-count (max 1 (ceiling count limit)))
           (prev-page (when (> page 1) (1- page)))
           (next-page (when (< page page-count) (1+ page)))
           (range-start (max 1 (- page 2)))
           (range-end (min page-count (+ page 2))))
        ...)))

The final thing we need to do is return the result of djula:render-template*, but there is still more data we need to pass through, build upon the variables we defined, there's only 5 more.

pages

Pages is simply a list of all the pages, which is easy enough to generate:

(loop :for idx :from range-start :to range-end :collect idx)

show-start-gap

The show-start-gap is a boolean that tells the template to render part of the paginator UI.

(> range-start 2)

This will return t or nil depending on if range-start is larger than 2.

show-end-gap

The show-end-gap is the inverse:

(< range-end (1- page-count))

This will return t or nil depending on if range-end is smaller than (1- page-count).

start-index

To get the start-index, this is the number starting from the offset so we can display something like "Showing x - y of z", x would be our start-index.

(if (> count 0) (1+ offset) 0)

If the count is bigger than zero then we return one more than the offset, else we return 0 (the default starting offset being 0).

end-index

Again, this is the opposite of another thing, the start-index.

(if (> count 0) (min count (+ offset (length posts))) 0)

If count is bigger than zero then what we need is the smallest (min) of the count and offset plus the number of posts, or 0. It's possible there isn't a complete pages worth of items, so we need to ensure that we don't over run.

With all that being said, we can now see the complete controller with the values rendered by djula:

(defun index (params)
    (let ((user (gethash :user ningle:*session*))
          (page (or (parse-integer (or (ingle:get-param "page" params) "1") :junk-allowed t) 1))
          (limit (or (parse-integer (or (ingle:get-param "limit" params) "50") :junk-allowed t) 50)))
      (multiple-value-bind (posts count offset) (ningle-tutorial-project/models:posts user :offset (* (1- page) limit) :limit limit)
        (let* ((page (1+ (floor offset limit)))
               (page-count (max 1 (ceiling count limit)))
               (prev-page (when (> page 1) (1- page)))
               (next-page (when (< page page-count) (1+ page)))
               (range-start (max 1 (- page 2)))
               (range-end (min page-count (+ page 2))))
          (djula:render-template*
            "main/index.html"
            nil
            :title "Home"
            :user user
            :posts posts
            :form (if user (cl-forms:find-form 'post) nil)
            :count count
            :page page
            :limit limit
            :page-count page-count
            :prev-page prev-page
            :next-page next-page
            :pages (loop :for idx :from range-start :to range-end :collect idx)
            :show-start-gap (> range-start 2)
            :show-end-gap (< range-end (1- page-count))
            :start-index (if (> count 0) (1+ offset) 0)
            :end-index (if (> count 0) (min count (+ offset (length posts))) 0))))))

I would have thought that having an invalid number would have triggered a 404, or perhaps a 400, but having tested this with Google, it seems that the convention is to default to page 1. So with that said and the controller in place, we can now write our templates.

Templates

index (src/templates/main/index.html)

Our index template doesn't require much change at all, we need to only add an include (from djula) to include the contents of one template inside another. Of course we have still to write the pagination template, but that is just below.

 {% extends "base.html" %}

{% block content %}
 <div class="container">
    <!-- Post form -->
    <div class="row mb-4">
        <div class="col">
            {% if form %}
                {% form form %}
            {% endif %}
        </div>
    </div>

    <!-- Posts Section -->
+   {% include "partials/pagination.html" with url="/" title="Posts" %}
    <div class="row">
    ...
    </div>
+   {% include "partials/pagination.html" with url="/" title="Posts" %}
 </div>
 {% endblock %}

Something to bear in mind here is the way this is designed is that if you need to pass in some data, in our case url, and title, we can pass through these things, we will use these in the pagination html partial.

pagination (src/templates/partials/pagination.html)

Partials are a way to include reusable parts of html presentation in a template, they help us build isolated pieces of presentation logic that we might want to use over and over again all over our application, this is why we save them in a partials folder, because they are a partial piece of presentation logic.

This is the magic that makes the UI work, while we showed were it would be used in the index.html page, we need to look into what it does. I do use bootstrap to make things look nice, but I'm very much NOT a frontend engineer, so I can't speak to how to make something look good without it, so inevitably much of the classes and UI come from Bootstrap.

I will have to break the html down piece by piece to explain what it's all doing, but look at the final listing to see the complete file.

From the values we calculated though, we start by checking if the page count is bigger than 1, because if we have less than two pages, we can't paginate, therefore the whole UI is wrapped in:

{% if page-count > 1%}
    ...
{% endif %}

With that we can use the start-index, end-index, and count, to display the human readable part of the paginator.

{% if page-count > 1%}
  <div class="table-pagination">
    <div class="pagination-summary">
      Showing {{ start-index }}-{{ end-index }} of {{ count }}
    </div>
    ...
{% endif %}

We then setup a nav, with a single ul object in it, with which we define our parts of the paginator as li tags.

{% if page-count > 1%}
    ...
    <nav aria-label="{{ title }} pagination">
      <ul class="pagination">
    ...
{% endif %}

Within this ul, we have to put all of our li elements which will contain the aspects of the UI. The first such item is:

    ...
    <ul class="pagination">
        <li class="page-item{% if not prev-page %} disabled{% endif %}">
          {% if prev-page %}
            <a class="page-link" href="{{ url }}?page={{ prev-page }}&limit={{ limit }}">Prev</a>
          {% else %}
            <span class="page-link">Prev</span>
          {% endif %}
        </li>
        ...
    </ul>

This first li will set the disabled css class if the prev-page is not nil. It will again rely on prev-page to either render an a tag building the url up, including the prev-page, and limit, else a span is rendered. This sets up the first element in the pagination UI.

The second li item checks the page, and if it is the first page, it sets the active class and renders a span, if it is NOT 1 then a link to the first page is rendered with a a tag, building up the url as we did before.

...
        <li class="page-item{% if page == 1 %} active{% endif %}">
          {% if page == 1 %}
            <span class="page-link">1</span>
          {% else %}
            <a class="page-link" href="{{ url }}?page=1&limit={{ limit }}">1</a>
          {% endif %}
        </li>
...

Now that we have gotten the beginning of the paginator with a "Prev" li element and the first li element, we might need to render an elipsis (...) if the number of our pages is too large. We will repeat this pattern later on, in reverse, we will use the show-start-gap boolean to render the ....

...
        {% if show-start-gap %}
          <li class="page-item disabled"><span class="page-link">...</span></li>
        {% endif %}
...

With that done, we can now render the page numbers:

        {% for p in pages %}
          {% if p != 1 and p != page-count %}
            <li class="page-item{% if p == page %} active{% endif %}">
              {% if p == page %}
                <span class="page-link">{{ p }}</span>
              {% else %}
                <a class="page-link" href="{{ url }}?page={{ p }}&limit={{ limit }}">{{ p }}</a>
              {% endif %}
            </li>
          {% endif %}
        {% endfor %}

We loop over the list of page numbers we passed into the template as pages, if the loop iteration is NOT the first page (remember that this is a list of page numbers and starts from 1, not 0) and the loop iteration is not the current page, then we will render the li tag. If we just so happen to be on the loop iteration that is the current page (page), we render a span tag and not a link, else we render a link so that we can directly navigate to this element in the paginator.

We then render the show-end-gap, using the pattern we used above:

...
        {% if show-end-gap %}
          <li class="page-item disabled"><span class="page-link">...</span></li>
        {% endif %}
...

This will render an elipsis (...) where needed.

Now to the final page in the paginator, we must check if we are on the final page, which, as we have seen before, we do in the class line, and to determine if we render a span tag if we are on the final page, or a a tag if we are not.

...
      <li class="page-item{% if page == page-count %} active{% endif %}">
          {% if page == page-count %}
            <span class="page-link">{{ page-count }}</span>
          {% else %}
            <a class="page-link" href="{{ url }}?page={{ page-count }}&limit={{ limit }}">{{ page-count }}</a>
          {% endif %}
        </li>
...

And finally, we must render the "Next" part of the pagination:

...
        <li class="page-item{% if not next-page %} disabled{% endif %}">
          {% if next-page %}
            <a class="page-link" href="{{ url }}?page={{ next-page }}&limit={{ limit }}">Next</a>
          {% else %}
            <span class="page-link">Next</span>
          {% endif %}
        </li>
...

If there is NOT a next page we add the disabled class, we then, as we have seen before use the next-page variable to determine if we render an a tag, or a span tag.

Full Listings

To see how all of this comes together here are the files in their entirety.

models.lisp

(defpackage ningle-tutorial-project/models
  (:use :cl :mito :sxql)
  (:import-from :ningle-auth/models #:user)
  (:export #:post
           #:id
           #:content
           #:comments
           #:likes
           #:user
           #:liked-post-p
           #:posts
           #:parent
           #:toggle-like))

(in-package ningle-tutorial-project/models)

(deftable post ()
  ((user    :col-type ningle-auth/models:user :initarg :user    :accessor user)
   (parent  :col-type (or :post :null)        :initarg :parent  :reader parent :initform nil)
   (content :col-type (:varchar 140)          :initarg :content :accessor content)))

(deftable likes ()
  ((user :col-type ningle-auth/models:user :initarg :user :reader user)
   (post :col-type post                    :initarg :post :reader post))
  (:unique-keys (user post)))

(defgeneric likes (post)
  (:documentation "Returns the number of likes a post has"))

(defmethod likes ((post post))
  (mito:count-dao 'likes :post post))

(defgeneric comments (post user)
  (:documentation "Gets the comments for a logged in user"))

(defmethod comments ((post post) (user user))
    (mito:retrieve-by-sql
        (sxql:yield
            (sxql:select
                (:post.*
                    (:as :user.username :username)
                    (:as (:count :likes.id) :like_count)
                    (:as (:count :user_likes.id) :liked_by_user))
                (sxql:from :post)
                (sxql:where (:= :parent :?))
                (sxql:left-join :user :on (:= :post.user_id :user.id))
                (sxql:left-join :likes :on (:= :post.id :likes.post_id))
                (sxql:left-join (:as :likes :user_likes)
                                :on (:and (:= :post.id :user_likes.post_id)
                                          (:= :user_likes.user_id :?)))
                (sxql:group-by :post.id)
                (sxql:order-by (:desc :post.created_at))
                (sxql:limit 50)))
            :binds (list (mito:object-id post) (mito:object-id user))))

(defmethod comments ((post post) (user null))
    (mito:retrieve-by-sql
        (sxql:yield
        (sxql:select
            (:post.*
              (:as :user.username :username)
              (:as (:count :likes.id) :like_count))
            (sxql:from :post)
            (sxql:where (:= :parent :?))
            (sxql:left-join :user :on (:= :post.user_id :user.id))
            (sxql:left-join :likes :on (:= :post.id :likes.post_id))
            (sxql:group-by :post.id)
            (sxql:order-by (:desc :post.created_at))
            (sxql:limit 50)))
        :binds (list (mito:object-id post))))

(defgeneric toggle-like (user post)
  (:documentation "Toggles the like of a user to a given post"))

(defmethod toggle-like ((ningle-auth/models:user user) (post post))
  (let ((liked-post (liked-post-p user post)))
    (if liked-post
        (mito:delete-dao liked-post)
        (mito:create-dao 'likes :post post :user user))
    (not liked-post)))

(defgeneric liked-post-p (user post)
  (:documentation "Returns true if a user likes a given post"))

(defmethod liked-post-p ((ningle-auth/models:user user) (post post))
  (mito:find-dao 'likes :user user :post post))

(defgeneric posts (user &key offset limit count)
  (:documentation "Gets the posts"))

(defmethod posts :around (user &key (offset 0) (limit 50) &allow-other-keys)
  (let ((count (mito:count-dao 'post))
        (offset (max 0 offset))
        (limit (max 1 limit)))
    (if (and (> count 0) (>= offset count))
      (let* ((page-count (max 1 (ceiling count limit)))
             (corrected-offset (* (1- page-count) limit)))
        (posts user :offset corrected-offset :limit limit))
      (call-next-method user :offset offset :limit limit :count count))))

(defmethod posts ((user user) &key offset limit count)
  (multiple-value-bind (sql params)
        (sxql:yield
              (sxql:select
                  (:post.*
                    (:as :user.username :username)
                    (:as (:count :likes.id) :like_count)
                    (:as (:count :user_likes.id) :liked_by_user))
                  (sxql:from :post)
                  (sxql:left-join :user :on (:= :post.user_id :user.id))
                  (sxql:left-join :likes :on (:= :post.id :likes.post_id))
                  (sxql:left-join (:as :likes :user_likes)
                                  :on (:and (:= :post.id :user_likes.post_id)
                                            (:= :user_likes.user_id (mito:object-id user))))
                  (sxql:group-by :post.id)
                  (sxql:order-by (:desc :post.created_at))
                  (sxql:offset offset)
                  (sxql:limit limit)))
      (values
          (mito:retrieve-by-sql sql :binds params)
          count
          offset)))

(defmethod posts ((user null) &key offset limit count)
  (multiple-value-bind (sql)
      (sxql:yield
        (sxql:select
            (:post.*
              (:as :user.username :username)
              (:as (:count :likes.id) :like_count))
            (sxql:from :post)
            (sxql:left-join :user :on (:= :post.user_id :user.id))
            (sxql:left-join :likes :on (:= :post.id :likes.post_id))
            (sxql:group-by :post.id)
            (sxql:order-by (:desc :post.created_at))
            (sxql:limit limit)
            (sxql:offset offset)))
    (values
        (mito:retrieve-by-sql sql)
        count
        offset)))

controllers.lisp

(defpackage ningle-tutorial-project/controllers
  (:use :cl :sxql)
  (:import-from :ningle-tutorial-project/forms
                #:post
                #:content
                #:parent
                #:comment)
  (:export #:index
           #:post-likes
           #:single-post
           #:post-content
           #:post-comment
           #:logged-in-profile
           #:unauthorized-profile
           #:people
           #:person))

(in-package ningle-tutorial-project/controllers)


(defun index (params)
    (let ((user (gethash :user ningle:*session*))
          (page (or (parse-integer (or (ingle:get-param "page" params) "1") :junk-allowed t) 1))
          (limit (or (parse-integer (or (ingle:get-param "limit" params) "50") :junk-allowed t) 50)))
      (multiple-value-bind (posts count offset) (ningle-tutorial-project/models:posts user :offset (* (1- page) limit) :limit limit)
        (let* ((page (1+ (floor offset limit)))
               (page-count (max 1 (ceiling count limit)))
               (prev-page (when (> page 1) (1- page)))
               (next-page (when (< page page-count) (1+ page)))
               (range-start (max 1 (- page 2)))
               (range-end (min page-count (+ page 2))))
          (djula:render-template*
            "main/index.html"
            nil
            :title "Home"
            :user user
            :posts posts
            :form (if user (cl-forms:find-form 'post) nil)
            :count count
            :page page
            :limit limit
            :page-count page-count
            :prev-page prev-page
            :next-page next-page
            :pages (loop :for idx :from range-start :to range-end :collect idx)
            :show-start-gap (> range-start 2)
            :show-end-gap (< range-end (1- page-count))
            :start-index (if (> count 0) (1+ offset) 0)
            :end-index (if (> count 0) (min count (+ offset (length posts))) 0))))))


(defun post-likes (params)
  (let* ((user (gethash :user ningle:*session*))
         (post (mito:find-dao 'ningle-tutorial-project/models:post :id (parse-integer (ingle:get-param :id params))))
         (res (make-hash-table :test 'equal)))
    ;; Bail out if post does not exist
    (unless post
      (setf (getf (lack.response:response-headers ningle:*response*) :content-type) "application/json")
      (setf (gethash "error" res) "post not found")
      (setf (lack.response:response-status ningle:*response*) 404)
      (return-from post-likes (com.inuoe.jzon.stringify res)))

    ;; success, continue
    (setf (gethash "post" res) (mito:object-id post))
    (setf (gethash "liked" res) (ningle-tutorial-project/models:toggle-like user post))
    (setf (gethash "likes" res) (ningle-tutorial-project/models:likes post))
    (setf (getf (lack.response:response-headers ningle:*response*) :content-type) "application/json")
    (setf (lack.response:response-status ningle:*response*) 201)
    (com.inuoe.jzon:stringify res)))


(defun single-post (params)
    (handler-case
        (let ((post (mito:find-dao 'ningle-tutorial-project/models:post :id (parse-integer (ingle:get-param :id params))))
              (form (cl-forms:find-form 'comment)))
          (cl-forms:set-field-value form 'ningle-tutorial-project/forms:parent (mito:object-id post))
          (djula:render-template* "main/post.html" nil
                                  :title "Post"
                                  :post post
                                  :comments (ningle-tutorial-project/models:comments post (gethash :user ningle:*session*))
                                  :likes (ningle-tutorial-project/models:likes post)
                                  :form form
                                  :user (gethash :user ningle:*session*)))

        (parse-error (err)
            (setf (lack.response:response-status ningle:*response*) 404)
            (djula:render-template* "error.html" nil :title "Error" :error err))))


(defun post-content (params)
    (let ((user (gethash :user ningle:*session*))
          (form (cl-forms:find-form 'post)))
        (handler-case
            (progn
                (cl-forms:handle-request form) ; Can throw an error if CSRF fails

                (multiple-value-bind (valid errors)
                    (cl-forms:validate-form form)

                    (when errors
                        (format t "Errors: ~A~%" errors))

                    (when valid
                        (cl-forms:with-form-field-values (content) form
                            (mito:create-dao 'ningle-tutorial-project/models:post :content content :user user :parent nil)
                            (ingle:redirect "/")))))

            (simple-error (err)
                (setf (lack.response:response-status ningle:*response*) 403)
                (djula:render-template* "error.html" nil :title "Error" :error err)))))


(defun post-comment (params)
    (let ((user (gethash :user ningle:*session*))
          (form (cl-forms:find-form 'comment)))
        (handler-case
            (progn
                (cl-forms:handle-request form) ; Can throw an error if CSRF fails

                (multiple-value-bind (valid errors)
                    (cl-forms:validate-form form)

                    (when errors
                        (format t "Errors: ~A~%" errors))

                    (when valid
                        (cl-forms:with-form-field-values (content parent) form
                            (mito:create-dao 'ningle-tutorial-project/models:post :content content :user user :parent (parse-integer parent))
                            (ingle:redirect "/")))))

            (simple-error (err)
                (setf (lack.response:response-status ningle:*response*) 403)
                (djula:render-template* "error.html" nil :title "Error" :error err)))))


(defun logged-in-profile (params)
    (let ((user (gethash :user ningle:*session*)))
        (djula:render-template* "main/profile.html" nil :title "Profile" :user user)))


(defun unauthorized-profile (params)
    (setf (lack.response:response-status ningle:*response*) 403)
    (djula:render-template* "error.html" nil :title "Error" :error "Unauthorized"))


(defun people (params)
    (let ((users (mito:retrieve-dao 'ningle-auth/models:user)))
        (djula:render-template* "main/people.html" nil :title "People" :users users :user (cu-sith:logged-in-p))))


(defun person (params)
    (let* ((username-or-email (ingle:get-param :person params))
           (person (first (mito:select-dao
                            'ningle-auth/models:user
                            (where (:or (:= :username username-or-email)
                                        (:= :email username-or-email)))))))
        (djula:render-template* "main/person.html" nil :title "Person" :person person :user (cu-sith:logged-in-p))))

index.html

{% extends "base.html" %}

{% block content %}
<div class="container">
    <!-- Post form -->
    <div class="row mb-4">
        <div class="col">
            {% if form %}
                {% form form %}
            {% endif %}
        </div>
    </div>

    <!-- Posts Section -->
    {% include "partials/pagination.html" with url="/" title="Posts" %}
    <div class="row">
        <div class="col-12">
            {% for post in posts %}
            <div class="card post mb-3" data-href="/post/{{ post.id }}">
                <div class="card-body">
                <h5 class="card-title mb-2">{{ post.content }}</h5>
                <p class="card-subtitle text-muted mb-0">@{{ post.username }}</p>
                </div>

                <div class="card-footer d-flex justify-content-between align-items-center">
                <button type="button"
                        class="btn btn-sm btn-outline-primary like-button"
                        data-post-id="{{ post.id }}"
                        data-logged-in="{% if user.username != "" %}true{% else %}false{% endif %}"
                        data-liked="{% if post.liked-by-user == 1 %}1{% else %}0{% endif %}"
                        aria-label="Like post {{ post.id }}">
                    {% if post.liked-by-user == 1 %}
                      <i class="bi bi-hand-thumbs-up-fill text-primary" aria-hidden="true"></i>
                    {% else %}
                      <i class="bi bi-hand-thumbs-up text-muted" aria-hidden="true"></i>
                    {% endif %}
                    <span class="ms-1 like-count">{{ post.like-count }}</span>
                </button>

                <small class="text-muted">Posted on: {{ post.created-at }}</small>
                </div>
            </div>
            {% endfor %}

            {% if not posts %}
                <div class="text-center">
                    <p class="text-muted">No posts to display.</p>
                </div>
            {% endif %}
        </div>
    </div>
    {% include "partials/pagination.html" with url="/" title="Posts" %}
</div>
{% endblock %}

{% block js %}
document.querySelectorAll(".like-button").forEach(btn => {
  btn.addEventListener("click", function (e) {
    e.stopPropagation();
    e.preventDefault();

    // Check login
    if (btn.dataset.loggedIn !== "true") {
      alert("You must be logged in to like posts.");
      return;
    }

    const postId = btn.dataset.postId;
    const countSpan = btn.querySelector(".like-count");
    const icon = btn.querySelector("i");
    const liked = Number(btn.dataset.liked) === 1;
    const previous = parseInt(countSpan.textContent, 10) || 0;
    const url = `/post/${postId}/likes`;

    // Optimistic UI toggle
    countSpan.textContent = liked ? previous - 1 : previous + 1;
    btn.dataset.liked = liked ? "false" : "true";

    // Toggle icon classes optimistically
    if (liked) {
      // Currently liked, so unlike it
      icon.className = "bi bi-hand-thumbs-up text-muted";
    } else {
      // Currently not liked, so like it
      icon.className = "bi bi-hand-thumbs-up-fill text-primary";
    }

    const csrfTokenMeta = document.querySelector('meta[name="csrf-token"]');
    const headers = { "Content-Type": "application/json" };
    if (csrfTokenMeta) headers["X-CSRF-Token"] = csrfTokenMeta.getAttribute("content");

    fetch(url, {
      method: "POST",
      headers: headers,
      body: JSON.stringify({ toggle: true })
    })
    .then(resp => {
      if (!resp.ok) {
        // Revert optimistic changes on error
        countSpan.textContent = previous;
        btn.dataset.liked = liked ? 1 : 0;
        if (liked) {
          icon.className = "bi bi-hand-thumbs-up-fill text-primary";
        } else {
          icon.className = "bi bi-hand-thumbs-up text-muted";
        }
        throw new Error("Network response was not ok");
      }
      return resp.json();
    })
    .then(data => {
      if (data && typeof data.likes !== "undefined") {
        countSpan.textContent = data.likes;
        btn.dataset.liked = data.liked ? "true" : "false";

        // Update icon based on server response
        if (data.liked) {
          icon.className = "bi bi-hand-thumbs-up-fill text-primary";
        } else {
          icon.className = "bi bi-hand-thumbs-up text-muted";
        }
      }
    })
    .catch(err => {
      console.error("Like failed:", err);
      // Revert optimistic changes on error
      countSpan.textContent = previous;
      btn.dataset.liked = liked ? 1 : 0;
      if (liked) {
        icon.className = "bi bi-hand-thumbs-up-fill text-primary";
      } else {
        icon.className = "bi bi-hand-thumbs-up text-muted";
      }
    });
  });
});

document.querySelectorAll(".card.post").forEach(card => {
  card.addEventListener("click", function () {
    const href = card.dataset.href;
    if (href) {
      window.location.href = href;
    }
  });
});
{% endblock %}

pagination.html

{% if page-count > 1 %}
  <div class="table-pagination">
    <div class="pagination-summary">
      Showing {{ start-index }}-{{ end-index }} of {{ count }}
    </div>
    <nav aria-label="{{ title }} pagination">
      <ul class="pagination">
        <li class="page-item{% if not prev-page %} disabled{% endif %}">
          {% if prev-page %}
            <a class="page-link" href="{{ url }}?page={{ prev-page }}&limit={{ limit }}">Prev</a>
          {% else %}
            <span class="page-link">Prev</span>
          {% endif %}
        </li>

        <li class="page-item{% if page == 1 %} active{% endif %}">
          {% if page == 1 %}
            <span class="page-link">1</span>
          {% else %}
            <a class="page-link" href="{{ url }}?page=1&limit={{ limit }}">1</a>
          {% endif %}
        </li>

        {% if show-start-gap %}
          <li class="page-item disabled"><span class="page-link">...</span></li>
        {% endif %}

        {% for p in pages %}
          {% if p != 1 and p != page-count %}
            <li class="page-item{% if p == page %} active{% endif %}">
              {% if p == page %}
                <span class="page-link">{{ p }}</span>
              {% else %}
                <a class="page-link" href="{{ url }}?page={{ p }}&limit={{ limit }}">{{ p }}</a>
              {% endif %}
            </li>
          {% endif %}
        {% endfor %}

        {% if show-end-gap %}
          <li class="page-item disabled"><span class="page-link">...</span></li>
        {% endif %}

        <li class="page-item{% if page == page-count %} active{% endif %}">
          {% if page == page-count %}
            <span class="page-link">{{ page-count }}</span>
          {% else %}
            <a class="page-link" href="{{ url }}?page={{ page-count }}&limit={{ limit }}">{{ page-count }}</a>
          {% endif %}
        </li>

        <li class="page-item{% if not next-page %} disabled{% endif %}">
          {% if next-page %}
            <a class="page-link" href="{{ url }}?page={{ next-page }}&limit={{ limit }}">Next</a>
          {% else %}
            <span class="page-link">Next</span>
          {% endif %}
        </li>
      </ul>
    </nav>
  </div>
{% endif %}

Conclusion

Phew, that was a long one, and honestly it kinda got into the weeds a bit, thank you for persisting with it and following it to the end. It took quite a while to study and get right. As you no doubt felt while writing it, there was a LOT of calculations and data being passed into the template, and it would be awful to have to repeat that everywhere you wanted to perform pagination, but don't worry in part 2, this is what we want to try and solve. A more generalised pagination system that doesn't require quite so much logic in the controllers.

If you found this lesson helpful, consider experimenting with different page sizes or adding pagination to the comments on individual posts. The patterns we've established here are reusable throughout your application.

If you found bugs or issues, please do let me know, I correct things when told and I try to fix things as quickly as possible.

Learning Outcomes

Level	Learning Outcome
Understand	Understand how SQL `LIMIT` and `OFFSET` work together to enable pagination, and how query parameters like `?page=2&limit=50` map to database queries through SXQL's `(sxql:limit n)` and `(sxql:offset n)` forms.
Apply	Apply CLOS method combination (`:around` methods with `call-next-method`) to implement parameter validation and error recovery, ensuring offset never exceeds total count and calculating corrected page numbers when needed.
Analyse	Analyse the mathematical relationships in pagination (page-to-offset conversion, range calculations, gap detection) and trace how values flow through the `:around` method, primary methods, controller calculations, and template rendering.
Create	Create a complete pagination system by combining `:around` methods, SQL queries with LIMIT/OFFSET, controller calculations (page/offset conversions, range calculations), and reusable template partials that handle edge cases like invalid page numbers and single-page results.

Github

The link for the custom pagination part of the tutorials code is available here.

Common Lisp HyperSpec

Symbol	Type	Why it appears in this lesson	CLHS
`defpackage`	Macro	Define project packages like `ningle-tutorial-project/models`, `/forms`, `/controllers`.	http://www.lispworks.com/documentation/HyperSpec/Body/m_defpac.htm
`in-package`	Macro	Enter each package before defining models, controllers, and functions.	http://www.lispworks.com/documentation/HyperSpec/Body/m_in_pkg.htm
`defgeneric`	Macro	Define the generic `posts` function signature with keyword parameters `offset`, `limit`, and `count`.	http://www.lispworks.com/documentation/HyperSpec/Body/m_defgen.htm
`defmethod`	Macro	Implement specialized `posts` methods for `user` and `null` types, and the `:around` method for validation.	http://www.lispworks.com/documentation/HyperSpec/Body/m_defmet.htm
`call-next-method`	Function	Invoke the next most specific method from within the `:around` method after validating parameters.	http://www.lispworks.com/documentation/HyperSpec/Body/f_call_n.htm
`let`	Special Operator	Bind local variables in the `:around` method (`count`, `offset`, `limit`) and controller (`user`, `page`, `limit`).	http://www.lispworks.com/documentation/HyperSpec/Body/s_let_l.htm
`let*`	Special Operator	Sequentially bind pagination calculations (`page`, `page-count`, `prev-page`, etc.) where each depends on previous values.	http://www.lispworks.com/documentation/HyperSpec/Body/s_let_l.htm
`if`	Special Operator	Check conditions like whether offset exceeds count, or whether count is greater than zero.	http://www.lispworks.com/documentation/HyperSpec/Body/s_if.htm
`when`	Macro	Calculate `prev-page` and `next-page` only when the condition is true, returning `nil` otherwise.	http://www.lispworks.com/documentation/HyperSpec/Body/m_when_.htm
`or`	Macro	Provide fallback values when parsing `page` and `limit` parameters, defaulting to 1 and 50 respectively.	http://www.lispworks.com/documentation/HyperSpec/Body/m_or.htm
`and`	Macro	Check multiple conditions in the `:around` method (count > 0 AND offset >= count) before recalculating.	http://www.lispworks.com/documentation/HyperSpec/Body/m_and.htm
`multiple-value-bind`	Macro	Capture the three return values from `posts` (`posts`, `count`, `offset`) and from `sxql:yield` (`sql`, `params`).	http://www.lispworks.com/documentation/HyperSpec/Body/m_multip.htm
`values`	Function	Return multiple values from `posts` methods (results, count, offset) to the caller.	http://www.lispworks.com/documentation/HyperSpec/Body/a_values.htm
`loop`	Macro	Generate the list of page numbers from `range-start` to `range-end` for template rendering.	http://www.lispworks.com/documentation/HyperSpec/Body/m_loop.htm
`parse-integer`	Function	Convert string query parameters (`"1"`, `"50"`) to integers, with `:junk-allowed t` for safe parsing.	http://www.lispworks.com/documentation/HyperSpec/Body/f_parse_.htm
`floor`	Function	Round down the result of `offset / limit` to calculate the current page number.	http://www.lispworks.com/documentation/HyperSpec/Body/f_floorc.htm
`ceiling`	Function	Round up the result of `count / limit` to calculate the total number of pages.	http://www.lispworks.com/documentation/HyperSpec/Body/f_floorc.htm
`max`	Function	Ensure `offset` and `limit` never go below their minimum valid values (0 and 1), and calculate `range-start`.	http://www.lispworks.com/documentation/HyperSpec/Body/f_max_m.htm
`min`	Function	Ensure `range-end` doesn't exceed `page-count` and calculate `end-index` correctly.	http://www.lispworks.com/documentation/HyperSpec/Body/f_max_m.htm
`1+` / `1-`	Function	Increment/decrement page numbers for navigation (next/previous page, page number conversions).	[http://www.lispworks.com/documentation/HyperSpec/Body/f_1pl_1.htm](http://www.lispworks.com/documentation/HyperSpec/Body/f_1pl_1.htm)
`length`	Function	Get the count of posts returned to calculate `end-index` accurately.	http://www.lispworks.com/documentation/HyperSpec/Body/f_length.htm

18:07

[$] API changes for the futex robust list [LWN.net]

The robust futex kernel API is a way for a user-space program to ensure that the locks it holds are properly cleaned up when it exits. But the API suffers from a number of different problems, as André Almeida described in a session in the "Gaming on Linux" microconference at the 2025 Linux Plumbers Conference in Tokyo. He had some ideas for a new API that would solve many of those problems, which he wanted to discuss with attendees; there is a difficult-to-trigger race condition that he wanted to talk about too.

17:56

Pluralistic: Justin Key's "The Hospital at the End Of the World" (04 Feb 2026) [Pluralistic: Daily links from Cory Doctorow]

I wrote an app that implements Inbound RSS for WordPress sites. Three months ago, a few little glitches but remarkably reliable. Open source. That's how I have scripting.com output hooked up to daveverse.org input. It stopped working this morning, not sure why. This is actually a test to see if this works. (Postscript: It did work. But I have two earlier posts today that did not get through.)

16:35

->->->->->->->->->->->->->->->->->->->->->->->->->->->->-> Top Sources: None -->

Today's links

Justin Key's "The Hospital at the End Of the World": A biopunk medical thriller from a major new talent.
Hey look at this: Delights to delectate.
Object permanence: Coconut volunteers; Astro Noise; Rich old men behind "Millennials Rising"; Stop the "Stop the Steal" steal; "Chasing Shadows."
Upcoming appearances: Where to find me.
Recent appearances: Where I've been.
Latest books: You keep readin' em, I'll keep writin' 'em.
Upcoming books: Like I said, I'll keep writin' 'em.
Colophon: All the rest.

Justin Key's "The Hospital at the End Of the World" (permalink)

Justin C. Key is one of the most exciting new science fiction writers of this decade and today, Harpercollins publishes his debut novel, The Hospital at the End of the World:

https://www.harpercollins.com/products/the-hospital-at-the-end-of-the-world-justin-c-key?variant=43822999928866

I've followed Key's work for more than a decade, ever since I met him as a student while teaching at the Clarion West writers' workshop in Seattle. At the time, Key impressed me – a standout writer in a year full of standouts – and I wasn't surprised in the least when Harpercollins published a collection of his afrofuturist/Black horror stories, The World Wasn't Ready For You, in 2023:

https://pluralistic.net/2023/09/19/justin-c-key/#clarion-west-2015

This is virtually unheard of. Major genre publishers generally don't publish short story collections at all, let alone short story collections by writers who haven't already established themselves as novelists. The exceptions are rare as hell, and they're names to conjure with: Ted Chiang, say, or Kelly Link:

https://pluralistic.net/2024/02/13/the-kissing-song/#wrack-and-roll

But anyone who read World Wasn't Ready immediately understood why Key's work qualified him for an exception to this iron law of publishing. Key is an MD and a practicing psychiatrist, and he combines keen insights into personal relations and human frailty with a wild imagination, deep compassion, and enviable prose chops.

Hospital at the End of the World is Key's first novel, and it's terrific. Set in a not-so-distant future in which an AI-driven health monopolist called The Shepherd Organization controls much of the lives of everyday Americans, Hospital follows Pok, a young New Yorker who dreams of becoming an MD. Pok's father is also a doctor, famous for his empathic, human-centric methods and his scientific theories about the role that "essence" (a psychospiritual connection between doctors and patients) plays in clinical settings.

The story opens with Pok hotly anticipating an acceptance letter from The Shepherd Organization, and the beginning of his new life as a medical student. But when word arrives, Pok learns that he has been rejected from every medical school in the TSO orbit. In desperate confusion, he works with shadowy hackers in a bid to learn why his impeccable application and his top grades resulted in this total rejection. That's when he learns that someone had sabotaged his application and falsified his grades, and, not long thereafter, he learns that the saboteur was his father.

To make things worse, Pok's father has fallen grievously ill – so ill, in fact, that he ends up in a Shepherd Organization hospital, despite his deep enmity for TSO and its AI-driven practice of medicine. Pok doesn't accompany his father, though – he has secured a chance to sit a make-up exam in a desperate bid to get into med school. By the time he is finished with his exam, though, he learns that his father has died, and all that is left of him is an AI-powered chatbot that is delivered to Pok's apartment along with a warning to flee, because he is in terrible danger from the Shepherd Organization.

Thus begins Pok's tale as he goes underground in a ubiquitous AI surveillance dystopia, seeking sanctuary in New Orleans, hoping to make it to the Hippocrates, the last holdout from America's AI-based medicine and surveillance dystopia. Pok's father learned to practice medicine at Hippocrates, and had urged Pok to study there, even securing a full-ride scholarship for him. But Pok had no interest in the mystical, squishy, sentimental ethos of the Hippocrates, and had been determined to practice the Shepherd Organization's rigorous, cold, data-driven form of medicine.

Now, Pok has no choice. Hitchhiking, hopping freight cars, falling into company with other fugitives, Pok makes his way to New Orleans, a city guarded by tall towers that radiate energy that dampens both the punishing weather events that would otherwise drown the city and the data signals by which the Shepherd Organization tracks and controls the American people.

This is the book's second act, a medical technothriller that sees Pok as an untrusted outsider in the freshman class at Hippocrates med school, amidst a strange and alarming plague that has sickened the other refugees from TSO America who have taken up residence in New Orleans. Pok has to navigate factions within the med school and in New Orleans society, even as he throws himself into the meat grinder of med school and unravels the secrets of his father and his own birth.

What follows is a masterful and suspenseful work of science fiction informed by Key's own medical training and his keen sense of the human psyche. It's one part smart whodunnit, one part heist thriller, and one part revolutionary epic, and at its core is a profound series of provocations and thought experiments about the role that deep human connection and empathy play in medical care. It's a well-structured, well-paced sf novel that probes big, urgent contemporary themes while still engrossing the reader in the intimate human relations of its principals. A wonderful debut novel from a major new writer.`

Hey look at this (permalink)

Ken MacLeod: Imagined Futures https://plutopia.io/ken-macleod-imagined-futures/
Elbows Up: How Canada Can Disenshittify Its Tech, Reclaim Its Sovereignty, and Launch a New Tech Sector Into a Stable Orbit https://archive.org/details/disenshittification-nation
HOPE IS NOW A 501(C)(3) NON-PROFIT ORGANIZATION https://2600.com/content/hope-now-501c3-non-profit-organization
Department of Justice appeals Google search monopoly ruling https://www.theverge.com/tech/873438/google-antitrust-case-doj-states-appeal
List of Kennedy Center cancellations during the Trump administration https://en.wikipedia.org/wiki/List_of_Kennedy_Center_cancellations_during_the_Trump_administration (h/t Amanda Marcotte)

Object permanence (permalink)

#20yrsago AOL/Yahoo: our email tax will make the net as good as the post office! https://www.nytimes.com/2006/02/05/technology/postage-is-due-for-companies-sending-email.html

#20yrsago Volunteers ferry 15k coconuts every day to Indian temple http://news.bbc.co.uk/2/hi/south_asia/4677320.stm

#15yrsago Wikileaks ACTA cables confirm it was a screwjob for the global poor https://arstechnica.com/tech-policy/2011/02/secret-us-cables-reveal-acta-was-far-too-secret/

#10yrsago Laura Poitras’s Astro Noise: indispensable book and gallery show about mass surveillance https://www.wired.com/2016/02/snowdens-chronicler-reveals-her-own-life-under-surveillance/

#10yrsago How to prepare to join the Internet of the dead https://archive.org/details/Online_No_One_Knows_Youre_Dead

#10yrsago Who funds the “Millennials Rising” Super PAC? Rich old men. https://web.archive.org/web/20160204223020/https://theintercept.com/2016/02/04/millennials-rising-super-pac-is-95-funded-by-old-men/

#10yrsago They promised us a debate over TPP, then they signed it without any debate https://www.techdirt.com/2016/02/03/countries-sign-tpp-whatever-happened-to-debate-we-were-promised-before-signing/

#5yrsago Stop the "Stop the Steal" steal https://pluralistic.net/2021/02/04/vote-machine-tankies/#ess

#5yrsago Organic fascism https://pluralistic.net/2021/02/04/vote-machine-tankies/#pastel-q

#5yrsago Ron Deibert's "Chasing Shadows" https://pluralistic.net/2025/02/04/citizen-lab/#nso-group

Upcoming appearances (permalink)

Salt Lake City: Enshittification at the Utah Museum of Fine Arts (Tanner Humanities Center), Feb 18
https://tanner.utah.edu/center-events/cory-doctorow/
Montreal (remote): Fedimtl, Feb 24
https://fedimtl.ca/
Victoria: 28th Annual Victoria International Privacy & Security Summit, Mar 3-5
https://www.rebootcommunications.com/event/vipss2026/
Berkeley: Bioneers keynote, Mar 27
https://conference.bioneers.org/
Berlin: Re:publica, May 18-20
https://re-publica.com/de/news/rp26-sprecher-cory-doctorow
Berlin: Enshittification at Otherland Books, May 19
https://www.otherland-berlin.de/de/event-details/cory-doctorow.html
Hay-on-Wye: HowTheLightGetsIn, May 22-25
https://howthelightgetsin.org/festivals/hay/big-ideas-2

Recent appearances (permalink)

Why Everything Got Worse and What to Do About It (Jordan Harbinger)
https://www.jordanharbinger.com/cory-doctorow-why-everything-got-worse-and-what-to-do-about-it/
How the Internet Got Worse (Masters in Business)
https://www.youtube.com/watch?v=auXlkuVhxMo
Enshittification (Jon Favreau/Offline):
https://crooked.com/podcast/the-enshittification-of-the-internet-with-cory-doctorow/
Why Big Tech is a Trap for Independent Creators (Stripper News)
https://www.youtube.com/watch?v=nmYDyz8AMZ0
Enshittification (Creative Nonfiction podcast)
https://brendanomeara.com/episode-507-enshittification-author-cory-doctorow-believes-in-a-new-good-internet/

Latest books (permalink)

"Canny Valley": A limited edition collection of the collages I create for Pluralistic, self-published, September 2025
"Enshittification: Why Everything Suddenly Got Worse and What to Do About It," Farrar, Straus, Giroux, October 7 2025
https://us.macmillan.com/books/9780374619329/enshittification/
"Picks and Shovels": a sequel to "Red Team Blues," about the heroic era of the PC, Tor Books (US), Head of Zeus (UK), February 2025 (https://us.macmillan.com/books/9781250865908/picksandshovels).
"The Bezzle": a sequel to "Red Team Blues," about prison-tech and other grifts, Tor Books (US), Head of Zeus (UK), February 2024 (thebezzle.org).
"The Lost Cause:" a solarpunk novel of hope in the climate emergency, Tor Books (US), Head of Zeus (UK), November 2023 (http://lost-cause.org).
"The Internet Con": A nonfiction book about interoperability and Big Tech (Verso) September 2023 (http://seizethemeansofcomputation.org). Signed copies at Book Soup (https://www.booksoup.com/book/9781804291245).
"Red Team Blues": "A grabby, compulsive thriller that will leave you knowing more about how the world works than you did before." Tor Books http://redteamblues.com.
"Chokepoint Capitalism: How to Beat Big Tech, Tame Big Content, and Get Artists Paid, with Rebecca Giblin", on how to unrig the markets for creative labor, Beacon Press/Scribe 2022 https://chokepointcapitalism.com

Upcoming books (permalink)

"Unauthorized Bread": a middle-grades graphic novel adapted from my novella about refugees, toasters and DRM, FirstSecond, 2026
"Enshittification, Why Everything Suddenly Got Worse and What to Do About It" (the graphic novel), Firstsecond, 2026
"The Memex Method," Farrar, Straus, Giroux, 2026
"The Reverse-Centaur's Guide to AI," a short book about being a better AI critic, Farrar, Straus and Giroux, June 2026

Colophon (permalink)

Today's top sources:

Currently writing: "The Post-American Internet," a sequel to "Enshittification," about the better world the rest of us get to have now that Trump has torched America (1011 words today, 21655 total)

"The Reverse Centaur's Guide to AI," a short book for Farrar, Straus and Giroux about being an effective AI critic. LEGAL REVIEW AND COPYEDIT COMPLETE.
"The Post-American Internet," a short book about internet policy in the age of Trumpism. PLANNING.
A Little Brother short story about DIY insulin PLANNING

Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.

How to get Pluralistic:

Blog (no ads, tracking, or data-collection):

Newsletter (no ads, tracking, or data-collection):

Mastodon (no ads, tracking, or data-collection):

Medium (no ads, paywalled):

Twitter (mass-scale, unrestricted, third-party surveillance and advertising):

https://mostlysignssomeportents.tumblr.com/tagged/pluralistic

Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):

"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla

ISSN: 3066-764X

16:28

Telescope issues [RevK®'s ramblings]

Automattic shipped a WordPress plugin that adds a source:markdown element to a WordPress feed. This is very cool. We've added this to the feed for daveverse site.

16:07

New video

So, sorry. First off, yes, still a cough.
Um, almost gone. Clearing up a lot.
triggers it. I went outside for 5 minutes in the cold, triggered it. Ihave doctor's appointment 16th. I will, if it's still going, talk to them. So, panic nod.
However, today's rant is about a telescope.
So, my well, one of my granddaughters has expressed an interest in the night sky, stars, telescopes, and the like.
And I thought, well, let's help get her a beginner telescope. And I Googled a bit and I probably fell foul of some AI because what I found was um a review of a Sonara telescope that was apparentlyquite good as a starter kids telescope.
And so I went to their website and there it was and it's 169 quid.
And I'm thinking, well, firstly, obviously, my granddaughter is worth this.
Duh. Um, but, you know, it's it's not cheap. Claims to have, you know, really advanced optics and whatever.
Anyway, based on the review, which in hindsight I think the review was just but anyway, based on the review, I ordered one and it's from a site that has UK in the domain name and charges in poundsand then ships from Hong Kong for sake. And I hate this. The website does not have on it who the legal entity you're buying from is.
And this is actually I think a legal requirement. Uh and they don't.
Anyway, let's see what I got.
It's a telescope. Okay.
F370.
I think the 70 is the aperture and the 300 is the focal length. Okay. Let's just go around the sides the end. Now, I'm not going to open it up because there's no more information in there. Okay.
Okay, fine. Um, it's a telescope and it kind of meets the spec of the ...
It has no manufacturer name, no country of origin, a CE mark, but the suppliers seem unwilling or unable to provide a declaration of conformity which is a requirement as part of a C mark.
So essentially this is a scammy illegal fake CE toy telescope.
I'm not saying it doesn't work. I'm not saying it doesn't even have the aperture aperture and focal length it claims.
What can I say?
But it's a scam.
If I go on Amazon, I can find this for as little as 20 for the same telescope. So I quered and they said, "Oh, no, no, it's not toytelescope. The optics are way better." Blah, blah, blah. I said, "Fine.
Declaration of conformity." Oh, no. We can assure you it meets all the standards, etc. No, declaration of conformity. Requirement for a C mark.
No, no. I mean, I went around the whole we can't read your emails. Your email seems to have the weird attachment. It's just a signature. Um, uh, they replied to me saying, "Your email seems to be blank." But I heard this before. The reply quotes my email which is not blank saying your email seems to be blank.
This is not an uncommon thing etc etc.
We're going around circles and I'm basically saying if you cannot provide a declaration of conformity then your C mark is fake. Therefore you cannot legally sell your product. You can't do that because you've got no manufacturer ID or country of origin anyway.
Therefore, I need to report it to the authorities and my bank and get a claw back.
Sad.
I was ripped off. I fell for it. I'm an idiot. I'm sorry.
Now, what I've got, Alice, now and have a look at this. What I've got Alice now is 260 quid. Okay, this is clearly an actual telescope.
Just the very fact it comes in a box labeled 14 and a half kilograms is is a clue.
And we put it together and she is so excited to go out in the night sky with this. I've got her some books on specially aimed at kids looking at the night sky.
So, I've got those. I hope she likes it.
If she doesn't, she doesn't. But this is a real telescope I've now gother. So, I now need to sort out this that I fell for, which is clearly a toy telescope that's worth 20 quid, charged 169 quid, and an absolute ripoff with I mad.
So, that's my latest rant.
I hope to follow up with her exploration of space.
I I really hope she loves it. I hope she gets pictures of Jupiter's moons and Saturn's rings and nebula and whatever.
There there's a lot she can look at.
and they're planning a a sort of camping trip to take her onto the moors um with her telescope and it's got a whole clip thing for a mobile phone so she should be able to get lots of pictures straight off it. It's good.
Yeah, but the toy telescope is either going back or getting clawed back or something.
Don't fall for that crap, please.

15:49

Super Bowl LX creates an opportunity for symphonic friendly wagering [The Old New Thing]

This upcoming Sunday is Super Bowl LX, the championship game of the top professional American football league. The Super Bowl thinks that it is so important that it uses Roman numerals.)

The Super Bowl is the single largest sporting event in the United States. The entire country grinds to a halt when the game is on. If you aren’t interested in the game, it’s a great time to do public photography or run errands.

Traditionally, the mayors of the home cities of the two teams competing in the game make a friendly wager, with each mayor offering to send the other mayor some local products if their team loses. For example, in 2014, the mayors of Seattle and Denver wagered local foods and products as well as having to wear clothing inspired by the other team’s city.

Sometimes other city organizations get into the friendly wagering spirit. In 2018, the Philadelphia Orchestra and Boston Symphony agreed that the losing city’s conductor would have to wear the winning city’s jersey at their next rehearsal.

But certainly we can do better than that.

The two teams competing in Super Bowl LX are the Seattle Seahawks and the New England Patriots (based near Boston). I think the Seattle Symphony and the Boston Symphony should engage in their own friendly wager: If the Seahawks win, then the Boston Symphony must play Erich Korngold’s “The Sea Hawk” at an upcoming concert. If the Patriots win, then the Seattle Symphony must play John Williams’s “The Patriot”.

The post Super Bowl LX creates an opportunity for symphonic friendly wagering appeared first on The Old New Thing.

How can I prevent the user from changing the widths of ListView columns? [The Old New Thing]

Suppose you are using a Win32 ListView control in report mode, and you’ve got all your columns set up perfectly, and you don’t want the user to resize them. How do you do that?

There is no ListView style for preventing column resize, but there is a header control style to prevent sizing: HDS_NOSIZING. This style requires Common Controls version 6, but I’m sure you’re all using that version already, right?

auto hdr = ListView_GetHeader(hwndLV);
SetWindowLong(hdr, GWL_STYLE,
              GetWindowLong(hdr, GWL_STYLE) | HDS_NOSIZING);

Whether the columns can be resized is independent of whether the columns can be rearranged, which you specify by setting the LVS_EX_HEADERDRAGDROP ListView extended style.

ListView_SetExtendedListViewStyleEx(hwndLV,
                                    LVS_EX_HEADERDRAGDROP,
                                    LVS_EX_HEADERDRAGDROP);

Okay, but what if you’re stuck in the dark ages with version 5 of the Common Controls? We’ll look at that next time.

The post How can I prevent the user from changing the widths of ListView columns? appeared first on The Old New Thing.

[$] Sigil simplifies creating and editing EPUBs [LWN.net]

Creating an ebook in EPUB format is easy, for certain values of "easy". All one really needs is a text editor, a few command-line utilities; also needed is a working knowledge of XHTML, CSS, along with an understanding of the format's structure and required boilerplate. Creating a well-formatted and attractive ebook is a bit harder. However, it can be made easier with an application custom-made for the purpose. Sigil is an EPUB editor that provides the tooling authors and publishers may be looking for.

15:42

LibreOffice 26.2 released [LWN.net]

We need a short name for ChatGPT-like product. If I want to make a general statement about products in the category, there is, as far as I know, no word to use. Same with Twitter and tweet, so I call them twitter-like products and use tweet for posts to any twitter-like product. The whole idea of a different name (like toot, skeet) for each service is linguistic travesty. Anyway, ChatGPT-like is also an unacceptable term. If it had a fun name like OurMind -- then OurMind-like would work. If only William Safire were here.

15:07

Version 26.2 of the LibreOffice office suite has been released.

LibreOffice 26.2 is focused on improvements that make a difference in daily work and brings better performance, smoother interaction with complex documents and improved compatibility with files created in other office software. Whether you're writing reports, managing spreadsheets, or preparing presentations, the experience feels more responsive and reliable.
LibreOffice has always been about giving users control. LibreOffice 26.2 continues that tradition by strengthening support for open document standards, and ensuring long-term access to your files, without subscriptions, license restrictions, or data collection. Your documents stay yours – forever.

More information can be found in the release notes for LibreOffice 26.2.

Security updates for Wednesday [LWN.net]

Security updates have been issued by Debian (thunderbird), Fedora (openqa, os-autoinst, python-jupytext, python-python-multipart, rust-sequoia-keystore-server, rust-sequoia-octopus-librnp, rust-sequoia-sq, rust-sequoia-sqv, and xen), Oracle (curl, kernel, net-snmp, python3, and python3.12), Red Hat (container-tools:rhel8, fence-agents, golang, golang-github-openprinting-ipp-usb, grafana, grafana-pcp, opentelemetry-collector, podman, python-s3transfer, python-wheel, and resource-agents), SUSE (alloy, chromium, cockpit-podman, cockpit-subscriptions, dpdk, elemental-register, elemental-toolkit, glib2, glibc, gpg2, ImageMagick, imagemagick, jasper, java-17-openjdk, java-21-openjdk, kernel, libheif, libmlt++, libpng16, libsodium, libsoup, libvirt, openssl-3, openvpn, php8, postgresql16, postgresql17 and postgresql18, protobuf, python-FontTools, python-fonttools, python-h2, python-python-multipart, python-urllib3, python-wheel, python311-PyNaCl, trivy, ucode-amd, udisks2, unbound, util-linux, wireshark, and xkbcomp), and Ubuntu (emacs, freerdp2, glibc, imagemagick, mysql-8.0, pagure, python-django, python-filelock, python-internetarchive, and python-keystonemiddleware).

15:00

Spinnerette - Issue 44 - 17 [Spinnerette]

New comic!
Today's News:

14:14

Beyond Pilot Purgatory [Radar]

The hard truth about AI scaling is that for most organizations, it isn’t happening. Despite billions in investment, a 2025 report from the MIT NANDA initiative reveals that 95% of enterprise generative AI pilots fail to deliver measurable business impact. This isn’t a technology problem; it’s an organizational design problem.

The reason for this systemic failure is surprisingly consistent: Organizations isolate their AI expertise. This isolation creates two predictable patterns of dysfunction. In one model, expertise is centralized into a dedicated team—often called a Center of Excellence (CoE). While intended to accelerate adoption, this structure invariably becomes a bottleneck, creating a fragile “ivory tower” disconnected from the business realities where value is actually created. Business units wait months for resources, incentives become misaligned, and the organization’s overall AI literacy fails to develop.

In the opposite model, expertise is so distributed that chaos ensues. Autonomous business units build redundant infrastructure, hoard knowledge, and operate without coordinated governance. Costs spiral, incompatible technology stacks proliferate, and the organization as a whole becomes less intelligent than its individual parts.

Both approaches fail for the same underlying reason: They treat AI development as a separate activity from the core business.

The numbers confirm this struggle. Gartner predicts that 30% of GenAI projects will be abandoned after proof of concept by 2025 due to poor data quality, inadequate risk controls, and escalating costs. McKinsey’s State of AI in 2025 report reveals that while adoption is high, only one-third of organizations have scaled AI enterprise-wide. Even fewer—just 5%, according to BCG—have built the capabilities to generate significant value at scale.

The organizations that have successfully scaled AI beyond this “pilot purgatory”—companies like JPMorganChase, Walmart, and Uber—didn’t choose between these broken models. They built a third way, discovering through pressure from reality that the only thing that works is an outcome-oriented hybrid architecture. This model combines centralized enablement with distributed execution, aggressive governance with operational autonomy, and technical excellence with a relentless focus on business value.

This isn’t abstract theory. The characteristics of these successful architectures are becoming clear enough to articulate—and specific enough to implement. Here is what actually works.

What Actually Works: Outcome-Oriented Hybrid Architecture

The organizations that have successfully scaled AI share surprising structural similarities—not because they all studied the same framework but because they independently discovered the same operating model through trial and error.

This model has several key characteristics:

Platform teams with product thinking, not project thinking

Rather than treating central AI infrastructure as a cost center or a research lab, successful organizations build it as an internal product with defined customers (the business units), success metrics, and a roadmap.

Airbnb’s “Bighead” platform exemplifies this. The team didn’t just build ML infrastructure; they built a product that product teams could consume. Standardized feature engineering, model training, and deployment pipelines reduced development time from months to weeks. The platform team measured success not by research excellence but by adoption rates and time-to-market reductions for dependent teams.

Uber’s Michelangelo platform followed a similar pattern: develop shared ML infrastructure, price it internally to make resource allocation explicit, measure platform adoption and the business impact of applications built on it, and evolve the platform based on actual usage patterns.

Implementation reality: Platform teams need authority to make technical decisions while remaining accountable for business adoption. They require sustained funding separate from individual project budgeting. They need internal customers who participate in roadmap planning. Most organizations struggle with this because platform thinking requires executives to invest in capability that won’t generate revenue for 18+ months.

Outcome-driven embedded specialists, not isolated teams

Successful organizations don’t ask centralized AI teams to deliver solutions. They embed AI specialists directly into business value streams where they co-own business outcomes.

A telecommunications company we studied restructured its 50-person AI CoE by embedding team members into four core business units. Instead of business units requesting AI solutions, they now had dedicated specialists sitting in weekly operations meetings, understanding real problems, building real solutions, and feeling the pressure of business metrics. The result? Deployment speed increased 60% and adoption tripled.

The model works because:

Embedded specialists develop tacit knowledge about business constraints and operational realities that remote teams can never have.
They face direct accountability for outcomes, aligning incentives.
They become translators between technical and business languages.

Implementation reality: Embedding requires letting go of centralized command-and-control. The embedded specialists report dotted-line to central leadership but are primarily accountable to business unit leadership. This creates tension. Managing that tension (not eliminating it) is essential. Organizations that try to eliminate tension by centralizing authority again lose the benefits of embedding.

Dynamic governance, not static policies

Traditional governance models assume relatively stable, predictable environments where you can write policies in advance and enforce them. AI systems exhibit emergent behavior that governance can’t predict. You need frameworks that adapt as you learn.

JPMorganChase demonstrates this through its multilayered governance approach:

The Centralized Model Risk team reviews all AI systems before production deployment using consistent technical standards.
Domain-specific oversight committees in lending, trading, and compliance understand business context and risk appetite.
Ongoing monitoring systems track model performance, drift, and unintended consequences.
Clear escalation protocols activate when algorithmic decisions fall outside acceptable parameters.
Continuous improvement mechanisms incorporate lessons from deployed systems back into policies.

Implementation reality: Dynamic governance requires specialists who combine technical AI expertise with organizational knowledge and the authority to make decisions. These are expensive, scarce roles. Most organizations underinvest because governance doesn’t appear as a direct cost center. It gets underfunded relative to its importance.

Want Radar delivered straight to your inbox? Join us on Substack. Sign up here.

Capability building, not just capability buying

Organizations that scale AI sustainably invest heavily in building organizational AI literacy across multiple levels:

Frontline workers need basic understanding of how to use AI tools and when to trust them.
Team leads and domain experts need to understand what AI can and can’t do in their domain, how to formulate problems for AI, and how to evaluate solutions.
Technical specialists need deep expertise in algorithm selection, model validation, and system integration.
Executives and boards need enough understanding to ask intelligent questions and make strategic decisions about AI investment.

Implementation reality: Capability building is a multiyear investment. It requires systematic training programs, rotation opportunities, and senior engineers willing to mentor junior people. It requires tolerance for people operating at reduced productivity while they’re developing new capabilities.

Measuring What Matters

Organizations caught in pilot purgatory often measure the wrong things. They track model accuracy, deployment cycles, or adoption rates. These vanity metrics look good in board presentations but don’t correlate with business value. Successful organizations understand AI is a means to an end and measure its impact on the business relentlessly.

Business outcomes: Track AI’s direct impact on primary financial and customer metrics.

Revenue growth: Does AI increase cross-sell and upsell opportunities through hyperpersonalization? Does it improve customer retention and Net Promoter Score (NPS)?
Cost and efficiency: Does AI increase throughput, lower operational cycle times, or improve first-contact resolution rates in customer service?
Risk reduction: Does AI reduce financial losses through better fraud detection? Does it lower operational risk by automating controls or reducing error rates?

Operational velocity: This measures time-to-market. How quickly can your organization move from identifying a business problem to deploying a working AI solution? Successful organizations measure this in weeks, not months. This requires a holistic view of the entire system—from data availability and infrastructure provisioning to governance approvals and change management.

Value-realization velocity: How long after deployment does it take to achieve a positive ROI? Organizations that track this discover that technical integration and user adoption are often the biggest delays. Measuring this forces a focus not just on building the model but on ensuring it’s used effectively.

System resilience: When individual components fail—a key person leaves, a data source becomes unavailable, or a model drifts—does your AI capability degrade gracefully or collapse? Resilience comes from modular architectures, shared knowledge, and having no single points of failure. Organizations optimized purely for efficiency are often fragile.

Governance effectiveness: Is your organization proactively catching bias, drift, and unintended consequences, or are problems only discovered when customers complain or regulators intervene? Effective governance is measured by the ability to detect and correct issues automatically through robust monitoring, clear incident response procedures, and continuous learning mechanisms.

The Implementation Reality

None of this is particularly new or revolutionary. JPMorganChase, Walmart, Uber, and other successfully scaling organizations aren’t doing secret magic. They’re executing disciplined organizational design:

Start with business, not technology capability. Identify key business drivers and values that you measure, look at balance sheet levers, and see how AI can unlock value. Don’t build impressive systems for nonproblems.

Address technical debt first. You can’t deploy AI efficiently on fragile infrastructure. Many organizations waste 60%–80% of AI development capacity fighting integration problems that wouldn’t exist with better foundations. This doesn’t mean leaving speed behind but adopting a balanced infrastructure with clear integration points.

Design human-AI decision patterns intentionally. The most successful AI implementations don’t try to create fully autonomous systems. Instead, they create hybrid systems where algorithms handle speed and scale while humans maintain meaningful control. Commerzbank’s approach to automating client call documentation exemplifies this: Rather than replacing advisors, the system freed them from tedious manual data entry so they could focus on relationship-building and advice.

The pattern: AI proposes; rules constrain; humans approve; every step is logged. This requires API-level integration between algorithmic and rule-based processing, clear definitions of what gets automated versus what requires human review, and monitoring systems that track override patterns to identify when the algorithm is missing something important.

Invest heavily in governance before scaling. Don’t treat it as an afterthought. Organizations that build governance structures first scale much faster because they don’t have to retrofit controls later.

Embed AI expertise into business units but provide platform support. Neither pure centralization nor pure distribution works. The hybrid model requires constant attention to balance autonomy with coordination.

Accept that 18–24 months is a realistic timeline for meaningful scale. Organizations expecting faster transformations are usually the ones that end up with integration debt and abandoned projects.

Build organizational capability, not just buy external talent. The organizations that sustain AI advantage are those that develop deep organizational knowledge, not those that cycle through external consultants.

Why This Still Matters

The reason organizations struggle with AI scaling isn’t that the technology is immature. Modern AI systems are demonstrably capable. The reason is that enterprises are fundamentally organizational problems. Scale requires moving AI from skunkworks (where brilliant people build brilliant systems) to operations (where average people operate systems reliably, safely, and profitably).

That’s not a technology problem. That’s an operating-model problem. And operating-model problems require organizational design, not algorithm innovation.

The organizations that figure out how to design operating models for AI will capture enormous competitive advantages. The organizations that continue bolting AI onto 1980s organizational structures will keep funding pilot purgatory.

The choice is structural. And structure is something leadership can control.

Dirk Eddelbuettel: littler 0.3.23 on CRAN: More Features (and Fixes) [Planet Debian]

The twentythird release of littler as a CRAN package landed on CRAN just now, following in the now twenty year history (!!) as a (initially non-CRAN) package started by Jeff in 2006, and joined by me a few weeks later.

littler is the first command-line interface for R as it predates Rscript. It allows for piping as well for shebang scripting via #!, uses command-line arguments more consistently and still starts faster. It also always loaded the methods package which Rscript only began to do in later years.

littler lives on Linux and Unix, has its difficulties on macOS due to some-braindeadedness there (who ever thought case-insensitive filesystems as a default were a good idea?) and simply does not exist on Windows (yet – the build system could be extended – see RInside for an existence proof, and volunteers are welcome!). See the FAQ vignette on how to add it to your PATH. A few examples are highlighted at the Github repo:, as well as in the examples vignette.

This release, the first in about eleven months, once again brings two new helper scripts, and enhances six existing one. The release was triggered because it finally became clear why installGitHub.r ignored r2u when available: we forced the type argument to ‘source’ (so thanks to Iñaki for spotting this). One change was once again contributed by Michael which is again greatly appreciated.

The full change description follows.

Changes in littler version 0.3.22 (2026-02-03)

Changes in examples scripts

A new script busybees.r aggregates deadlined packages by maintainer

Several small updated have been made to the (mostly internal) 'r2u.r' script

The deadliners.r script has refined treatment for screen width

The install2.r script has new options --quiet and --verbose as proposed by Zivan Karaman

The rcc.r script passes build-args to 'rcmdcheck' to compact vignettes and save data

The installRub.r script now defaults to 'noble' and is more tolerant of inputs

The installRub.r script deals correctly with empty utils::osVersion thanks to Michael Chirico

New script checkPackageUrls.r inspired by how CRAN checks (with thanks to Kurt Hornik for the hint)

The installGithub.r script now adjusts to bspm and takes advantage of r2u binaries for its build dependencies

Changes in package

Environment variables (read at build time) can use double quotes

Continuous intgegration scripts received a minor update

My CRANberries service provides a comparison to the previous release. Full details for the littler release are provided as usual at the ChangeLog page, and also on the package docs website. The code is available via the GitHub repo, from tarballs and now of course also from its CRAN page and via install.packages("littler"). Binary packages are available directly in Debian as well as (in a day or two) Ubuntu binaries at CRAN thanks to the tireless Michael Rutter. Comments and suggestions are welcome at the GitHub repo.

This post by Dirk Eddelbuettel originated on his Thinking inside the box blog. If you like this or other open-source work I do, you can sponsor me at GitHub.

13:42

CodeSOD: This Router Says **** You [The Daily WTF]

Denilson uses a password manager, like one should. Except there was a router which simply would not let the password manager fill the password field. Sure, Denilson could just copy and paste, but the question of why remained.

And that meant checking the HTML and JavaScript code the router served up. Just pulling up the dev tools brought up all sorts of "fun" discoveries. For example, the application was built in Vue, a front-end framework. But in addition to using Vue, it also used jQuery for some DOM manipulations. But it didn't just use jQuery. It loaded jquery-3.5.1.slim.min.js directly from its static files. It also loaded vendor.js which also contained the same version of jQuery. At least it was the same version.

While browsing, Denilson found a function called reloadOnF5, which raises an interesting question: isn't that just what the browser does anyway?

function reloadOnF5(router) {
  document.onkeydown = function (event) {
    if (
      event.key == 'F5' ||
      event.code == 'F5' ||
      event.which == 116 ||
      event.keyCode == 116
    ) {
      event.returnValue = false;
      //router.push('/');
          router.go(router.currentRoute)
    }
  };
}

The best part of this is that at one point they used router.push('/') to navigate, which wouldn't refresh the page, but simply re-render the root page of the app and add an entry to the browser history.

var MD5 = function(d){result = M(/*a bunch of minified stuff*/);

That they include a minified md5 function isn't a WTF, but what's notable is that this is the only piece of their own code that is minified. It's mixed in with a file that has no other minified functions, which implies that someone copy/pasted this function out of a minified library.

Now, a common piece of validation you might want for a router is requiring inputs to be hexadecimal numbers. Now, for most of us, that'd be a short regex one liner. But if you're getting paid by the line, you can bloat that out to 30 lines without breaking a sweat:

function isHexaDigit(digit) {
   var hexVals = new Array("0", "1", "2", "3", "4", "5", "6", "7", "8", "9",
                           "A", "B", "C", "D", "E", "F", "a", "b", "c", "d", "e", "f");
   var len = hexVals.length;
   var i = 0;
   var ret = false;

   for ( i = 0; i < len; i++ )
      if ( digit == hexVals[i] ) break;

   if ( i < len )
      ret = true;

   return ret;
}

function isValidHexKey(val, size) {
   var ret = false;
   if (val.length == size) {
      for ( i = 0; i < val.length; i++ ) {
         if ( isHexaDigit(val.charAt(i)) == false ) {
            break;
         }
      }
      if ( i == val.length ) {
         ret = true;
      }
   }

   return ret;
}

None of that explains why Denilson's password manager didn't work, but it's a pretty clear example of the overall level of code quality. Note how in isHexaDigit they are using i as a function-scoped variable, and then use that i to determine if the validation passes- if we found a match before the end of the list, it must be a hex digit.

So why didn't the password manager work? Well, we have a snippet of the generated DOM, that points at what's going on:

<label for="userpassword">Password</label>
<div class="zypasswordBox">
    <input maxlength="64" maskctrl="true" id="userpassword" type="text" autocomplete="off" errorinline="true" class="maskPassword">
    <input maxlength="64" maskctrl="true" id="userpassword" type="text" autocomplete="off" errorinline="true" class="unmaskPassword" style="display: none;">
    <i id="userpassword_maskCheck" class="icon-visibility-on"></i>
</div>

Now, you'll first notice that there are two inputs with the same id. That's not valid HTML, which is likely enough to throw a password manager for a loop. But it's actually even worse than that. Notice how one is classed maskPassword and the other is unmaskPassword, and the unmasked one is set to display: none. The way this actually works is that JavaScript intercepts your key events in the maskPassword box, appends the key to the unmaskPassword box, and then replaces the key with a "*" and puts that in the maskPassword box.

So, instead of using input=type="password", which automatically masks a password, they just made up their own version. But this version is special, since it only detects input events, it doesn't let you do radical things, like use "backspace" or "navigate with arrow keys". In fact, because that would cause some unexpected behavior, the page actually clears the password box entirely if you use backspace or arrow keys.

Denilson writes:

And this is the quality of code that gets shipped into our homes. This is not the exception, this is the norm.

I think we all understand how bad the UI to pretty much every router is. Not to defend it, but to explain it, most of the router control interfaces for commodity routers are often written by the same networking engineers who are writing the network stack on the router. These are folks who are really good in low-level networking in C, suddenly being tossed a pile of HTML and JavaScript and being told, "Make this work."

Which is to say, it's not the programmers' fault, but the organization that thinks "enh, programmer is programmer, make software go brrrr".

[Advertisement] Picking up NuGet is easy. Getting good at it takes time. Download our guide to learn the best practice of NuGet for the Enterprise.

13:35

coreutils-9.10 released [stable] [Planet GNU]

This is to announce coreutils-9.10, a stable release.

Notable changes include:
- Options in man pages link directly into the full web docs
- timeout(1) now kills the command for all terminating signals
- paste(1) is now multi-byte character aware
- cp(1) fixes an unlikely infinite loop introduced in v9.9
- The multi-call binary is 3.2% smaller

There have also been many bug fixes and other changes
as summarized in the NEWS below.

There have been 288 commits by 10 people in the 12 weeks since 9.9.
Thanks to everyone who has contributed!
The following people contributed changes to this release:

Bernhard Voelker (1)
Bruno Haible (1)
Christopher Illarionova (2)
Collin Funk (92)
Dmitry V. Levin (1)
Egmont Koblinger (3)
Paul Eggert (14)
Padraig Brady (159)
Sylvestre Ledru (5)
oech3 (10)

Padraig [on behalf of the coreutils maintainers]
==================================================================

Here is the GNU coreutils home page:
    https://gnu.org/s/coreutils/

Here are the compressed sources:
https://ftp.gnu.org/gnu/coreutils/coreutils-9.10.tar.gz   (15MB)
https://ftp.gnu.org/gnu/coreutils/coreutils-9.10.tar.xz   (6.3MB)

Here are the GPG detached signatures:
https://ftp.gnu.org/gnu/coreutils/coreutils-9.10.tar.gz.sig
https://ftp.gnu.org/gnu/coreutils/coreutils-9.10.tar.xz.sig

Use a mirror for higher download bandwidth:
https://www.gnu.org/order/ftp.html

Here are the SHA256 and SHA3-256 checksums:

SHA256 (coreutils-9.10.tar.gz) = 4L3h+2hQlEf8cjzyUX6KjH+kZ2mRm7dJDtNQoukjhWI=
SHA3-256 (coreutils-9.10.tar.gz) = ajdC0yoxKq5sDXyeL9nMXNSZ26du/3QtZCEo4PNZZkA=
SHA256 (coreutils-9.10.tar.xz) = FlNamt8LEANzZOLWEqrT2fTso6NElJztdNEvr0vVHSU=
SHA3-256 (coreutils-9.10.tar.xz) = jUv9Ki9gdL5VuXEhDhGyuR+Md4r2PAnkJ9JCw1xdoWY=

Verify the base64 SHA256 checksum with 'cksum -a sha256 --check'
from coreutils-9.2 or OpenBSD's cksum since 2007.

Verify the base64 SHA3-256 checksum with 'cksum -a sha3 --check'
from coreutils-9.8.

Use a .sig file to verify that the corresponding file (without the
.sig suffix) is intact. First, be sure to download both the .sig file
and the corresponding tarball. Then, run a command like this:

gpg --verify coreutils-9.10.tar.xz.sig

The signature should match the fingerprint of the following key:

pub   rsa4096/0xDF6FD971306037D9 2011-09-23 [SC]
        Key fingerprint = 6C37 DC12 121A 5006 BC1D B804 DF6F D971 3060 37D9
uid                   [ultimate] Pádraig Brady <P@draigBrady.com>
uid                   [ultimate] Pádraig Brady <pixelbeat@gnu.org>

If that command fails because you don't have the required public key,
or that public key has expired, try the following commands to retrieve
or refresh it, and then rerun the 'gpg --verify' command.

gpg --locate-external-key P@draigBrady.com

gpg --recv-keys DF6FD971306037D9

wget -q -O- 'https://savannah.gnu.org/project/release-gpgkeys.php?group=coreutils&download=1' | gpg --import -

As a last resort to find the key, you can try the official GNU
keyring:

wget -q https://ftp.gnu.org/gnu/gnu-keyring.gpg
gpg --keyring gnu-keyring.gpg --verify coreutils-9.10.tar.xz.sig

This release is based on the coreutils git repository, available as

git clone https://https.git.savannah.gnu.org/git/coreutils.git

with commit 89b2cd58ac895e3fc0d24d8f10e7e4ba132e7fb6 tagged as v9.10.

For a summary of changes and contributors, see:

https://gitweb.git.savannah.gnu.org/gitweb/?p=coreutils.git;a=shortlog;h=v9.10

or run this command from a git-cloned coreutils directory:

git shortlog v9.9..v9.10

This release was bootstrapped with the following tools:
Autoconf 2.72.101-9513b
Automake 1.18.1
Gnulib 2026-01-24 1c5e0277c2143dd570d8c88f8923eed2afd8e13b
Bison 3.8.2

NEWS

* Noteworthy changes in release 9.10 (2026-02-04) [stable]

** Bug fixes

cp, install, and mv no longer enter an infinite loop copying sparse files
with SEEK_HOLE. E.g., this was seen on ext4 when copying sparse files with
extents that are being actively updated, and copy offload is not being used.
[bug introduced in coreutils-9.9]

'date' no longer fails with format directives that return an empty string.
[bug introduced in coreutils-9.9]

'dd seek=N of=FILE' no longer continues copying, overwriting FILE if it
exists, if ftruncate fails.
[bug introduced in coreutils-9.1]

du and ls no longer modify strings returned by getenv.
POSIX says this is not portable.
[bug introduced in fileutils-4.1.6]

'fmt' now correctly diagnoses read errors.
Previously fmt generated a generic error for any read error.
[bug introduced in coreutils-9.0]

md5sum --text correctly translates CRLF line endings with the MSYS2 runtime.
This also applies to the sha*sum and b2sum utilities.
[This bug was present in "the beginning".]

'numfmt' no longer drops custom suffixes from numbers it cannot fully parse.
[bug introduced with numfmt in coreutils-8.21]

'tail -f --pid' can no longer exit upon receiving a non terminating signal.
On older Linux systems it may have failed with "Interrupted system call".
[bug introduced in coreutils-7.5]

'timeout' will now propagate all terminating signals to the monitored command.
Previously 'timeout' could have exited and left the monitored command running.
[bug introduced with timeout in coreutils-7.0]

wc now documents its --debug option, currently used to
indicate the line count acceleration being used.
[bug introduced in coreutils-9.0]

When built with `clang -fno-inline`, memory allocation issues are again
handled in a defined manner. Previously programs may have crashed etc.
after a failure to allocate memory.
[bug introduced in coreutils-9.0]

** New Features

configure accepts a new --enable-single-binary=hardlinks mode to build the
selected programs as hard links to a multi-call binary called "coreutils".
This augments the existing "symlinks" and "shebangs" modes already
supported by the --enable-single-binary option.

'stat' and 'tail' now know about the "guest-memfd" file system type.
stat -f -c%T now reports the file system type,
and tail -f uses polling for this file system.

'tail' now accepts the --debug option, which is currently used to
detail the --follow implementation being used.

'du' now supports the short option -A corresponding to the existing long
option --apparent-size, for compatibility with FreeBSD.

** Changes in behavior

All commands now markup option names in --help and man pages,
with bold attributes, and hyperlinks into the online manual on gnu.org.
The links can be configured with the --enable-manual-url configure option,
and the bold highlighting with --disable-bold-man-page-references.
At runtime all markup can be disabled with the TERM=dumb env var value.

'fmt' -w,--width no longer includes '\n' in the width of a line.
I.e., the specified width is interpreted to be an _inclusive_ maximum.

'ls --hyperlink' now uses more standard format hyperlinks.
'ESC\' (ST) is now used as a delimiter, instead of '\a' (BEL).

'ptx' -t is no longer a no-op, and now sets the default width to 100 columns.

'timeout' now honors ignored signals and will not propagate them. E.g.,
timeout(1) in a shell backgrounded job, will not terminate upon receiving
SIGINT or SIGQUIT, as these are ignored by default in shell background jobs.

'timeout -v -s 0' now prints the signal number 0 instead of EXIT.

The multi-call binary now only processes --help or --version options
if it is installed with a name ending with "coreutils". This allows
for more consistent handling of these options with unsupported commands.

** Improvements

The multi-call binary built with configure --enable-single-binary
is reduced in size by 3.2% through the more efficient reuse of the cksum
utility by the md5sum and sha*sum utilities.

'cksum' now validates its options more consistently.
E.g., `cksum --text --tag` now fails like `cksum --tag --text` already did.

'cksum', 'du', and 'wc' now exit promptly upon receiving a write
error, which is significant when processing many input files.

csplit, ls, and sort, now handle a more complete set of terminating signals.

'du' now processes directories with 10,000 or more entries up to 9 times
faster on the Lustre file system.

'paste' now supports multi-byte --delimiters characters.

'pinky' will now exit immediately upon receiving a write error, which is
significant when reading large plan or project files.

'readlink' and 'realpath' will now exit promptly upon receiving a write error,
which is significant when canonicalizing multiple file names longer than
PATH_MAX.

'timeout' on Linux will always terminate the child in the case where the
timeout process itself dies, like when it receives a KILL signal for example.

** Build-related

Programs now port to C23 platforms that strictly check types when
qualifier-generic functions like strchr are used.

'chcon' and 'runcon' stub binaries will be built on systems without
libselinux, when configured using --with-selinux.

'kill' and 'uptime' are no longer built by default. These programs can be
built with the --enable-install-program=kill,uptime configure option.

12:07

US Declassifies Information on JUMPSEAT Spy Satellites [Schneier on Security]

The US National Reconnaissance Office has declassified information about a fleet of spy satellites operating between 1971 and 2006.

I’m actually impressed to see a declassification only two decades after decommission.

11:56

Ben Hutchings: FOSS activity in January 2026 [Planet Debian]

Debian packages:
- dracut:
  - Bugs:
    - replied to and reassigned #1124400: update-initramfs no longer includes /lib/modules/<kver>/updates directory
- flash-kernel:
  - Bugs:
    - closed #1102690: A higher version (…) is still installed, no reflashing required
    - closed #1125327: since linux 6.18, flash-kernel fails to find dtbs in /usr/lib/linux-image-*
  - Uploads:
    - uploaded version 3.110 to unstable
    - uploaded version 3.110~bpo13+1 to trixie-backports
- kernel-sec:
  - Merge requests:
    - opened !30: scripts/import-korg-vulns: Ignore issues in unsupported architectures
- libvirt:
  - Bugs:
    - (LTS) opened and replied to #1124549: libvirt passes invalid flags for network interface deletion
- linux:
  - Bugs:
  - Merge requests:
    - reviewed !1784: Add breaks on reform-tools and flash-kernel versions before support for…
  - (LTS) updated the bullseye-security branch to 5.10.248, but did not upload it
- (LTS) linux-6.1:
  - uploaded version 6.1.159-1~deb11u1 to bullseye-security
- linux-base:
  - Bugs:
  - Uploads:
    - uploaded version 4.12.1 to trixie
    - uploaded version 4.15 to unstable
- ministat:
  - Bugs:
    - closed #1123854: ministat: Packaging vcs doesn’t work, upstream vcs unspecified
    - closed #1123856: ministat: ministat crashes given all-inf input
  - Uploads:
    - uploaded version 20251113-1 to unstable
    - uploaded version 20251113-2 to unstable
- wireless-regdb:
  - Merge requests:
    - merged !7: Drop unnecessary B-D m2crypto (Closes: #1126431)
Debian non-package bugs:
- release.debian.org:
  - opened #1126020: trixie-pu: package linux-base/4.12.1
Mailing lists:
- debian-kernel:
  - posted Agenda items for kernel-team meeting on 2026-01-07
  - replied to Questions on debdiff for linux-signed-{amd64,arm64} in trixie-backports
  - (LTS) replied to [regression 5.10.y] Libvirt can no longer delete macvtap devices …
  - posted cpp-httplib FTBFS in unstable
  - (LTS) replied to kernel 5.10.0-28-amd64: linux-headers needed
- debian-lts:
  - posted and replied to Regression update for libvirt in bullseye?
- debian-lts-announce:
  - posted [SECURITY] [DLA 4436-1] linux-6.1 security update
- netdev:
  - replied to Bug#1126015: linux-image-6.17.13+deb14-rt-amd64: ethtool -x <sfc-net-driver-ifname> causes: rtmutex deadlock detected
- stable:
  - (LTS) posted [5.10] net/sched: act_ife: convert comma to semicolon
  - (LTS) posted [5.10] regression: virtual consoles 2-12 unusable
  - (LTS) reviewed and replied to various patches for 5.10 … … … … … … … … … … … … … … … … … …

10:28

Sorting [Seth's Blog]

A surprising amount of our time is spent sorting things to create value.

They sort the rotten cranberries from the good ones to ensure that the bag at the market is worth buying. And we sort the movies worth watching, the bargains worth pursuing and the news worth reading. Editors, gold miners and detectives are mostly in the sorting business.

Organized education uses sorting both as a motivation tool and a way to ensure that the graduates it produces meet spec.

Not only do we sort, we are often sorted.

Freelancers and job seekers are sorted into groups, and the best ones sort their potential clients and clients before wasting their time.

Lazy sorting is distracting, expensive and often toxic. Relying on false proxies, easily measured but irrelevant, is a common sorting trap.

And getting better at sorting might be the single most effective improvement we can make in our work. It’s not difficult to improve if we focus on it.

09:49

Please Don’t Feed the Scattered Lapsus ShinyHunters [Krebs on Security]

A prolific data ransom gang that calls itself Scattered Lapsus ShinyHunters (SLSH) has a distinctive playbook when it seeks to extort payment from victim firms: Harassing, threatening and even swatting executives and their families, all while notifying journalists and regulators about the extent of the intrusion. Some victims reportedly are paying — perhaps as much to contain the stolen data as to stop the escalating personal attacks. But a top SLSH expert warns that engaging at all beyond a “We’re not paying” response only encourages further harassment, noting that the group’s fractious and unreliable history means the only winning move is not to pay.

Image: Shutterstock.com, @Mungujakisa

Unlike traditional, highly regimented Russia-based ransomware affiliate groups, SLSH is an unruly and somewhat fluid English-language extortion gang that appears uninterested in building a reputation of consistent behavior whereby victims might have some measure of confidence that the criminals will keep their word if paid.

That’s according to Allison Nixon, director of research at the New York City based security consultancy Unit 221B. Nixon has been closely tracking the criminal group and individual members as they bounce between various Telegram channels used to extort and harass victims, and she said SLSH differs from traditional data ransom groups in other important ways that argue against trusting them to do anything they say they’ll do — such as destroying stolen data.

Like SLSH, many traditional Russian ransomware groups have employed high-pressure tactics to force payment in exchange for a decryption key and/or a promise to delete stolen data, such as publishing a dark web shaming blog with samples of stolen data next to a countdown clock, or notifying journalists and board members of the victim company. But Nixon said the extortion from SLSH quickly escalates way beyond that — to threats of physical violence against executives and their families, DDoS attacks on the victim’s website, and repeated email-flooding campaigns.

SLSH is known for breaking into companies by phishing employees over the phone, and using the purloined access to steal sensitive internal data. In a January 30 blog post, Google’s security forensics firm Mandiant said SLSH’s most recent extortion attacks stem from incidents spanning early to mid-January 2026, when SLSH members pretended to be IT staff and called employees at targeted victim organizations claiming that the company was updating MFA settings.

“The threat actor directed the employees to victim-branded credential harvesting sites to capture their SSO credentials and MFA codes, and then registered their own device for MFA,” the blog post explained.

Victims often first learn of the breach when their brand name is uttered on whatever ephemeral new public Telegram group chat SLSH is using to threaten, extort and harass their prey. According to Nixon, the coordinated harassment on the SLSH Telegram channels is part of a well-orchestrated strategy to overwhelm the victim organization by manufacturing humiliation that pushes them over the threshold to pay.

Nixon said multiple executives at targeted organizations have been subject to “swatting” attacks, wherein SLSH communicated a phony bomb threat or hostage situation at the target’s address in the hopes of eliciting a heavily armed police response at their home or place of work.

“A big part of what they’re doing to victims is the psychological aspect of it, like harassing executives’ kids and threatening the board of the company,” Nixon told KrebsOnSecurity. “And while these victims are getting extortion demands, they’re simultaneously getting outreach from media outlets saying, ‘Hey, do you have any comments on the bad things we’re going to write about you.”

In a blog post today, Unit 221B argues that no one should negotiate with SLSH because the group has demonstrated a willingness to extort victims based on promises that it has no intention to keep. Nixon points out that all of SLSH’s known members hail from The Com, shorthand for a constellation of cybercrime-focused Discord and Telegram communities which serve as a kind of distributed social network that facilitates instant collaboration.

Nixon said Com-based extortion groups tend to instigate feuds and drama between group members, leading to lying, betrayals, credibility destroying behavior, backstabbing, and sabotaging each other.

“With this type of ongoing dysfunction, often compounding by substance abuse, these threat actors often aren’t able to act with the core goal in mind of completing a successful, strategic ransom operation,” Nixon wrote. “They continually lose control with outbursts that put their strategy and operational security at risk, which severely limits their ability to build a professional, scalable, and sophisticated criminal organization network for continued successful ransoms – unlike other, more tenured and professional criminal organizations focused on ransomware alone.”

Intrusions from established ransomware groups typically center around encryption/decryption malware that mostly stays on the affected machine. In contrast, Nixon said, ransom from a Com group is often structured the same as violent sextortion schemes against minors, wherein members of The Com will steal damaging information, threaten to release it, and “promise” to delete it if the victim complies without any guarantee or technical proof point that they will keep their word. She writes:

A key component of SLSH’s efforts to convince victims to pay, Nixon said, involves manipulating the media into hyping the threat posed by this group. This approach also borrows a page from the playbook of sextortion attacks, she said, which encourages predators to keep targets continuously engaged and worrying about the consequences of non-compliance.

“On days where SLSH had no substantial criminal ‘win’ to announce, they focused on announcing death threats and harassment to keep law enforcement, journalists, and cybercrime industry professionals focused on this group,” she said.

An excerpt from a sextortion tutorial from a Com-based Telegram channel. Image: Unit 221B.

Nixon knows a thing or two about being threatened by SLSH: For the past several months, the group’s Telegram channels have been replete with threats of physical violence against her, against Yours Truly, and against other security researchers. These threats, she said, are just another way the group seeks to generate media attention and achieve a veneer of credibility, but they are useful as indicators of compromise because SLSH members tend to name drop and malign security researchers even in their communications with victims.

“Watch for the following behaviors in their communications to you or their public statements,” Unit 221B’s advisory reads. “Repeated abusive mentions of Allison Nixon (or “A.N”), Unit 221B, or cybersecurity journalists—especially Brian Krebs—or any other cybersecurity employee, or cybersecurity company. Any threats to kill, or commit terrorism, or violence against internal employees, cybersecurity employees, investigators, and journalists.”

Unit 221B says that while the pressure campaign during an extortion attempt may be traumatizing to employees, executives, and their family members, entering into drawn-out negotiations with SLSH incentivizes the group to increase the level of harm and risk, which could include the physical safety of employees and their families.

“The breached data will never go back to the way it was, but we can assure you that the harassment will end,” Nixon said. “So, your decision to pay should be a separate issue from the harassment. We believe that when you separate these issues, you will objectively see that the best course of action to protect your interests, in both the short and long term, is to refuse payment.”

Who Operates the Badbox 2.0 Botnet? [Krebs on Security]

The cybercriminals in control of Kimwolf — a disruptive botnet that has infected more than 2 million devices — recently shared a screenshot indicating they’d compromised the control panel for Badbox 2.0, a vast China-based botnet powered by malicious software that comes pre-installed on many Android TV streaming boxes. Both the FBI and Google say they are hunting for the people behind Badbox 2.0, and thanks to bragging by the Kimwolf botmasters we may now have a much clearer idea about that.

Our first story of 2026, The Kimwolf Botnet is Stalking Your Local Network, detailed the unique and highly invasive methods Kimwolf uses to spread. The story warned that the vast majority of Kimwolf infected systems were unofficial Android TV boxes that are typically marketed as a way to watch unlimited (pirated) movie and TV streaming services for a one-time fee.

Our January 8 story, Who Benefitted from the Aisuru and Kimwolf Botnets?, cited multiple sources saying the current administrators of Kimwolf went by the nicknames “Dort” and “Snow.” Earlier this month, a close former associate of Dort and Snow shared what they said was a screenshot the Kimwolf botmasters had taken while logged in to the Badbox 2.0 botnet control panel.

That screenshot, a portion of which is shown below, shows seven authorized users of the control panel, including one that doesn’t quite match the others: According to my source, the account “ABCD” (the one that is logged in and listed in the top right of the screenshot) belongs to Dort, who somehow figured out how to add their email address as a valid user of the Badbox 2.0 botnet.

The control panel for the Badbox 2.0 botnet lists seven authorized users and their email addresses. Click to enlarge.

Badbox has a storied history that well predates Kimwolf’s rise in October 2025. In July 2025, Google filed a “John Doe” lawsuit (PDF) against 25 unidentified defendants accused of operating Badbox 2.0, which Google described as a botnet of over ten million unsanctioned Android streaming devices engaged in advertising fraud. Google said Badbox 2.0, in addition to compromising multiple types of devices prior to purchase, also can infect devices by requiring the download of malicious apps from unofficial marketplaces.

Google’s lawsuit came on the heels of a June 2025 advisory from the Federal Bureau of Investigation (FBI), which warned that cyber criminals were gaining unauthorized access to home networks by either configuring the products with malware prior to the user’s purchase, or infecting the device as it downloads required applications that contain backdoors — usually during the set-up process.

The FBI said Badbox 2.0 was discovered after the original Badbox campaign was disrupted in 2024. The original Badbox was identified in 2023, and primarily consisted of Android operating system devices (TV boxes) that were compromised with backdoor malware prior to purchase.

KrebsOnSecurity was initially skeptical of the claim that the Kimwolf botmasters had hacked the Badbox 2.0 botnet. That is, until we began digging into the history of the qq.com email addresses in the screenshot above.

CATHEAD

An online search for the address 34557257@qq.com (pictured in the screenshot above as the user “Chen“) shows it is listed as a point of contact for a number of China-based technology companies, including:

–Beijing Hong Dake Wang Science & Technology Co Ltd.
–Beijing Hengchuang Vision Mobile Media Technology Co. Ltd.
–Moxin Beijing Science and Technology Co. Ltd.

The website for Beijing Hong Dake Wang Science is asmeisvip[.]net, a domain that was flagged in a March 2025 report by HUMAN Security as one of several dozen sites tied to the distribution and management of the Badbox 2.0 botnet. Ditto for moyix[.]com, a domain associated with Beijing Hengchuang Vision Mobile.

A search at the breach tracking service Constella Intelligence finds 34557257@qq.com at one point used the password “cdh76111.” Pivoting on that password in Constella shows it is known to have been used by just two other email accounts: daihaic@gmail.com and cathead@gmail.com.

Constella found cathead@gmail.com registered an account at jd.com (China’s largest online retailer) in 2021 under the name “陈代海,” which translates to “Chen Daihai.” According to DomainTools.com, the name Chen Daihai is present in the original registration records (2008) for moyix[.]com, along with the email address cathead@astrolink[.]cn.

Incidentally, astrolink[.]cn also is among the Badbox 2.0 domains identified in HUMAN Security’s 2025 report. DomainTools finds cathead@astrolink[.]cn was used to register more than a dozen domains, including vmud[.]net, yet another Badbox 2.0 domain tagged by HUMAN Security.

XAVIER

A cached copy of astrolink[.]cn preserved at archive.org shows the website belongs to a mobile app development company whose full name is Beijing Astrolink Wireless Digital Technology Co. Ltd. The archived website reveals a “Contact Us” page that lists a Chen Daihai as part of the company’s technology department. The other person featured on that contact page is Zhu Zhiyu, and their email address is listed as xavier@astrolink[.]cn.

A Google-translated version of Astrolink’s website, circa 2009. Image: archive.org.

Astute readers will notice that the user Mr.Zhu in the Badbox 2.0 panel used the email address xavierzhu@qq.com. Searching this address in Constella reveals a jd.com account registered in the name of Zhu Zhiyu. A rather unique password used by this account matches the password used by the address xavierzhu@gmail.com, which DomainTools finds was the original registrant of astrolink[.]cn.

ADMIN

The very first account listed in the Badbox 2.0 panel — “admin,” registered in November 2020 — used the email address 189308024@qq.com. DomainTools shows this email is found in the 2022 registration records for the domain guilincloud[.]cn, which includes the registrant name “Huang Guilin.”

Constella finds 189308024@qq.com is associated with the China phone number 18681627767. The open-source intelligence platform osint.industries reveals this phone number is connected to a Microsoft profile created in 2014 under the name Guilin Huang (桂林黄). The cyber intelligence platform Spycloud says that phone number was used in 2017 to create an account at the Chinese social media platform Weibo under the username “h_guilin.”

The public information attached to Guilin Huang’s Microsoft account, according to the breach tracking service osintindustries.com.

The remaining three users and corresponding qq.com email addresses were all connected to individuals in China. However, none of them (nor Mr. Huang) had any apparent connection to the entities created and operated by Chen Daihai and Zhu Zhiyu — or to any corporate entities for that matter. Also, none of these individuals responded to requests for comment.

The mind map below includes search pivots on the email addresses, company names and phone numbers that suggest a connection between Chen Daihai, Zhu Zhiyu, and Badbox 2.0.

This mind map includes search pivots on the email addresses, company names and phone numbers that appear to connect Chen Daihai and Zhu Zhiyu to Badbox 2.0. Click to enlarge.

UNAUTHORIZED ACCESS

The idea that the Kimwolf botmasters could have direct access to the Badbox 2.0 botnet is a big deal, but explaining exactly why that is requires some background on how Kimwolf spreads to new devices. The botmasters figured out they could trick residential proxy services into relaying malicious commands to vulnerable devices behind the firewall on the unsuspecting user’s local network.

The vulnerable systems sought out by Kimwolf are primarily Internet of Things (IoT) devices like unsanctioned Android TV boxes and digital photo frames that have no discernible security or authentication built-in. Put simply, if you can communicate with these devices, you can compromise them with a single command.

Our January 2 story featured research from the proxy-tracking firm Synthient, which alerted 11 different residential proxy providers that their proxy endpoints were vulnerable to being abused for this kind of local network probing and exploitation.

Most of those vulnerable proxy providers have since taken steps to prevent customers from going upstream into the local networks of residential proxy endpoints, and it appeared that Kimwolf would no longer be able to quickly spread to millions of devices simply by exploiting some residential proxy provider.

However, the source of that Badbox 2.0 screenshot said the Kimwolf botmasters had an ace up their sleeve the whole time: Secret access to the Badbox 2.0 botnet control panel.

“Dort has gotten unauthorized access,” the source said. “So, what happened is normal proxy providers patched this. But Badbox doesn’t sell proxies by itself, so it’s not patched. And as long as Dort has access to Badbox, they would be able to load” the Kimwolf malware directly onto TV boxes associated with Badbox 2.0.

The source said it isn’t clear how Dort gained access to the Badbox botnet panel. But it’s unlikely that Dort’s existing account will persist for much longer: All of our notifications to the qq.com email addresses listed in the control panel screenshot received a copy of that image, as well as questions about the apparently rogue ABCD account.

Irregular Webcomic! #3027 [Irregular Webcomic!]

Irregular Webcomic! #3027

09:00

Liver Me Timbers [Penny Arcade]

New Comic: Liver Me Timbers

07:56

Launching The Rural Guaranteed Minimum Income Initiative [Coding Horror]

It's been a year since I invited Americans to join us in a pledge to Share the American Dream:

1. Support organizations you feel are effectively helping those most in need across America right now.

2. Within the next five years, also contribute public dedications of time or funds towards longer term efforts to keep the American Dream fair and attainable for all our children.

Stay gold, America. 💛

Personally, I’ve become a big believer in one particular quote, especially considering the specific context in which it was delivered:

“From those to whom much is given, much is expected.” — Mary Gates

Those 10 words had a profound effect on the world. Indeed, we were given much, so we, as a family, will choose to give much. On a recent podcast, my partner Betsy said it better than I could have:

“Well, we have everything we need!” That’s how I’ve always phrased it to [our children]. That, I think, extends [to our philanthropy]. We have everything we need; how do we make sure everybody has what they need? Because that’s the basic thing — Do you have a comfortable place to live? Do you have enough to eat? Do you have healthcare? If you have the basics, you’re in a good place in life, and everybody should have that opportunity.

It’s a question I’ve asked myself a lot since 2021. When, exactly, is enough?

Launching The Rural Guaranteed Minimum Income Initiative

We do have everything we need. Why can’t everyone else have the basic things they need, too?

Beyond the $1M to eight nonprofit charities we listed in January 2025, we saw immediate needs becoming so urgent that we quickly added an additional $13M in donations within a few months, for a total of $21M.

Immediate Share The American Dream Donations (~$21M)

Team Rubicon — $1M
Children’s Hunger Fund — $1M
PEN America — $1M
The Trevor Project — $1M
NAACP Legal Defense and Educational Fund — $1M + $100k
First Generation Investors — $1M
Global Refuge — $1M
Planned Parenthood — $1M
VoteVets — $2M
Mastodon — $1.5M
404 Media — $1.1M
Ryan Broderick / Garbage Day — $1M
Internet Archive — $1M
Common Crawl Foundation — $1M
Wikipedia / Wikimedia foundation — $1M
Internet Security Research Group — $1M
DNA Lounge — $1M
Murena — $500k
Sharewell — $300k
Precious Plastic — $100k
Economic Security Project — $100k
Rural Democracy Initiative — $100k
Civic Nation — $100k
Sojourn Project — $750k
Alameda Food Bank — $150k
Urban Compassion Project — $75k

But you can’t take a completely short term view and fight each individual fire reactively, as it comes. You'll never stop firefighting. We also have to do fire abatement and deal with the root causes, improving conditions in this country such that there aren’t so many fires. Thus for the second half, much longer term part, in addition to the $21M already donated, we pledged $50M — half of our remaining wealth — to address the underlying, systemic issues.

I proposed some speculative ideas in “Stay Gold,” and this one ended up being the closest:

We could found a new organization loosely based on the original RAND Corporation, but modernized like Lever for Change. We can empower the best and brightest to determine a realistic, achievable path toward preserving the American Dream for everyone, working within the current system or outside it.

By March, 2025 we had consensus — The Road Not Taken is Guaranteed Minimum Income.

The Road Not Taken is Guaranteed Minimum Income

The dream is incomplete until we share it with our fellow Americans.

Coding HorrorJeff Atwood

Guaranteed Minimum Income (GMI) is an improved version of the older concept of Universal Basic Income (UBI) — rather than indiscriminately giving money to “everyone,” GMI directs the money towards those who most need it, particularly families experiencing generational poverty.

📢 Please note that after this post, Coding Horror will revert to normal nerdy blog posts, and all future GMI content will be at a dedicated site linked below.

Why did we decide on GMI?

Almost every existing UBI/GMI study result data we could find indicates cash generally works. For example, OpenResearch data showed the greatest increase in spending among study participants was in meeting basic needs, with the greatest percent increase in support to others (26%), along with huge decreases in reported alcohol use (20% less) and days using non-prescribed painkillers (53% fewer). Why wouldn’t we continue to build something that has generally been shown to work, study after study, time and time again?
This is survival money, cash for folks so they can put food on the table, get a roof over their heads, have a functioning vehicle to go to work, and decide how to meet their most basic, critical needs. It pains me to say this, but we live in a world where many people simply do not often experience open generosity, or regular income. When you show someone what it feels like to just not be hungry for a little while, their view of the world changes. They feel trusted. They see possibility.

RISE Recipient Stacy D. | WV

I moved here with my family. And I have no family up here other than who I brought with me. So, how most people can be like, “Hey, I’m having a hard time. Got $20 or a pack of diapers.” I have nobody up here to do that. So, if me and my husband don't figure it out, it don't get figured out.

So, I’ve got five kids that live with me... I was working full-time until I got pregnant. I prayed for this baby for 10 years. So, as soon as I got pregnant, I stopped working. I was high risk.

The day I got cleared to go back to work, my vehicle broke down. It was the only vehicle that we had that carried all the kids. So, I’ve been four months without my car. So this is also going to get my vehicle back on the road.

You don’t know how hard it is to ask people, hey, can I get a ride to the grocery store? Or, hey, my baby has two month shots. I had to borrow a vehicle. This is gonna... it’s going to do a lot!

Unlike many other social programs, GMI studies require initiative. These are opt-in studies that you have to sign up for, demonstrate that you meet the income criteria and are a resident of the county — and because spots are limited, be randomly selected from eligible applicants. We emphasize that this is not passive, it is active teamwork to improve the GMI program with your family, your community, and everyone else we can reach together over the next few decades.

Building On What Works

The massive OpenResearch UBI study, the largest and most detailed guaranteed income study ever conducted in the USA, was designed to be a template for future, more refined studies, and that’s exactly what we’re doing. We will also use what we learn in this group of three counties — as in software, the rule of three — to iterate, adapt, and improve our GMI study playbook with every new group of three counties, generating a playbook anyone can use.
We strive to do repeatable, replicable science in every study, and all our data will be open and freely shared with the world. We’re contributing to — and partially funding — a global, open data repository for basic income pilots all around the world, UBIdata. It’s the same reason we made Stack Overflow content part of the creative commons, and Discourse fully open source.
GMI is seed funding for families, investing in our fellow Americans, those who need it the most. A large body of research shows that dollars targeted to lower-income families are more likely to be spent quickly and reduce hardship, and can improve outcomes for children. “Trickle up” economics works, whereas "trickle down" tax cuts for the rich increase income inequality and provide no significant effect on growth or jobs.
This is the newer trust based model of philanthropy, much closer to venture capital funding. We primarily empower, fund, and build up existing organizations like GiveDirectly and OpenResearch, forming a collaborative team to leverage all their existing work and grow their organizations in whatever way they see fit, because they have the most experience in the GMI space.

The Rural Guaranteed Minimum Income Initiative

I like to go that way, really fast, so we are already well underway with the Rural Guaranteed Minimum Income Initiative.

We focus on rural counties, where dollars go a lot further, poverty is more prevalent, and populations are smaller for tighter studies. Rural counties are also greatly overlooked in this country, in my opinion, yet they have so much incredible untapped talent. I know because that’s exactly where my parents and I are from.

We’ve funded three county level programs (Mercer, WV; Beaufort, NC; Warren, MS) that are already underway, where we will help lift thousands of people out of poverty for a period of 16 months, while sharing data and results with the world. That’s a good start.

But I think we can do considerably more. With your help, we hope to reach all 50 states over time.

In “Stay Gold,” I noted that all of American history contains the path of love, and the path of hate. But the path of love is the only survivable path. It’s so much harder, and it’s going to be a lifetime of work. But what else could I possibly buy with our money that would be worth anything close to this, for all of us?

What You Can Do

Everyone is invited to help. Share results, learn the history of GMI (it’s actually fascinating, I swear), talk to your representatives and generally spread the word. A surprising number of people have never even heard the terms UBI or GMI, and sometimes have misconceptions about what they are and how they work.

If you, or someone you know, is “those to whom much is given,” and in a position to sponsor county-scale work, please join us in bringing a GMI study to a new rural county and reach all 50 states. Let’s continue to do science and help lift thousands of people out of poverty while generating open data for the world.

This is my third and final startup. Rather than an “Atwood Foundation,” all we want to do is advance the concept of direct cash transfer. Simply giving money to those most in need is perhaps the most radical act of love we can take on... and all the data I can find shows us that it works — helping people afford basic needs, keep stable housing, and handle unexpected expenses.

Dreams, like happiness, are only real when shared. So let’s do that together.

staygold.us 💛

06:28

Girl Genius for Wednesday, February 04, 2026 [Girl Genius]

The Girl Genius comic for Wednesday, February 04, 2026 has been posted.

06:14

Urgent: Stop showing recruitment ads for deportation thugs [Richard Stallman's Political Notes]

Everyone: call on Google and YouTube to stop showing recruitment ads for the deportation thugs.

See the instructions for how to sign this letter campaign without running any nonfree JavaScript code--not trivial, but not hard.

Urgent: Temporary immigration permission for Haitian refugees [Richard Stallman's Political Notes]

US citizens: call on your congresscritter to sign the discharge petition for preserving temporary immigration permission for Haitian refugees.

See the instructions for how to sign this letter campaign without running any nonfree JavaScript code--not trivial, but not hard.

Urgent: Call for firing the gnome [Richard Stallman's Political Notes]

US citizens: call for firing the gnome (Kristi Noem).

Section 702 of PAT RIOT Act [Richard Stallman's Political Notes]

What's happening with Section 702 of the PAT RIOT Act, which allows massive collection of Americans' communication because they get lumped in with the communications of foreigners.

Separatists in Alberta accused of treason [Richard Stallman's Political Notes]

Separatists in Alberta are accused of treason because they met secretly with US officials seeking assistance in launching a referendum to break up Canada.

There is little chance the referendum would win, but the corrupter might fabricate the claim that it was defeated by supposed "fraud".

EU called upon to phase out fossil fuels from US [Richard Stallman's Political Notes]

Civil society organizations called on the EU to phase out purchases of fossil fuels from the US.

The fossil fuels carry a threat of global disaster, and buying them from the US carries a threat of global fascism.

Tax breaks for landlords in Australia [Richard Stallman's Political Notes]

*Australia spends more on tax breaks for landlords than social housing, homelessness and rent assistance combined.*

This demonstrates which people the politicians listen to. Australia needs a Spread the Wealth party that will prioritize the non-rich.

Australia outsources deportation prisons. [Richard Stallman's Political Notes]

Australia outsources deportation prisons. For an additional shock, it outsources them to a multinational company accused of "gross negligence" in its deportation prisons in the US.

Outsourcing any government service to specific companies invites them to skimp on the work and gouge the state. The practice should be abolished.

Alex Pretti 11 days before deportation thugs killed him [Richard Stallman's Political Notes]

11 days before deportation thugs killed Alex Pretti, he was at or near a protest and made an angry but harmless gesture against deportation thugs' car, whereupon some came out and violently attacked him.

On that occasion, the thugs didn't shoot him, but they committed violence against various people present at the protest.

I'm gratified to see that others have joined me in calling cops that commit wanton and gratuitous violence "thugs". Whether cops act like thugs depends on their training. The persecutor's >haste to hire tens of thousands more deportation thugs, with little qualifications and little training, surely encourages their gratuitous violence.

Doctors being arrested in Iran [Richard Stallman's Political Notes]

* Doctors are being arrested in Iran for helping save the lives of some of the tens of thousands injured during Iran's [murderous] crackdown on anti-regime protests.*

Pretend Intelligence to write transportation regulations [Richard Stallman's Political Notes]

The magat administration plans to use Pretend Intelligence to write federal transportation regulations.

It may do no harm as long as the numskull is in charge, since he often tells his officials to ignore what regulations actually say and impose unrelated requirements or no requirements.

Australia's law to protect environment [Richard Stallman's Political Notes]

* Australia's law that is supposed to protect the environment and cultural heritage doesn’t work.* Analysis of one major recent case demonstrates this.

Chicago to investigate deportation thugs [Richard Stallman's Political Notes]

Chicago is preparing to investigate deportation thugs for crimes they commit.

If University of Pennsylvania hands over list of Jews [Richard Stallman's Political Notes]

If the US government succeeds in forcing the University of Pennsylvania to hand over a list of students and employees who are Jews, it could make any school or any employer give a list of Jews, a list of Muslims, and maybe even a list of Atheists.

The irony of starting the persecution of a group by pretending to be working to protect it would be a fillip of delight for the cunning persecutors of Project 2025.

Venezuelans must choose their own path [Richard Stallman's Political Notes]

*We Venezuelans must choose our own path. We need fair elections, not bombs or contracts with the US oil industry.*

WhatsApp can access purportedly 'private' communications [Richard Stallman's Political Notes]

A lawsuit claims that WhatsApp "can access virtually all of WhatsApp users’ purportedly 'private' communications."

I don't know any facts about what WhatsApp can decrypt at present. What I do know is that the app is nonfree software. As a matter of fundamental principle, you can't trust a non-free program to deal with you honestly. Meta certainly could rig the WhatsApp app to save the cleartext of messages, and send it to the server (encrypted in a way the server can decrypt, just so users can't tell what it is doing). I know of nothing that would prevent or deter it from doing so.

As for whether it has actually done so, I have no knowledge about that. Maybe the lawsuit will give us information. But if we learn that Meta has not done this, that won't prove it can't do so next year.

Aspects of fascism in wrecker's misrule [Richard Stallman's Political Notes]

Identifying many diagnostic aspects of fascism in the wrecker's misrule.

Farcical case against Don Lemon and Georgia Fort [Richard Stallman's Political Notes]

*The Farcical Case Against Don Lemon and Georgia Fort for Protest Reporting.*

The arrest of journalists Don Lemon and Georgia Fort in Minnesota was ordered by Persecutor General Bondi, after two courts had ruled there was nothing to arrest them for. It is an example the bully's attempt to eliminate freedom of the press.

Israel's army accepted figures of casualties [Richard Stallman's Political Notes]

Israel's army has accepted HAMAS's figures for casualties in Gaza. This is after two years of claiming they were lies.

Doomsday clock [Richard Stallman's Political Notes]

The Bulletin of the Atomic Scientists advanced the Doomsday Clock to 85 seconds before midnight.

*The scientists cited risks of nuclear war, the climate crisis, potential misuse of biotechnology and the increasing use of [pretend intelligence and] artificial intelligence without adequate controls.*

Drug search danger [Richard Stallman's Political Notes]

How drug searches at events increase the danger to participants from drugs.

02:56

for developers who don't use ai -- here's the kind of question i ask chatgpt. "i have a div that contains icons that are either svg's or font-awesome i's. if it were text, i'd use font-size to control the size of the icons, which won't work here. what's the right way to do it?"

Zig replaces third-party C code with Zig’s own code [OSnews]

apple is a company, very good at selling itself as a lifestyle. but there's only one person, who's been gone for 15 years, who could keep that reality distortion field inflated.

01:49

Comics [QC RSS]

00:14

(5219) [Flipside]

Chill Seekers [The Stranger]

It’s never not surprising when artists create adventurous, instrumental electronic music that breaks through to a wider audience. In an era of formulaic, innocuous mega-streamers, challenging sounds snaring major mindshare is rare and precious. Recently, we’ve seen that phenomenon with Oneohtrix Point Never, Mica Levi, and Robert A.A. Lowe scoring films funded by millionaires. On a slightly smaller scale, we’re witnessing this scenario play out with Purelink, a NYC-via-Chicago trio who have risen to notoriety with critically acclaimed, deeply blissful albums Signs (2023) and Faith (2025) for the tiny indie label Peak Oil. by Dave Segal

On a slightly smaller scale, we’re witnessing this scenario play out with Purelink, a NYC-via-Chicago trio who have risen to notoriety with critically acclaimed, deeply blissful albums Signs (2023) and Faith (2025) for the tiny indie label Peak Oil. Few ambient-dub outfits with nary a vocal hook in earshot (save for guest Loraine James’s understated one on “Rookie”), let alone big budgets, end up notching six-figure streams and earning opening slots for popular artists such as Tirzah and Astrid Sonne. Sure looks like Purelink are the latest anointed ones.

Certainly, there are dozens of musicians working in Purelink’s chill zone. Yet the media and the listening public have bestowed more love and attention than most on the peace-inducing work of Tommy Paslaski, Akeem Asani, and Ben Paulson. Rightfully so, although unexpected, given that Signs abounds with Loscil-like ambient drifts and gentle, undanceable beats to which your infant can nap. Standout cut “4k Murmurs” harks back to the amniotic, beatific nature of Aphex Twin’s Selected Ambient Works 85–92. It’s the kind of stuff that KEXP DJ Alex Ruder plays on the early Sunday morning show Pacific Notions but doesn’t air during prime-time hours.

Purelink’s latest album, Faith, offers profound calm and balm in sonic form. The sound’s super minimal, but its emotional support system is maximal. An aquatic placidity predominates, although some beats skitter on the down-low. On the etiolated, acoustic-guitar-bolstered “First Iota,” poet Angelina Nonaj intones, “Not everything beautiful has to be real,” and it sounds like a band ethos. “Circle of Dust” tranquilly ripples with submerged, Chain Reaction–esque rhythms amid gorgeous, pastel synth vapor; it’s dub techno as evanescent and consoling as the memory of a beautiful dream.

On 2022’s Purelink EP, tropical-paradise ambience quivers with understated hand percussion, making you feel as if you’re on the choicest SSRIs. “Fine Pink Mist (Low Flung Version)” is Balearic, sundown-shiver gold, while “Dozen Sunbeams (Nice Girl Version)” is house music distilled to an unfathomable blissfulness. That three cats from polar-vortex-suffering Chicago created this is somewhat miraculous. That same year’s Puredub peddles ambient dub honed to a wisp. “Cricket Dub” is the greatest track that the Orb never recorded; “Depression Dub” is chillout-room Meat Beat Manifesto. Purelink have moved away from this style, but let’s hope not forever. Similarly, the atmospheric, hall-of-mirrors drum and bass of 2021’s “Head on a Swivel” appears to have been abandoned, but maybe only temporarily.

Purelink’s ascent makes one wonder: When’s the last time we had a prominent (non-EDM) electronic-music group with three members? The setup’s unusual, so I’m wondering how Purelink manage to realize their ideas in any given track, given how minimalist they are. “To Rococo Rot is the group we often cite as the prominent electronic trio,” Asani says in an email interview conducted with all members. “And not solely electronic, but Saint Etienne is another three-piece I come back to, as well.

“Each track comes about in its own unique way—we all have our hands on each part and take turns shaping each sound to make sure it fits. I am a drummer, so I tend to focus on drums, but that doesn’t mean I’m the only one making drum parts. When we start a new jam session, everyone is welcome to bring any ideas to the table and we all have to agree on it to stay in the final version.”

Listening to Purelink, you can imagine massage therapists using it to relax clients. But they don’t think of their music in functional terms. “We often are motivated by creating sounds that conjure up some sort of feeling or emotion that sticks with us beyond the recording session,” Paulson says. “The proud feeling of pulling off a new writing or production technique is also infectious, allowing you to express even more.

“While I understand why it may be helpful for others, it feels quite trivial to preconceive what the music’s purpose is; in the end it’s up to the listener to give their own personal meaning. Though I do believe music can have therapeutic qualities, and if people get that from our music, that’s great. But I’m not really thinking about the listener when creating. Maybe after it’s released I would, but it doesn’t help me make better music.”

The aforementioned Chain Reaction–styled “Doppler-effected metallic ripple as rhythmic accent” thing was revelatory for Purelink. “I really loved the concept of doing so much with so little—working within an inspiring palette of sounds and creating environments that capture the imagination,” Paslaski says. “Having experienced those tracks like 20 years after they came out, I definitely benefited from naïveté and a lot of excitement. It got me thinking about what could be possible and how we could blend other elements of music that we love into that type of electronic context.”

For Purelink’s Seattle show, they’ll likely focus on tracks from Signs and Faith. Paulson says, “We also will include songs that are still being developed. We tend to use dub-style mixing techniques to blend stems together, while leaving room for some improvisations. Often taking the tracks our listeners may know into something hopefully new and exciting.”

It’s interesting that Purelink’s profile has risen significantly after their music started to lean more into ambience and de-emphasize rhythm. Perhaps we’re in a golden age for ambient music, due in part to the ultra-stressful state of the world and the need for relaxing sounds. Paulson’s not really buying that theory. “It’s tough to get a clear picture why anyone listens to anything, lol. I think we all feel proud of the last two records and their minor successes. We’ve been more and more motivated to create something that synthesizes different kinds of music, so maybe there’s something to connecting ideas from different communities? There’s plenty of great music being made all along the spectrum of sound and genre that inspires us every day.”

Purelink perform February 10 at Substation with ‘nohup’ and Hünter.

Tuesday, 03 February

22:42

Over the past month or so, several enterprising contributors have taken an interest in the zig libc subproject. The idea here is to incrementally delete redundant code, by providing libc functions as Zig standard library wrappers rather than as vendored C source files. In many cases, these functions are one-to-one mappings, such as memcpy or atan2, or trivially wrap a generic function, like strnlen.

So far, roughly 250 C source files have been deleted from the Zig repository, with 2032 remaining.

With each function that makes the transition, Zig gains independence from third party projects and from the C programming language, compilation speed improves, Zig’s installation size is simplified and reduced, and user applications which statically link libc enjoy reduced binary size.
↫ Andrew Kelley on the Zig Devlog

The goal is to replace all of the musl, wasi-libc, and MinGW-w64 C code bundled in Zig with new Zig code.

Where to Eat for Valentine's Day 2026 [The Stranger]

Heart-Shaped Pizza, Romantic Dinners, and More

by Janey Wong

Whatever your Valentine's Day plans may be, we've gathered a bouquet of swoon-worthy options around town, from Big Mario’s pizzagrams to food lover's tasting menus at Marjorie and Taylor Shellfish, plus sweet treats from Ben’s Bread. For more ideas, check out our food and drink guide.

Big Mario’s Pizza
The year was 2001 when I first discovered the genius move of sending someone a message via pizza (see: The Princess Diaries). Local New York-style pizzeria Big Mario’s also knows the way to Seattleites’ hearts is pizza, so they're reprising their popular pizzagram delivery and pickup from February 13–15. Take another little pizza of my heart now, baby.
Capitol Hill, Fremont, Northlake, Queen Anne, White Center

21:56

Rust in the NetBSD kernel seems unlikely [OSnews]

Rust is everywhere, and it’s no surprise it’s also made its way into the lowest levels of certain operating systems and kernels, so it shouldn’t be surprising that various operating system developers have to field questions and inquiries about Rust. NetBSD developer Benny Siegert wrote a blog post about this very subject, and in it, details why it’s unlikely Rust will find its way into the NetBSD base system and/or the kernel

First, NetBSD is famed for its wide architecture and platform support, and Rust would make that a lot more troublesome due to Rust simply not being available on many platforms NetBSD supports. Rust release cycles also aren’t compatible with NetBSD, it would draw a lot of dependency code into the base system, and keeping Rust and its compiler toolchain working is a lot of work that falls on the shoulders of a relatively small group of NetBSD developers.

Note that while NetBSD does tend to take a more cautious approach to these matters than, say, Linux or FreeBSD, the operating system isn’t averse to change on principle. For instance, not only is Lua part of the base system, it’s even used in the NetBSD kernel due to its ability to rapidly develop and prototype kernel drivers. In short, while it doesn’t seem likely Rust will make it into the NetBSD base system, it’s not an impossibility either.

20:21

Valhalla's Things: A Day Off [Planet Debian]

Posted on February 3, 2026
Tags: madeof:atoms, madeof:bits

Today I had a day off. Some of it went great. Some less so.

I woke up, went out to pay our tribute to NotOurCat, and it was snowing! yay! And I had a day off, so if it had snowed enough that shovelling was needed, I had time to do it (it didn’t, it started to rain soon afterwards, but still, YAY snow!).

Then I had breakfast, with the fruit rye bread I had baked yesterday, and I treated myself to some of the strong Irish tea I have left, instead of the milder ones I want to finish before buying more of the Irish.

And then, I bought myself a fancy new expensive fountain pen. One that costs 16€! more than three times as much as my usual ones! I hope it will work as well, but I’m quite confident it should. I’ll find out when it arrives from Germany (together with a few ink samples that will result in a future blog post with some SCIENCE).

I decided to try and use bank transfers instead of my visa debit card when buying from online shops that give the option to do so: it’s a tiny bit more effort, but it means I’m paying 0.25€ to my bank¹ rather than the seller having to pay some unknown amount to an US based payment provider. Unluckily, the fountain pen website offered a huge number of payment methods, but not bank transfers. sigh.

And then, I could start working a bit on the connecting wires for the LED strips for our living room: I soldered two pieces, six wires each (it’s one RGB strip, 4 pins, and a warm white one requiring two more), then did a bit of tests, including writing some micropython code to add a test mode that lights up each colour in sequence, and the morning was almost gone. For some reason this project, as simple as it is, is taking forever. But it is showing progress.

There was a break, when the postman delivered a package of chemicals ² for a future project or two. There will be blog posts!

After lunch I spent some time finishing eyelets on the outfit I wanted to wear this evening, as I had not been able to finish it during fosdem. This one will result in two blog posts!

Meanwhile, in the morning I didn’t remember the name of the program I used to load software on micropython boards such as the one that will control the LED strips (that’s thonny), and while searching for it in the documentation, I found that there is also a command line program I can use, mpremote, and that’s a much better fit for my preferences!

I mentioned it in an xmpp room full of nerds, and one of them mentioned that he could try it on his Inkplate, when he had time, and I was nerd-sniped into trying it on mine, which had been sitting unused showing the temperatures in our old house on the last day it spent there and needs to be updated for the sensors in the new house.

And that lead to the writing of some notes on how to set it up from the command line (good), and to the opening on one upstream issue (bad), because I have an old model, and the board-specific library isn’t working. at all.

And that’s when I realized that it was 17:00, I still had to cook the bread I had been working on since yesterday evening (ciabatta, one of my favourites, but it needs almost one hour in the oven), the outfit I wanted to wear in the evening was still not wearable, the table needed cleaning and some panicking was due. Thankfully, my mother was cooking dinner, so I didn’t have to do that too.

I turned the oven on, sewed the shoulder seams of the bodice while spraying water on the bread every 5 minutes, and then while it was cooking on its own, started to attach a closure to the skirt, decided that a safety pin was a perfectly reasonable closure for the first day an outfit is worn, took care of the table, took care of the bread, used some twine to close the bodice, because I still haven’t worked out what to use for laces, realized my bodkin is still misplaced, used a long and sharp and big needle meant for sewing mattresses instead of a bodkin, managed not to stab myself, and less than half an hour late we could have dinner.

There was bread, there was Swedish crispbread, there were spreads (tuna, and beans), and vegetables, and then there was the cake that caused my mother to panic when she added her last honey to the milk and it curdled (my SO and I tried it, it had no odd taste, we decided it could be used) and it was good, although I had to get a second slice just to be 100% sure of it.

And now I’m exhausted, and I’ve only done half of the things I had planned to do, but I’d still say I’ve had quite a good day.

Banca Etica, so one that avoids any investment in weapons and a number of other problematic things.↩︎
not food grade, except for one, but kitchen-safe.↩︎

19:35

Julie Kang Is Running for City Council District 5 [The Stranger]

Immigrant and advocate Julie Kang thinks she's the best City Council candidate for Seattle's "neglected child," District 5. But can she make up her mind on how she'd handle surveillance, homelessness and policing? by Micah Yip

Julie Kang slid a small plastic bag across the table at the downtown library coffee shop. It was an ICE alert kit containing a whistle and a short pamphlet, the kind she helps assemble with Common Power every Friday.

“It’s one thing to share information,” she says. “But I really think it’s important for us to be leaders and not just be bystanders.”

Kang, a Korean American immigrant and the cochair of the King County Immigrant and Refugee Commission, is running for Seattle City Council District 5, which stretches from the bay west of Broadview to Lake Washington on the east, with I-5 running down the middle, and hasn’t had an elected representative since Cathy Moore resigned last year, one year into her term. Longtime District 5 councilmember Debora Juarez stepped in to take Moore’s place. Just when we thought she was gone for good.

Where Kang fits in on the spectrum of Juarez and Moore isn’t totally clear. She’s never held elected office before. She’s resting on the laurels of her decades of education work, advocacy, and community organizing, as well as her lived experience and “take action” spirit—that all makes her the best candidate to lead what she called the “neglected child” district.

But it didn’t seem like she could make up her mind. In our interview, Kang saw both sides so often I couldn’t always tell where she stood on surveillance cameras, homelessness, and law enforcement. She insisted councilmembers must take in all sides, all data, and all stories before making a decision. Really, Kang, all sides?

So far, two other people have filed in this race: Silas James, an unknown, and Nilu Jenks, who ran for the position in 2023 and is Kang’s biggest competition so far. But Kang’s betting her behind-the-scenes civic work will matter more than Jenks’s name recognition.

To go from community organizer to councilmember, Kang will have to adapt and work hard. She’s no stranger to either.

Kang and her mother came to the US from Korea when she was 7 years old. They were poor. Her mother made ends meet making computer chips on assembly lines in Los Angeles. They never left the city, but hopped from apartment to apartment 23 times in 11 years.

In college, Kang became her family’s breadwinner. She entered a career in education—first as a paraeducator, then as a classroom teacher. She was 20.

“I couldn’t get a glass of wine or a beer, but I was given 32 children to teach Spanish,” she jokes.

Kang kept learning. She earned a masters in education, a doctorate in philosophy. Most recently, she held directorial roles at Seattle University and the University of Washington. And she’s had her fingers in lots of advocacy pies like leading the Korean American Coalition of Washington or being on the King County Citizens’ Election Oversight Committee.

She’s smart and determined, but does that mean she’d be good on the city council? Great question.

Kang’s priorities are what you’d expect: more housing, better transit, public safety, community engagement, and protection against ICE. That’s all well and good if she can back it up.

For instance, Kang wants to figure out how to manage the intersection of homelessness, public safety, and small business ownership, that familiar throuple from hell. So, when it comes to something like the tent city in Lake City, Kang says she supports it, but she’s also weighing the perspectives of small business owners who don’t want unhoused folks outside their storefronts.

“I think humans, our unhoused neighbors, have to be the center of decision-making,” Kang says. “But I am working out who is working in the best interest of unhoused and small business owners.” She didn’t know how she’d manage that.

Kang says she’s excited about the recent expansion of the Community Assisted Response and Engagement (CARE) Department, the city’s alternative public safety response. She says homeless people shouldn’t be swept without the city connecting them to resources and a place to go, which the city already often does.

Her other worries include empty storefronts in North Seattle and grocery stores packing up and leaving the area a food desert. She’s floated ideas like small-business rental vouchers to help retailers with startup costs. She believes mixed-use development, with stores on the ground floor and housing above, should be easier to build.

That housing? She wants more of it. “As an immigrant, we aspire to have secure housing, and that’s what we should aim for for everyone,” Kang says. “We all should have a roof over our head and not worry about, ‘Do we have to move next year because my rent is going to increase?’” She didn’t have a plan to manage that, either.

But housing is nothing without solid transit infrastructure. District 5 doesn’t have that, she says. The district has two light rail stations—Northgate and 148th Street—and a third planned station at 130th Street. But neither side of the district has an easy route to get to them; she’s led walking groups to test them. Parking is limited. Bus routes don’t line up.

“How can we not get rid of bus lines, but add to the bus lines, so we can all get there?” she asks. She doesn’t yet have an answer.

On the topic of Aurora Avenue—mainly the Seattle Police Department’s CCTV surveillance program—Kang has opinions, but is cautious, again, of both sides. The CCTV is a growing concern among Seattleites, immigrant rights organizations, and public officials who know the Feds could subpoena the data for immigration enforcement. Kang agrees: expanding data collection at a moment when ICE is unleashing terror across the US isn’t safe.

“At this point, I’m not interested in collecting data for it to be available or forcibly handed over. I’m not,” Kang says firmly.

But she also won’t dismiss the concerns of small business owners who say the cameras make the streets feel safer.

“People wanted it, so I think at the same time, we do have to consider the input and desires of our constituents,” she says.

It’s a similar story for her on SOAP and SODA, the “Stay Out of Areas of Prostitution” and “Stay Out of Drug Areas” zones put forward by Republican City Attorney Ann Davison. Kang says she was hesitant when council first passed the zones in 2024, and still leans toward opposing them. But then again, she says that as a councilmember, she’d have to consider other perspectives and data that might conflict with her opinion. That includes “positive” data, like from the Chinatown International District, where SOAP/SODA have been implemented as well.

If Kang becomes a councilmember, constituents can expect her to collect data, see all sides, and consider the “sociopolitical context” ad nauseum before making a decision. Expect to hear from the dais, “I think XYZ, but at the same time, XYZ” a lot. Expecting her to take a hard stance, however, could take time. For now, she insists she’s a “doer.”

18:49

Quickies [The Stranger]

I have a boyfriend who never asks for anything. He also never says “I love you.” Do you think this is a red flag? by Dan Savage 1. I’m an 81-year-old heterosexual woman whose husband died last May. I have found that my 56-year-old gardener of fifteen years can make me sexually happy. But now after four months he says he’s not respecting his wife by having sex with me. He relates this to going to a Catholic priest for confession. He seems to enjoy our sex. What should I tell him? “You’re fired.” P.S. Kidding, kidding — don’t fire your gardener. Tell him you’re grateful for the sexual happiness, you don’t want him to do anything that makes him feel uncomfortable, and then give him a raise. P.P.S. Will no one free us from these meddlesome priests? 2. What is the most frequently asked question you get? Hard to say — but I suspect I’ll get a lot more questions like the one above as my readership ages along with me. 3. I have a boyfriend…

The Stranger's morning news roundup. by Vivian McCall

ICE Cams: In an attempt to save her head, Department of Homeland Security Secretary Kristi Noem announced that DHS will strap a body camera to every federal agent in Minneapolis, and expand that program nationwide when “funding becomes available.” President Donald Trump is in favor. “They generally tend to be good for law enforcement because people can’t lie about what’s happening,” said the President, who has consistently lied about what’s happening, at a Monday news conference.

This isn’t much of a reform. It’s a new camera angle. These immigration agents are being filmed constantly, and clear footage of Jesus Ochoa and Raymundo Gutierrez shooting Alex Pretti 10 times didn’t stop the government from lying about his killing. Hell, Jonathan Ross was filming when he shot Renee Good in the face. For all the administration’s supposed “concessions” in Minneapolis, ICE is still wilding out in the streets.

The admin is also wilding out in the courtroom. As the Minnesota Star Tribune and Mother Jones have both reported, federal prosecutors in Minnesota are “demoralized” and “pissed” that their DOJ handlers have asked them to charge anti-ICE protesters without appropriate evidence, so they’re quitting in droves. According to the Star Tribune, eight more prosecutors quit the US Attorney’s Office yesterday. Will the last prosecutor please turn off the lights?

This morning, the House will try to pass a deal to end the government shutdown. The bill would fund important stuff —defense, healthcare, labor, education, housing—and temporarily extend DHS funding while legislators negotiate changes to immigration enforcement. Far-right Republicans are threatening to tank the bill unless they tuck in new voter ID laws.

School’s Out for ICE: Hundreds of high school students in Highline and Renton School Districts walked out of school Monday morning to protest ICE. Highline senior Andre Gordon, the 17-year-old son of immigrants, told the Seattle Times: “We shouldn’t have to be scared to live in our own country. We shouldn’t have to do this.”

The millionaire tax has been revealed. The proposal would impose a 9.9% income tax on people earning more than $1 million a year (an estimated 20,000 households statewide) and eliminate a sales tax on personal hygiene products. Wow, somewhat: This tax on the wealthy will be offset with cuts to the business taxes the Legislature passed last year. Most of the $3 billion in annual revenue would go to the state general fund and pay for things like education and healthcare. Dems are going to hold a press conference today. There’ll be a public hearing Thursday. Tim Eyman’s squires are armoring him as you read.

Weather: Patchy morning fog followed by a pleasantly cool high of 58, clouds and a light wind. The clouds will stick around through Wednesday and clear out for a sunny Thursday and Friday. Rain will kill the vibe Saturday and Sunday.

I have good news about a Seattle movie theatre? Shocking, I know. What was years ago the Ark Lodge, is now the Tasveer Film Center, a new Columbia City spot to catch artsy South Asian films. Two of the theatre’s four screens will open for public screenings next week. A third screen will open later, once Tasveer remedies some ambiguous technical issues. Tasveer bought the building last March for $2.85 million. It wouldn’t have been possible without the 4Culture Doors Open funding I wrote about in 2024.

If I were Mark Zuckerberg, I’d be pale and scared. For he’s stolen a VR fitness routine from muscular, middle-aged women.

Bob the Builder: A state bill backed by Gov. Bob Ferguson could force local governments to open dying strip malls and office parks for redevelopment as shiny, new mixed-use buildings.

Mamdani Opens Up: Mayor Wilson, the gauntlet has been thrown. Raise the portcullis; let the children play in the Great City Hall Pit.

It’s your city, from the sidewalk to the skyline. The David Dinkins Municipal Building’s rooftop is open & free to everyone, starting this June.

[image or embed]
— Mayor Zohran Kwame Mamdani (@mayor.nyc.gov) February 2, 2026 at 12:25 PM

Jeb Bush’s proudest moment turned 10 yesterday: Please clap.

What if they had?

gazing longingly at the timeline where they clapped

[image or embed]
— Brendan O’Kane (@bokane.org) February 2, 2026 at 4:44 PM

17:14

Some small stories about the giant satellite dish antenna that was behind Microsoft Building 11 [The Old New Thing]

Back in the day, if you wandered into the parking area behind Building 11 on the original Redmond Microsoft campus, you would find a very large satellite dish antenna. This antenna was used for receiving video signals, such as cable television feeds for distribution to the Redmond campus. One purpose was to provide cable TV service for internal development and testing to teams like the Windows Media Center team and later the Xbox One team.

The satellite dish antenna was a Simulsat-5 which was capable of gathering signals from 35 satellites simultaneously. (The record during this particular antenna’s lifetime was 26 simultaneous satellites.) It was a stationary antenna, not capable of changing its orientation. It went into service in 1997, was upgraded a few times, until it was finally decommissioned in 2017 when all of its tasks had been subsumed by a satellite dish antenna at the Studio C building.

Fun trivial about the satellite dish antenna:

In the summer, bees would nest in the feedbox (the thingie at focus of the satellite dish antenna that collected the signal), so you had to be careful when doing work there to avoid getting stung.

It wasn’t fun in the winter either, because the enclosure for the electronic equipment (known as the “doghouse”) would get filled with spiders who enjoyed the warmth from the equipment.

Snow had to be kept off the antenna for it to continue receiving signals, so whether or not Microsoft formally declared a snow closure, somebody had to remain on site to clear off the snow.

In 2007, there was a mystery to be solved: Occasionally, there would be interference that disrupted the signal. After some investigation, it was discovered that the source was electromagnetic interference generated by the pressure washers that were used to clean the parking lot. The water connection port was at the rear of Building 11, right near the satellite dish antenna. The solution was to do parking lot cleaning at night (when there was less demand for video signals), or if doing it during the day, to put the water pressure generators far away from the antenna.

My favorite piece of trivia is that in addition to being able to control the satellite dish antenna via the front panel, you could also control it over an RS-232 serial port. The serial line ran from the satellite dish to a Toshiba model 400CDT Satellite Pro (get it? Satellite pro?) running MS-DOS. Here’s an archival photo, with some identifying stickers digitally erased.

The post Some small stories about the giant satellite dish antenna that was behind Microsoft Building 11 appeared first on The Old New Thing.

Jonathan Dowland: FOSDEM 2026 talk recording available [Planet Debian]

FOSDEM 2026 was great! I hope to blog a proper postmortem in due course. But for now, The video of my talk is up, as are my slides with speaker notes and links.

16:28

Remembering Judith Arcana [The Stranger]

Portland’s own underground abortionist-turned-poet was a legend. She was also my friend. by Megan Burbank

This story was originally published in our sister paper, Portland Mercury.

In 2017, Judith Arcana sent a postcard to the old Mercury offices in Old Town/Chinatown. I was the arts editor at the time—it was my first real journalism job—and after many stories covering local theater (I still think about the plays I saw at Shaking the Tree) and books (a reading at Powell’s followed by a strong martini at Pepe le Moko was a typical after-work routine), I had written a feature on the newly-formed Northwest Abortion Access Fund. After Roe v. Wade was overturned in 2023, NWAAF would become a frequently cited source in coverage across the country. But at the time, most newsrooms were not covering the issue of abortion access particularly well. Reaching out to an abortion fund for comment on anything was rare.

So Judith noticed when someone did. “BIG CHEER!,” she wrote in her missive. “HUZZAH!—and all like that—Great work on the NWAAF—Thank you. Jeanie’s right: FREE ABORTION ON DEMAND.”

Judith had been part of Chicago’s underground abortion service known as Jane—never the Jane Collective, she told me later. That was a journalist’s language, never hers. As one of the Janes, she had helped facilitate 11,000 abortions in Chicago in the years before Roe v. Wade and was even arrested for it. Though she wasn’t directly involved in NWAAF’s work, the abortion fund carried on the legacy of the Janes, connecting people seeking abortions with funding and compassion when state-level policies stood in the way—a dynamic that long preceded the gutting of Roe.

The story of the Janes was made into movies and books, but Judith was, before everything else, a teacher. In Portland, she was known as a writer and a poet. She was someone who could be described as a feminist icon, but she was also approachable and generous, a friend to many.

We didn’t meet in person until years after she sent me that postcard, when I wrote a profile on her for a Seattle-based outlet. I had left the Mercury to work for The Seattle Times, and after years of general assignment reporting that left me feeling scattered and unfocused, I returned to the subject I knew best: abortion policy.

The first time I called Judith for the story, I could tell she didn’t really want to speak to yet another journalist. But the more we talked, the more we got along. Sometimes you meet someone and you just have a feeling that they’ll be important in your life. Anne of Green Gables called them kindred spirits. Though she was already on the edge of her 80s, and I was barely in my 30s when we met, Judith was a kindred spirit. She connected me with other Janes for the story—fascinating, generous women who had been brave in ways that made them the subjects of movies and books. They had survived ordeals in jail and illegal abortions in underground economies, and recounted those experiences to me in full, horrifying detail, but also shared their personal obsessions and pleasures. I talked with one of them about my reality TV fixation; she recommended the Discovery Channel’s Alaskan Bush People.

I met Judith in person for the first time at Case Study Coffee on NE Alberta. We sat in the upstairs space at a long table, and talked until closing time, then outside on a bench. It was not a warm day, but the business at hand was too important not to keep talking about it. My phone battery died, my fingers cramped in the cold as I took notes, and I knew that as long as Judith wanted to talk, I would want to listen.

After the story came out, we became friends, or perhaps that’s what we’d always been. I would let her know whenever I was coming to Portland, and she would email me ahead of time if she had a reading in Seattle. In the meantime we corresponded regularly.

When you meet someone already nearly 80, you know your time with them will likely be limited, but her death in December still surprised me. I think it surprised me because she and the other Janes were so sharp in their intellect and sense of justice as to seem ageless, but of course they were not.

The last time I saw Judith was in July. She’d recently moved, and I met her at Coffeehouse-Five on N Killingsworth. It was a much nicer day than the one years ago, when we’d sat outside in the wintry dark. We found a different bench, under the trees in the sunshine at Portland Community College. It was one of those perfect Portland days, when the sky is slightly golden—more golden than it is in Seattle, an atmospheric quirk I have never quite understood—and we talked about the current political situation, which we were both following with dismay. Judith was the kind of person who didn’t buy into false hope. When you said something was bad, she would agree, and in that clarity, you would feel held. It was awful, but you were in the struggle with Judith. That was a good place to be.

And the fight could also be beautiful. As we sat together on the bright-green lawn, the sprinklers kicking into high gear, Judith showed me pictures on her phone of the Great Columbia Crossing 10k walk she had taken 10 years prior. The organized walk takes place every year, starting from Dismal Nitch in Washington state, then taking the 101 and crossing the entire impossible span of the Astoria-Megler Bridge, the behemoth of engineering that runs four miles across the Columbia. The bridge was the highlight of Judith’s walk, and she talked about it excitedly. We talked about going together the next time the walk was held. “People say we cross a bridge to get to the other side / and that’s true, though there’s more– / on the bridge one day, we walked through the sky,” Judith wrote in a poem about that day she sent via email when I’d come home.

When I heard of Judith’s passing, I looked back through our correspondence. We had written each other after our visit in July, but she had never responded to my final email. When I read my last email to her, I think I understood why. I was surprised by my own message. After some griping about managing a public media newsroom while the president defunded PBS, I said I hoped to see her again next time I was in town, then signed off like this: “Thinking fondly of your walk thru the sky, Megan.”

I didn’t know it at the time, but this is how I will remember Judith forever. It is the final memory and image she, a poet, would leave me with—that of a slightly younger Judith, on that compelling walk, feeling free in her body, marveling at the world around her, a world shaped by her own bravery and moral clarity, showing all of us what is possible.

16:07

Radar Trends to Watch: February 2026 [Radar]

If you wanted any evidence that AI had colonized just about every aspect of computing, this month’s Trends would be all you need. The Programming section is largely about AI-assisted programming (or whatever you want to call it). AI also claims significant space in Security, Operations, Design, and (of course) Things. AI in the physical world takes many different forms, ranging from desktop robots to automated laboratories. AI’s colonization is nothing new, but visionary tools like Steve Yegge’s Gas Town make it clear how quickly the world is changing.

AI

Google has released Genie 3 to subscribers of Google AI Ultra. Genie is a “world model”: an interactive 3D real-time video generator that produces interactive worlds from prompts and lets you walk or fly through those worlds to explore them.
Kimi K2.5 is a new open source model from Moonshot AI. It’s natively multimodal and designed to facilitate swarms of up to 100 subagents, starting and orchestrating the subagents on its own.
Qwen has released its latest model, Qwen-3-Max-Thinking. It claims performance equivalent to other thinking models, including Claude Opus 4.5 and Gemini 3. It includes features like adaptive tool use and test-time scaling.
The MCP project has announced that the MCP Apps specification is now an official extension to MCP. The Apps spec defines a standard way for MCP servers to return user interface components, from which clients can build complex user interfaces.
Now your agents have their own social network. Meet Moltbook: It’s a social network for OpenClaw (or is it MoltBot) to share its thoughts. Humans are welcome to observe and see what agents have to say to each other. Caution: Moltbook comes with many serious security flaws that are already being exploited.
OpenClaw (formerly MoltBot, formerly ClawdBot) gives LLMs persistence and memory in a way that allows any computer to serve as an always-on agent carrying out your instructions. The memory and personal details are stored locally. You can run popular models remotely through APIs locally if you have enough hardware. You communicate with it using any of the popular messaging tools (WhatsApp, Telegram, and so on), so it can be used remotely.
FlashWorld is a new video model that can generate 3D scenes from text prompts or 2D images in seconds. There are other models that can generate 3D scenes, but FlashWorld represents a huge advance in speed and efficiency.
When creating a knowledge base, use negative examples and decision trees to build AI systems that know when to say “No.” The ability to say “No” is as important as the ability to solve a user’s problem.
Anthropic has published a “constitution” for Claude’s training. It’s a detailed description of how Claude is intended to behave and the values it reflects. The constitution isn’t just a list of rules; it’s intended to help Claude reason about its behaviors. “Why” is important.
OpenAI is experimenting with ads on ChatGPT, along with introducing a new low-cost ads-included subscription (ChatGPT Go, at US$8). They claim that ads will have no effect on ChatGPT answers and that users’ conversations will be kept private from advertisers.
OpenAI has also published its OpenResponses API, which standardizes the way clients (including agents) make API requests and receive responses. It’s an important step toward interoperable AI.
Anthropic has launched Cowork, a version of Claude Code that has been adapted for general purpose computing. One thing to watch out for: Cowork is vulnerable to an indirect prompt injection attack that allows attackers to steal users’ files.
Kaggle has announced community benchmarks, a feature that allows users to create, publish, and share their own benchmarks for AI performance. You can use this service to find benchmarks that are appropriate to your specific application.
Prompt engineering isn’t dead yet! Researchers at Google have discovered that, when using a nonreasoning model, simply repeating the prompt yields a significant increase in accuracy.
Moxie Marlinspike, creator of Signal, is building Confer, an AI assistant that preserves users’ privacy. There’s no data collection, just a conversation between you and the LLM.
Google says that “content chunking”—breaking web content into small chunks to make it more likely to be referenced by generative AI—doesn’t work and harms SEO. The company recommends building websites for humans, not for AI.
Claude for Healthcare and OpenAI for Healthcare are both HIPAA-compliant products that attempt to smooth the path between practitioners and patients. They’re not concerned with diagnosis as much as they are with workflows for medical professionals.
Nightshade is a tool to help artists prevent their work from being used to train AI. Its authors describe it as an offensive tool: Images are distorted in ways that humans can’t perceive but that make the image appear to be something different to an AI, ruining it for training purposes.
An analysis of 1,250 interviews about AI use at work shows that artists (creatives) are most conflicted about the use of AI but also the fastest adopters. Scientists are the least conflicted but are adopting AI relatively slowly.
Weird generalization? Fine-tuning a model on 19th century bird names can cause the model to behave as if it’s from the 19th century in other contexts. Narrow fine-tuning can lead to unpredictable generalization in other contexts, and possibly data poisoning vulnerabilities.

Programming

In an experiment with autonomous coding, a group at Cursor used hundreds of agents working simultaneously to build a web browser in one week.
AI-assisted programming is about relocating rigor and discipline rather than abandoning them. Excellent points by Chad Fowler.
The AI Usage Policy for ghostty is worth reading. While strict, it points out that the use of AI is welcome. The project has a problem with unqualified humans using AI—in other words, with “the people, not the tools.”
In the age of AI, what’s a software engineer’s most important skill? Communications—coupled with other so-called “soft skills.”
You can practice your command line basics with the Unix Pipe Card Game. It’s also a great teaching tool. Command line mastery is becoming rare.
The cURL project is eliminating bug bounties in an attempt to minimize AI slop and bad bug reports.
NanoLang is a new programming language that’s designed for LLMs to generate. It has “mandatory testing and unambiguous syntax.” Simon Willison notes that it combines elements of C, Lisp, and Rust.
Is bash all an agent needs? While tools designed for agents proliferate, there’s a good argument that basic Unix tools are all agents need to solve most problems. You don’t need to reinvent grep. You need to let agents perform complex tasks using simple components.
Gleam is a new programming language that runs on the Erlang virtual machine (BEAM). Like Erlang, it’s designed for massive concurrency.
The speed at which you write or generate code is much less important than the bottlenecks in the process between software development and the customer.
Simon Willison’s post about the ethics of using AI to port open source software to different languages is a must-read.
Language models appear to prefer Python when they generate source code. But is that the best option? What would it mean to have a “seed bank” for code so that AIs can be trained on code that’s known to be trustworthy?
Is it a time for building walls? Are open APIs a thing of the past? Tomasz Tunguz sees an increasing number of restrictions and limitations on formerly open APIs.
A software library without code? Drew Breunig experiments with whenwords, a library that is just a specification. The specification can then be converted into a working library in any common programming language by any LLM.
Steve Yegge’s Gas Town deserves more than a look. It’s a multi-agent orchestration framework that goes far beyond anything I’ve seen. Is this the future of programming? A “good piece of speculative design fiction that asks provocative questions” about agentic coding? We’ll find out in the coming year.
Pyodide and Wasm let you run Python in the browser. Here’s an example.
Gergely Orosz argues that code review tools don’t make sense for AI-generated code. It’s important to know the prompt and what code was edited by a human.
Kent Beck argues that AI makes junior developers more useful, not expendable. It prevents them from spending time on solutions that don’t work out, helping them learn faster. Kent calls this “augmented coding” and contrasts it with “vibe coding,” where AI’s output is uncritically accepted.

Security and Privacy

Researchers have discovered a new attack against ChatGPT that can exfiltrate users’ private information without leaving any signs of its activity on the victim’s machines. This attack is yet another variant of prompt injection. Other models are probably vulnerable to similar attacks.
Sandboxes for AI: Can you ensure that AI-generated code won’t misbehave? Building an effective sandbox limits the damage they can do.
AI Mode on Google Search can now access your photos and email to give you more personalized results. According to Google, Personal Intelligence is strictly opt-in; photos and email won’t be used for training models, though prompts and responses will.
Fine-tuning an AI can have unexpected consequences. An AI that’s trained to generate bad code will also generate misleading, incorrect, or deceptive responses on other tasks. More generally, training an AI to misbehave on one task will cause it to misbehave on others.
California’s new privacy protection law, DROP, is now in effect. Under this law, California residents who want data deleted make a request to a single government agency, which then relays the request to all data brokers.
Is SSL dangerous? It’s a technology that you only build experience with when something goes wrong; when something goes wrong, the blast radius is 100%; and automation both minimizes human touch and makes certain kinds of errors more likely.
Here’s an explanation of the MongoBleed attack that had almost all MondoDB users rushing to update their software.
Anyone interested in security should be aware of the top trends in phishing.
Google is shutting down its dark web report, a tool that notified users if their data was circulating on the “dark web.” While this sounds like (and may be) drastic, the stated reason is that there’s little that a user can do about data on the dark web.
Microsoft is finally retiring RC4, a stream cipher from the 1980s with a known vulnerability that was discovered after the algorithm was leaked. RC4 was widely used in its day (including in web staples like SSL and TLS) but was largely abandoned a decade ago.

Operations

AI is stress-testing business models. Value is moving up the stack—to operations. One thing you can’t prompt an AI to do is guarantee four or five nines uptime.
How to make your DNS more resilient and avoid outages: Some excellent ideas from Adrian Cockroft.
Kubernetes 1.35 (aka “Timbernetes”) supports vertical scaling: adjusting CPU and memory dynamically, without restarting Pods.

Things

Google was the first to build (and fail) with smart glasses targeting consumers. They’re trying again. Will they succeed this time? Meta’s Ray-Ban-based product has had some success. Is it time for XR yet?
NVIDIA has announced the Vera Rubin series of GPU chips. It claims the new series is five times more efficient than its previous chips.
An AI-driven vending machine was installed at the Wall Street Journal offices. Reporters soon tricked it into giving away all of its stock and got it to order things like a PlayStation 5 and a live fish. (It can order new stock.)
DeepMind is building an automated material science laboratory. While the research will be directed by humans, the lab is deeply integrated with Google’s Gemini model and will use robots to synthesize and test new materials.

Design

Despite the almost constant discussion of AI, design for AI is being left out. “Design is the discipline of learning from humans, understanding what they actually need rather than what they say they want.”
What does a design project deliver? Luke Wroblewski argues that, with AI, a design project isn’t just about delivering a “design”; it can also include delivering AI tools that allow the client to generate their own design assets.
Good design is about understanding the people on both sides of the product: users and developers alike. Designers need to understand why users get frustrated too.

15:21

Screen shot of system.verbs.apps as it appeared in my frontier.root frozen sometime in the early 00s. I wrote a quick Mastodon post about this. So many stories to tell about each of these projects. Looking at the list and realize we got all those people to work together. They don't talk about that when the write the history, but that is the real accomplishment. There is so much really good tech that ends up lost to history because people wouldn't open their eyes and see that they weren't alone. That might be the biggest flaw in the design of our species, that it's so rare that we get together on the way things should work. Other examples -- MP3, QuickDraw, HTML. And so much time wasted replacing things that already worked fine. (Think of all the programming languages invented in the last 20 years. What a waste of resources. No doubt the AI's have already created a meta-language to compile all that code into. If they could think, what would they think of us for not paying attention to each other.)

[$] The future for Tyr [LWN.net]

1996: Nerd's Guide to Frontier.

15:07

The team behind Tyr started 2025 with little to show in our quest to produce a Rust GPU driver for Arm Mali hardware, and by the end of the year, we were able to play SuperTuxKart (a 3D open-source racing game) at the Linux Plumbers Conference (LPC). Our prototype was a joint effort between Arm, Collabora, and Google; it ran well for the duration of the event, and the performance was more than adequate for players. Thankfully, we picked up steam at precisely the right moment: Dave Airlie just announced in the Maintainers Summit that the DRM subsystem is only "about a year away" from disallowing new drivers written in C and requiring the use of Rust. Now it is time to lay out a possible roadmap for 2026 in order to upstream all of this work.

Security updates for Tuesday [LWN.net]

Security updates have been issued by AlmaLinux (fence-agents, gcc-toolset-15-binutils, golang-github-openprinting-ipp-usb, iperf3, kernel, kernel-rt, openssl, osbuild-composer, php:8.2, python3, util-linux, and wireshark), Debian (clamav and xrdp), Fedora (gimp and openttd), Mageia (docker-containerd), Oracle (gimp:2.8, golang-github-openprinting-ipp-usb, grafana-pcp, image-builder, iperf3, kernel, openssl, osbuild-composer, php, php:8.2, php:8.3, python3.9, util-linux, and wireshark), SUSE (cockpit-subscriptions, elemental-register, elemental-toolkit, glibc, gpg2, logback, openssl-1_1, python-urllib3, ucode-amd, and unbound), and Ubuntu (inetutils, libpng1.6, mysql-8.0, mysql-8.4, openjdk-17, openjdk-17-crac, openjdk-21, openjdk-21-crac, openjdk-25, openjdk-25-crac, openjdk-8, openjdk-lts, and thunderbird).

14:35

Pluralistic: Michael Swanwick's "The Universe Box" (03 Feb 2026) [Pluralistic: Daily links from Cory Doctorow]

Interesting post on Twitter by an OpenAI co-founder, Andrej Karpathy, about the value of RSS. I've seen it said elsewhere, that RSS and ChatGPT are particularly well-suited for each other. I don't understand the connection, other than RSS is always useful, as a way of formalizing the output of an app so other apps can use it as input. Another thing AI apps have in common with work we've done in the past is the ability to script apps, which was one of the big features of Frontier esp on the Mac starting in the early 90s. This started out just for desktop apps but worked just as well for web apps, once that opportunity became available. I felt strongly that the Mac with it's very functional GUI could benefit from a powerful system-level scripting language with the UI objects being scriptable, and the data of the apps accessible via script. That kind of duality is still a common theme in computer work, I'm doing the same kind of thing with WordPress, as the OS for the web, and making it possible to create different UIs in ways that earlier social web apps can't. I think that functionality as with the others will pair very nicely with ChatGPT and its cousins.

14:21

->->->->->->->->->->->->->->->->->->->->->->->->->->->->-> Top Sources: None -->

Today's links

Michael Swanwick's "The Universe Box": Short stories from a science fiction master at the top of his form.
Hey look at this: Delights to delectate.
Object permanence: DRM lobotomizes “human memory”; Crayola hex values; Tattoo artists copyright customers' bodies.
Upcoming appearances: Where to find me.
Recent appearances: Where I've been.
Latest books: You keep readin' em, I'll keep writin' 'em.
Upcoming books: Like I said, I'll keep writin' 'em.
Colophon: All the rest.

Michael Swanwick's "The Universe Box" (permalink)

No one writes short stories like Michael Swanwick, the five-time Hugo-winning master of science fiction. To prove it, you need only pick up The Universe Box, Swanwick's just-published short story collection, a book representing one of the field's greatest writers at the absolute pinnacle of his game:

https://tachyonpublications.com/product/the-universe-box/

Science fiction has a long and honorable history with the short story. Sf is a pulp literature that was born in the pages of magazines specializing in short fiction and serials, and long after other genres had given up the ghost, sf remained steadfastly rooted in short form fiction. There are still, to this day, multiple sf magazines that publish short stories every month, on paper, and pay for it. I started my career as a short story writer, and continue to dabble in the form, but I have mostly moved onto novels.

That's a pretty common trajectory in sf, where – notwithstanding the field's status as a haven for the short story – the reach (and money) come from novels. But sf has always had a cohort of short fiction writers who are staunchly committed to the form: Harlan Ellison, Martha Soukup, Martha Wells, Ray Bradbury, Ted Chiang, James Tiptree Jr, Theodore Sturgeon, and, of course, Michael Swanwick.

It's a little weird, how sf serves as a powerful redoubt for short fiction. After all, sf is a genre in which everything is up for grabs: the reader can't assume anything about the story's setting, its era, the species of its characters. Time can run forwards, backwards, or in a loop. There can be gods and teleporters, faster-than-light drives and superintelligent machines. There can be aliens and space colonies.

All of that has to be established in the story. The most straightforward way to do this is, of course, through exposition. There's a commonplace (and wrong) notion that exposition is bad ("show, don't tell"). It's fairer to say that exposition is hard – dramatization is, well, dramatic, which makes it easier to engage the reader's attention. But great exposition is great and sf is a genre that celebrates exposition, done well:

https://maryrobinettekowal.com/journal/my-favorite-bit/my-favorite-bit-cory-doctorow-talks-about-the-bezzle/

The opposite of exposition is what Jo Walton calls "incluing," "the process of scattering information seamlessly through the text, as opposed to stopping the story to impart the information":

https://web.archive.org/web/20111119145140/http:/papersky.livejournal.com/324603.html

Incluing is a beautiful prose technique, but it makes the reader work. You have to pay close attention to all these subtle clues and build a web of inferences about the kind of world you've been plunged into. Incluing turns a story into a (wonderful and engaging) puzzle. It makes the aesthetic affect of short sf into something that's not so much a reverie as a high-engagement activity, a mystery whose solution is totally unbounded.

This is a terrific experience, but it is also work. Doing that kind of work as part of the process of consuming a 300-page novel is one thing, but trying to get the reader up to speed in a 7,000 word story and still have room left over for the story part is a big lift, and even the best writers end up asking a lot of the reader in their short stories. Sf shorts can be the "difficult jazz" of literature, a form and genre that requires – and rewards – very active attention.

(Incidentally, my favorite incluing example is Mark Twain's classic comedic short, "The Petrified Man":)

https://americanliterature.com/author/mark-twain/short-story/the-petrified-man/

But here's the thing. None of this applies to Swanwick. His stories use a mix of (impeccable) exposition and (subtle) incluing, and yet, there's never a moment in reading a Swanwick story where it feels like work. It's not merely that he's a gorgeous prose-smith whose sentences are each more surpassingly lovely than the last (though he is). Nor does he lack ambition: each of these stories has a more embroidered and outlandish premise than the last.

Somehow, though, he just slides these stories into your brain.

And what stories they are! They are, by turns, individually and in combination, slapstick, grave, horny, hilarious, surreal, disturbing and heartwarming. They have surprise endings and surprise middles and sometimes surprise beginnings (Swanwick does an opening paragraph like no one else).

This is what it means to read a short story collection from an absolute master at the absolute peak of his powers. He can slide you frictionlessly between Icelandic troll tragedies to lethal drone-leopard romantic agonies to battles of the gods and the cigar box that has the universe inside of it. All with the lyricism of Bradbury, the madcap wit of Sturgeon, the unrelenting weirdness of Dick, the heart of Tiptree and the precision of Chiang.

This is a book of worlds that each exist for just a handful of pages but occupy more space than those pages could possibly contain. It's a series of cigar boxes, each with the universe inside of it.

Hey look at this (permalink)

U.S. Envoys Refused to Report "Apocalyptic" Conditions in Gaza. Exclusive Photos Show the Reality They Suppressed https://www.dropsitenews.com/p/northern-gaza-apocalyptic-wasteland-jack-lew-israeli-war-supressed
To Avoid a Tax Hike, Billionaires Decide to Take Over California https://prospect.org/2026/02/02/billionaires-california-tax-hike/
Mentioned in Hell’s Dispatches https://ftrain.com/mentioned-in-satans-dispatches
MAGA's "People's Capitalism" https://www.unpopularfront.news/p/magas-peoples-capitalism
The Onion’s Exclusive Interview With Pete Hegseth https://theonion.com/the-onions-exclusive-interview-with-pete-hegseth/

Object permanence (permalink)

#20yrsago Sony CD spyware vendor caves to EFF demands https://web.archive.org/web/20060208033113/https://www.eff.org/news/archives/2006_02.php#004378

#20yrsago British Library: DRM lobotomizes “human memory” http://news.bbc.co.uk/2/hi/technology/4675280.stm

#15yrsago Hex values for Crayola colors https://en.wikipedia.org/wiki/List_of_Crayola_crayon_colors

#15yrsago Michael Lewis explains the Irish econopocalypse https://www.vanityfair.com/news/2011/03/michael-lewis-ireland-201103?currentPage=all

#15yrsago Canada’s Internet rescued from weak and pathetic regulator https://web.archive.org/web/20110203054651/http://www.thestar.com/news/canada/article/932571–ottawa-threatens-to-reverse-crtc-decision-on-internet-billing

#10yrsago Tattoo artist asserts copyright over customers’ bodies https://www.hollywoodreporter.com/business/business-news/nba-2k-videogame-maker-sued-861131/

#10yrsago EU plans to class volunteers who rescue drowning Syrian refugees as “traffickers” https://www.statewatch.org/news/2016/january/refugee-crisis-council-proposals-on-migrant-smuggling-would-criminalise-humanitarian-assistance-by-civil-society-local-people-and-volunteers-greece-ngos-and-volunteers-have-to-register-with-the-police-and-be-vetted/

Upcoming appearances (permalink)

Salt Lake City: Enshittification at the Utah Museum of Fine Arts (Tanner Humanities Center), Feb 18
https://tanner.utah.edu/center-events/cory-doctorow/
Montreal (remote): Fedimtl, Feb 24
https://fedimtl.ca/
Victoria: 28th Annual Victoria International Privacy & Security Summit, Mar 3-5
https://www.rebootcommunications.com/event/vipss2026/
Berkeley: Bioneers keynote, Mar 27
https://conference.bioneers.org/
Berlin: Re:publica, May 18-20
https://re-publica.com/de/news/rp26-sprecher-cory-doctorow
Berlin: Enshittification at Otherland Books, May 19
https://www.otherland-berlin.de/de/event-details/cory-doctorow.html
Hay-on-Wye: HowTheLightGetsIn, May 22-25
https://howthelightgetsin.org/festivals/hay/big-ideas-2

Recent appearances (permalink)

How the Internet Got Worse (Masters in Business)
https://www.youtube.com/watch?v=auXlkuVhxMo
Enshittification (Jon Favreau/Offline):
https://crooked.com/podcast/the-enshittification-of-the-internet-with-cory-doctorow/
Why Big Tech is a Trap for Independent Creators (Stripper News)
https://www.youtube.com/watch?v=nmYDyz8AMZ0
Enshittification (Creative Nonfiction podcast)
https://brendanomeara.com/episode-507-enshittification-author-cory-doctorow-believes-in-a-new-good-internet/
Enshittification with Plutopia
https://plutopia.io/cory-doctorow-enshittification/

Latest books (permalink)

"Canny Valley": A limited edition collection of the collages I create for Pluralistic, self-published, September 2025
"Enshittification: Why Everything Suddenly Got Worse and What to Do About It," Farrar, Straus, Giroux, October 7 2025
https://us.macmillan.com/books/9780374619329/enshittification/
"Picks and Shovels": a sequel to "Red Team Blues," about the heroic era of the PC, Tor Books (US), Head of Zeus (UK), February 2025 (https://us.macmillan.com/books/9781250865908/picksandshovels).
"The Bezzle": a sequel to "Red Team Blues," about prison-tech and other grifts, Tor Books (US), Head of Zeus (UK), February 2024 (thebezzle.org).
"The Lost Cause:" a solarpunk novel of hope in the climate emergency, Tor Books (US), Head of Zeus (UK), November 2023 (http://lost-cause.org).
"The Internet Con": A nonfiction book about interoperability and Big Tech (Verso) September 2023 (http://seizethemeansofcomputation.org). Signed copies at Book Soup (https://www.booksoup.com/book/9781804291245).
"Red Team Blues": "A grabby, compulsive thriller that will leave you knowing more about how the world works than you did before." Tor Books http://redteamblues.com.
"Chokepoint Capitalism: How to Beat Big Tech, Tame Big Content, and Get Artists Paid, with Rebecca Giblin", on how to unrig the markets for creative labor, Beacon Press/Scribe 2022 https://chokepointcapitalism.com

Upcoming books (permalink)

"Unauthorized Bread": a middle-grades graphic novel adapted from my novella about refugees, toasters and DRM, FirstSecond, 2026
"Enshittification, Why Everything Suddenly Got Worse and What to Do About It" (the graphic novel), Firstsecond, 2026
"The Memex Method," Farrar, Straus, Giroux, 2026
"The Reverse-Centaur's Guide to AI," a short book about being a better AI critic, Farrar, Straus and Giroux, June 2026

Colophon (permalink)

Today's top sources:

Currently writing: "The Post-American Internet," a sequel to "Enshittification," about the better world the rest of us get to have now that Trump has torched America (1053 words today, 20644 total)

"The Reverse Centaur's Guide to AI," a short book for Farrar, Straus and Giroux about being an effective AI critic. LEGAL REVIEW AND COPYEDIT COMPLETE.
"The Post-American Internet," a short book about internet policy in the age of Trumpism. PLANNING.
A Little Brother short story about DIY insulin PLANNING

Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.

How to get Pluralistic:

Blog (no ads, tracking, or data-collection):

Newsletter (no ads, tracking, or data-collection):

Mastodon (no ads, tracking, or data-collection):

Medium (no ads, paywalled):

Twitter (mass-scale, unrestricted, third-party surveillance and advertising):

https://mostlysignssomeportents.tumblr.com/tagged/pluralistic

Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):

"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla

ISSN: 3066-764X

13:49

CodeSOD: A Percise Parser [The Daily WTF]

Thomas worked for a company based in Germany which was looking to expand internationally. Once they started servicing other locales, things started to break. It didn't take long to track the problem down to a very "percise" numeric parser.

handleInput( value ){
   let value_ = value;
   if( value.substring( 0, 1 ) === '+' ){
      value_ = value.substring( 1 );
   }

   value_ = value_.split( '.' ).join( '' );

   if( this.usePercisionIfPercentage && value_.indexOf( ',' ) >= 0 ) {
      const parsedPreValue = value_.split( ',' )[ 0 ];
      const parsedCommaValue = parseInt( value_.split( ',' )[ 1 ], 10 ) < 10 ?
         parseInt( value_.split( ',' )[ 1 ], 10 ) * 10 : value_.split( ',' )[ 1 ].substring( 0, 2 );

      if( parsedCommaValue === 0 ) {
         value_ = parseInt( parsedPreValue, 10 );
      }
      else {
         const parsedValue = parseInt( parsedPreValue + parsedCommaValue, 10 );
         value_ = parseInt( parsedValue, 10 ) / 100;
      }
   }
   
   // do stuff with value_
}

We start by checking if the first character of our input value is a "+", and if it is, we strip it off, storing the result in value_. Then, we split on "."- the thousands separator in their locale- and join it all back together.

Then we attempt to parse the number, first by checking if this.usePercisionIfPercentage is true, and if the value_ contains a ","- our decimal separator.

If it does, we split the string, taking the whole numbered portion in one variable, and doing a song and dance to ensure we only grab two characters of the decimal version. The song and dance involves splitting the string multiple times, parsing it into an int multiple times, and a spare ternary for good measure.

Finally, we put the halves of the number back together… by adding them together, taking advantage of string munging to do it. We add parsedPreValue to parsedCommaValue which, because this is JavaScript and parsedPreValue is still a string (despite parsedCommaValue being an integer), we're concatenating, not adding. We concatenate the values together and divide by 100 to get the "percision" we want.

Notably: if usePercisionIfPercentage is set, and the input has a fractional portion, we end up populating value_ with an integer. But if that's not true, by the time we hit // do stuff with value_, it's still a string.

It wasn't a huge amount of effort for Thomas to strip this out and replace it with a call to a locale-aware number parser. It was much more effort to understand how this code happened in the first place.

[Advertisement] ProGet’s got you covered with security and access controls on your NuGet feeds. Learn more.

12:07

Microsoft is Giving the FBI BitLocker Keys [Schneier on Security]

Microsoft gives the FBI the ability to decrypt BitLocker in response to court orders: about twenty times per year.

It’s possible for users to store those keys on a device they own, but Microsoft also recommends BitLocker users store their keys on its servers for convenience. While that means someone can access their data if they forget their password, or if repeated failed attempts to login lock the device, it also makes them vulnerable to law enforcement subpoenas and warrants.

10:21

“Everybody wants to win” [Seth's Blog]

Sports analogies often let us down.

A colleague was explaining how measurement was difficult in many organizations, unlike a basketball game, where the time, the score and the stats are clear and obvious.

He said, “everybody wants to win.” Depending on how you define ‘win’, this is demonstrably untrue.

It seems that among professional athletes, everyone does want to win, all things being equal. But all things are rarely equal.

Perhaps a player wanted to celebrate with friends a day or two before the game instead of watching game tapes. Or maybe they wanted to think for a moment, just a moment, about a conflict they recently had, instead of being supernaturally focused. Or it could be that they’re protecting their body or their psyche rather than risking everything right now, in this particular moment.

Under the circumstances, committed professionals often choose to do their best to meet the specified goals. But the circumstances are rarely evenly distributed.

What everybody wants is what they want.

It helps to do the work to understand why things aren’t the same for each individual, and even better, how to create the conditions for culture and systems to make the goals you seek more likely to be met.

When we get smart about what we mean by winning, we can build a more resilient and aligned organization.

09:49

Irregular Webcomic! #3026 [Irregular Webcomic!]

Irregular Webcomic! #3026

08:42

Talking It Out by Kinkykikker [Oh Joy Sex Toy]

“We barely do anal anymore.” Kinkykikker explores the conversation every long-term couple dreads in this story on the realities of when passions fades while the love endures. We loved getting the chance to work with Kinkykikker on todays comic. Their work just has such a cool vibe. Make sure to go check out their art […]

08:07

Today In “Okay, What the Actual F**k” [Whatever]

HOLY FUCKING SHIT I AM IN THE FUCKING EPSTEIN FILESSpecifically, my essay "Straight White Male: The Lowest Difficulty Setting" is referenced in a 2013 Rachel Sklar article about Muriel Siebert. Why is it in the Epstein files at all? You got me. What a wild fucking discovery. I am literally agog.
— John Scalzi (@scalzi.com) 2026-02-03T07:06:50.335Z

To be clear, I did not expect to find myself in the Epstein Files, inasmuch as I have neither ever met nor have ever communicated with Jeffrey Epstein, nor do I hang out with the sort of people who find themselves on the private planes or islands of known sexual traffickers of children — a fact I’m deeply relieved about, if you want the truth of it.

Nevertheless when I learned that the database of the files is searchable, I put “Scalzi” in it to see what would pop up. I expected — and thus was not surprised by — several references to that name, because a banker with that last name handled some of Trump’s accounts at Deutsche Bank several years ago (no relation, as far as I know). But one of the references is indeed to me: Writer Rachel Sklar referenced me in an article she wrote in 2013, which is in the files for some reason, I assume because someone forwarded it to someone else in an email.

And, look: If one must have the appalling fortune to be in the Epstein Files, a one-sentence reference to an essay one wrote, located within another essay, neither about a topic that has anything to do with the exploitation of children, is almost certainly the best-case scenario. But it doesn’t mean I didn’t look at the reference when it popped up and say “oh, fuck” to myself. What a wild, unsettling and unhappy context in which to find one’s self.

So why mention it at all? One, because when people inevitably come across that reference to me in the files and email me about it, I can point them to this as a way to say “Yup, seen it, what a weird fucking thing that is” without having to type it out every single time. Two, I have enough detractors out there that one or more of them will loudly proclaim to their little pals that I am in the Epstein Files, and then slide past the actual context of being referred to tangentially, rather than being an actual participant in atrocities. Pointing this out before they do gives me “first mover” advantage, and the ability to point out what my appearance is actually about. This won’t stop some of them from misrepresenting my appearance, but that’s because they’re sad little weenies. Here’s the actual file I’m in. You can see it for yourself.

Nevertheless, a declaration:

For the absolute avoidance of doubt: Never once ever had anything to do with Jeffrey Epstein or any of his band of heinous child rapists up to and including the current president of the United States. Put them all into prison. Every single one of them. Never let them out.
— John Scalzi (@scalzi.com) 2026-02-03T07:06:50.336Z

I trust that will make my position on Epstein and his party pals clear enough.

What a strange and unpleasant time we are living through, nor are we out of it. And once again I have cause to marvel at the weirdness of my own life, that I should show up, even as an aside, as part of one of most horrible political scandals in US history. I would have just as soon sat this one out. But since I can’t, at least I can tell you how I got there.

— JS

01:42

Easy Street Records Owner Defends, Then Apologizes for, Sympathetic ICE Comments [The Stranger]

As Easy Street Records owner Matt Vaughan has demonstrated, posting is almost always a mistake. by Audrey Vann

It really didn’t have to go down like this. On Friday, the long-running West Seattle record shop and cafe, Easy Street Records, posted on Instagram that it’d donate 10 percent of its sales through the weekend to the Immigrant Law Center of Minnesota. This was the store’s way to support Friday’s sort-of “general strike” without cutting staff hours. All day, they’d be blasting song requests from their outdoor speakers. Suggestions poured in: “Know Your Rights” by the Clash, “What’s Going On” by Marvin Gaye, and “Imagine” by John Lennon.

Then, an hour later, Easy Street liked (accidentally, says the shop’s president Matt Vaughan) and un-liked a lovely screed, bringing it to the top of the comments section:

“ICE is doing God's work. Ain't nobody above the law, and that includes immigration law. Abolishing ICE is a radicalized notion; if people truly wanted change, they'd ask for a reform but abolishing a federal law enforcement agency is pure lunacy. Because of such a fundamental disagreement I will never participate in idiotic calls to boycott nothing. And in spirit of good neighborlyness [sic], here's my song request: Led Zepellin [sic], Immigrant Song.”

People wanted to know why Easy Street liked the comment. Easy Street could’ve said anything, and chose wrong.

“Dude chose Immigrant Song,” wrote Vaughan. “C’mon! He’s trying. Obviously the guy has some decent thoughts…at least has good music taste. I may not agree w what he says, but I’ll fight like hell for him to express his opinion.”

People did not like that. Vaughan doubled down. “We agree w him saying ‘nobody is above the law,’ we agree w his song choice, we appreciate the engagement. It seems the guy is trying to come to grips w things, we can support that even if we don’t agree.”

By “we,” Vaughan must have meant “I,” because he’s “in charge of social media and replying,” says an anonymous Easy Street employee who wanted to keep their job. Vaughan confirmed they were his comments. “Our social media person had the day off,” he wrote in an email to The Stranger. He apologized for speaking for his entire staff of sales clerks and music buyers, whose pithy reels of music recommendations have made them the faces of his account.

Though in the moment, Vaughan kept digging: “I imagine there are some decent ICE agents out there, if u are a quality human being...gotta be a tough job. Clearly we don’t agree w how it’s been managed…and the optics are awful.” The comment has been deleted. But the screenshots are alive, well, and on Reddit.

Realizing his mistake, Vaughan commented that “It takes 20 years (or 58) to build a reputation…and 5 minutes to lose it. I very much understand that notion.”

In an email to The Stranger, Vaughan said he hadn’t seen the bit about ICE doing “God’s work” when he was liking song requests, and had made a mistake by “not reading the whole thing.” (Close readers will note the comment began: “ICE is doing God’s work.”)

“I agreed with the reply the guy saying ‘nobody is above the law,’” Vaughan continues, “I thought he was referring to Trump and the administration, everyone.” He acknowledged that upon reading it again, he can see how it could be referring to “protesters who aren't above the law.”

“This was inappropriate given the circumstances in recent weeks and the deaths of Renee Good and Alex Pretti. I am terribly sorry to my staff and any customers who feel let down. This was all on me.”

It’s unclear whether Vaughan’s real-time responses and ever-changing explanations for the comments (the apology on Instagram continues to be edited) are a reflection of a man trying to learn from his mistakes or a business owner trying desperately to get back in good graces with his customers. Patrons of Easy Street Records, at least in the online sphere, appear to be split. “This is how you handle a mistake,” one commenter writes. “Performative apology,” another says.

Either way, Vaughan’s employees are bearing the brunt of his thumbs.

“We have received angry calls and people in-store voicing their opinion on Matt's comments,” says an employee. “On behalf of the staff, I just want to reiterate that his comments on Friday were not ours.”

Before you seek retribution on Easy Street with a nasty phone call, remember the last time your boss did something stupid, and you took the hit. My advice to Vaughan: put down the phone. My advice to you: Take your business elsewhere if you please, but leave the workers alone.

00:56

Everything you ever wanted to know about Amiga UNIX [OSnews]

We recently talked about Apple’s pre-Mac OS X dabblings in UNIX, but Apple wasn’t the only computer and operating system company exploring UNIX alternatives. Microsoft had the rather successful Xenix, Atari had ASV, Sony had NEWS, to name just a very small few. The Amiga, too, wanted in on the UNIX action, and as such, released Amiga UNIX, based on AT&T System V Release 4. The Amiga UNIX website is dedicated to everything you would ever want to know about this operating system.

This site is dedicated on preserving Amix’s history and sharing information and instructions on what Amix is, how to install it (either on real hardware or in emulation) and what can you do with it. Mainly, it tries to cater to people who wish to run AMIX for whatever reason on their hardware. By documenting experiences with it, it is hoped that subsequent SVR4 junkies will find the way more smooth than it might have been without any guidance at all. For even a relatively experienced modern Unix or GNU/Linux administrator, System V UNIX is sufficiently different to present difficulty in installation and administration. Not so much in moving around between directories, and using common utilities that persist to this day – although many of those are hoary and somewhat forgetful in their retirement – but of doing more in depth tasks and understanding the differences.
↫ The Amiga Unix Wiki

If you wish to run Amiga UNIX yourself, you’ll either have to have one of the original two models sold with it – the 2500UX and 3000UX – or one of the Amigas that meets the minimum requirements. Another option is, of course, emulation, and WinUAE has support for running Amiga UNIX.

00:07

February Things to Do: This & That [The Stranger]

The best culture and community events in Seattle in February. by Julianne Bell

Want more? Here's everything we recommend this month: Music, Visual Art, Literature, Performance, Film, Food, and This & That.

Tết in Seattle

FEB 14–15

Gallop into the Year of the Horse with the Tết Festival, a free, family-friendly event hosted at Seattle Center as part of the Festal World Cultural Program. Browse vendors and health-related booths with free screenings and services, check out lion dances and other performances, enter some eating competitions if you’re feeling bold, and watch a fashion show with traditional Vietnamese garments. Don’t forget to wear red and yellow or gold for good luck! (Seattle Center, 11 am–6 pm, all ages, free) JULIANNE BELL

Babylon Death Party

FEB 27

The intimate Rabbit Box Theatre will host this evening of witchcraft, led by the psychic, medium, and ceremonial artist Mugga Rose (formerly KOOK Teflon), who recently returned to Seattle. Shamanic arts throat singer Soriah will cultivate otherworldly vibrations, followed by an occult performance by storyteller and psychic Doña Macabra. Meagan Angus, Hannah Haddix, and Gabriela of All Gates Within will impart stories and spoken word, Mugga Rose will read from her book, and Jessica Henry and CURRĄŊ will curate a market full of “unique, peculiar, one-of-a-kind creations” from artists. The night is also in part a tribute to the late “fire-tongued, spell-bright, never forgotten” witch Jaguar Bullet. (Rabbit Box Theatre, 7–10 pm, all ages) JULIANNE BELL

More

The Real Twin Peaks Various locations across Snoqualmie Valley, Feb 19–22

Riding Together: 135 Years of Cycling in Seattle Through Apr 26, Museum of History & Industry

Early Warnings

Isaac Mizrahi April 9, Triple Door, 7:30 pm

February Things to Do: Food [The Stranger]

The best food and drink events in Seattle in February. by Julianne Bell

Want more? Here's everything we recommend this month: Music, Visual Art, Literature, Performance, Film, Food, and This & That.

Polina Chesnakova, ‘Chesnok’

FEB 5

Local author (and former Book Larder culinary director) Polina Chesnakova returns with her third and latest cookbook Chesnok: Cooking from My Corner of the Diaspora: Recipes from Eastern Europe, the Caucasus, and Central Asia, a love letter to the food of the Soviet diaspora. Chesnakova, who was born in Ukraine to Russian and Armenian parents from Georgia, has painstakingly documented over 110 regional recipes ranging from Ukrainian varenyky (dumplings) to medovik (honey cake), alongside essays and stories of her childhood memories of cooking and eating. (Book Larder, 6:30 pm) JULIANNE BELL

Naoko Takei Moore, ‘Simply Donabe’

FEB 9

Meals cooked in a donabe (a traditional Japanese earthenware pot) are the original one-pot meals. Besides being energy-efficient and having even heat distribution thanks to their porous material, they’ve also given rise to “nabe o kakomu” (“surrounding the pot”), a culture of communal meals centered around the donabe. Naoko Takei Moore’s new cookbook Simply Donabe demonstrates how you can recreate some of this comforting, nourishing magic in your own kitchen, with recipes like sour minced pork hotpot and miso-simmered ramen, plus side dishes like quick-pickled Napa cabbage and desserts like matcha ice cream. (Book Larder, 6:30 pm) JULIANNE BELL

Nicki Sizemore, ‘Mind, Body, Spirit, Food’

FEB 9

Trained chef, professional recipe developer, and cookbook author Nicki Sizemore has nearly 20 years of experience in the food industry, but she hasn’t always had an easy relationship with food. She’s shared her journey of overcoming diet culture and health issues on her Substack newsletter and podcast Mind, Body, Spirit, FOOD and offers recipes paired with mindfulness techniques, as well as interviews with guests on their relationships with food. Her newest book, also called Mind, Body, Spirit, Food, contains 51 recipes (that just so happen to be free of gluten, due to her medical necessity) alongside mindfulness prompts that invite home cooks to slow down, invoke the five senses, and enjoy the process. (Book Larder, 6:30 pm) JULIANNE BELL

More

Ballard Farmers Market Every Sunday, Ballard Ave, 9 am–noon, free

Capitol Hill Farmers Market Every Sunday, E Denny Way and Nagle Pl, 11 am–3 pm, free

West Seattle Farmers Market Every Sunday, Alaska Junction, 10 am–2 pm, free

Fremont Sunday Market Every Sunday, Evanston Ave N and N 34th St, 10 am–4 pm, free

Strong And Dark Beer Festival Feb 7, Figurehead Brewing Magnolia, noon–5 pm

Hops & Props Feb 21, Museum of Flight, 7–10 pm, 21+

Tacoma Beer Week Feb 27–March 8, various locations across Tacoma

Early Warnings

Taste Washington March 21–22, various locations, 21+

February Things to Do: Film [The Stranger]

The best film events in February in Seattle. by Audrey Vann

Want more? Here's everything we recommend this month: Music, Visual Art, Literature, Performance, Film, Food, and This & That.

The Pacific Northwestern

TUESDAYS THROUGH FEB 24

Despite the Western genre being associated with images of cowboys in dusty deserts, there are, surprisingly, a large number of Western films set in the lush Pacific Northwest, and SIFF’s Pacific Northwestern series is bringing these gorgeous movies to the big screen. The series kicked off last month, but there is still so much great programming to come, like 1959’s The Hanging Tree, starring Gary Cooper as a doctor in a Montana gold rush town (but filmed entirely in Yakima), Kelly Reichardt’s First Cow, following a cook and a Chinese immigrant as they team up to steal milk from a prized cow in Oregon Country, and, my personal favorite, McCabe & Mrs. Miller, Robert Altman’s snowbound Western starring Warren Beatty and soundtracked by Leonard Cohen. (SIFF Film Center, 6:30 pm) AUDREY VANN

The Mysterious Gaze of the Flamingo

FEB 5–8

Set in the Chilean desert in the early ‘80s, director Diego Céspedes’s feature debut follows Lidia, an 11-year-old who was abandoned as a baby and raised by a fiercely loving queer found family. Their ragtag clan is ostracized by their sleepy mining town, blamed for a mysterious plague that is believed to be transmitted by a single gaze when two people fall in love. Lidia sets out to defend her loved ones and determine whether the rumor is true or not. The surreal Western explores AIDS panic, transphobia, violence, revenge, marginalization, and prejudice, mixing folktale vibes with the scrappy tenderness of Hirokazu Kore-eda’s Shoplifters. (Northwest Film Forum, times vary) JULIANNE BELL

HUMP! Film Fest

FEB 26–APRIL 30

Look, HUMP! is always good. You already know that this indie porn festival is nothing like the 5-minute clips you watch while bathed in the cold, blue, loveless light of your laptop. They’re creative and silly and usually feel like a friend is sharing their new, naked, art project with you. But if the trailer for this year is any indication, this year’s spring lineup isn't one to miss. It has stop-motion praying mantises, pottery, a sexy Bop It, and the Starfish Sex Beetle. One person managed to weave in sanitation workers and labor solidarity into their submission. Another clearly knows what it’s like to bomb on stage as a standup comedian, and used the power of porn to reimagine it. This festival only happens twice a year, and it’s never the same. Don’t miss this one. (Various locations) HANNAH MURPHY WINTER

More

Truth to Fiction: Black Is… Black Ain’t Feb 5, Northwest Film Forum, 7 pm

Fools’ Paradise (lost?) Feb 6–7, SIFF Film Center, 7 pm

Resurrection Feb 6–8, Northwest Film Forum, times vary

A Void in the Cosmos and From There You Sing: Early Pasolini Feb 8–Mar 5, Beacon, times vary

Friday the 13th Feb 13, Beacon, 10 pm

The Bridges of Madison County Feb 14, Beacon, 7 pm

In the Mood for Love Feb 14, Beacon, 10 pm

2026 Sakinah Film Festival Feb 14–15, Northwest Film Forum, 3 pm

Daisies (with Velocity Dance Center) Feb 18–19, Northwest Film Forum, 7:30 pm

Star 80 Feb 22 & 25, Beacon, times vary

Martin Scorsese: Maestro of Cinema Wednesdays Feb 25–Apr 29, SIFF Cinema Uptown, 7:30 pm

February Things to Do: Performance [The Stranger]

The best performance events in February in Seattle. by Julianne Bell

Want more? Here's everything we recommend this month: Music, Visual Art, Literature, Performance, Film, Food, and This & That.

Next Exit

FEB 5–21

Meet j. chavez, a Seattle theatre maven who won the KCACTF (Kennedy Center American College Theater Festival)’s National Undergraduate Playwriting Award (whew), for their opus how to clean your room (and remember all your trauma). Their new play Next Exit deals passionately, yet sympathetically, with a man named Miguel trapped on a highway (sans car, I think), who is communing with and deriving philosophical companionship from a dead possum called Orlando. Some deer come out, and a Lady In Yellow, and a sinister force that threatens to eat up anyone and anything lingering too long by the sizzling side of I-5. I’m not clear on how this all flows together. But you should indubitably find out. (Annex Theatre, times vary, all ages) ANDREW HAMLIN

Depths of Wikipedia Live

FEB 12

These days, there are only a handful of accounts that keep me from deleting Instagram altogether: Flamenco diva Charo (whom regularly gives life advice with a massive glass of wine), Our Lord and Savior Britney Spears (who I honestly just need to check on once a week to make sure she’s okay), and, of course, Depths of Wikipedia. Run by journalist and comedian Annie Rauwerda, Depths of Wikipedia scours the deep, dark depths of the free online encyclopedia for the site's most obscure, magical, and bizarre entries. Some memorable examples include a moth species named Freak, a medieval tradition called Feast of the Ass, and the Japanese concept of “hatsuyume,” referring to the first dream one has in the New Year. Rauwerda is bringing her live show of comedy and research back to Seattle to answer all your burning questions, like “When was ciabatta invented?” and “Why is there anything at all?” (Neptune Theatre, 7 pm, all ages) AUDREY VANN

Young Dragon: A Bruce Lee Story

FEB 19–MAR 15

Keiko Green is a playwright, screenwriter, and performer who splits her time between Seattle and LA, and has written for TV shows like Hulu’s Interior Chinatown and the upcoming Apple TV series Margo’s Got Money Troubles. Last fall, Seattle hosted productions of two of her plays: Exotic Deadly: Or the MSG Play, a wacky time-traveling comedy set in 1999, and Hells Canyon, a chilling horror thriller. Now, there’s another opportunity to glimpse even more of Green’s impressive range with the Seattle Children’s Theatre premiere of her play Young Dragon, which shows Bruce Lee as an ambitious young man finding his place in the world in Seattle. I’m willing to bet audience members of all ages will be moved by Bruce’s journey to becoming a “flexible, fluid, and flowing master.” Seattle Children’s Theatre recently made the difficult decision to pull a two-week April run of Young Dragon from the Kennedy Center due to the impact of the Trump administration, which makes it even more important to support local productions like this one. (Seattle Children’s Theatre, times vary) JULIANNE BELL

Jimmy O. Yang

FEB 27 & 28

Hilarious Asian-Millennial perspectives spill forth from Jimmy O. Yang at a rapid pace in his stand-up performances. Sure, the actor and former strip-joint DJ covers some familiar ground: relationships, parent-child interactions, the importance of friendships, how different cultures talk about money, media representation of his people—and the pressure he feels as a high-profile Asian to do his tribe proud. But the Chinese American comic also tackles some less common subjects, such as the feet etiquette of different cultures, the limited options for Halloween costumes among Asians (“I was Bruce Lee for six years.”), whether it’s okay for Asians to say the N-word when singing along to rap songs, as well as an advanced lesson on how to tell Asians apart by the sound they make when they’re disappointed. He also does the best tai chi joke I’ve ever heard. With his acting chops honed in TV comedy shows such as Silicon Valley and Space Force and the movie Crazy Rich Asians, Yang has become an efficient and super-expressive joke machine. (Paramount Theatre, 7 pm, all ages) DAVE SEGAL

More

Topdog/Underdog Feb 4–Mar 1, ArtsWest, times vary

Bridge Project 2025 with DaeZhane Day, kelly langeslay, and No Girls No Masters Feb 6–8, Velocity, times vary

Bosco Presents: GRINDHAUS Feb 7, Crocodile, 10:30 pm, 21+

The Wiz Feb 10–15, Paramount Theatre, times vary, all ages

The Serpent Sisters Tour: Nymphia Wind and Plastique Tiara Feb 15, Neptune Theatre, 8 pm, all ages

Rose Jarboe’s Rose: You Are Who You Eat Feb 19–21, On the Boards, 8 pm

Fellow Travelers Feb 21–Mar 1, McCaw Hall, times vary

Early Warnings

Amy O’Neal: Again, There Is No Other (The Remix) Mar 26–28, On the Boards, 8 pm

Pacific Northwest Ballet Presents: Giselle Apr 10–19, McCaw Hall, times vary, all ages

Jonathan Van Ness Apr 24, Moore Theatre, 8 pm, all ages

Margaret Cho Apr 19, Moore Theatre, 7 pm, all ages

Seattle Opera: Carmen May 2–17, McCaw Hall, times vary

Fauxnique: How Do I Look? May 7–9, On the Boards, 8 pm

February Things to Do: Literature [The Stranger]

The best book events in February in Seattle. by Julianne Bell

Want more? Here's everything we recommend this month: Music, Visual Art, Literature, Performance, Film, Food, and This & That.

Mark Z. Danielewski

FEB 4

Mark Z. Danielewski is most well known for his debut novel and postmodern horror cult classic House of Leaves, which famously requires active participation (including turning the book upside down at times) from the reader to decipher its multiple nonlinear narratives, cryptic text, and copious footnotes. Reading it feels like a descent into madness and will have you glancing around to make sure no one (or nothing) else is in the room with you. He’s now embarking on a tour to promote his longest novel to date, Tom’s Crossing, which came out last October and clocks in at 1,200 pages. It’s a dark, epic Western/ horror hybrid that required 10 drafts and which Danielewski has said he considers the “pinnacle” of his work. Here’s a chance to catch a living horror legend in the flesh. (Elliott Bay Book Company, 7 pm, all ages, free) JULIANNE BELL

‘Document’ by Amelia Rosselli with Translator Deborah Woodard with Rachel Karyo

FEB 4

A newly translated collection of 1970s anti-fascist poetry by a female poet? I’m listening! Italian poet Amelia Rosselli’s last collection to be translated into English, Document, explores how poetry can document our contemporary experiences through the lens of classical models. Rosselli was long obsessed with classical sonnets, particularly Petrarchan sonnets, in which meaning is conveyed through sequence and structure. Through the collection of 175 poems, Rosselli speaks to her experiences in postwar Italy, meditating on violence, class struggle, religion, consumerism, and capitalism, all topics that unfortunately still resonate 50 years after they were written. For this Q&A and book signing, Document translator Deborah Woodard will be joined by poet Rachel Karyo. (Third Place Books Ravenna, 7 pm, all ages, free) AUDREY VANN

Chuck Klosterman

FEB 15

Chuck Klosterman bucked himself up from tiny-town obscurity all the way to toast of Manhattan and staff position at the Gray Lady itself (though he’s since moved to Portland). Music scribing put him on top, but he’s branched out into broader cultural criticism, plus the occasional novel; now he’s tackling “America’s game” in time for Super Bowl weekend. His new book, Football, approaches the mighty gridiron as a “hyperobject” so massive in time/space that its true contours can’t be mapped. As an honest effort, though, he essays the six-man variant (silly me, I only knew about eight-man), the myth of the Great Man Theory (or at least Great Jock Theory), the sport’s seamless melding with television, and the morality of potentially crippling violence as public spectacle. No word on whether he’ll tackle arena football (Washington Wolfpack and Seattle Sabercats represent!), women’s football (we’ve got the Majestics, the Spartans, and the Thunder), fantasy football (I vote ecchh), and/or video games (scratch Madden, I’m sticking with Atari). Want to know more? Ask the answer man himself. (Town Hall, 7:30 pm, all ages) ANDREW HAMLIN

Nicola Griffith

FEB 17

Seattle-based author and self-described “queer cripple with a PhD” Nicola Griffith has received countless honors, including two Washington State Book Awards and six Lambda Literary Awards, and was inducted into MOPOP’s Science Fiction and Fantasy Hall of Fame in 2024. Her novels Hild, Spear, and Menewood explore the medieval era through a queer perspective, and she also cofounded the #CripLit movement with the late activist Alice Wong. Her latest work, She Is Here, is a new installment in PM Press’s Outspoken Authors series, in which “today’s edgiest fiction writers showcase their most provocative and politically challenging stories.” Griffith’s contribution combines fiction, nonfiction, poetry, and artwork to discuss topics ranging from disability justice to the distinction between love and ownership. (Third Place Books Ravenna, 7 pm, all ages, free) JULIANNE BELL

More

Aja Monet Feb 5, Town Hall Seattle, 7:30 pm

Emily Nemens Feb 11, Elliott Bay Book Company, 7 pm

Roddy Bottum Feb 13, Elliott Bay Book Company, 7 pm

Nick Offerman Feb 15, Moore Theatre, 7 pm, all ages

Cristina Rivera Garza & Javier Zamora Feb 24, Town Hall Seattle, 7:30 pm

Early Warnings

James McBride March 3, Town Hall Seattle, 7:30 pm

Stephen Graham Jones March 30, Town Hall Seattle, 7:30 pm

George Saunders: Vigil: A Novel Apr 7, Town Hall Seattle, 7:30 pm

Patrick Radden Keefe April 22, Town Hall Seattle, 7:30 pm

Marlon James May 6, Town Hall Seattle, 7:30 pm

Emily Wilson May 12, Town Hall Seattle, 7:30 pm

Tommy Orange May 21, Town Hall Seattle, 7:30 pm

February Things to Do: Visual Art [The Stranger]

The best February visual art events in Seattle. by Amanda Manitach

Want more? Here's everything we recommend this month: Music, Visual Art, Literature, Performance, Film, Food, and This & That.

Timothy Siciliano: The Lunch Before the Détente

THROUGH FEB 28

It’s kinky, it’s neon, it’s fascism. Timothy Siciliano spent the past three years creating a suite of paintings that hold a mirror to our times—a campy hot take on corruption and carnival rendered in luscious hypercolor. His war generals and dominatrix figures populate a sadomasochistic fever dream with echoes of The Night Porter, while other moments harken to Weimer-era artists like Otto Dix, who painted the grotesqueries of their zeitgeist with unflinching color and a dash of gallows humor. You’ll want to linger with cacophonic compositions dripping bullet shells and blossoms, gender-ambiguous bulges, leather, chains, and ruby pearls of blood. But don’t fret: He doesn’t gild the fascist lily with all sugar and sex. There are plenty of flies swirling around literal shit. Siciliano proves that in trying times, clowning the bad guys can be a pleasure. (studio e) AMANDA MANITACH

Scent Lending Library

THROUGH MARCH

What does God’s sweat smell like? Or the anoxic cold of Eau De Space? Smell for yourself out at the Scent Lending Library, an olfactory exhibition that arrived at Fogue after its five-month run at Olfactory Art Keller in New York. While determining the base note of divine perspiration may involve a smidge of poetic license, NASA did actually work with chemists in 2008 to recreate the smell of the void (as relayed by space-walking astronauts), and Australian-born documentary filmmaker turned olfactory artist Donna Lipowitz has bottled these distillations for your sniffing pleasure. There are over 100 scents to explore (70 of which are available to check out for two weeks at a time), including delightful nose poems like Old Luggage, Bermuda Triangle, and American Psycho, as well as more classic fare, including the oldest continuously produced perfume, Guerlain’s 1889 Jicky. The sensory excursion to the world right under our nose is the perfect antidote to algorithm purgatory. (Fogue Studios & Gallery) AMANDA MANITACH

Samantha Yun Wall: What We Leave Behind

FEB 5–OCT 4

Overlapping figures of female bodies emerge and dissolve in Samantha Yun Wall’s velvet monochrome worlds. The Portland-based artist (and winner of the 2024 Betty Bowen Award) is a master of rendering images in ink and conté, where layers of shadow intertwine with stark black silhouettes. Wall’s imagery reflects the artist’s multi-ethnic background, blending Korean folk stories with elements from Eurocentric mythology to create scenes that seem plucked from an untold fairy tale. Her solo at Seattle Art Museum features new works haunted by the iconography of the pasqueflower, a motif throughout Korean lore, which Wall has entwined with the memory of a lost grandmother. While there, pause for Song Cycle, a newly installed kinetic sculpture by Chris Kallmyer, which uses vintage train-station signage to generate ever-revolving cascades of poetic fragments—words clacking and flipping through a mechanical stream of consciousness. (Seattle Art Museum) AMANDA MANITACH

Once Removed 01: Art in Vacant Spaces

FEB 21

It’s the first installment of what is whispered to be a recurring event (yes, please) granting artists free rein in a transitional site slated for demolition—in this case, a house in Greenwood. The project was conceived by Sammy Skidmore and Zoë Hensley, two gallerists with day jobs at commercial galleries wanting to expand into unconventional spaces while showcasing work too large, too experimental, or too existential for the white cube. Artists for the inaugural edition (probing themes of sex, power, and the poetics of space) include Nadia Ahmed, Rachael Comer, Jenikka Cruz, Gaeun Kim, and Ali Meyer. The free, all-ages party starts at 6 p.m. and goes late, with music by DJ spicycherrypop and Friends of the Road Ensemble. (DM @once__removed for address) AMANDA MANITACH

More

Excellence in Fibers X Through Feb 14, Schack Art Center, free

Welldweller: New Works by KEMC Through Feb 14, Specialist Gallery, free

Dan Webb: Yespalier Through Feb 21, Greg Kucera Gallery, free

Aisha Harrison: Porous Body Through Feb 22, Bainbridge Island Museum of Art, free

Black History Month Exhibition Through Feb 26, M. Rosetta Hunter Art Gallery, free

Austin Lewis Through Feb 28, James Harris Gallery, free

Crystalline Lens - Curated by Allyce Wood Through Feb 28, SOIL, free

Group Show: Landscapes Through Feb 28, Winston Wächter, free

Kandis Susol Through Feb 28, Winston Wächter, free

New Nordic: Cuisine, Aesthetics, and Place Through Mar 8, National Nordic Museum

Susan Meiselas: Crossings Through Mar 22, Photographic Center Northwest, free

The One-Two Punch: 100 Years of Robert Colescott Through Mar 29, Tacoma Art Museum

Boren Banner Series: Camille Trautman Through Apr 12, Frye Art Museum, free

Priscilla Dobler Dzul: Water Carries the Stories of Our Stars Through Apr 19, Frye Art Museum, free

Jonathan Lasker: Drawings and Studies Through Sept 27, Frye Art Museum, free

A Room for Animal Intelligence Through Nov 1, Seattle Art Museum

Ten Thousand Things Through Spring 2027, Wing Luke Museum

Ash-Glazed Ceramics from Korea and Japan Through July 12, 2027, Seattle Art Museum

Ai Weiwei: Circle of Animals/Zodiac Heads (Bronze) Through Oct 2027, Olympic Sculpture Park, free

Chris Kallmyer: Song Cycle Ongoing, Seattle Art Museum

Gossip: Between Us Ongoing, Tacoma Art Museum

Haunted Ongoing, Tacoma Art Museum

Qiu Zhijie: Map of the History of Science and Technology Ongoing, Olympic Sculpture Park, free

Indira Allegra: The Book of Zero Opens Feb 4, Jacob Lawrence Gallery, free

Susan Bennerstrom: The Light Is Never the Same Twice Opens Feb 5, Patricia Rovzar Gallery, free

Worlds Seen and Unseen: Paintings by Gary Faigin Opens Feb 5, Harris Harvey Gallery, free

Wallflowers Opens Feb 7, Frye Art Museum, free

Legacy: Highlights from the Permanent Collection Opens Feb 14, Tacoma Art Museum

Project NW: Ralph Pugay Opens Feb 14, Tacoma Art Museum

Early Warnings

Beyond Mysticism: The Modern Northwest Opens Mar 5, Seattle Art Museum

Actualize AiR and SOIL Collaboration: Imprints and Echoes - Curated by Julia Anderson Opens Mar 5, SOIL, free

Aimee Lee: Tethered Opens Mar 6, Bainbridge Island Museum of Art

Crafting Futures: Emerging Artists Invitational Opens Mar 6, Bainbridge Island Museum of Art

George & David Lewis: Deeply Rooted Opens Mar 6, Bainbridge Island Museum of Art

Interwoven Narratives Opens Mar 9, M. Rosetta Hunter Art Gallery, free

Water Ways: Healing the Circle of Water and Life Opens Mar 26, Schack Art Center, free

Boren Banner Series: Chloe King Opens Apr 15, Frye Art Museum, free

Monochrome: Calder and Tara Donovan Opens May 13, Seattle Art Museum

Tom Lloyd Opens May 16, Frye Art Museum, free

February Things to Do: Music [The Stranger]

The best February music events in Seattle. by Julianne Bell

Want more? Here's everything we recommend this month: Music, Visual Art, Literature, Performance, Film, Food, and This & That.

Jade: That’s Showbiz Baby! Tour

FEB 6

I constantly annoy everyone I know by bragging that I was three years early to knowing about Chappell Roan, so I need you to believe me when I say that former Little Mix singer Jade Thirlwall is going to be a main pop girlie within the next couple of years. She’s already big in the UK and steadily gaining popularity stateside. No one else out there is doing it like her—I mean, who drops a fully art-directed visual album for their solo debut?? There are no skips, either. You can hear touches of all the great pop divas, like Gaga, Madonna, Kylie Minogue, and Diana Ross. The opener, “Angel of My Dreams,” about Jade’s ambivalent relationship to fame, is dreamy, celestial pop goodness reminiscent of “Lucky” by Britney Spears. I also love the track “Before You Break My Heart,” which samples a recording of Jade singing the Supremes’ “Stop! In the Name of Love” as a little girl, and which she says is written from the POV of her “younger self, begging me not to forget her and how far we’ve come.” (Paramount Theatre, 8 pm, all ages) JULIANNE BELL

Robyn Hitchcock

FEB 6

There is only one musician alive who could write a song titled “Tropical Flesh Mandala,” and that magus is 72-year-old Englishman in Nashville Robyn Hitchcock. A veteran psychedelic-rock court jester whom you should take very seriously, he continues to rock unorthodoxly and spin surrealistic yarns of deep mirth and poignancy at an age when most of his peers have declined creatively or dropped out of the game. Had the man with the lightbulb head only released those Soft Boys records—especially 1980’s jangly, neo-retro-psych classic Underwater Moonlight—he’d still be a hall-of-famer. But, of course, Hitchcock’s also built a prolific solo career studded with idiosyncratic gems that extrapolate on the brain-tickling elements of sonic soul mates Syd Barrett and John Lennon. Recent albums such as the earworm-intensive Shufflemania! and the acoustic-guitar-heavy, instrumental Life After Infinity prove that Robyn’s noggin’s still teeming with great, weird ideas. You never quite know which gaggle of tunes you’ll get at a Hitch gig, but you’re always guaranteed transport to more fascinating headspaces—particularly if he dips into 1981’s Black Snake Diamond Röle (hint, hint). (Neptune Theatre, 8 pm, all ages) DAVE SEGAL

Blood Cultures

FEB 11

They’re an anonymous, experimental indie-pop band who rock out on chillwave in hoods. What more do you need? I’m all about bands wearing disguises, and with the Residents out of commission for the moment (sigh), a quartet that tinks and reverbs and chirps along to videos of themselves (or somebody in hoods) lifting weights, shooting guns, making a mess with Chinese takeout, and turning themselves into scarecrows, just might fill dat gap. That was the gist of their video for the “Set It on Fire” single from their 2021 album LUNO, at least. What they’ll do in concert, I have no idea whatsoever, but it’s got to be conceptual. (Neumos,
7 pm, 21+) ANDREW HAMLIN

GZA

FEB 11

The fact that “Does GZA have a degree in physics?” pops up as the top GZA-related query on Google is a fitting testament to the scientific rhymes of the Wu-Tang cofounder and eldest statesman. Though he has appeared as a guest lecturer at Harvard and several other lauded institutions of learning (mostly about the field of life rather than the official study of physics), GZA—aka the Genius—keeps his most heralded published material on wax. His current tour is in celebration of the 30th anniversary of the release of his classic RZA-produced sophomore album, Liquid Swords. The album is an important document in the Wu catalog as it captured the essential Wu formula in amber—RZA’s developing cinematic, hard-knocking East Coast beats, heavy kung-fu samples, stacked guest verses from bandmates—while the group was in the process of taking over the rap world. Seeing a legendary artist perform a classic album, especially with a live band, is always a great opportunity to shout your favorite lines with a bunch of rowdy fans, and who knows, maybe he’ll give us a taste of his long-awaited Dark Matter project. (Nectar Lounge, 8 pm, 21+) TODD HAMM

Cécile McLorin Salvant

FEB 12–13 & 15

Cécile McLorin Salvant has the most exciting voice in contemporary jazz. It’s not just her pitch-perfect voice, which reaches the heights of Edith Piaf, Ella Fitzgerald, Eartha Kitt, and Kate Bush, but the inventiveness with which she flexes her vocals. On her most recent album, Oh Snap, the three-time Grammy Award winner and MacArthur Fellow croons through a dozen short, intimate original songs (plus an a cappella cover of the Commodores’ “Brick House”) that she never intended to see the light of day. Setting out on a personal creative quest to place spontaneity and joy at the heart of her writing process, Salvant tinkered with home recording programs to craft personal songs inspired by the music that soundtracked her childhood in 1990s Miami, from grunge and pop boy bands to classical and folk music. The result of the album is a delightfully chaotic audio journal that will please traditional jazz fans as well as genre rulebreakers like Erykah Badu and Solange. (Jazz Alley, 7:30 pm, all ages) AUDREY VANN

Ghostface Killah

FEB 15

Four days after his brother in Wu, GZA, touches the stage at Nectar, Ghostface Killah—he of many names and statement furs—plays the Crocodile. The silver-tongued storyteller is perhaps the greatest yarn-spinner in rap history; his extensive catalog stretches, of course, back to the Staten Island genesis of Wu-Tang Clan, and with very few breaks, extends to this past summer’s Supreme Clientele 2, which arrived complete with the typically preposterous skits, dicey slang, and tall tales of street corner business ethics you’d expect. It does pay to mention that not all Ghost’s exploits have aged well, and recent reports of homophobia and paternal negligence in relation to his queer son, who happens to be the rapper/singer Infinite Coles, show that he may have carried some of the uglier side of ’90s rap with him into the current day. Here’s hoping he makes an effort to clear things up by showtime. (Crocodile, 7 pm, 21+) TODD HAMM

Julianna Barwick & Mary Lattimore with Tiny Vipers

FEB 17

After touring together for several years, ambient musician/vocalist Julianna Barwick and experimental harpist Mary Lattimore developed a “musical telepathy” that became the basis for their newly released collaborative album, Tragic Magic. The result sounds like what would have been if there were synthesizers in the 18th century, thanks in part to their access to the Philharmonie de Paris’ Musée de la Musique’s instrument collection while recording the album. The duo miraculously recorded the album over just nine days, shortly after the 2025 LA wildfires, and poured their emotions from the tragedy into this meditation on the healing power of improvisation and shared experiences. They will support the album alongside Seattle-based experimental folk musician Tiny Vipers. (Crocodile, 8 pm, 21+) AUDREY VANN

Bitchin Bajas, Geologist

FEB 22

Don’t be deceived by Chicago trio Bitchin Bajas’ goofy name: They’re one of the world’s headiest groups. Evolving out of neo-krautrockers Cave, BB synthesists Cooper Crain and Dan Quinlivan and saxophonist Rob Frye have been enhancing their melodic chops, creating majestic tracks that would sound righteous filling Europe’s most ornate cathedrals. This past October at Neptune Theatre, they outshone their much more celebrated headliners Stereolab in a set that made me feel as if I were on five hits of Owsley. Animal Collective member Geologist (aka Brian Weitz) just released Can I Get a Pack of Camel Lights?, the follow-up to last year’s arcane, abstracted Americana LP, A Shaw Deal, with Sleepy Doug Shaw. The new hurdy-gurdy-powered album’s a mystical avant-rock trip that I dig more than anything his parent group have done. (Sunset Tavern, 8 pm, 21+) DAVE SEGAL

clipping.

FEB 25

clipping. have let it be known that they spend a lot of time thinking about what space sounds like, but it’s their creative process that may capture the idea best: Aside from a few notable exceptions, they use no samples, no presets—they make every sound from scratch. In short, they create in a vacuum. Space also permeates their lyrics and concepts. Octavia Butler and Samuel R. Delany pop up in verses; they have entire albums billed as Afrofuturist space operas. But it’s important to remember the three humanoids amidst the sci-fi poetry: vocalist Daveed Diggs (whom you may remember as ol’ Tommie Jefferson in the original cast of Hamilton), and producers William Hutson and Jonathan Snipes. Hutson and Snipes graft jagged power electronics to the cyberpunk quilt, bold and discordant by design, while Diggs pens horrorcore anthems that he unleashes breathlessly. The result is like a cleaner, more theatrical Death Grips—both of which are equally beautiful and terrifying. Tonight’s show opener, Open Mike Eagle, is also not to be missed. (Showbox, 8 pm, all ages) TODD HAMM

Patty Griffin, Rickie Lee Jones

FEB 26

Patty Griffin is one of the of the most consistently underrated American singer/songwriters in recent decades, boasting shotgun pipes and writing chops that have led Emmylou Harris, Ellis Paul, Kelly Clarkson, Rory Block, Dave Hause, Sugarland, Bette Midler and the Chicks, to cover her. And if you don’t believe them, take the word of Robert Plant, who installed her in his Band of Joy and still comes around to sing backups, notably on her latest album Crown of Roses, a tribute to her late mother. Rickie Lee Jones has a new live album out, Way Up High (Live Boston ’89); she’s looking to consolidate her longer-running position in the firmament. Not that it needs much consolidation—she had a hit on the singles chart with “Chuck E.’s in Love” back in 1979, and in 2012 she sang “Sympathy for the Devil” in the matter-of-fact scratchy diction of Mr. Scratch himself. Not even Jagger managed that. (Moore Theatre, 7:30 pm) ANDREW HAMLIN

säje

FEB 26–MARCH 1

The jazz-vocal quartet säje (rhymes with “beige”), took home two Grammys between 2023 and 2025. They consist of Sara Gazarek, Seattle native and graduate of Roosevelt High’s mighty jazz program; Amanda Taylor, also of our fair city; Johnaye Kendrick, a San Diego native who moved north to teach at Cornish College of the Arts; and Erin Bentlage, who came out from Vermont to teach in Los Angeles. They blend jazz, soul, blues, pop, folk, and Gazarek’s ever-evolving experimental edge, into an elaborate mix emphasizing complex chords and braided vocal parts. They solve problems neatly, too—stuck without a recording studio during the pandemic, they rented an Airbnb and dragged their own gear into it. That’s how they clocked their first Grammy. Excelsior! (Jazz Alley, 7:30 and 9:30 pm, all ages) ANDREW HAMLIN

Jackie O Motherfucker, Abronia, Von Wildenhaus

FEB 27

Way back in the ’00s, Pacific Northwest psychonauts Jackie O Motherfucker were standard-bearers for what venerable British mag The Wire termed “New Weird America”—a hazy axis of US musicians who infused folk and rock with a lysergic looseness and who mutated songforms into third-eye-punching jams. At their best, JOMF boast the opiated tunefulness of Relatively Clean Rivers and the organic, free-range rock sprawl of Amon Düül I. Leader and sole constant Tom Greenwood keeps changing the design of JOMF’s freak flag (as well as personnel), but the colors always astound. Portland’s Abronia have been steadily rising in the underground with five albums of peyote-spiked, Popol Vuh-like soundtrack grandeur, including the new Shapes Unravel (out 2/20 on Cardinal Fuzz/Feeding Tube). Listen to songs such as “Cauldron’s Gold,” “Smoke Fingers,” and “Walker’s Dead Birds,” and feel mountain-sized. Tacoma’s Von Wildenhaus are unpredictable eclecticists whose songs range from chamber-jazz torch songs sung by the alluring vocalist Billie Bloom to anthemic, Grandaddy-esque indie rock to Middle Eastern–inflected electronic pop to the most gorgeous song ever about ketamine. (Add-a-Ball, 8 pm, 21+) DAVE SEGAL

cupcakKe

FEB 27

Get your loved one what they really want this Valentine’s Day: tickets to see cupcakKe. I was introduced to the Chicago rapper in 2018 when she released Ephorize, and was immediately obsessed with the icy percussion that is just as frosty as her blue metallic lipstick on the cover. It belongs in the holy trinity of winter albums alongside Björk’s Vespertine and Whitney Houston’s My Love Is Your Love. On her newest album, The BakKery, cupcakKe serves up a fresh batch of witty, pearl-clutching poetry with memorable tracks like “One of My Bedbugs Ate My Pussy” and the very romantic “Fist Me.” As always, cupcakKe’s magic lies in her ability to pair the most random topics and references with unexpected production styles, such as the silky-smooth “Akeelah,” a city-pop-inspired breakup song with references to the 2006 film Akeelah and the Bee. (Showbox, 8:30 pm, all ages) AUDREY VANN

Esther Rose

MAR 3

I discovered Esther Rose in 2017 when she released her debut, This Time Last Night, an intimate country/folk album that feels like she’s playing for you around a campfire. Now on her fifth studio album, Want, the New Orleans native defies the expectations of what an Esther Rose album can be with bold indie rock arrangements and fuzzed-out guitars. As it’s depicted on the album’s cover, with Rose in a gauzy white cotton dress beside a Rose in a black pleather catsuit, the album balances hard and soft, juxtaposing songs like the Liz Phair–esque track “Ketamine” with the stripped-down piano ballad “Color Wheel.” The album also includes “Scars,” a duet with Seattle-based troubadour Dean Johnson—we love to see it! For this local date, Rose will be joined by fellow New Orleans singer-songwriter Thomas Dollbaum. (Sunset Tavern, 8 pm, 21+) AUDREY VANN

More

The Wayne Horvitz Ensemble Feb 2, 9, 16, 23 and March 2 & 9, Royal Room, 7:30 and 8:30 pm, all ages until 10 pm

The Stylistics Feb 5–8, Jazz Alley, times vary, all ages

Purelink, 'no hup,' Hünter Feb 10, Substation, 7 pm, 21+

Clap Your Hands Say Yeah Feb 11, Woodlawn Hall, 7:30 pm, all ages

Iris Unveiled Feb 12–15, Benaroya Hall, times vary, all ages

Biblioteka, TeZATalks, Acapulco Lips Feb 12, Neumos, 7 pm, 21+

Sudan Archives Feb 14, Neptune Theatre, 8 pm, all ages

Christopher Owens Feb 17, Tractor Tavern, 8 pm, 21+

The Pains of Being Pure at Heart, Living Hour Feb 16, Vera Project, 7 pm, all ages

Cat Power Feb 20, Paramount Theatre, 8 pm, all ages

Lola Kirke Feb 21, Fremont Abbey, 8 pm, all ages

SRJO Presents: The Music of Jimmy Smith and Oliver Nelson Feb 21–22, Benaroya Hall, times vary, all ages

Cardi B: Little Miss Drama Tour Feb 22, Climate Pledge Arena, 7:30 pm, all ages

Joan Shelley Feb 22, Ballard Homestead, 7:30 pm, all ages

Suzanne Vega Feb 22, Neptune Theatre, 7:30 pm, all ages

Neko Case Feb 27, Edmonds Center for the Arts, 7:30 pm, all ages

Early Warnings

St. Vincent Mar 5, Town Hall Seattle, 8 pm, all ages

Toody Cole, Semisoft Mar 6, Tractor Tavern, 8:30 pm, 21+

Blackwater Holylight, Som, Muñeca Mar 10, Neumos, 7 pm, 21+

Indigo De Souza Mar 10, Showbox, 8 pm, all ages

Mt Fog, iroiro, DJ Martin Douglas Mar 12, Tractor Tavern, 8 pm, 21+

Peaches Mar 14, Showbox, 8:30 pm, 21+

Aimee Mann: 22 ½ Lost in Space Anniversary Mar 15, Neptune Theatre, 8 pm, all ages

Conan Gray Mar 16, Climate Pledge Arena, 8 pm

Dirty Three Mar 21, Neumos, 7 pm, 21+

Marissa Nadler Mar 26, Tractor Tavern, 8 pm, 21+

Skullcrusher Mar 30, Barboza, 7 pm, 21+

Eliza McLamb Mar 31, Neumos, 7 pm, all ages

Raye: This Tour May Contain New Music Apr 3, WAMU Theater, 8 pm, all ages

Cass McCombs, Hand Habits Apr 4, Tractor Tavern, 8:30 pm, 21+

Waxahatchee, MJ Lenderman May 3, Paramount Theatre, 7:30 pm, all ages

Florence + the Machine May 12, Climate Pledge Arena, 7:30 pm, all ages

The Last Dinner Party May 22–23, Showbox SoDo, 8 pm, all ages

Monday, 02 February

23:21

Last Month This Month [The Stranger]

The Stranger's monthly news roundup. by The Stranger's Slog AM™️ Specialists

Last Month This Month is a recap of all the previous month's news, featuring headlines from Slog AM. Find it in every issue of The Stranger! Subscribe to our daily Slog AM newsletter here.

***

The country seems to be waking up to the obvious fact that Donald Trump is a fascist, their government is dangerous and unlawful, and the tantamount act of resistance isn’t simply voting. Even The Atlantic, a magazine for the worst people in your social studies class, admitted the “f-word” was apt.

* * *

To jolt us out of our holiday stupor, Trump kidnapped the president of Venezuela on a nighttime raid and literally admitted it was for oil. Presidents usually say it’s for democracy or something! Once we were all emptied of visions of sugar plums, on January 7, ICE agent Jonathan Ross shot Renée Nicole Good in the face three times.

* * *

The day after, ICE shot two people in Portland. Then, on January 24, Border Patrol Agents executed Veterans Affairs nurse Alex Pretti in the street for the capital crime of filming them. Reading the room accurately, Kommandant Greg Bovino continued to dress like a Nazi through it all. Until he lost his job. But he may dress like a Nazi at home, too. Maybe we should’ve taken that New Year’s Eve tragedy at the Crans-Montana ski resort in Switzerland—40 people died in a sparkler-set fire—as a grim portent for the year to come.

* * *

That, or the up to 30,000 people killed in Iran during mass protests. Or the Israel-Palestine ceasefire, where fire has not ceased. So yeah, 2026 is 20-sucking-shit.

* * *

We started on such a hopeful note. On New Year’s Day, Zohran Mamdani became mayor of New York City. He’s the first Muslim and South Asian person to do so and the youngest in a century. And the hottest one, but we didn’t need to tell you that. Mamdani has already started making childcare free for New Yorkers. He’s also getting shots so he can accommodate all the pussy he’s getting (his wife wants to get a cat, he’s allergic). Oh, and in our second fiddle city (maybe a viola—instrument of losers), Katie Wilson took power.

* * *

Wilson’s done a really good job of making the Seahawks go to the Super Bowl (which Bruce Harrell never did), and not sweeping homeless people from Ballard, a favorite pastime of our former mayor(s). She’s also found a new hobby: firing department heads. It must be addictive. Goodbye, former leaders of the Department of Neighborhoods, Parks, Office of Economic Development, Office of Arts & Culture, Seattle City Light, and a long list that would honestly bore you. (We are aware of the literacy rates.) But, yeah, quite the shakeup before the mettle-testing World Cup.

* * *

Speaking of the coming-together-of-nations, Trump hates the concept. His whole thing is take, take, take, and Greenland is his latest kink. Whatever denials you hear, he’s willing to invade the semiautonomous Danish territory for its precious minerals. Coupled with his lust for Venezuela’s oil, Trump is playing a fucked-up game of Settlers of Catan. Except this is not a game for virgins, and we’re offering shit trades to our best friend, Canada. For all this, the man obviously deserves the Nobel Peace Prize. Thank God María Corina Machado, the opposition party leader in Venezuela, gave him hers. Sadly, it’s non-transferable.

* * *

On the home front, the QAnon Shaman is running for governor of Arizona. He doesn’t support Trump anymore because he won’t release the Epstein files, aka The Adventures of Jeff and Donald.

* * *

Dilbert creator Scott Adams died, still supporting Donald Trump. He will rot in unfunny eternity. Possibly Christian heaven, if Jesus is a Dilbert fan. Unlikely. Jesus is a Cathy man. Ack!!

* * *

The United States is taking a short break from killing foreign children to focus on killing our own. The Centers for Disease Control and Prevention (soon to be rechristened the Centers for Disease Preservation?) cut the child vaccination schedule by more than half because… autism?

* * *

Because trans kids have it too good, hedge fund millionaire Brian Greetingspenis Heywood wants to bring them down a peg, or get rid of them entirely, whichever the electorate will let him do. This November, Washington will decide if we should un-amend his “Parents’ Bill of Rights”—a law that allows parents to read their kids’ counseling records—and whether or not we should ban trans girls from sports. Yes, all dozens of them.

* * *

Some good news, locally! Notorious dick and President of the Seattle Police Officers’ Guild Mike Solan announced on his terrible podcast that he isn’t runningfor reelection. Not that his replacement will be someone we’d like to get a beer with, but we’ll revel in his vanishing from public life.

* * *

Things remain quite phallic at the Seattle Police Department. The boys in blue—emphasis on the “boys” part—are far from achieving their goal of having a recruit class that’s 30 percent women by 2030. Only 10 percent of SPD’s 165 new hires this year were ladies. This department is not for the girls.

* * *

It’s a bad time to be a ferry, or a ferrylover (FL). The state’s ferry system is up shit’s creek without a paddle. As of late January, only 15 of the state’s 21 ferries could sail. Those remaining keep falling apart and hitting logs. Things are so dire, a local shipyard is pitching a crazy idea: revamping old-ass, decommissioned ferries to do the work. We could do a Dunkirk?

* * *

Meanwhile, it is really sunny here. Should we be concerned? Probably. Fortunately, we’re not going to know it’s too late until we’re dead. The EPA, at the direction of Trump, won’t calculate the health benefits of air free of ozone and fire particulates. This step is brought to you by greed, for the change will make it easier for coal power plants, oil refineries, steel mills, and other industrial facilities to operate unimpeded by the trivial concern of human life.

* * *

We should honor our dead. Like, the Varsity Theater in the University District. And the Crocodile, which isn’t dead, but is bankrupt and up for sale. In better arts and culture news, Scarecrow Video bought their building on Roosevelt Way, and the Vera Project announced plans to open a new all-ages space in Georgetown in early 2027.

* * *

We don’t even have Sears to ease the pain. There are only five stores left in the country, and none of them are long for this world. The store that once sold the American Dream in a mail-order catalog will be sold for parts.

* * *

If only we could all learn to self-soothe like an Austrian cow has. Veronika’s scratching stick, developed in a 13-year life of leisure, is the first documented instance of a cow using tools. Cows are farting idiots, so this is significant from an evolutionary perspective. Will Veronika & Co. become the new master race? She is Austrian.

* * *

At least she’s not going to be taking anyone’s job. Why? There aren’t any. Trump’s Department of Labor reported that employers only added 50,000 jobs in December, a dismal cherry on top of a dismal year for job growth.

Stranger Suggests: A Surreal Queer Western, Nose Poems, and the Next Main Pop Girlie [The Stranger]

One really great thing to do every day of the week. by Julianne Bell MONDAY 2/2

Rituals of Mine with LabRats & Rose Peak

See Rituals of Mine play her brand of electronic-influenced alt-R&B at Baba Yaga. JEFFREY LATOUR

(MUSIC) Terra Lopez has been making electronic-influenced alt-R&B since 2010—first under the moniker Sister Crayon, then changing the project’s name to Rituals of Mine in 2016. That year was a landmark one for the group, touring with alternative metal band the Deftones and celebrating the re-release of their sophomore album Devoted on a major label, but Lopez was on the verge of a mental health crisis. After processing the trauma of losing her father and best friend in a six-month span, Lopez released her third record—and first solo venture—HYPE NOSTALGIA in 2020. Rituals of Mine has since released a handful of singles, groovy and emotional tracks that have left me wanting more. They're on tour with support from jazz hip-hop fusion group LabRats, who double as the headliner's backing band. (Baba Yaga, 7 pm, 21+) SHANNON LUBETICH

TUESDAY 2/3

Yeobo Cafe and Bar

View this post on Instagram
A post shared by Yeobo Cafe and Bar (@yeoboseattle)

(FOOD) Yeobo, will you be our Valentine?? The name "yeobo" is a Korean term of endearment like "honey" or "sweetheart," which is fitting, because I'm extremely smitten with this Capitol Hill coffee shop. In fact, I'm writing this blurb there right now, enjoying a cup of roasted oolong tea while Norah Jones plays in the background. In our recent Complaints Issue, arts editor Emily Nokes begged local businesses to stay open later, whereas I lamented the lack of truly cozy coffee shops in Seattle, and Yeobo might just be the answer to both of our prayers—they even extended their hours to 9-ish pm daily as a direct response to Emily's complaint! They have delicious coffee drinks (I love the burnt honey miso latte), a selection of Friday Afternoon tea, and both alcoholic and non-alcoholic cocktails, plus kimchi breakfast sandwiches made with house-made gluten-free English muffins. There's always something fun playing on the TV, like Avatar: The Last Airbender, anime, or Kim's Convenience, and if you want some analog entertainment, they have a community library, puzzle exchange, and board games. This is the inclusive third space that the neighborhood desperately needed. Also, if you have some spare cash, consider donating to their GoFundMe to help them out with critical repairs and unexpected expenses so they can keep the lights on. (2332 E Madison St, 7 am-9ish pm) JULIANNE BELL

WEDNESDAY 2/4

Mark Z. Danielewski

Horror legend Mark Z. Danielewski will appear at Elliott Bay Book Company on Wednesday, February 2. LINDSEY BEST

(LITERATURE) Mark Z. Danielewski is most well known for his debut novel and postmodern horror cult classic House of Leaves, which famously requires active participation (including turning the book upside down at times) from the reader to decipher its multiple nonlinear narratives, cryptic text, and copious footnotes. Reading it feels like a descent into madness and will have you glancing around to make sure no one (or nothing) else is in the room with you. He’s now embarking on tour to promote his longest novel to date, Tom’s Crossing, which came out last October and clocks in at 1,200 pages. It’s a dark, epic Western horror hybrid that required 10 drafts and which Danielewski has said he considers the “pinnacle” of his work. Here’s a chance to catch a living horror legend in the flesh. (Elliott Bay Book Company, 7 pm, all ages, free) JULIANNE BELL

THURSDAY 2/5

aja monet

Experience poet, organizer, and musician aja monet's galvanizing voice at Town Hall Seattle on Thursday, February 5. FANNY CHU

(LITERATURE) Poet, organizer, and musician aja monet is a triple threat who’s in the business of activating rooms. Drawing from a lineage rooted in oratory practice, monet blends spoken word, music, and experience into something that feels more akin to a performance or communal offering than a standard reading. Her latest book, Florida Water, explores love, migration, climate grief, and community with a clarity that reflects, reveals, and unravels in equal measure. A Grammy-nominated spoken word artist and Nuyorican Poets Cafe Grand Slam Champion, monet creates urgent and intimate work. If you plan to attend, you’re in for a treat. Just be sure to stick around for the post-event Q&A hosted by Kiesha B. Free. (Town Hall Seattle, 7:30 pm, all ages) LANGSTON THOMAS

FRIDAY 2/6

Jade: That’s Showbiz Baby! Tour

(MUSIC) I constantly annoy everyone I know by bragging that I was three years early to knowing about Chappell Roan, so I need you to believe me when I say that former Little Mix singer Jade Thirlwall is going to be a main pop girlie within the next couple of years. She’s already big in the UK and steadily gaining popularity stateside. No one else out there is doing it like her—I can't name another artist who dropped a fully art-directed visual album for their solo debut, but that's exactly what she did with That's Showbiz Baby. There are no skips, either. You can hear touches of all the great pop divas, like Gaga, Madonna, Kylie Minogue, and Diana Ross. The opener, “Angel of My Dreams,” about Jade’s ambivalent relationship to fame, is dreamy, celestial pop goodness reminiscent of “Lucky” by Britney Spears. I also love the track “Before You Break My Heart,” which samples a recording of Jade singing the Supremes’ "Stop! In the Name of Love" as a little girl, and which she says is written from the POV of her “younger self, begging me not to forget her and how far we’ve come.” (Paramount Theatre, 8 pm, all ages) JULIANNE BELL

SATURDAY 2/7

Scent Lending Library at Fogue Studios

Follow your nose to the Scent Lending Library. FOGUE STUDIOS

(ART) What does God’s sweat smell like? Or the anoxic cold of Eau De Space? Smell for yourself out at the Scent Lending Library, an olfactory exhibition that arrived at Fogue after its five-month run at Olfactory Art Keller in New York. While determining the base note of divine perspiration may involve a smidge of poetic license, NASA did actually work with chemists in 2008 to recreate the smell of the void (as relayed by space-walking astronauts), and Australian-born documentary filmmaker turned olfactory artist Donna Lipowitz has bottled these distillations for your sniffing pleasure. There are over 100 scents to explore (70 of which are available to check out for two weeks at a time), including delightful nose poems like Old Luggage, Bermuda Triangle, and American Psycho, as well as more classic fare, including the oldest continuously produced perfume, Guerlain's 1889 Jicky. The sensory excursion to the world right under our nose is the perfect antidote to algorithm purgatory. (Fogue Studios and Gallery) AMANDA MANITACH

SUNDAY 2/8

The Mysterious Gaze of the Flamingo

(FILM) Set in the Chilean desert in the early '80s, director Diego Céspedes’s feature debut follows Lidia, an 11-year-old who was abandoned as a baby and raised by a fiercely loving queer found family. Their ragtag clan is ostracized by their sleepy mining town, blamed for a mysterious plague that is believed to be transmitted by a single gaze when two people fall in love. Lidia sets out to defend her loved ones and determine whether the rumor is true or not. The surreal Western explores AIDS panic, transphobia, violence, revenge, marginalization, and prejudice, mixing folktale vibes with the scrappy tenderness of Hirokazu Kore-eda’s Shoplifters. (Northwest Film Forum, 3 pm and 6:30 pm) JULIANNE BELL

22:42

Look on my Works, ye Mighty, and despair! [Penny Arcade]

Kara and I are having so much fun with Hytale and all the mods. They do a cool thing where you only need to instal the mod on the server and then everyone who plays on the server just gets the benefit. It works great and we have added a bunch of cool mods for furniture and other decorations.

22:35

Isoken Ibizugbe: How Open Source Contributions Define Your Career Path [Planet Debian]

Hi there, I’m more than halfway through (8 weeks) my Outreachy internship with Debian, working on the openQA project to test Live Images.

My journey into tech began as a software engineering trainee, during which I built a foundation in Bash scripting, C programming, and Python. Later, I worked for a startup as a Product Manager. As is common in startups, I wore many hats, but I found myself drawn most to the Quality Assurance team. Testing user flows and edge-case scenarios sparked my curiosity, and that curiosity is exactly what led me to the Debian Live Image testing project.

From Manual to Automated

In my previous roles, I was accustomed to manual testing, simulating user actions one by one. While effective, I quickly realized it could be a bottleneck in fast-paced environments. This internship has been a masterclass in removing that bottleneck. I’ve learned that automating repetitive actions makes life (and engineering) much easier. Life’s too short for manual testing .

One of my proudest technical wins so far has been creating “Synergy” across desktop environments. I proposed a solution to group common applications so we could use a single Perl script to handle tests for multiple desktop environments. With my mentor’s guidance, we implemented this using symbolic links, which significantly reduced code redundancy.

Expanding My Technical Toolkit

Over the last 8 weeks, my technical toolkit has expanded significantly:

Perl & openQA: I’ve learnt writing with Perl for automation within the openQA framework and I’ve successfully automated apps_startstop tests for Cinnamon and LXQt
Technical Documentation: I authored a contributor guide. This required paying close attention to detail, ensuring that new contributors can have faster reviews and merged contributions
Ansible: I am learning that testing doesn’t happen in a vacuum. To ensure new tests are truly automated, they must be integrated into the system’s configuration.

Working on this project has shaped my perspective on where I fit in the tech ecosystem. In Open Source, my “resume” isn’t just a PDF, it’s a public trail of merged code, technical proposals, and collaborative discussions.

As my mentor recently pointed out, this is my “proof-of-work.” It’s a transparent record of what I am capable of and where my interests lie.

Finally, I’ve grown as a team player. Working with a global team across different time zones has taught me the importance of asynchronous communication and respecting everyone’s time. Whether I am proposing a new logic or documenting a process, I am learning that open communication is just as vital as clean code.

21:35

Trying Out A New Recipe: Half Baked Harvest’s “Really Good Chewy Chocolate Chip Cookies” [Whatever]

Last week, I was having a serious craving for some fresh baked chocolate chip cookies. Between the weather and the world, I really felt like a cookie would help improve my morale.

So, I decided to try out Half Baked Harvest’s recipe for what she calls “Really Good Chewy Chocolate Chip Cookies.” Let’s get right into the process of making them and how they turned out!

Looking at the ingredients list, it’s pretty clear that these are definitely pretty standard cookies made with just everyday household items. Sugar (white and brown), flour, eggs, butter, some vanilla, chocolate, it’s all the usual suspects. Thankfully I didn’t have to go out and buy anything, I could just get right into baking.

The first thing to do was to brown the butter. I was surprised by this step because usually if browning butter is required in a recipe, the food blogger will include such information in the title of the recipe. Like, if I make Binging With Babish’s brown butter chocolate chunk cookies with flaky sea salt, I make a point to mention allll of that.

Anyways, I browned the butter and let it cool off for just a bit while I mixed together the sugars, eggs, and vanilla. Normally I use a stand mixer, but the recipe says that all you need is a bowl and a whisk, and really don’t need an electric mixer. I decided to follow in the spirit of the recipe and keep things simple. Simple ingredients, simple equipment.

After adding the butter (which was still melted but not hot so I didn’t cook the eggs), it was finally time to add the dry ingredients. The recipe calls for 2 cups of flour, and pretty much the second I put in the two cups, I could tell that it was too much flour.

I know what you’re thinking. You’re thinking I packed the measuring cups too full of flour, resulting in extra unaccounted for flour in the mix. I’ll have you know I am a pro, and I spoon all the flour into the measuring cup, resulting in a nice, loose cup of flour rather than a tightly packed one. So it wasn’t my fault (this time, anyway).

The dough immediately became very dry and crumbly, and wouldn’t hold any type of ball shape. It would crumble apart so easily that the dough wasn’t even retaining any of the chocolate chips, they would just fall out.

I knew there was only one thing to do (besides cry and throw the bowl of cookie dough off a cliff). I was going to have to press all the dough into a 9×13 and make cookie bars.

I wasn’t sure how to adjust the cooking time for that, but I figured the initial temperature of 350 would be okay, so I put them in and basically eyeballed them until they were done, which took less than twenty minutes, I think. Here’s what they looked like:

Honestly, they didn’t look too bad! They were pretty okay right out of the oven, but as they cooled they quickly got harder and harder, until eventually all I had was a pan full of chocolate chip bricks. I can only assume it’s from how dry the dough was due to all the flour, but these were definitely more like biscotti. Certainly no “chewy chocolate chip cookie” in sight.

I was definitely a little disappointed, but at least they tasted pretty good and could be slightly softened in the microwave, then washed down with a nice, cold glass of milk.

Do you like cookie bars? Is chocolate chip your favorite type of cookie? Let me know in the comments, and have a great day!

-AMS

21:14

Constructivism [Penny Arcade]

I gravitate toward support roles in virtually every game we play. Outside of a couple odd instances I could go into, I usually just want to help somebody else do whatever they want to do. In the first Minecraft server we ever had, the "job" I invented for myself was to harvest just enough wood to make signs and use those signs to name landforms. In my role as a natural loremaster, I took this incredibly seriously and did not make jokes on the signs. The only time I really made something substantial in one of these was the Krahulik Valheim server was a fancypants bar the children were too young to enter, substantially limiting its utility. My newest role is Effervescent, Erotic Cyber Jester, making keen observations and returning an engorged whimsy to the frontier - a whimsy that's been gone for far too long. Is that welcome? No! No, it turns out. Garb essentially had the talk with me that exists in the second panel. It was surprising, but weirdly tender - obviously, I knuckled under. Even though I have a lot more to say about dicks.

21:07

Git 2.53.0 released [LWN.net]

Version 2.53.0 of the Git source-code management system has been released. Changes include documentation for the Git data model, the ability to choose the diff algorithm to use with git blame, a new white-space error class, and more; see the announcement for details.

21:00

Firefox nightly gets “AI” kill switch [OSnews]

After a seemingly endless stream of tone deaf news from Mozilla, we’ve finally got some good news for Firefox users. As the company’s been hinting at for a while on social media now, they’ve added an “AI” kill switch to the latest Firefox nightly release, as well as a set of toggles to disable specific “AI” features.

You can choose to use some of these and not others. If you don’t want to use AI features from Firefox at all, you can turn on the Block AI enhancements toggle. When it’s toggled on, you won’t see pop-ups or reminders to use existing or upcoming AI features.

Once you set your AI preferences in Firefox, they stay in place across updates. You can also change them whenever you want.
↫ Ajit Varma at the Mozilla blog

I’m particularly enamoured with the specific mention that the setting will remain unaffected by updates. It’s incredibly sad that Mozilla even has to mention this, but they have nobody to blame but themselves for that one. None of this is enough to draw me away from Librewolf and back to Firefox, but at least it gives those of us who prefer to keep using Firefox the option to disable all of this “AI” nonsense. Also, there’s no Librewolf for POWER9, so I have to use Firefox somewhere.

It’s unlikely Chrome or Safari will get such clear “AI” kill switches, so it might become a reason for some to switch to Firefox from Chrome or Safari.

Audio on hp300 [OSnews]

In the late 1980s, with the expansion of the Internet (even though it was not open to commercial activities yet) and the slowly increasing capabilities of workstations, some people started to imagine the unthinkable: that, some day, you may use your computer to record voice messages, send them over the Internet, and the recipient could listen to these messages on his own computer.

That was definitely science fiction… until workstation manufacturers started to add audio capabilities to their hardware.
↫ Miod Vallat

A great story detailing how the audio hardware in the HP 9000/425e was made to work on OpenBSD and NetBSD.

Drag Race Episode Five: Return of Rate-A-Queen [The Stranger]

Episode Five tapped the brakes on Season 18 with the Rate-A-Queen Talent Show. This two-episode story arc suspends the conventional Drag Race challenges and culminates in only a single elimination, but we get to see the queens in a solo performance format. After last week’s “Faintgate,” I am absolutely ready for a gay-ass variety show. by Mike Kohfeld

Episode Five tapped the brakes on Season 18 with the Rate-A-Queen Talent Show. This two-episode story arc suspends the conventional Drag Race challenges and culminates in only a single elimination, but we get to see the queens in a solo performance format.

After last week’s “Faintgate,” I am absolutely ready for a gay-ass variety show.

There’s Friendships, Lovers, and Barbecues

Rate-A-Queen splits the cast in two: in week one, half the cast performs and the other half judges; then in week two, their roles reverse. The highest rated queens lip-sync for the win while the lowest rated queens of each week are declared the bottom two and must lip-sync-for-their-lives.

We’ve seen Rate-A-Queen in previous seasons, but it’s always been part of the premiere, before the queens get a sense of who’s-who in the competition. As a result, the ranking has historically been less about strategy and more about genuine reactions to the performances. So Season 18 threw a curveball when it put Rate-A-Queen in Week Five, after the queens have built friendships… and have had plenty of time to size up their competition. Kenya, who had wanted to kick off Episode One with the talent show, did not understand why they’d play Rate-A-Queen in the middle of the season. “We already know each other! There’s friendships. There’s lovers. There’s barbecues.” I’m waiting for an invite to that barbecue.

Our local queen and frontrunner Jane Don’t worried that the other queens would rate her in the bottom regardless of how well she does in the talent show simply to eliminate a threat. “I planned to be judged by RuPaul,” Jane grumbled, “but now I’m being judged by a bunch of bitches from Florida who can’t read.”

The Miami girls—mother/daughter Athena and Juicy, plus “Auntie” Mia—had a natural alliance, and Athena quickly snagged Kenya as a fourth vote in her favor. But it was team GLAM! from the Q-Pop Girl Groups challenge that emerged as the superpower of the episode: Nini, Mia, Ciara, Myki, and Kenya (yes, Kenya is playing both sides. Werk!). They strategically split themselves between the two talent performances so they could rate each other highly in each episode.

The storyline potential of Rate-A-Queen is more useful at the top of a season, when the slower pace gives audiences time to get to know the full cast. Here, it felt like a loss of momentum at a critical point in the season, when viewers are more likely to tune out for a non-elimination episode that felt more like Survivor than RuPaul’s Drag Race. (Give us a Mini-Challenge! I will die on this hill.)

Mama Mia, Starr On the Rise

This week’s performers were Ciara Myst, Juicy Love Dion, Nini Coco, Vita VonTesse Starr, Darlene Mitchell, and Mia Starr, while the remaining queens rated their performances. Each queen got 60 seconds to prove their star quality.

Nini treated us to her genius Mother Mantis routine in the talent show, but got mid-ratings by her castmates for her act of drag déjà vu. Darlene did a campy country song about screws, nails, and drills and Vita gave us a shaky aerobics routine. All three were rated safe. One would think a savvy queen would use frontrunner Vita’s slip-up in this episode to put her in the bottom, but no. These queens are not built for Survivor-style play.

View this post on Instagram
A post shared by RuPaul's Drag Race (@rupaulsdragrace)

Ciara went with an unconventional lip-sync to a raw piece of original poetry about her struggles with depression that highlighted her exquisite costume construction, but it did not translate well to the Drag Race mainstage, and her performance was rated last by the queens.

Mia and Juicy proved that Drag Race is really all about splits, tricks, and death drops. (Sigh.) As far as drag goes, I’ve always been more attracted to the weird, cerebral, and unconventional (AKA Seattle vibes), so the polished, dancing Drag Race diva act feels tired to me. I literally groaned aloud when judge Ross Matthews said that Ciara’s poetry performance needed a death drop to grab his attention.

Flips and dips may not be my cup of tea, but the Miami girls killed it. Juicy did an exquisite dance number in Ready Player One drag, skillfully shimmying across every inch of the mainstage. Mia brought us Y2K video ho with a smart mashup of hip hop dance and drag excellence. Go listen to “Mama Mia [Runway Mix]” by Mia Starr: it’ll cure whatever ails you, I promise.

Ultimately, the “most hated girls in Miami” got their way (thanks, Mama Athena). Juicy and Mia were rated as the top two queens by their peers. This marked a turning point for Mia: she’s finally getting a top-four edit rather than the “filler queen” cut she’s had in past weeks.

Juicy and Mia lip-synced-for-the-win to guest judge Zara Larsson’s “Pretty Ugly.” This high-energy pop track became the perfect soundtrack for a hung jury: RuPaul declared a tie after an epic auntie-niece dance-off.

Larsson also treated us to a Swedish translation of RuPaul’s classic “good luck, and don’t fuck it up”: “Nu har du skitit i det blå skåpe,” which literally translates to: “now you’ve really taken a shit in the blue closet.” I’m gonna need to hear RuPaul say this at some point this season.

Jane Don’t Gives Good (Talking) Head

Jane Didn’t perform this week, but we still got plenty from her. Beyond being anxious about her castmates sabotaging her with Rate-A-Queen, she gave top-tier side-eye cutaways during the queens’ talent acts. She questioned Ciara’s choice to feature poetry, citing “drag family trauma” after her drag sister Irene was sent home first on Season 16 for a similar performance in the talent show. It sounds like Jane will be taking the conventional route next week–maybe we’ll see her do a death drop for Ross Matthews.

View this post on Instagram
A post shared by Jane Don’t (@heyjanedont)

As part of the “Not Today, Satin” runway category, Jane was anything but conventional. She slithered down the runway in a sky blue satin gown with sun and cloud details, complete with a giant orange-and-pink feathered bird draped over her shoulders. “I’ve had this bird for a few years. Her name is Denise.” Her mind.

If a queen can win both America’s Next Drag Superstar and Miss Congeniality on the same season, it’s gonna be Jane. Kenya’s designer wasn’t able to deliver her satin runway look in time for filming, but Jane saved the day by lending Kenya an oversized satin coat that Kenya quick-sewed into a cute dress. “Jane, thank you so much. You saved my life, bitch!” My heart! Can we convince Kenya to move to Seattle, too?

Tune in next week for the final half of Rate-A-Queen, where we will finally see Jane Don’t’s talent performance and find out who will be lip-syncing against Ciara Myst!

19:28

Slog AM: Everyone Protested ICE This Weekend, Liam Ramos Is Home, and the Department of Homeland Security Is Afraid of Memes [The Stranger]

The Stranger's morning news roundup. by Hannah Murphy Winter

Good Morning and Happy Groundhog Day! Phil saw his shadow this morning, so the fates have promised us another six weeks of winter. Which makes sense. It’s February.

ICE Out: From New York to Kansas City to Portland to Seattle, everyone hit the streets this weekend. The marches came out of an amorphous social media call for a “general strike” on Friday, but after spending the entirety of January watching ICE brutalize Minnesota on the screens in our pockets, people needed to shout about it. In Seattle, we had a critical mass bike ride, and three separate rallies held by tech workers, healthcare workers, and educators. It all came together to mean thousands of people were in the streets telling ICE to fuck off.

View this post on Instagram
A post shared by The Stranger 🗞 (@thestrangerseattle)

Best News All Week: Five-year-old Liam Ramos is home. After immigration agents took the Ecuadorian preschooler and his dad from Minneapolis more than a week ago and shipped them 1,300 miles to an ICE detention center in Texas, a judge ordered their release this weekend. His written decision is brief, scathing, and sassy. “The case has its genesis in the ill-conceived and incompetently-implemented government pursuit of daily deportation quotas, apparently even if it requires traumatizing children,” US District Judge Fred Biery wrote. “Apparent also is the government's ignorance of an American historical document called the Declaration of Independence. Thirty-three-year-old Thomas Jefferson enumerated grievances against a would-be authoritarian king over our nascent nation…We the People are hearing echos of that history.” He then goes on to cite “that pesky inconvenience called the Fourth Amendment.” Read the full text below.

ProPublica Does the Government’s Job: For the last week, the government has protected the identities of the two agents who shot Alex Pretti 10 times while he was pinned on the ground. ProPublica’s editors said, in their much more diplomatic way, that that’s bullshit. According to the investigative outlet, which identified them based on government documents, the two men are Border Patrol agent Jesus Ochoa and Customs and Border Protection officer Raymundo Gutierrez. They are both from South Texas, and neither are new recruits—Ochoa joined in 2018 and Gutierrez in 2014.

A note from our editors:

[image or embed]
— ProPublica (@propublica.org) February 1, 2026 at 1:10 PM

Speaking of the Government’s Job: We’re back in a partial government shutdown. Dems finally refused to fund ICE, which means, as of this weekend, we’re working with the backup generators. On Friday, the Senate did pass a two-week patch to fund DHS and give Republicans time to offer an alternative that doesn’t fund Trump’s personal secret police, but its future in the House is uncertain. Fortunately, this shutdown won’t impact essential services like SNAP benefits, but this spending bill does include FEMA and TSA.

Trump Doesn’t Want You at His Arts Center Anyway: Nobody wants to perform at the Kennedy Center after Trump gutted its board and scribbled his name on the side of it, so he’s closing it down for two years for "renovations." He’s closing it on July 4, the country’s 250th birthday, presumably so he doesn’t have to remember another date. And he says he’ll make it “new and spectacular.” Tell that to the East Wing.

He Did Not Have Sexual Relations With That Plane Broker: Like every other filthy rich person you’ve ever heard of, the former Seahawks quarterback’s name cropped up in the Epstein files, apparently trying to buy one of his planes. Wilson hopped on the porn generator formerly known as Twitter to set the record straight: “NOPE!!! ABSOLUTELY NOT! Not TODAY satan!,” he wrote. “Some Random plane broker tried to sell me a plane. I had no idea whose plane and never bought the plane. Never talked nor Never met the man. Thank God!!!”

Beware the Memes! There’s a massive winter storm getting ready to wallop most of the US, which means most of our roadways are going to be covered in warning signs. But the DHS has asked FEMA to pretty please avoid the word “ice” in their warning, because they just can’t handle the memes. They’ve asked FEMA to use “freezing rain” instead. Snowflakes.

Would Ya Lookit That: The Grammys still happen in an autocracy. A lot happened at the award show last night, I think, but I really only want to talk about Chappell Roan’s nipples.

View this post on Instagram
A post shared by Godimsuchadyke (@godimsuchadyke)

In Non-Nipple Related News: Bad Bunny won Album of the Year last night for Debí Tirar Más Fotos, the first all-Spanish album to win the award. In front of a crowd full of musicians wearing “ICE OUT” pins, he was the first to actually say the thing out loud. “Before I say thanks to God, I’m going to say ICE out,” he said. “We’re not savage, we’re not animals, we’re not aliens. We are humans, and we are Americans.”

What’s it like outside? We’ve got soft weather today. Standard drizzle. Highs in the 50s. Lows in the mid 40s. Like Punxatawney Phil said, it’s still winter.

Bus Stop Shooting: Four Seattle schools are starting late this morning after two teenagers were killed at a Rainier Valley bus stop on Friday, right after school let out. The kids haven’t been identified by the coroner’s office yet, but about 100 friends and loved ones gathered at a vigil at the bus stop on Saturday. “He didn’t deserve this,” said one of the victims’s moms. “He was a great kid. He’s my only child, and he’s gone.” SPD thinks the shooting was targeted, and doesn’t believe that the community at large is in danger, but they have increased patrols in the area.

Evictions Are Up, Again: They’ve been climbing up consistently since the pandemic, and 2025 was no different. Both Washington State and King County recorded more evictions last year than they ever have before. Almost half of renters in Washington pay more than 30 percent of their income on rent, which means they’re often just one setback away from an eviction notice. And with the rise in corporate landlords, they’re less likely to negotiate with tenants who are behind on rent.

A Few Suggestions to Take That Edge Off: In San Francisco, if you make $230,000 or less, childcare is now free. And if you make up to $310,000, you still have access to a 50 percent subsidy. And in Massachusetts, Governor Maura Healy announced her plan to ban medical debt from being reported to credit agencies. Alright, Mayor Wilson, you’re up!

I’m not saying we made this happen, but…: In December’s complaints issue, The Stranger’s Nathalie Graham put her foot down. “Around the world, transit riders are waving their phones or gently tapping their credit cards to enter the glorious universe of a bus, a train, a ferry. In some parts of China, people pay for transit with their palms. Meanwhile, in Seattle, we are stuck in the past,” she wrote. Not anymore! The RapidRide G Line is soft-launching a Tap-to-Pay system on Monday. Riders can use debit cards, credit cards, or their phones to pay the $3 fare. The program should expand to the rest of the system by the end of the month, but don’t worry, your ORCA card won’t have to retire anytime soon. It’s still the system’s “preferred” payment method.

A Song for Your Monday: Sometimes you want your morning to sound like the beginning of a jolly adventure. Haruomi Hosono will always deliver on that.

18:49

Thank you [Neil Gaiman's Journal]

It’s been a while since I've posted anything anywhere, but I didn't want to let any more time go by without thanking everyone for all your kind messages of support over the last year and a half.

I've learned firsthand how effective a smear campaign can be, so to be clear:

The allegations against me are completely and simply untrue. There are emails, text messages and video evidence that flatly contradict them.

These allegations, especially the really salacious ones, have been spread and amplified by people who seemed a lot more interested in outrage and getting clicks on headlines rather than whether things had actually happened or not. (They didn't.)

One thing that's kept me going through all this madness is the conviction that the truth would, eventually, come out. I expected that when the allegations were first made there would be journalism, and that the journalism would take the (mountains of) evidence into account, and was astonished to see how much of the reporting was simply an echo chamber, and how the actual evidence was dismissed or ignored.

I was a journalist once, and I have enormous respect for journalists, so I've been hugely heartened by the meticulous fact and evidence-based investigative writing of one particular journalist, whom some of you recently brought to my attention, who writes under the name of TechnoPathology.

I've had no contact with TechnoPathology. But I'd like to thank them personally for actually looking at the evidence and reporting what they found, which is not what anyone else had done.

If you are curious about what they've uncovered so far, this clickable link takes you to really good investigative reporting: https://technopathology.substack.com/p/neil-gaiman-is-innocent-introduction

It's been a strange, turbulent and occasionally nightmarish year and a half, but I took my own advice (when things get tough, make good art) and once I was done with making television I went back to doing something else I love even more: writing.

I thought it was going to be a fairly short project when I began it, but it's looking like it's going to be the biggest thing I've done since American Gods. It's already much longer than The Ocean at the End of the Lane, and it's barely finished wiping its boots and hanging up its coat.

And I spend half of every month being a full-time Dad, and that remains the best bit of my life.

It's a rough time for the world. I look at what's happening on the home front and internationally, and I worry; and I am still convinced there are more good people out there than the other kind.

Thank you again to so many of you for your belief in my innocence and your support for my work.

It has meant the world to me.

17:07

Studying compiler error messages closely: Input file paths [The Old New Thing]

A colleague was working in a project that used a number of data files to configure how the program worked. They wanted one portion of the configuration file to be included only if a particular build flag was set. Let’s say that the configuration file is C:\repos\contoso\config\Contoso.config.

<providers>
    <!-- Widget version should be 1.0, or 2.0 if the useV2Widgets build flag is set -->
    <provider name="Widget" version="1.0"/>

    <!-- Gadget is needed only if the useV2Widgets build flag is set -->
    <provider name="Gadget" version="1.0"/>

    <!-- other providers that are used regardless of the build flags -->
</providers>

They were adding a build flag to convert the code base to use 2.0 widgets, but they wanted the default to be 1.0; only people who build with the special build flag should get 2.0 widgets. It so happens that 2.0 widgets depend on gadgets, so they also wanted to add a gadget provider, but again only conditionally based on the build flag.

The configuration file itself doesn’t support conditionals. How can they get a configuration file to support conditionals when the file format does not support conditionals?

I suggested that they use a preprocessor to take the marked-up configuration file and produce a filtered output file, which becomes the actual configuration file. Upon closer investigation, it appeared that they were not the first project to need conditionals in their configuration file, and another team had already written a generic XML preprocessor that supports conditional elements based on build flags, and that other team even included instructions on their project wiki on how to include a preprocessor pass to their build configuration. The updated configuration file looks something like this:

<providers>
    <provider name="Widget" version="1.0" condition="!useV2Widgets"/>
    <provider name="Widget" version="2.0" condition="useV2Widgets"/>
    <provider name="Gadget" version="1.0" condition="useV2Widgets"/>
</providers>

However, after following the instructions on the wiki to update the configuration file to use the condition attribute, and update the build process to send the file through the “conditional build flags” preprocessor, the was still a build error:

Validation failure: C:\repos\contoso\config\Contoso.config(2): Invalid attribute 'condition'

The configuration validator was upset at the condition attribute, but when they compared their project to other projects that used the configuration preprocessor, those other projects used the condition attribute just fine.

Look carefully at the error message. In particular, look at the path to the file that the validator is complaining about.

The validator is complaining about the original unprocessed file.

They went to the effort of sending the unprocessed file through the conditional build flags preprocessor to produce a processed file that has the correct provider list based on the build flags. But they forgot to use the results of that hard work: They were still using the old unprocessed file. It’s like taking a photograph, doing digital touch-ups, but then uploading the original version instead of the touched-up version.

The fix was to update the project so that it consumed the processed file instead of the raw file.¹

Bonus chatter: To avoid this type of confusion, it is common to change the extension of the unprocessed file to emphasize that it needs to be preprocessed. That way, when you see an error in Contoso.config, you don’t have to spend the effort to figure out which Contoso.config the error is about.

In this case, they could rename the unprocessed file to Contoso.preconfig and have the processed output be Contoso.config. I choose this pattern because the validator may require that the file extension be .config.

Another pattern would be to call the unprocessed version Contoso-raw.config and the processed version Contoso.config.

If you don’t want to rename an existing file (say because you are worried about merge errors if your change collides with others who are also modifying that file), you could leave the unprocessed file as Contoso.config and call the processed file Contoso-final.config.²

¹ The instructions on the wiki says “In your project file, change references from yourfile.ext to $(OutputDirectory)\yourfile.ext‘ But in this case, the file was being used not by the project file but by a separate configuration tool. The team was too focused on reading the literal instructions without trying to understand why the instructions were saying the things that they did. In this case, the instructions were focused on consumption from the project file, since that was the use case of the team that wrote the tool originally. But if you understand what the steps are trying to accomplish, you should realize that the intention is to update the references to the old yourfile.ext in every location you want to consume the postprocessed version.³

² I chose the suffix -final as a joking reference to the pattern of seeing files named Document-Final-Final-Final 2-USETHISONE.docx.

³ I took the liberty of updating the wiki to clarify that you need to update all references to yourfile.ext. The references usually come from the project file, but they could be in other places, too, such as a call to makepri.exe.

The post Studying compiler error messages closely: Input file paths appeared first on The Old New Thing.

16:56

Link [RevK®'s ramblings]

Losing my dad.... Fuck facebook.

Hi.
I did a thing today.
What I did was kill off Facebook. No, actually, I killed it off quite a few days ago.
Facebook came up with a choice.
Pay or don't pay, and don't pay is we're going to trawl what you say and what you do even more than we did before.
And I thought I'll try it without a few a few days, you know. I did.
And then finally today I went for the whole, delete it all.
Okay, I've downloaded 2.28 28 gigabytes of stuff I've posted on Facebook just as an archive, but it's gone.
Facebook's now gone.
And what hadn't really hit me was there would be one thing that would also go, and it's this.
Oh, get out.
Ah, right.
Is this is this it's a Facebook portal thing.
And then I realized that hasn't been used for quite a while.
And the reason it hasn't been used for quite a while is we got it during COVID.
I got those for everyone in the family during COVID so that everyone could instantly video call anyone else or group of people during COVID. So, we're talking six years ago.
And the one person who kept that going for way longer than anyone else was my dad. He would randomly call me on that and it would be on my desk here and it would pop up. Hi, Dad. How are you? who have things, you know, and he called lots of other people with it, but it was the one non- tech thing that he was happy to use and his sister was even happy to use at one point.
I think she gave up on it sooner than he did, but they died within like a week of eachother. It's which is really sad.
But it was the thing that he kept using for longer than anyone else and it's been sat on my desk for years now and finally I've taken it off my desk because I've given up on Facebook.
I think I might be able to make it work with WhatsApp. I have no idea. I'm not sure how long I'll stay on WhatsApp. But yeah, the hit of leaving Facebook meant leaving that which meant that was amemory of my dad was unexpected.
I've still got all the last IME messages he sent, but we all move on. It's sad, but that was unexpected. So, that's today's thing. Apart from the fact the cold seems to be clearing up. It's not completely gone. It's really, really clearing up. So, okay.

16:35

Ansible 463, February 2026 [Ansible]

16:21

Hellen Chemtai: Career Growth Through Open Source: A Personal Journey [Planet Debian]

Hello world ! I am an intern at Outreachy working with the Debian OpenQA team on images testing. We get to know what career opportunities awaits us when we work on open source projects. In open source, we are constantly learning. The community has different sets of skills and a large network of people.

So, how did I start off in this internship

I entered the community with the these skills:

MERN (Mongo DB, Express JS , React JS and Node JS) – for web development
Linux and Shell Scripting – for some administrative purposes
Containerization using Google Cloud
Operating Systems
A learning passion for Open Source – I contributed to some open source work in the past but it was in terms of documentation and bug hunting

I was a newbie at OpenQA but, I had a month to learn and contribute. Time is a critical resource but so is understanding what you are doing. I followed the installations instructions given but whenever I got errors, I had to research why I got the errors. I took time to understand errors I was solving then continued on with the tasks I wanted to do. I communicated my logic and understanding while working on the task and awaited reviews and feedback. Within a span of two months I had learned a lot by practicing and testing.

The skills I gained

As of today, I gained these technical skills from my work with Debian OpenQA team.

Perl – the tests that we run are written in this language
Ansible configuration – ansible configurations and settings for the machines the team runs
Git – this is needed for code versioning and diving tasks into different branches
Linux – shell scripting and working with the Debian Operating system
Virtual Machines and Operating Systems – I constantly view how different operating systems are booted and run on virtual machines during testing
Testing – I keep watch of needles and ensure the tests work as required
Debian – I use a Debian system to run my Virtual Machines
OpenQA – the tool that is used to automate testing of Images

With open source comes the need of constant communication. The community is diverse and the team is usually on different time zones. These are some of the soft / social skills I gained when working with the team

Communication – this is essential especially in taking tasks with confidence, talking about issues encountered and stating the progress of the tasks
Interpersonal skills – this is for general communication within the community
Flexibility – we have to adapt to changes because we are a community of different people with different skills

With these skills and the willingness to learn , open source is a great area to focus on . Aside from your career you will extend your network. My interests are set on open source and Linux in general. Working with a wider network has really skilled me up and I will continue learning. Working with the Debian OpenQA team has been very great. The team is great at communication and I learn every day. The knowledge I gain from the team is helping me build a great career in open source.

The Big Idea: Veronica G. Henry [Whatever]

Author Veronica G. Henry has come up with a library that truly has all the answers, thanks to its ever-evolving AI. Take a tour through The People’s Library in Henry’s Big Idea, and don’t forget to pay your late fees.

VERONICA G. HENRY:

The first time I realized that the past, present, and future can be contained in one essence was when I discovered the library. For in the absence of a more suitable reality, stories can provide a transformative diversion. In quiet moments, when I reflect on seasons of births and deaths and that middle part we call life, I also think of libraries.

I don’t know the when, but I know the where. It was in my hometown of Brooklyn, N.Y. that I first wandered into a library. The details are fuzzy, so I’ll flex a little creative muscle. I was an infant, already curious, definitely precocious. Determined even then to pursue the quest for more. Baby me was swathed tight against the winter cold, nestled protectively in my father’s determined arms. He marched through those painted oak double doors and introduced me to a new world and an obsession that persists to this day.

That’s how I like to remember it, anyway.

Though my career initially steered me towards a decidedly more left-brained path, the love of the written word and fate prevailed. I also became an author, one who alternates drafting my novels between home, the occasional coffee shop and yes, libraries. So it was inevitable that someday, I’d pen a story in the magical setting that planted that literary seed so long ago.

Inspiration struck as it occasionally does for me, in the form of an article. The feature extolled a library in Denmark where you could borrow a person instead of a book. Each had a title: unemployed, refugee, bipolar, etc., and in this mutually beneficial exchange, “readers” learned through conversations that challenge you to confront your own prejudice. Was it true? I didn’t much care. Because there, my friends, was my Big Idea.

The People’s Library was in large part, inspired by that article. If that was the kindling, the technical part of my brain supplied the spark. Though familiar to me, artificial intelligence (AI) was still a relatively new concept for the masses when I began writing. That changed faster than anticipated. Much of what we see today is specialized, task-focused systems that mimic human intelligence. However, its evolution, artificial general intelligence (AGI), is the promise of autonomous learning, thinking, and adapting. Think of AI as a really smart single-focus tool and AGI as analogous to the exponentially more complex functionality of a human mind.

This technology became the backbone of my future library. Only there would be no need to borrow a real person, but instead, an AGI replica of some of history’s most fascinating figures. The virtual personage, or virtus as I call them, were born. There was and still is a part of me that is as intrigued as I am terrified by this idea. I didn’t want to write it. That meant without a shadow of a doubt that I had to write it.

As the core idea solidified, I turned my attention to characters. Was there any doubt that my protagonist would be a librarian? Not for a second. She’d be forced to work in this futuristic library that is in direct opposition to everything she believes in. Echo London, anti-tech synesthete became my curator of The People’s Library. To say that she accepted the role with little grace, is an understatement. I drew inspiration from every librarian I’ve ever met and even Regina Anderson Andrews, the first African American woman to lead a NYPL.

As for the rest of the characters, I had to stop myself from thinking about all the fascinating historical figures I’d welcome the opportunity to chat it up with and focus on those who would best serve the narrative. One of the central questions that Echo wrestles with is human consciousness. What defines it, where it originates, how it exists before it finds its way into a human body. I needed a cast of deep thinkers with specialized skillsets to help her along that journey. So as not to introduce any spoilers, I think it’s best to let you discover the rest of the team organically. They were a ton of fun to research and write.

I’ll close with this food for thought. If you were to visit a future library where you could borrow a living, thinking, seemingly exact replica of a historical figure, would you? And if you did, whose consciousness do you wish you could converse with today?

The People’s Library: Amazon|Barnes & Noble|Bookshop|Powells|Sistah Sci-fi Signed Copy

Author Socials: Website|Bluesky|Instagram

Groundhog Day Meaning [xkcd.com]

16:00

[$] Modernizing swapping: introducing the swap table [LWN.net]

I have an array built into every app I do, on server or in the browser, called snarkySlogans. When I need a bit of text to test with I just choose a random snarky slogan. They are little truths that have occurred to me over the years. You're free to steal this code, they do come in handy at times. There's a snarky slogan to cover that -- "Only steal from the best." Another one I really like: "Just because you're offended doesn't mean you're right."

15:49

The kernel's swap subsystem is a complex and often unloved beast. It is also a critical component in the memory-management subsystem and has a significant impact on the performance of the system as a whole. At the 2025 Linux Storage, Filesystem, Memory-Management and BPF Summit, Kairui Song outlined a plan to simplify and optimize the kernel's swap code. A first installment of that work, written with help from Chris Li, was merged for the 6.18 release. This article will catch up with the 6.18 work, setting the stage for a future look at the changes that are yet to be merged.

Pluralistic: Stock swindles (02 Feb 2026) [Pluralistic: Daily links from Cory Doctorow]

->->->->->->->->->->->->->->->->->->->->->->->->->->->->-> Top Sources: None -->

Today's links

Stock swindles: A buyback is not just a dividend by another name.
Hey look at this: Delights to delectate.
Object permanence: Acme License-Plate Maker; IPV4 delenda est; Mandatory gun-ownership; Sukey; Ross and Carrie x LRH; Criti-hype.
Upcoming appearances: Where to find me.
Recent appearances: Where I've been.
Latest books: You keep readin' em, I'll keep writin' 'em.
Upcoming books: Like I said, I'll keep writin' 'em.
Colophon: All the rest.

Stock swindles (permalink)

There are plenty of American historical antecedents of Trumpism – fascist movements like the Jim Crow reign of terror, the McCarthy hearings, the gleeful genocide of indigenous people. But when you're thinking about the rise of Trumpism, never forget that America isn't just a nation of cruel bigots; it's also a nation of rich swindlers.

We call Trump a "reality TV star" and it's true, as far as it goes. Trump did play a billionaire on TV long before he grifted actual billions, using his status as the poor man's idea of a rich man to secure liar loans and rip off creditors, contractors, business partners, workers, and governments – local, state and federal.

He rose to power on this, boasting on stage that cheating "makes me smart":

https://pluralistic.net/2024/12/04/its-not-a-lie/#its-a-premature-truth

Like so many crooked officials, Trump's brand is "He steals, but he works" (except of course that he doesn't – at any given moment, odds are that he's either taking a nap, watching Fox News, or playing golf):

https://www.reddit.com/r/AskBalkans/comments/utui8s/in_romania_we_have_a_saying_about_corrupt/

Remember: the right is the movement that says that governments are inefficient and corrupt, so right wing elected leaders make their own case by being incompetent and corrupt. Someone like Trump has to convince people that they can't rely on institutions or their neighbors. His path to power lies through convincing people that the system is rigged and that he – as a man who is an expert at cheating – knows how to rig it in your favor:

https://www.factcheck.org/2016/07/trumps-rigged-claim/

But merely claiming "the system is rigged" doesn't actually win the day. If you want to convince people that the system is rigged, it really helps if the system is actually rigged. Want to convince people that elections are corrupt? Legalize unlimited dark money spending and fill our polling places with defective, unauditable voting machines made by Beltway Bandits selling into no-bid contracts:

https://web.archive.org/web/20210203113531/https://www.washingtonpost.com/outlook/2021/02/03/voting-machines-election-steal-conspiracy-flaws/

Want to convince people that there's a shadowy cabal of rich pedophiles hiding children in a pizza parlor basement? It helps if there's an actual cabal of rich pedophiles hanging out on a private island, abusing more than a thousand children (and counting). Want to convince people that the financial system is a rigged casino so you might as well just gamble on cryptocurrency and betting markets? It helps if the actual financial system is run by banks who receive billions in public money and then steal millions of Americans' homes after Obama takes Treasury Secretary Tim Geithner's advice to "foam the runways" for the banks using Americans' houses:

https://keystoneky.com/article/all-we-can-do-is-put-foam-on-the-runway-tim-geithner-speaking-before-the-collapse-of-lehman/

Which is all to say, if you want to understand the origins of the surge of suckers for fascists who are desperate for a strong man to cheat on their behalf in a rigged system, it helps to look beyond racism and xenophobia, to the ways in which the system is, indeed, rigged. Racism and misogyny alone aren't enough to bring about fascism. To groom a nation of fascist patsies, you first need a crooked system:

https://pluralistic.net/2025/07/22/all-day-suckers/#i-love-the-poorly-educated

This is why it's worth understanding finance. The finance sector hides its sins behind the Shield of Boringness (h/t Claire Evans). The layers of overlapping jargon and performative complexity make it hard for everyday people to criticize the finance sector. Finance ghouls exploit this, leveraging confusing ambiguities in the system to insist that their critics don't know what they're talking about and that everything is fine, actually. This is an incredibly destabilizing dynamic. Living in a system where you're being fleeced every day but where people who seem smarter than you have reasonable-seeming explanations about why it's all legit and above-board is a recipe for abandoning all faith in the system, in experts, and in lawful processes, and throw your lot in with a strongman who promises to cheat on your behalf.

Take stock buybacks, a form of stock swindle that was illegal until 1982. In a stock buyback, a company buys its own shares on the open market. When the number of shares goes down, the price per share goes up. This is just a form of "wash-trading," like when NFT and shitcoin scammers buy their own products in order to make it look like they're valuable and desirable:

https://pluralistic.net/2025/09/06/computer-says-huh/#invisible-handcuffs

Advocates for markets as a system of allocation (as opposed to allocating via a democratically accountable state, say) insist that markets are efficient because prices "encode information" about the desirability, viability, and other qualities of goods and services. This is the whole argument for the new crop of rigged casinos we call "prediction markets" that are grooming the next generation of fascist footsoldiers by robbing them blind and then insisting that the whole process was not only legitimate, but scientific, a way to retrieve the "encoded information" about the world around us.

In a market system, stock prices are supposed to reflect the aggregated information about the health and prospects of a company. When a company buys its own stock back, though, its price goes up while its value goes down.

I mean that literally: say a company that's sitting on a billion dollars cash is valued at $10 billion. From this, we can infer that the company's capital stock (factories, inventory, etc), IP (patents, processes, copyrights, etc) and human capital (payrolled employees, contractors) are worth $9 billion. That's a reliable estimate, because we know exactly how much one billion dollars cash is worth: it's worth one billion dollars.

Now, let that company piss that billion dollars up the wall with a stock buyback. The company is relieved of its billion dollars cash on hand, leaving it with no cash, only its physical capital, IP and human capital, which are worth $9b. The company is now worth less than it was before the stock buyback.

What's more, the drop in corporate valuation is more than the billion the company just blew on its buyback. A company with no cash reserves is brittle and prone to failures. Without a cash cushion, any rent shock, change in market conditions, or other adverse incident will leave the company scrambling to borrow money (at punitive rates, thanks to its desperation) to weather the storm. If share prices are actually "encoding information" about a company's worth, a billion dollar buyback should lop more than a billion dollars off the company's share price. Instead, it sends the share price up.

This is just stock manipulation, which is why it was illegal until 1982. But apologists for this system will tell you that a stock buyback is just a dividend by another name – just another way for a company to return value to its shareholders, who, after all, are the owners of the company and entitled to extract those profits.

This is categorically untrue. Dividends do take money out of the company's coffers and distribute them to its shareholders, sure – but a dividend is a bet on the company's future success, which is why a company's share prices rise after a dividend is declared. Investors observe a company that is so well-run that it can afford to drain some of its cash reserves in favor of its shareholders, so they buy the company's stock in anticipation of more dividends derived from more skilled operations.

But imagine if a company parted with a dividend so large that it meant that the firm would struggle to keep its doors open in the coming year. Imagine a publisher, say, whose dividend was so large that it couldn't afford to pay advances for any more books in the next season, meaning it could only make money from the backlist titles it already had in the warehouse, but was entirely out of the running when it came to publishing next year's blockbuster book.

That dividend would not send investors chasing the company's stock. Why would you bet on a stock whose management had just doomed the company to a bad season, and maybe an unrecoverable death-spiral? Without new books to sell, the company won't have any cash to pay dividends, and when it stops paying dividends, its stock price will fall, leaving shareholders with a hole in their own balance-sheets.

Contrast that with buybacks: to do a buyback, the company need merely spend its free cash flow, or money it borrows, or money derived from the sale of key capital, or money saved through mass layoffs, to buy its own stock. Then the share price goes up.

In other words: when a company's stock price rises on news of a dividend, that's "encoding information" about the market's confidence in the company's management and its future growth. When a company's stock price rises on news of a buyback, that's "encoding information" about the market's confidence in the company's future looting to the point of collapse.

I used to think that this was the whole stock buyback story, but as is ever the case with finance, buybacks are fractally corrupt. This week, I've been reading Boston College law prof Ray D Madoff's book The Second Estate: How the Tax Code Made an American Aristocracy, and I've learned even more scummy truths about buybacks:

https://press.uchicago.edu/ucp/books/book/chicago/S/bo256019296.html

For tax purposes, dividends are "ordinary income," meaning that they are taxed at up to 37%. Meanwhile, if you sell your shares after a stock buyback juices the price, the profits are treated as "capital gains," whose tax rate caps out at about half that (20%). This means that shareholders pay half the tax on money that comes from strip-mining a company than they would get from money derived from managing a company for sustainable growth.

It's worse than that, though, because capital gains can be offset by capital losses. If you invested in a stock that tanked, you can hold that stock in your portfolio until you are ready to sell a profitable stock, and deduct your losses from the gains you've made.

But you don't even have to sell the stock to realize tax-free income from it: the ultra-rich live according to a financial arrangement called "buy, borrow, die" that lets them avoid all taxes.

Here's how that works: if you're sitting on a bunch of stock, you can stake it as collateral for a loan that is tax-free. Better than that, if you're smart, some or all of the interest on that loan is tax-deductible. If you're rich enough, you don't have to make regular payments on the loan, either – you just wait as the stock continues to grow while your loan is maturing, and when it's due, you borrow even more money against the new valuation and pay off the old loan.

That's "buy" and "borrow." Here's "die." When you die, you transfer your assets to your kids, who benefit from something called the "step-up in basis," which lets them avoid all capital gains on the appreciated value of your assets.

Now, maybe you're thinking that you can benefit from this arrangement. I've got bad news for you: you won't qualify for one of those cool loans that you don't need to pay regularly! What's more, if you own any stock you almost certainly own it through a retirement plan like a 401(k), and when you cash out that 401(k), that is treated as "ordinary income" at nearly twice the rate that our plutocrat overlords pay.

Buybacks, then, are part of a system whereby rich people get much richer every time a company that makes something good and employs ordinary people guts itself and sets itself on the path to bankruptcy. Meanwhile, working people don't benefit from this system, even if they own stock. They just get to live in a world where businesses are looted and shuttered and public services are slashed thanks to balanced budget rules that mean that governments can't spend when rich people don't pay taxes.

This is why buybacks have apologists. Buybacks – a stock swindle that was illegal in living memory – make rich people richer, and they spend some of that loot to fund an army of reply-ghouls who push the message that buybacks are dividends by another name.

It's part of the ripoff economy that has seen crypto-billionaires lobby, bribe and terrorize lawmakers into merging their speculative assets with the real economy, endangering the economic well-being of everyday people:

https://www.levernews.com/what-tech-wants-crypto-reign-of-terror/

It's part of the ripoff economy that has seen AI bros put the global market in peril with crooked accounting and empty promises:

https://www.wheresyoured.at/the-enshittifinancial-crisis/

The ripoff economy is baked into the American experience. It is the foundation of Trumpism. It is the financial basis for things like "Project 2025" – literally! The Heritage Foundation (who created Project 2025) was founded and funded by the founders of Amway, a destructive Ponzi scheme that was rescued from criminal prosecution when Gerald Ford (Congressman to Amway's founders) became president and ordered the FTC to let them off the hook:

https://pluralistic.net/2025/05/05/free-enterprise-system/#amway-or-the-highway

Trump's right: the system is rigged. If you're going to pull the people you love back from the nihilistic descent into fascism, you have to be able to understand and explain how the rigging works. We can't insist – as Hillary Clinton did – that "America is already great":

https://www.politico.com/blogs/2016-dem-primary-live-updates-and-results/2016/03/clinton-america-is-already-great-220078

America is not great. It has been gutted by the Epstein class, who robbed us blind, raped our kids, and are now selling us shitcoins and chatbots and the spectacle of protesters being shot in the streets. But it's not enough to know that the system is rigged. Everybody knows the system is rigged. To build a movement and save our future, we have to know how it is rigged and who rigged it.

Hey look at this (permalink)

Wherein I have some thoughts on food delivery apps https://www.dnalounge.com/backstage/log/2026/02/01.html
A Letter On Justice And Open Debate About Raping Children https://www.popehat.com/p/a-letter-on-justice-and-open-debate-about-raping-children
Impeach President Miller https://prospect.org/2026/01/31/impeach-president-miller/
Google Settlement May Bring New Privacy Controls for Real-Time Bidding https://www.eff.org/deeplinks/2026/01/google-settlement-may-bring-new-privacy-controls-real-time-bidding
U.S. government has lost more than 10,000 STEM Ph.D.s since Trump took office https://www.science.org/content/article/u-s-government-has-lost-more-10-000-stem-ph-d-s-trump-took-office

Object permanence (permalink)

#25yrsago Acme License-Plate Maker https://www.acme.com/licensemaker/licensemaker.cgi?state=California&text=NSHITKN&plate=1987&r=943099606

#15yrsago Apple implements iStore changes, prohibits Sony from selling competing ebook app https://www.nytimes.com/2011/02/01/technology/01apple.html?_r=3

#15yrsago IPv4 is exhausted https://tech.slashdot.org/story/11/02/01/0036227/Last-Available-IPv4-Blocks-Allocated

#15yrsago Harper’s publisher rejects $50K worth of pledges, will lay off staff anyway https://docs.google.com/forms/d/e/1FAIpQLSdDoZvxCvsax1zkMKANucBCQU8v-08tcw6VIDrtnmnqLY9I0A/viewform?formkey=dGdtbXUtNUV3cmtpaXJienJ5bldwcUE6MQ

#15yrsago South Dakota senator introduces mandatory gun-ownership law https://www.newser.com/story/111031/south-dakota-bill-every-adult-must-own-a-gun.html

#10yrsago UK Snooper’s Charter is so broad, no one can figure out what it means https://web.archive.org/web/20160202092111/https://motherboard.vice.com/read/tech-firms-are-unclear-on-new-uk-surveillance-laws-warns-government-committee

#5yrsago The good news about vaccination bad news https://pluralistic.net/2021/02/01/dinos-and-rinos/#mixed-news

#5yrsago Unidirectional entryism https://pluralistic.net/2021/02/01/dinos-and-rinos/#entryism

#15yrsago Inside Sukey the anti-kettling mobile app https://www.theguardian.com/uk/2011/feb/02/inside-anti-kettling-hq

#10yrsago Swatting attempted against Congresswoman who introduced anti-swatting bill https://www.bostonglobe.com/metro/2016/02/01/cops-swarm-rep-katherine-clark-melrose-home-after-apparent-hoax/yqEpcpWmKtN6bOOAj8FZXJ/story.html

#10yrsago A would-be clinic-bomber & friends are terrorizing a charter school for being too close to a future Planned Parenthood office https://web.archive.org/web/20160318235447/https://broadly.vice.com/en_us/article/inside-the-bizarre-war-anti-abortion-zealots-are-waging-against-school-kids

#10yrsago Ross and Carrie become Scientologists: an investigative report 5 years in the making https://ohnopodcast.com/investigations/2016/2/1/ross-and-carrie-audit-scientology-part-1-going-preclear

#10yrsago Exclusive: Snowden intelligence docs reveal UK spooks’ malware checklist https://memex.craphound.com/2016/02/02/exclusive-snowden-intelligence-docs-reveal-uk-spooks-malware-checklist/

#5yrsago The free market and rent-seeking https://pluralistic.net/2021/02/02/euthanize-rentiers/#poor-doors

#5yrsago Criti-Hype https://pluralistic.net/2021/02/02/euthanize-rentiers/#dont-believe-the-hype

Upcoming appearances (permalink)

Salt Lake City: Enshittification at the Utah Museum of Fine Arts (Tanner Humanities Center), Feb 18
https://tanner.utah.edu/center-events/cory-doctorow/
Montreal (remote): Fedimtl, Feb 24
https://fedimtl.ca/
Victoria: 28th Annual Victoria International Privacy & Security Summit, Mar 3-5
https://www.rebootcommunications.com/event/vipss2026/
Berkeley: Bioneers keynote, Mar 27
https://conference.bioneers.org/
Berlin: Re:publica, May 18-20
https://re-publica.com/de/news/rp26-sprecher-cory-doctorow
Berlin: Enshittification at Otherland Books, May 19
https://www.otherland-berlin.de/de/event-details/cory-doctorow.html
Hay-on-Wye: HowTheLightGetsIn, May 22-25
https://howthelightgetsin.org/festivals/hay/big-ideas-2

Recent appearances (permalink)

How the Internet Got Worse (Masters in Business)
https://www.youtube.com/watch?v=auXlkuVhxMo
Enshittification (Jon Favreau/Offline):
https://crooked.com/podcast/the-enshittification-of-the-internet-with-cory-doctorow/
Why Big Tech is a Trap for Independent Creators (Stripper News)
https://www.youtube.com/watch?v=nmYDyz8AMZ0
Enshittification (Creative Nonfiction podcast)
https://brendanomeara.com/episode-507-enshittification-author-cory-doctorow-believes-in-a-new-good-internet/
Enshittification with Plutopia
https://plutopia.io/cory-doctorow-enshittification/

Latest books (permalink)

"Canny Valley": A limited edition collection of the collages I create for Pluralistic, self-published, September 2025
"Enshittification: Why Everything Suddenly Got Worse and What to Do About It," Farrar, Straus, Giroux, October 7 2025
https://us.macmillan.com/books/9780374619329/enshittification/
"Picks and Shovels": a sequel to "Red Team Blues," about the heroic era of the PC, Tor Books (US), Head of Zeus (UK), February 2025 (https://us.macmillan.com/books/9781250865908/picksandshovels).
"The Bezzle": a sequel to "Red Team Blues," about prison-tech and other grifts, Tor Books (US), Head of Zeus (UK), February 2024 (thebezzle.org).
"The Lost Cause:" a solarpunk novel of hope in the climate emergency, Tor Books (US), Head of Zeus (UK), November 2023 (http://lost-cause.org).
"The Internet Con": A nonfiction book about interoperability and Big Tech (Verso) September 2023 (http://seizethemeansofcomputation.org). Signed copies at Book Soup (https://www.booksoup.com/book/9781804291245).
"Red Team Blues": "A grabby, compulsive thriller that will leave you knowing more about how the world works than you did before." Tor Books http://redteamblues.com.
"Chokepoint Capitalism: How to Beat Big Tech, Tame Big Content, and Get Artists Paid, with Rebecca Giblin", on how to unrig the markets for creative labor, Beacon Press/Scribe 2022 https://chokepointcapitalism.com

Upcoming books (permalink)

"Unauthorized Bread": a middle-grades graphic novel adapted from my novella about refugees, toasters and DRM, FirstSecond, 2026
"Enshittification, Why Everything Suddenly Got Worse and What to Do About It" (the graphic novel), Firstsecond, 2026
"The Memex Method," Farrar, Straus, Giroux, 2026
"The Reverse-Centaur's Guide to AI," a short book about being a better AI critic, Farrar, Straus and Giroux, June 2026

Colophon (permalink)

Today's top sources:

Currently writing: "The Post-American Internet," a sequel to "Enshittification," about the better world the rest of us get to have now that Trump has torched America (1007 words today, 19588 total)

"The Reverse Centaur's Guide to AI," a short book for Farrar, Straus and Giroux about being an effective AI critic. LEGAL REVIEW AND COPYEDIT COMPLETE.
"The Post-American Internet," a short book about internet policy in the age of Trumpism. PLANNING.
A Little Brother short story about DIY insulin PLANNING

Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.

How to get Pluralistic:

Blog (no ads, tracking, or data-collection):

Newsletter (no ads, tracking, or data-collection):

Mastodon (no ads, tracking, or data-collection):

Medium (no ads, paywalled):

Twitter (mass-scale, unrestricted, third-party surveillance and advertising):

https://mostlysignssomeportents.tumblr.com/tagged/pluralistic

Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):

"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla

ISSN: 3066-764X

15:35

Paul Tagliamonte: Paging all Radio Curious Hackers [Planet Debian]

After years of thinking about and learning about how radios work, I figured it was high-time to start to more aggressively share the things i’ve been learning. I had a ton of fun at DistrictCon year 0, so it was a pretty natural place to pitch an RF-focused introductory talk.

I was selected for Year 1, and able to give my first ever RF related talk about how to set off restaurant pagers (including one on stage!) by reading and writing IQ directly using a little bit of stdlib only Python.

This talk is based around the work I’ve written about previously (here, here and here), but the “all-in-one” form factor was something I was hoping would help encourage folks out there to take a look under the hood of some of the gear around them.

(In case the iframe above isn’t working, direct link to the YouTube video recording is here)

I’ve posted my slides from the talk at PARCH.pdf to hopefully give folks some time to flip through them directly.

All in all, the session was great – It was truely humbling to see so many folks interested in hearing me talk about radios. I had a bit of an own-goal in picking a 20 minute form-factor, so the talk is paced wrong (it feels like it went way too fast). Hopefully being able to see the slides and pause the video is helpful.

We had a short ad-hoc session after where I brought two sets of pagers and my power switch; but unfortunately we didn’t have anyone who was able to trigger any of the devices on their own (due to a mix of time between sessions and computer set-up). Hopefully it was enough to get folks interested in trying this on their own!

15:07

January GNU Spotlight with Amin Bandali featuring twelve new GNU releases: GRUB, Units, and more! [Planet GNU]

14:28

Measuring What Matters in the Age of AI Agents [Radar]

This post first appeared on Mike Amundsen’s Signals from Our Futures Past newsletter and is being republished here with the author’s permission.

We’re long past the novelty phase of AI-assisted coding. The new challenge is measurement. How do we know whether all this augmentation—Copilot, Cursor, Goose, Gemini—is actually making us better at what matters?

The team at DX offers one of the first credible attempts to answer that question. Their AI Measurement Framework focuses on three dimensions: utilization, impact, and cost. They pair these with the DX Core 4: 1) change failure rate, 2) PR throughput, 3) perceived delivery speed, and 4) developer experience. Together they help companies observe how AI shifts the dynamics of production systems.

For example, at Booking.com that meant a 16 percent throughput lift in a few months. At Block, it informed the design of their internal AI agent, goose. The broader context for this work was captured in Gergely Orosz’s Pragmatic Engineer deep dive, which connects DX’s CTO Laura Tacho’s research to how 18 major tech firms are learning to track AI’s effect on engineering performance.

Agents as Extensions

The message running through DX’s framework is both simple and radical: treat coding agents as extensions of teams, not as independent contributors. That idea changes everything. It reframes productivity as a property of hybrid teams (humans plus their AI extensions) and measures performance the way we already measure leadership: by how effectively humans guide their “teams” of agents.

It also calls for a rebalancing of our metrics. AI speed gains can’t come at the cost of maintainability or clarity. The most mature orgs are tracking time saved and time lost because every gain in automation creates new complexity somewhere else in the system. When that feedback loop closes, AI stops being a novelty and becomes an affordance that highlights a living part of the organization’s ecology.

Shared Understanding

The deeper signal here isn’t about dashboards or KPIs. It’s about how we adapt meaningfully to a world where the boundaries between developer, agent, and system blur.

The DX framework reminds us that metrics are only useful when they reflect shared understanding. Not fear, not surveillance. Used poorly, measurement becomes control. Used wisely, it becomes learning. In that sense, this isn’t just a framework for tracking AI adoption. It’s a field guide for co-evolution. For designing the new interfaces between people and their digital counterparts.

Because in the end, the question isn’t how fast AI can code. It’s whether it’s helping us build human, technical, and organizational systems that can learn, adapt, and stay coherent as they grow.

Key Takeaway

Every developer will increasingly operate as a lead for a team of AI agents.

14:21

CodeSOD: Wages of Inheritance [The Daily WTF]

Tim H writes:

Some say that OOP was the greatest mistake of all. I say they weren't trying hard enough.

This code is C++, though Tim submits it as "C with classes." That usually means "we write it as much like C as possible, but use classes to organize our modules." In this case, I think it means "we use classes to punish all who read our code".

Let's look at an example. They've been anonymized, but the shape of the code is there.

class Base {
public:
  enum class Type {
    derived_1,
    derived_2
  };

  Base(Type t) : t_{t} {}
  
  Type getType() const { return t_; }

private:
  Type t_;
};

class Derived_1 : public Base {
public:
  Derived_1() : Base(Base::Type::derived_1) {}
};

This is what one might call "inheritance". You shouldn't, but you might. Here, the base class has an enumerated type which declares the possible child classes, and a field to hold that type. The child classes, then, must set that type when they're constructed.

This is inheritance and polymorphism implemented from first principles, badly. And you can see how badly when it comes time to use the classes:

void Foo(Base *b) {
  if(b->getType() == Base::Type::derived_1) {
    // do it
  }
}

That's right, they need to check the type field and branch, instead of leveraging polymorphism at all.

But this isn't the only way they've reinvented inheritance. I mean, why limit yourself to just one wrong way of doing things, when you can use two wrong ways of doing things?

class Derived_1;
class Derived_2;

class Base {
public:
  Derived_1* getDerived_1() {
    return dynamic_cast<Derived_1*>(this);
  }
  Derived_1& getDerived_1_ref() {
    return dynamic_cast<Derived_1&>(this);
  }
};

class Derived_1 : public Base {}

Here, the base class implements methods to get instances of child classes, or more accurately, pointers (or references) to instances of the child class… by applying the cast to itself. The base class contains logic which casts it to a child class.

Once again, we've reinvented a kind of inheritance which requires the base class to know about all its derived classes. I believe the intended use here is that you may have a variable of Base* that is pointing to an instance of Derived_1, and you want to cast it to access the derived class. The problem is that it may be a pointer to Derived_2, so what happens when you ask for getDerived_1()? dynamic_cast will check the runtime type information- if you compiled with RTTI enabled. Otherwise you're flirting with nasal goblins.

Tim writes:

These "idioms" are inconsistently used everywhere in the codebase. The member function names really do have the "_ref" for the return-a-ref version.

Now, I know that they are running with RTTI enabled, and thus when they do a bad cast, dynamic_cast will throw a bad_cast exception? How do I know?

Double fun is when users report an unreproducible std::bad_cast.

As Tim points out, they do get bad_cast exceptions. And because this is a pile of bad choices and risky code, they can't trace why it happened or how.

Sometimes, things just blow up.

[Advertisement] Keep the plebs out of prod. Restrict NuGet feed privileges with ProGet. Learn more.

Security updates for Monday [LWN.net]

Security updates have been issued by AlmaLinux (iperf3, kernel, and php), Debian (ceph, pillow, pyasn1, python-django, and python-tornado), Fedora (bind9-next, cef, chromium, fontforge, java-21-openjdk, java-25-openjdk, java-latest-openjdk, mingw-python-urllib3, mingw-python-wheel, nodejs20, nodejs22, nodejs24, opencc, openssl, python-wheel, and qownnotes), Red Hat (binutils, gcc-toolset-13-binutils, gcc-toolset-14-binutils, gcc-toolset-15-binutils, java-1.8.0-openjdk, and java-25-openjdk), Slackware (expat), SUSE (bind, cacti, cacti-spine, chromedriver, chromium, dirmngr, fontforge-20251009, glib2, golang-github-prometheus-prometheus, govulncheck-vulndb, icinga2, ImageMagick, kernel, logback, openCryptoki, openssl-1_1, python311-djangorestframework, python311-pypdf, python314, python315, qemu, and xen), and Ubuntu (linux, linux-aws, linux-aws-5.4, linux-gcp, linux-gcp-5.4, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-iot, linux-kvm and linux-aws-fips, linux-fips, linux-gcp-fips).

12:49

Gábor Melis: Untangling Literate Programming [Planet Lisp]

Classical literate programming

A literate program consists of interspersed narrative and code chunks. From this, source code to be fed to the compiler is generated by a process called tangling, and documentation by weaving. The specifics of tangling vary, but the important point is that this puts the human narrative first and allows complete reordering and textual combination of chunks at the cost of introducing an additional step into the write-compile-run cycle.

The general idea

It is easy to mistake this classical implementation of literate programming for the more general idea that we want to

present code to human readers in pedagogical order with narrative added, and
make changing code and its documentation together easy.

The advantages of literate programming follow from these desiderata.

Untangled LP

In many languages today, code order is far more flexible than in the era of early literate programming, so the narrative order can be approximated to some degree using docstrings and comments. Code and its documentation are side by side, so changing them together should also be easy. Since the normal source code now acts as the LP source, there is no more tangling in the programming loop. This is explored in more detail here.

Pros and cons

Having no tangling is a great benefit, as we get to keep our usual programming environment and tooling. On the other hand, bare-bones untangled LP suffers from the following potential problems.

Order mismatches: Things like inline functions and global variables may need to be defined before use. So, code order tends to deviate from narrative order to some degree.
Reduced locality: Our main tool to sync code and narrative is factoring out small, meaningful functions, which is just good programming style anyway. However, this may be undesirable for reasons of performance or readability. In such a case, we might end up with a larger function. Now, if we have only a single docstring for it, then it can be non-obvious which part of the code a sentence in the docstring refers to because of their distance and the presence of other parts.
No source code only view: Sometimes we want to see only the code. In classical LP, we can look at the tangled file. In untangled LP, editor support for hiding the narrative is the obvious solution.
No generated documentation: There is no more tangling nor weaving, but we still need another tool to generate documentation. Crucially, generating documentation is not in the main programming loop.

In general, whether classical or untangled LP is better depends on the severity of the above issues in the particular programming environment.

The Lisp and PAX view

MGL-PAX, a Common Lisp untangled LP solution, aims to minimize the above problems and fill in the gaps left by dropping tangling.

Order
- Common Lisp is quite relaxed about the order of function definitions, but not so much about DEFMACRO, DEFVAR, DEFPARAMETER, DEFCONSTANT, DEFTYPE , DEFCLASS, DEFSTRUCT, DEFINE-COMPILER-MACRO, SET-MACRO-CHARACTER, SET-DISPATCH-MACRO-CHARACTER, DEFPACKAGE. However, code order can for the most part follow narrative order. In practice, we end up with some DEFVARs far from their parent DEFSECTIONs (but DECLAIM SPECIAL helps).
- DEFSECTION controls documentation order. The references to Lisp definitions in DEFSECTION determine narrative order independently from the code order. This allows the few ordering problems to be patched over in the generated documentation.
- Furthermore, because DEFSECTION can handle the exporting of symbols, we can declare the public interface piecemeal, right next to the relevant definitions, rather than in a monolithic DEFPACKAGE
Locality
- Lisp macros replace chunks in the rare, complex cases where a chunk is not a straightforward text substitution but takes parameters. Unlike text-based LP chunks, macros must operate on valid syntax trees (S-expressions), so they cannot be used to inject arbitrary text fragments (e.g. an unclosed parenthesis).
  
  This constraint forces us to organize code into meaningful, syntactic units rather than arbitrary textual fragments, which results in more robust code. Within these units, macros allow us to reshape the syntax tree directly, handling scoping properly where text interpolation would fail.
- PAX's NOTE is an extractable, named comment. NOTE can interleave with code within e.g. functions to minimize the distance between the logic and its documentation.
- Also, PAX hooks into the development to provide easy navigation in the documentation tree.
Source code only view: PAX supports hiding verbose documentation (sections, docstrings, comments) in the editor.
Generating documentation
- PAX extracts docstrings, NOTEs and combines them with narrative glue in DEFSECTIONs.
- Documentation can be generated as static HTML/PDF files for offline reading or browsed live (in an Emacs buffer or via an in-built web server) during development.
- LaTeX math is supported in both PDF and HTML (via MathJax, whether live or offline).

In summary, PAX accepts a minimal deviation in code/narrative order but retains the original, interactive Lisp environment (e.g. SLIME/Sly), through which it offers optional convenience features like extended navigation, live browsing, and hiding documentation in code. In return, we give up easy fine-grained control over typesetting the documentation - a price well worth paying in Common Lisp.

12:28

Spinnerette - issue 44 - 16 [Spinnerette]

New comic!
Today's News:

12:07

AI Coding Assistants Secretly Copying All Code to China [Schneier on Security]

There’s a new report about two AI coding assistants, used by 1.5 million developers, that are surreptitiously sending a copy of everything they ingest to China.

Maybe avoid using them.

11:28

Grrl Power #1431 – Booptions [Grrl Power]

Sydney doesn’t really have A-Cup Angst. She doesn’t walk around fuming that all her teammates are better endowed than her. She’s even gotten a little used to the communal showers. It’s not her favorite thing, but she’s a lot more self-conscious about feeling a little spongey around the midsection than she does about breast-size. What she doesn’t appreciate, is one of her enboobened teammates trying turn the watch party into a mixed-company show and tell.

It’s a failure of Sydney’s imagination that holo-boobs didn’t occur to her already. In her defense, the last time she stepped on the holo-plinth, she was presented with a galaxy’s worth of cosmetic character customization options. Choice paralysis is one of Sydney’s long established traits.

Here is Gaxgy’s painting Maxima promised him. Weird how he draws almost exactly like me.

Patreon has a no-dragon-bikini version of of the picture as well, naturally.

Double res version will be posted over at Patreon. Feel free to contribute as much as you like.

10:14

Precision vs. accuracy [Seth's Blog]

Precision requires producing the same results each time. Repeatable, measurable, dependable.

Accuracy means hitting the target.

The only way to consistently be accurate is to be precise.

But there are plenty of precision methods that don’t yield the most desired outcomes.

Simon Winchester’s book on precision is magnificent. As we enter a new age of automation, understanding the thrills and costs of previous revolutions adds a useful perspective.

And you’ll learn about the person who invented shoe sizes as well as the time Queen Victoria hit a bullseye with a rifle.

The world we live in is recent, and was created by a revolution in precision. We’re still working on accuracy.

09:49

Irregular Webcomic! #3025 [Irregular Webcomic!]

Irregular Webcomic! #3025

09:14

Constructivism [Penny Arcade]

New Comic: Constructivism

08:42

The Campaign: Running, p02 [Ctrl+Alt+Del Comic]

The post The Campaign: Running, p02 appeared first on Ctrl+Alt+Del Comic.

06:14

Girl Genius for Monday, February 02, 2026 [Girl Genius]

The Girl Genius comic for Monday, February 02, 2026 has been posted.

02:35

Language Development [QC RSS]

it felt weird writing Sam using swears

00:49

Utkarsh Gupta: FOSS Activites in January 2026 [Planet Debian]

Here’s my monthly but brief update about the activities I’ve done in the FOSS world.

Debian

Whilst I didn’t get a chance to do much, here are still a few things that I worked on:

A few discussions with the new DFSG team, et al.
Assited a few folks in getting their patches submitted via Salsa.
Reviewing pyenv MR for Ujjwal.
Mentoring for newcomers.
Moderation of -project mailing list.

Ubuntu

I joined Canonical to work on Ubuntu full-time back in February 2021.

Whilst I can’t give a full, detailed list of things I did, here’s a quick TL;DR of what I did:

Successfully released Resolute Snapshot 3!
- This one was also done without the ISO tracker and cdimage access.
- We also worked very hard to build and promote all the image in due time.
Worked further on the whole artifact signing story for cdimage.
Assisted a bunch of folks with my Archive Admin and Release team hats to:
- Helped in EOL’ing Plucky.
- Starting to help with the upcoming 24.04.4 release.
With that, the mid-cycle sprints are around the corner, so quite busy preparing for that.

Debian (E)LTS

This month I have worked 59 hours on Debian Long Term Support (LTS) and on its sister Extended LTS project and did the following things:

Released Security Updates

adminer: Server-side request forgery and redirection vulnerabilities in HTTP drivers.
- [ELTS]: Fixed CVE-2023-45195 and CVE-2023-45196 via 4.7.1-1+deb10u2 for buster. This has been released as ELA 1605-1.
u-boot: Improper sanity checks in FAT filesystem handling.
- [ELTS]: Fixed CVE-2025-24857 via 2016.11+dfsg1-4+deb9u2 for stretch. This has been released as ELA 1608-1.
ruby-rmagick: Memory leak in Magick::Draw with ImageMagick 6.
- [LTS]: Fixed CVE-2023-5349 via 2.16.0-7+deb11u1 for bullseye. This has been released as DLA 4433-1.
libsodium: Invalid point validation in Ed25519 implementation.
- [LTS]: Fixed CVE-2025-69277 via 1.0.18-1+deb11u1 for bullseye. This has been released as DLA 4435-1.
- [ELTS]: Fixed CVE-2025-69277 via 1.0.17-1+deb10u1 for buster. This has been released as ELA 1631-1.
ceph: Improper validation of HTTP_X_AMZ_COPY_SOURCE header.
- [LTS]: Fixed CVE-2024-47866 and CVE-2022-0670 via 14.2.21-1+deb11u2 for bullseye. This has been released as DLA 4460-1.
- [ELTS]: Fixed CVE-2024-47866 via 12.2.11+dfsg1-2.1+deb10u3 for buster and 10.2.11-2+deb9u4 for stretch. This has been released as ELA 1632-1.
modsecurity-apache: Invalid request handling vulnerability.
- [ELTS]: Fixed CVE-2025-54571 via 2.9.1-2+deb9u5 for stretch. This has been released as ELA 1633-1.
pyasn1: Improper continuation octet limits in OID decoder.
- [LTS]: Fixed CVE-2026-23490 via 0.4.8-1+deb11u1 for bullseye. This has been released as DLA 4463-1.
- [ELTS]: Fixed CVE-2026-23490 via 0.4.2-3+deb10u1 for buster and 0.1.9-2+deb9u1 for stretch. This has been released as ELA 1634-1.
node-lodash: Prototype pollution in baseUnset function.
- [unstable]: Fixed CVE-2025-13465 via 4.17.21+dfsg+~cs8.31.198.20210220-10. This has been uploaded to unstable. DLA to follow once this has settled in sid and stable releases.

Work in Progress

knot-resolver: Affected by CVE-2023-26249, CVE-2023-46317, and CVE-2022-40188, leading to Denial of Service.
- [LTS]: Some back and forth discussion with maintainers on the best way to proceed for the bullseye upload.
  - Git repository for bullseye: https://salsa.debian.org/lts-team/packages/knot-resolver/-/tree/debian/bullseye.
ruby-rack: There were multiple vulnerabilities reported in Rack, leading to DoS (memory exhaustion) and proxy bypass.
- [ELTS]: After completing the work for LTS myself, Bastien picked it up for ELTS and reached out about an upstream regression and we’ve been doing some exchanges. Bastien has done most of the work backporting the patches but needs a review and help backporting CVE-2025-61771. Haven’t made much progress since last month and will carry it over.
node-lodash: Affected by CVE-2025-13465, lrototype pollution in baseUnset function.
- [stable]: The patch for trixie and bookworm are ready but haven’t been uploaded yet as I’d like for the unstable upload to settle a bit before I proceed with stable uploads.
- [LTS]: The bullseye upload will follow once the stable uploads are in and ACK’d by the SRMs.
xrdp: Affected by CVE-2025-68670, leading to a stack-based buffer overflow.
- [LTS]: Start to prep the work for bullseye and uploaded to Debusine: https://debusine.debian.net/debian/developers/work-request/367666. ELTS to follow.

Other Activities

[ELTS] Helped Bastien Roucaries debug a tomcat9 regression for buster.
- I spent quite a lot of time trying to help Bastien (with Markus and Santiago involved via mail thread) by reproducing the regression that the user(s) reported.
- I also helped suggest a path forward by vendoring everything, which I was then requested to also help perform.
- Whilst doing that, I noticed circular dependency hellhole and suggested another path forward by backporting bnd and its dependencies as separate NEW packages.
- Bastien liked the idea and is going to work on that but preferred to revert the update to remedy the immediate regressions reported. I further helped him in reviewing his update. This conversation happened on #debian-elts IRC channel.
[LTS] Assisted Ben Hutchings with his question about the next possible steps with a plausible libvirt regression caused by the Linux kernel update. This was a thread on debian-lts@ mailing list.
[LTS] Attended the monthly LTS meeting on IRC. Summary here.
[E/LTS] Monitored discussions on mailing lists, IRC, and all the documentation updates.

Until next time.
:wq for today.

00:28

Joe Marshall: Some Libraries [Planet Lisp]

Zach Beane has released the latest Quicklisp beta (January 2026), and I am pleased to have contributed to this release. Here are the highlights:

dual-numbers — Implements dual numbers and automatic differentiation using dual numbers for Common Lisp.
fold — FOLD-LEFT and FOLD-RIGHT functions.
function — Provides higher-order functions for composition, currying, partial application, and other functional operations.
generic-arithmetic — Defines replacement generic arithmetic functions with CLOS generic functions making it easier to extend the Common Lisp numeric tower to user defined numeric types.
named-let — Overloads the LET macro to provide named let functionality similar to that found in Scheme.

Selected Functions

Dual numbers

DERIVATIVE function → function

Returns a new unary function that computes the exact derivative of the given function at any point x.

The returned function utilizes Dual Number arithmetic to perform automatic differentiation. It evaluates f(x + ε), where ε is the dual unit (an infinitesimal such that ε² = 0). The result is extracted from the infinitesimal part of the computation.

f(x + ε) = f(x) + f'(x)ε

This method avoids the precision errors of numerical approximation (finite difference) and the complexity of symbolic differentiation. It works for any function composed of standard arithmetic operations and elementary functions supported by the dual-numbers library (e.g., sin, exp, log).

Example

(defun square (x) (* x x))

(let ((df (derivative #'square)))
  (funcall df 5)) 
;; => 10

Implementation Note

The implementation relies on the generic-arithmetic system to ensure that mathematical operations within function can accept and return dual-number instances seamlessly.

Function

BINARY-COMPOSE-LEFT binary-fn unary-fn → function

BINARY-COMPOSE-RIGHT binary-fn unary-fn → function

Composes a binary function B(x, y) with a unary function U(z) applied to one of its arguments.

(binary-compose-left B U)(x, y) ≡ B(U(x), y)

(binary-compose-right B U)(x, y) ≡ B(x, U(y))

These combinators are essential for "lifting" unary operations into binary contexts, such as when folding a sequence where elements need preprocessing before aggregation.

Example

;; Summing the squares of a list
(fold-left (binary-compose-right #'+ #'square) 0 '(1 2 3))
;; => 14  ; (+ (+ (+ 0 (sq 1)) (sq 2)) (sq 3))

FOLD

FOLD-LEFT function initial-value sequence → result

Iterates over sequence, calling function with the current accumulator and the next element. The accumulator is initialized to initial-value.

This is a left-associative reduction. The function is applied as:

(f ... (f (f initial-value x₀) x₁) ... x_n)

Unlike CL:REDUCE, the argument order for function is strictly defined: the first argument is always the accumulator, and the second argument is always the element from the sequence. This explicit ordering eliminates ambiguity and aligns with the functional programming convention found in Scheme and ML.

Arguments

function: A binary function taking (accumulator, element).
initial-value: The starting value of the accumulator.
sequence: A list or vector to traverse.

Example

(fold-left (lambda (acc x) (cons x acc))
           nil
           '(1 2 3))
;; => (3 2 1)  ; Effectively reverses the list

Named Let

LET bindings &body body → result LET name bindings &body body → result

Provides the functionality of the "Named Let" construct, commonly found in Scheme. This allows for the definition of recursive loops within a local scope without the verbosity of LABELS.

The macro binds the variables defined in bindings as in a standard let, but also binds name to a local function that can be called recursively with new values for those variables.

(let name ((var val) ...) ... (name new-val ...) ...)

This effectively turns recursion into a concise, iterative structure. It is the idiomatic functional alternative to imperative loop constructs.

While commonly used for tail recursive loops, the function bound by named let is a first-class procedure that can be called anywhere or used as a value.

Example

;; Standard Countdown Loop
(let recur ((n 10))
  (if (zerop n)
      'blastoff
      (progn
        (print n)
        (recur (1- n)))))

Implementation Note

The named-let library overloads the standard CL:LET macro to support this syntax directly if the first argument is a symbol. This allows users to use let uniformly for both simple bindings and recursive loops.

00:07

Kernel prepatch 6.19-rc8 [LWN.net]

The 6.19-rc8 kernel prepatch is out for testing. "So things all look good, and unless something odd happens we'll have a final 6.19 next weekend."

00:00

(5218) [Flipside]

Sunday, 01 February

23:28

[1284] Vehra Remembers [Twokinds]

Comic for February 1, 2026

22:42

Why did we need all those programming languages?

Threads’ margin is the Eurostack’s opportunity [Cory Doctorow's craphound.com]

Imagine building blocks to assemble your own social web app. A toolkit you could plug into your bot.

19:42

This week on my podcast, I read “Threads’ margin is the Eurostack’s opportunity,” a recent post from my Pluralistic.net blog, about the tactics that digital sovereignty advocates can deploy to counter Meta’s (further) enshittification of Threads.

The funny thing is, the OG App creators were just following the Facebook playbook. When Facebook opened up to the general public in 2006, it had the problem that everyone who wanted social media already had an account on Myspace, and all of Facebook’s improvements on Myspace (Zuck made a promise never to spy on his users!) didn’t matter, because Myspace had something Facebook could not match: Myspace had all your friends.

Facebook came up with an ingenious solution to this problem: they offered Myspace users a bot. You gave that bot your Myspace login credentials (just as OG App did with your Insta credentials) and the bot impersonated you to Myspace (just as OG App did with Insta), and it grabbed everything queued up for you on Myspace (just as OG App did with Insta), and then flowed those messages into your Facebook feed (just as OG App did with Insta).

MP3

18:49

Come From Away [Judith Proctor's Journal]

I just got a subscription to Amazon and the extra for Apple TV, so that I could watch Murderbot - which was every bit as good as I had hoped.

Though I'm not sure the 20min episode format was the right choice. I'd have liked them a bit longer.

Having got the subscription for a three month trial, I'm seeing what else are must-watches.

I've just watched the musical 'Come From Away' which was brilliant, and I highly recommend. I had no idea what it was about, just took a punt on it.

It followed what happened in Gander, Newfoundland, when masses of planes got diverted after 9/11.

It's a stage production, hardly any scenery apart from a dozen chairs, but some great singers!

'Pluribus' is probably next on my list - any other suggestions?

comments

15:49

I was surprised to find that nirvana.userland.com, a site that was new in 1998, is still running.

Bit Part [Oglaf! -- Comics. Often dirty.]

January is archived, as is 2025. On to the future! :-)

15:14

13:07

Benjamin Mako Hill: What do people do when they edit Wikipedia through Tor? [Planet Debian]

Note: I have not published blog posts about my academic papers over the past few years. To ensure that my blog contains a more comprehensive record of my published papers and to surface these for folks who missed them, I will be periodically (re)publishing blog posts about some “older” published projects. This post is closely based on a previously published post by Kaylea Champion on the Community Data Science Blog.

Many individuals use Tor to reduce their visibility to widespread internet surveillance.

One popular approach to protecting our privacy online is to use the Tor network. Tor protects users from being identified by their IP address, which can be tied to a physical location. However, if you’d like to contribute to Wikipedia using Tor, you’ll run into a problem. Although most IP addresses can edit without an account, Tor users are blocked from editing.

Tor users attempting to contribute to Wikipedia are shown a screen that informs them that they are not allowed to edit Wikipedia.

Other research by my team has shown that Wikipedia’s attempt to block Tor is imperfect and that some people have been able to edit despite the ban. As part of this work, we built a dataset of more than 11,000 contributions to Wikipedia via Tor and used quantitative analysis to show that contributions from Tor were of about the same quality as contributions from other new editors and other contributors without accounts. Of course, given the unusual circumstances Tor-based contributors face, we wondered whether a deeper look at the content of their edits might reveal more about their motives and the kinds of contributions they seek to make. Kaylea Champion (then a student, now faculty at UW Bothell) led a qualitative investigation to explore these questions.

Given the challenges of studying anonymity seekers, we designed a novel “forensic” qualitative approach inspired by techniques common in computer security and criminal investigation. We applied this new technique to a sample of 500 editing sessions and categorized each session based on what the editor seemed to be intending to do.

Most of the contributions we found fell into one of the two following categories:

Many contributions were quotidian attempts to add to the encyclopedia. Tor-based editors added facts, fixed typos, and updated train schedules. There’s no way to know whether these individuals knew they were just getting lucky in their ability to edit or were patiently reloading to evade the ban.
Second, we found harassing comments and vandalism. Unwelcome conduct is common in online environments, and it is sometimes more common when the likelihood of being identified decreases. Some of the harassing comments we observed were direct responses to being banned as a Tor user.

Although these were most of what we observed, we also found evidence of several types of contributor intent:

We observed activism: when a contributor tried to draw attention to journalistic accounts of environmental and human rights abuses committed by a mining company, only to have editors linked to the mining company repeatedly remove their edits. Another example involved an editor trying to diminish the influence of proponents of alternative medicine.
We also observed quality maintenance activities when editors used Wikipedia’s rules on appropriate sourcing to remove personal websites being cited in conspiracy theories.
We saw edit wars with Tor editors participating in a back-and-forth removal and replacement of content as part of a dispute, in some cases countering the work of an experienced Wikipedia editor whom even other experienced editors had gauged to be biased.
Finally, we saw Tor-based editors participating in non-article discussions, such as investigations into administrator misconduct and protests against the Wikipedia platform’s mistrust of Tor editors.

An exploratory mapping of our themes in terms of the value a type of contribution represents to the Wikipedia community and the importance of anonymity in facilitating it. Anonymity-protecting tools play a critical role in facilitating contributions on the right side of the figure, while edits on the left are more likely to occur even when anonymity is impossible. Contributions toward the top reflect valuable forms of participation in Wikipedia, while edits at the bottom reflect damage.

In all, these themes led us to reflect on how the risks individuals face when contributing to online communities sometimes diverge from the risks the communities face in accepting their work. Expressing minoritized perspectives, maintaining community standards even when you may be targeted by the rulebreaker, highlighting injustice, or acting as a whistleblower can be very risky for an individual, and may not be possible without privacy protections. Of course, in platforms seeking to support the public good, such knowledge and accountability may be crucial.

This work was published as a paper at CSCW: Kaylea Champion, Nora McDonald, Stephanie Bankes, Joseph Zhang, Rachel Greenstadt, Andrea Forte, and Benjamin Mako Hill. 2019. A Forensic Qualitative Analysis of Contributions to Wikipedia from Anonymity Seeking Users. Proceedings of the ACM on Human-Computer Interaction. 3, CSCW, Article 53 (November 2019), 26 pages. https://doi.org/10.1145/3359155

This project was conducted by Kaylea Champion, Nora McDonald, Stephanie Bankes, Joseph Zhang, Rachel Greenstadt, Andrea Forte, and Benjamin Mako Hill. This work was supported by the National Science Foundation (awards CNS-1703736 and CNS-1703049) and included the work of two undergraduates supported through an NSF REU supplement.

10:42

More trouble than it’s worth [Seth's Blog]

This is the hallmark of projects that turn out to be worth doing.

The trouble might be a symptom that we’re onto something that others don’t care enough to do.

And the things that are obviously worth doing are probably already being done.

09:49

Irregular Webcomic! #3024 [Irregular Webcomic!]

Irregular Webcomic! #3024

09:14

OpenVMS 9.2-3 x64 now has local console on OPA0 [OSnews]

I previously covered x64 OpenVMS release on VMware. This was insanely cool achievement for the operating system. While it had no practical ramification there was one small annoyance. The OS console was on a serial port. In VMware it meant another VM connected via named pipe.

Now OpenVMS x64 supports (limited?) local console on OPA0.
↫ Virtually Fun

I think this has been available for a while now – since 2024 – but we hadn’t covered it yet. That same 2024 post also indicates CDE and DECWindows work now, a side effect of a C/C++ compiler bugfix. Sadly, VSI has made it clear that desktop support is not at all on their list of things to spend time on, so don’t expect graphics support to improve meaningfully other than by accident like in this case.

Guix System first impressions as a Nix user [OSnews]

But NixOS isn’t the only declarative distro out there. In fact GNU forked Nix fairly early and made their own spin called Guix, whose big innovation is that, instead of using the unwieldy Nix-language, it uses Scheme. Specifically Guile Scheme, GNU’s sanctioned configuration language. I’ve been following Guix for a bit, but it never felt quite ready to me with stuff like KDE being only barely supported and a lot of hardware not working out of the box.

However, now that (after three years) Guix announced its 1.5.0 release with a lot of stuff stabilized and KDE finally a first-party citizen, I figured now is the best time to give it a fresh shot. This post captures my experiences from installation to the first 3-4 days.
↫ Nemin’s blog

If you’re interested in Guix, but aren’t quite sure if you want to take the plunge, this article does a great job of showing you the ropes, listing what issues you might run into, some pitfalls to avoid, and so on.

06:56

Junichi Uekawa: Got rid of documents I had for last year's Tax return. [Planet Debian]

Got rid of documents I had for last year's Tax return. Now I have the least document in my bookshelf out of the year.

05:21

Russ Allbery: Review: Paladin's Faith [Planet Debian]

Review: Paladin's Faith, by T. Kingfisher

Series:	The Saint of Steel #4
Publisher:	Red Wombat Studio
Copyright:	2023
ISBN:	1-61450-614-0
Format:	Kindle
Pages:	515

Paladin's Faith is the fourth book in T. Kingfisher's loosely connected series of fantasy novels about the berserker former paladins of the Saint of Steel. You could read this as a standalone, but there are numerous (spoilery) references to the previous books in the series.

Marguerite, who was central to the plot of the first book in the series, Paladin's Grace, is a spy with a problem. An internal power struggle in the Red Sail, the organization that she's been working for, has left her a target. She has a plan for how to break their power sufficiently that they will hopefully leave her alone, but to pull it off she's going to need help. As the story opens, she is working to acquire that help in a very Marguerite sort of way: breaking into the office of Bishop Beartongue of the Temple of the White Rat.

The Red Sail, the powerful merchant organization Marguerite worked for, makes their money in the salt trade. Marguerite has learned that someone invented a cheap and reproducible way to extract salt from sea water, thus making the salt trade irrelevant. The Red Sail wants to ensure that invention never sees the light of day, and has forced the artificer into hiding. Marguerite doesn't know where they are, but she knows where she can find out: the Court of Smoke, where the artificer has a patron.

Having grown up in Anuket City, Marguerite was familiar with many clockwork creations, not to mention all the ways that they could go horribly wrong. (Ninety-nine times out of a hundred, it was an explosion. The hundredth time, it ran amok and stabbed innocent bystanders, and the artificer would be left standing there saying, "But I had to put blades on it, or how would it rake the leaves?" while the gutters filled up with blood.)

All Marguerite needs to put her plan into motion is some bodyguards so that she's not constantly distracted and anxious about being assassinated. Readers of this series will be unsurprised to learn that the bodyguards she asks Beartongue for are paladins, including a large broody male one with serious self-esteem problems.

This is, like the other books in this series, a slow-burn romance with infuriating communication problems and a male protagonist who would do well to seek out a sack of hammers as a mentor. However, it has two things going for it that most books in this series do not: a long and complex plot to which the romance takes a back seat, and Marguerite, who is not particularly interested in playing along with the expected romance developments. There are also two main paladins in this story, not just one, and the other is one of the two female paladins of the Saint of Steel and rather more entertaining than Shane.

I generally like court intrigue stories, which is what fills most of this book. Marguerite is an experienced operative, so the reader gets some solid competence porn, and the paladins are fish out of water but are also unexpectedly dangerous, which adds both comedy and satisfying table-turning. I thoroughly enjoyed the maneuvering and the culture clashes. Marguerite is very good at what she does, knows it, and is entirely uninterested in other people's opinions about that, which short-circuits a lot of Shane's most annoying behavior and keeps the story from devolving into mopey angst like some of the books in this series have done.

The end of this book takes the plot in a different direction that adds significantly to the world-building, but also has a (thankfully short) depths of despair segment that I endured rather than enjoyed. I am not really in the mood for bleak hopelessness in my fiction at the moment, even if the reader is fairly sure it will be temporary. But apart from that, I thoroughly enjoyed this book from beginning to end. When we finally meet the artificer, they are an absolute delight in that way that Kingfisher is so good at. The whole story is infused with the sense of determined and competent people refusing to stop trying to fix problems. As usual, the romance was not for me and I think the book would have been better without it, but it's less central to the plot and therefore annoyed me less than any of the books in this series so far.

My one major complaint is the lack of gnoles, but we get some new and intriguing world-building to make up for it, along with a setup for a fifth book that I am now extremely curious about.

By this point in the series, you probably know if you like the general formula. Compared to the previous book, Paladin's Hope, I thought Paladin's Faith was much stronger and more interesting, but it's clearly of the same type. If, like me, you like the plots but not the romance, the plot here is more substantial. You will have to decide if that makes up for a romance in the typical T. Kingfisher configuration.

Personally, I enjoyed this quite a bit, except for the short bleak part, and I'm back to eagerly awaiting the next book in the series.

Rating: 8 out of 10

Saturday, 31 January

22:35

GNU Parallel 20260122 ('Maduro') released [stable] [Planet GNU]

GNU Parallel 20260122 ('Maduro') has been released. It is available for download at: lbry://@GnuParallel:4

Quote of the month:

64コアで、64並列でsimlationを回してtopコマンドで状況を見るのは心地よい。簡単に並列処理を実現できるGNU parallelコマンドは素晴らしい。
-- Daisuke Iizuka @diizuka@twitter

New in this release:

No new features.
Bug fixes.

GNU Parallel - For people who live life in the parallel lane.

If you like GNU Parallel record a video testimonial: Say who you are, what you use GNU Parallel for, how it helps you, and what you like most about it. Include a command that uses GNU Parallel if you feel like it.

About GNU Parallel

GNU Parallel is a shell tool for executing jobs in parallel using one or more computers. A job can be a single command or a small script that has to be run for each of the lines in the input. The typical input is a list of files, a list of hosts, a list of users, a list of URLs, or a list of tables. A job can also be a command that reads from a pipe. GNU Parallel can then split the input and pipe it into commands in parallel.

If you use xargs and tee today you will find GNU Parallel very easy to use as GNU Parallel is written to have the same options as xargs. If you write loops in shell, you will find GNU Parallel may be able to replace most of the loops and make them run faster by running several jobs in parallel. GNU Parallel can even replace nested loops.

GNU Parallel makes sure output from the commands is the same output as you would get had you run the commands sequentially. This makes it possible to use output from GNU Parallel as input for other programs.

For example you can run this to convert all jpeg files into png and gif files and have a progress bar:

parallel --bar convert {1} {1.}.{2} ::: *.jpg ::: png gif

Or you can generate big, medium, and small thumbnails of all jpeg files in sub dirs:

find . -name '*.jpg' |
    parallel convert -geometry {2} {1} {1//}/thumb{2}_{1/} :::: - ::: 50 100 200

You can find more about GNU Parallel at: http://www.gnu ... rg/s/parallel/

You can install GNU Parallel in just 10 seconds with:

    $ (wget -O - pi.dk/3 || lynx -source pi.dk/3 || curl pi.dk/3/ || \
       fetch -o - http://pi.dk/3 ) > install.sh
    $ sha1sum install.sh | grep c555f616391c6f7c28bf938044f4ec50
    12345678 c555f616 391c6f7c 28bf9380 44f4ec50
    $ md5sum install.sh | grep 707275363428aa9e9a136b9a7296dfe4
    70727536 3428aa9e 9a136b9a 7296dfe4
    $ sha512sum install.sh | grep b24bfe249695e0236f6bc7de85828fe1f08f4259
    83320d89 f56698ec 77454856 895edc3e aa16feab 2757966e 5092ef2d 661b8b45
    b24bfe24 9695e023 6f6bc7de 85828fe1 f08f4259 6ce5480a 5e1571b2 8b722f21
    $ bash install.sh

Watch the intro video on http://www.youtub ... L284C9FF2488BC6D1

Walk through the tutorial (man parallel_tutorial). Your command line will love you for it.

When using programs that use GNU Parallel to process data for publication please cite:

O. Tange (2018): GNU Parallel 2018, March 2018, https://doi.org/1 ... 81/zenodo.1146014.

If you like GNU Parallel:

Give a demo at your local user group/team/colleagues
Post the intro videos on Reddit/Diaspora*/forums/blogs/ Identi.ca/Google+/Twitter/Facebook/Linkedin/mailing lists
Get the merchandise https://gnuparall ... igns/gnu-parallel
Request or write a review for your favourite blog or magazine
Request or build a package for your favourite distribution (if it is not already there)
Invite me for your next conference

If you use programs that use GNU Parallel for research:

Please cite GNU Parallel in you publications (use --citation)

If GNU Parallel saves you money:

(Have your company) donate to FSF https://my.f ... .org/donate/

About GNU SQL

GNU sql aims to give a simple, unified interface for accessing databases through all the different databases' command line clients. So far the focus has been on giving a common way to specify login information (protocol, username, password, hostname, and port number), size (database and table size), and running queries.

The database is addressed using a DBURL. If commands are left out you will get that database's interactive shell.

When using GNU SQL for a publication please cite:

O. Tange (2011): GNU SQL - A Command Line Tool for Accessing Different Databases Using DBURLs, ;login: The USENIX Magazine, April 2011:29-32.

About GNU Niceload

GNU niceload slows down a program when the computer load average (or other system activity) is above a certain limit. When the limit is reached the program will be suspended for some time. If the limit is a soft limit the program will be allowed to run for short amounts of time before being suspended again. If the limit is a hard limit the program will only be allowed to run when the system is below the limit.

19:14

The Best Things To Do in Seattle This Month: February 2026 [The Stranger]

Cardi B, The Wiz, and More

by EverOut Staff

February may be the shortest month of the year, but there's no shortage of exceptional things to do. In addition to big dates like Black History Month, Lunar New Year, Valentine's Day, and the Super Bowl (GO HAWKS!), there's the usual array of concerts, major author appearances, food & drink events, and more. Find all of February's highlights below, with events from Cardi B to The Head and the Heart with the Seattle Symphony and from The Wiz to Chilly Hilly 2026.

COMEDY

Nick Colletti
Unless you’ve been living under a rock for the past decade (or were too young for the glory days of Vine), there’s a very good chance you’ve encountered the ridiculous humor of Nick Colletti. From immortal one-liners like “suh dude” and “what the fuck is up, Kyle” to Real Bros of Simi Valley fame, Colletti has perfected a very specific comedic lane: laid-back, slightly cringe, and infinitely meme-able. If any of his past skits or lines have ever found their way into your head, you’re in for a treat seeing that energy translate onstage, even on a Wednesday. LANGSTON THOMAS
Emerald City Comedy Club, Capitol Hill (Wed Feb 11)

17:42

Border patrol commander [Richard Stallman's Political Notes]

The persecutor is walking back his outrageous accusations against the victims of the thugs' crimes, but not very far — now it is a "tragedy", as if no one were responsible.

Bovino, whom the persecutor chose to lead the mad stampede of deportation thugs in Minnesota, has returned to his previous local post. Alas, his replacement is just as cruel

even if not as wild.

I think all this represents unstated recognition that the blatant lies that high officials were telling about the people that thugs had murdered were driving some of their supporters away.

Police resource allocation concern [Richard Stallman's Political Notes]

The corrupter has continued a decades-long trend of increasing the resources put into policing (and punishing) of ordinary people's behavior, and reducing the policing (investigation) of rich people's self-enrichment behavior.

Biden went against that trend when he gave the IRS more money to investigate tax dodgers. Of course, the corrupter reversed that change, precisely because it was effective.

Trump sues IRS and US treasury [Richard Stallman's Political Notes]

An IRS employee leaked the corrupter's private income tax data, and was properly convicted and sentenced for doing so. Now the corrupter is suing the IRS and demands ten billion dollars in damages for the leak.

The president should not be allowed to sue federal agencies at all, because that creates an opportunity for corruption.

DHS Is Expanding Domestic Surveillance [Richard Stallman's Political Notes]

The deportation thugs are expanding pervasive surveillance in a way that threatens the rights of everyone in the US.

Ian McEwan call for extending rights [Richard Stallman's Political Notes]

*Ian McEwan calls for assisted dying rights to extend to dementia sufferers.*

My mother used to say to me: 'If I ever become really terrible, I’d like you to finish me off.' But of course, that’s to commit murder as things stand. Imagine standing up in court and saying: ‘Well, she did say when we were on the beach 20 years ago …' By the time my mother was well advanced and could not recognize anyone, she was dead. She was alive and dead all at once. It was a terrible thing.

Such a person is effectively a zombie. We should have the right to register in advance, when we still have the capacity to think about the question, the request to be killed painlessly if we become zombies.

Third No Kings protests [Richard Stallman's Political Notes]

The next No Kings protest will be held on March 28th against the deportation thugs' "reign of terror".

Urgent: stop funding inhumane tactics [Richard Stallman's Political Notes]

US citizens: call on your rep and senators to have Congress stop funding DHS’ and ICE’s inhumane and lethal tactics.

See the instructions for how to sign this letter campaign without running any nonfree JavaScript code—not trivial, but not hard.

Urgent: stop ICE home invasion [Richard Stallman's Political Notes]

In the US: call on your state attorney general to stop deportation thugs from invading people's homes without a warrant.

See the instructions for how to sign this letter campaign without running any nonfree JavaScript code—not trivial, but not hard.

Urgent: call on Verizon [Richard Stallman's Political Notes]

In the US: call on Verizon to terminate its contracts with the Department of Hatred and Sadism and with I Can't Empathize.

See the instructions for how to sign this letter campaign without running any nonfree JavaScript code—not trivial, but not hard.

Urgent: choose peace [Richard Stallman's Political Notes]

US citizens: urge your representative and senators to support continuing the New START nuclear arms limitation treaty and the moratorium on testing nuclear weapons.

See the instructions for how to sign this letter campaign without running any nonfree JavaScript code—not trivial, but not hard.

16:49

A Scientific Experiment For Your Saturday [Whatever]

Though I am a bougie bitch, there’s nothing quite like a mug full of Swiss Miss hot chocolate. I am an especially big fan of their Marshmallow flavor, so you can imagine my shock when I learned about their Marshmallow Lovers flavor that comes with even more dehydrated white chalk block marshmallows.

I’m willing to bet you didn’t even realize there were two different Marshmallow varieties of Swiss Miss to choose from. Aren’t you so glad I taught you something useful?

Anyways, I, as a Marshmallow lover, decided to see which Marshmallow Swiss Miss variety was superior. Were there enough marshmallows in the Marshmallow flavor to sate my love of them, or did I need to purchase the Marshmallow Lovers box?

Using a digital scale and some math (not easy for me), I have come up with some numbers for your consideration.

So, if you went to Kroger right now and were wanting to buy just a regular, standard size pack of hot chocolate, you’d have your choice between an 8-pack of the Marshmallow Swiss Miss, and a 6-pack of the Marshmallow Lovers Swiss Miss. Both are currently listed as selling for $2.99. I’m sure you’re wondering, well why does the lovers pack have two fewer envelopes than the regular Marshmallow pack? It’s actually because each hot chocolate packet in the Marshmallow Lovers box comes attached to a separate packet that contains the marshmallows, whereas the regular Marshmallow packs have the marshmallows in the hot chocolate envelope rather than being a separate entity.

Anyways, I decided to rip each of one open and weigh them out.

I went with the Marshmallow Lovers packet first. After zeroing out a bowl on a digital scale, I dumped only the contents of the hot chocolate packet into the bowl. The powder came out to 40 grams. I then threw in the marshmallows. The total weight was now 45 grams. A whopping 5 grams of marshmallows in the Marshmallow Lovers packet.

I zeroed out a new bowl so there was no residual powder to contribute to the weight of the Marshmallow packet. I dumped it in the new bowl, then carefully removed each marshmallow from the powder so I could weigh the powder alone first. 38 grams of powder. I threw the marshmallows back in. 39 grams.

I could hardly believe my eyes. A measly one gram of marshmallows in the Marshmallow pack? It felt like too little, but if you go for the upgrade of the Marshmallow Lovers, you lose out a whole two envelopes!

If you add it all up, in the entire Marshmallow box, there is 304 grams of hot chocolate, and 8 grams of marshmallows. For the Marshmallow Lovers, we’re looking at 240 grams of hot chocolate, and 30 grams of marshmallows. 25% less powder, but almost 4 times the amount of marshmallows. Is it worth it to buy the Marshmallow Lovers package? It’s tough to say.

Part of me is tempted to buy the Marshmallow Lovers package just so Swiss Miss knows there’s someone out there that loves their marshmallows. They have to see demand if I want them to keep making it, right?

On the other hand, I could just buy regular Swiss Miss and put my own marshmallows in it. I don’t need Swiss Miss to supply me with their little freaky mallows, I can just throw mini Jet-Puffed marshies in any cup of hot chocolate I want, and as many as I want. I am not limited to a mere one or even five grams.

For now, I will drink the Marshmallow one, because the 30-pack of it was selling for a really good price, so it just made sense to get the bulk box. I will absolutely go through it all.

Do you like hot chocolate? What do you like to top yours with? Have you tried the Marshmallow Lovers variety yourself? Let me know in the comments, and have a great day!

-AMS

15:42

Next year I have to go to FOSDEM. This year's conference is going on right now in Brussels. If you're there and reading this -- say a hello for me. I realize the piece I wrote yesterday about the future of the social web is equally relevant now for FOSDEM. My prescription: carefully start over with a simple peer-to-peer service and build on that foundation. I would use websockets. You will have to deal with issues of centralization, and at each point decide how much you're willing to trade off ease of use and performance for decentralization. I think you can go pretty far without stripping the gears of users, but there has to be some amount of centralization, identity and storage, being the two biggies. Please read the piece, it's short, bulleted style, highly opinionated, and based on my experience with systems like the ones they're working on. (Who does he think he is? Just a software developer, working hard for a feature-complete web who thinks we've been stuck in a few ruts for a depressingly long time.)