Friday, 05 June

17:07

This mini PC with the latest RISC-V SoC might actually be worth it [OSnews]

RISC-V has been in the “promising” phase for a long time now, especially for general purpose computing, never really breaking through into the mainstream in any measurable way. While I think that breakthrough is still relatively far away, we now do have newer RISC-V SoCs on the market supporting the RVA23 baseline RISC-V profile. One of them is the SpacemiT Key Stone KЗ, which promises to deliver a massive performance increase over previous RISC-V offerings. It’s exactly this chip that’s finding its way into complete, turnkey mini PC solutions, like this one from a company called Firefly.

The base model comes with 8GB of LDDPR5 RAM and 128GB of storage, at a price of about €300 or so (there’s also a 32GB/128GB model at well over €600). This is the first time I’m looking at a complete RISC-V solution where I feel like it might actually make for a good moment to jump in for us enthusiasts. No, the performance won’t rival anything Intel or AMD has to offer, but it seems capable enough for a lot of day-to-day tasks, and I’m curious to see just how far along the Linux world is when it comes to RISC-V support.

It’s not part of our current set of fundraiser incentives, but if you’d like to see this RISC-V mini PC reviewed here on OSNews, you can always donate and add a note that you specifically want to see such a review (so I can gauge interest not just from our few commenters, but also from the more than 99% of our readers who only lurk). As always, you can donate through Ko-Fi, or, if you’re European, via a SEPA direct bank transfer (Name: Thom Holwerda – IBAN: SE08 8000 0820 1684 4657 8414 – BIC: SWEDSESS).

16:21

Various and Sundry, 6/5/26 [Whatever]

What interesting tidbits of thought do I have for you today? Let’s find out together!

Bots now make up more than half of Internet traffic: Internet provider Cloudflare says more than 57% of the traffic to the sites it hosts are bots (i.e., automated computer requests) rather than actual humans, who make up the other 43%. My feeling about this is less surprise than wonder that it’s taken this long; bot traffic was already a scourge more than a decade ago. That percentage is unlikely to go down, ever, as “agentic AI” is being pushed by tech companies, so a bot can go out onto the Internet and find information and bring it back so that you don’t ever have to leave the cozy bosom, of, say, Google.

How will this sort of thing work about for people who actually have sites (waves) when the vast majority of traffic is comprised of bots, who don’t read ads and don’t want things? The article rather optimistically suggests that a change might happen where bots are charged for access to web sites and information, whilst humans get to wander the Internet for free, which, of course, runs counter to the tech company ethos of making someone else pay for the stuff it wants to take without paying. So I’m going to just say I’m not convinced this will be the wave of the future.

Regardless, this site is subsidized by me making money doing other stuff and has been for 28 years now, with no plans to change at any point in the future. Please enjoy your free information! Also, buy my books, thanks.

Freedom 250 concerts cancelled, to be replaced with a Trump rally: Sad news for Vanilla Ice, who was the last performer of note still planning to perform; as I said on Threads, he “really needed that gig, now his frosted tips are gonna get repossessed.” In fact I don’t know if he still has frosted tips, or even hair. The 90s were a very long time ago now.

Trump is now having a rally on June 26th, where his aimless meandering mouth pooping will be occasionally interrupted by Lee Greenwood singing “God Bless the USA,” or some such. If you attend, you deserve what you’re going to get, and that’s all I have to say about that. Greenwood’s own reputation as a musician will not be notably dinged for his appearance; being hauled out for a single moment of performative patriotism for politicians who actively hate the majority of Americans is what he’s been known for this entire century. I hope it pays well.

Let’s end on a music high note: A countrified cover of “You’re the One that I Want” from Grey DeLise and Les Greene. Voice acting nerds will know DeLise as the voice of numerous characters in shows and video games, my own particularly favorite being Mandy in The Grim Adventures of Billy and Mandy, but she also has a nice side gig singing Country & Western stuff. Enjoy!

— JS

15:28

Detection Is Not a Strategy [I, Cringely]

Every few weeks, someone announces a tool that detects AI hallucinations. A startup, a research lab, a hyperscaler bolting a “trust layer” onto its chatbot. The release uses the word “guardrails.” Everyone nods. Another brick in the road to safe, reliable AI.

I want to argue that we are cheering for the wrong thing — that hallucination detection, however clever, cannot be the strategy. It can be a backstop. It can be a monitor. It cannot be the plan. And the reason is older than computing.

Start with the trap at the center of the whole idea.

To catch a hallucination, your detector has to know the right answer. Sit with what that means. The original model produced a confident falsehood because it did not have the grounded knowledge to do otherwise. Now you propose a second system to sit behind it and flag the lies. But to flag a lie, that second system has to know the truth — and if it knew the truth, you would not have needed the first model to guess in the first place. You would just serve the truth and skip the theater.

A detector good enough to reliably catch fabrication would have to possess exactly the capability whose absence caused the fabrication. Detection doesn’t solve the problem. It assumes the problem is already solved. That is the whole argument in a paragraph; everything else is just watching it play out.

So watch it play out. The first thing you notice is that a hallucination has no tell. When one of these models invents a court case, a citation, a drug dosage, a quarterly number, the sentence it produces is grammatically perfect, tonally identical to a true one, and delivered with precisely the same confidence. The model is not more hesitant when it lies. It does not sweat. There is no flicker. That is the entire reason this is hard: the false output and the true output are indistinguishable on their face. A detector staring at the text has nothing to grab onto, because there is nothing in the text to grab.

So the detector-builders do the sensible thing and go probabilistic. They get good — let’s be generous and say 95% good. And 95% sounds like an A. But invert it. In a hospital, a courtroom, a bank, a grid control room, 95% means one in twenty confident falsehoods walks right past the guard. And here is the cruel part: the ones that get through are not random. They are the most plausible fabrications in the batch — the ones convincing enough to fool the detector, which makes them precisely the ones most likely to fool you. A safety system that is only probabilistic is not a safety system. It is a liability with a press release.

It is also a treadmill. Every new model, every new domain, every fresh way of being wrong demands that the detector be retrained and re-tuned. It is antivirus software for an attacker that rewrites itself weekly — perpetual catch-up, by design. And you pay for it twice: once to generate the answer, again to check it, and you still don’t get certainty for the money.

But the deepest mistake here is a category error, and to name it I have to wade back into a fight I picked a quarter century ago.

Everyone reaches for W. Edwards Deming when they talk about quality — the American sage the Japanese supposedly heeded when Detroit wouldn’t. I once spent 4,400 words arguing the standard story gets the hero wrong. The man who actually carried disciplined quality into occupied Japan was a 29-year-old radio engineer named Homer Sarasohn, sent by MacArthur in 1946 to rebuild a flattened electronics industry. He and his colleague Charles Protzman, a Western Electric production man, spent four years teaching Japanese executives how to run a company and build things that worked — they literally wrote the handbook for it, a course book still in print in Japan today — and when they went home, Sarasohn handed the baton to Deming, who had a gift for self-promotion and ended up with his name on the prize and the legend. (Sarasohn was no footnote; he went on to a long career at IBM. History simply looked past him.) A remarkable number of readers wrote in to tell me I had it backwards. I didn’t, and I still don’t.

When that column ran, the Deming faithful came for me. The real transformation, they insisted, came from a handful of lectures Deming gave Japanese executives in the summer of 1950 — as if quality had arrived by seminar. Nonsense. If a few brilliant talks were all it took, answer me this: why did it take the better part of thirty years for Japan to turn quality into a weapon? The tools had been on the shelf since 1950 — Sarasohn’s manual, Protzman’s production discipline, Deming’s statistics, all of it.

What finally lit the fire was the memory chip. When Hitachi and the other Japanese makers went after the DRAM business Intel had invented, they slammed into the cruelest arithmetic in manufacturing: in a commodity chip, yield is the entire margin — and theirs was too low to make a dime. The answer had been sitting in Sarasohn’s handbook for three decades: build quality into the process instead of inspecting the failures out at the end. This time they used it. Japanese yields climbed past the Americans’ — seventy and eighty percent against Intel’s fifty or sixty — and by the mid-1980s the company that invented the DRAM had been driven out of it. The instruction was never the bottleneck. Necessity was.

We just prefer the story where one clever intervention saves the day — which is exactly the story being sold to us again: that a hallucination detector will do for AI what we like to pretend a seminar did for Japan.

But here is what matters for our purposes, and it is bigger than who gets the statue. Whether you credit Sarasohn, Deming, or the Japanese engineers who did the actual work, they all arrived at the same unglamorous law: you cannot inspect quality into a product. Sarasohn found factories where “quality” meant building a pile of vacuum tubes and throwing ninety percent of them away — where no one saw the problem with assembling precision electronics in a shack with a dirt floor. You do not fix that by hiring more inspectors to stand at the end of the line catching the bad ones. Inspection is expensive, it is late, and it never catches everything. The only thing that works is to build quality in — to design the process so the defect never happens. The industry that learned this went on to bury the one that had won the war. We are still driving the proof.

Hallucination detection is the man with the clipboard at the end of the line. It is quality by inspection, in a field that should have learned the lesson from manufacturing forty years ago.

And here is the part the clipboard can never fix: hallucination is not a malfunction. The model isn’t breaking when it makes things up. It is doing exactly what it was built to do — predict the most plausible next word, with no native notion of whether that word is true. Fabrication isn’t a bug in the architecture. It is the architecture, working as designed. You cannot detect your way out of a feature.

Which points at the only strategy that survives contact with the problem. Stop trying to catch the lie after the fact, and build a system that knows the boundary of what it actually knows — one that can tell the difference between answering from grounded, verified knowledge and reaching past the edge into invention, and that says so when it gets there. Not a smarter smoke detector. A machine that doesn’t set the fire.

That is harder. It is architectural, not bolted on, and it does not make for a tidy press release about a new trust layer. But it is the only version of this that works in a courtroom, where “our filter catches 95%” is not a sentence you want to say to a judge.

Detection is not a strategy. Design is. Sarasohn knew it in 1948. It is past time we learned it about machines that talk.

(Disclosure: I co-founded 2Brains, which is built around designing it in rather than inspecting it out, so I come to this with a horse in the race. I’d make the argument anyway — I was making versions of it about Japanese factory floors a quarter century ago.)

The post Detection Is Not a Strategy first appeared on I, Cringely.






Digital Branding
Web Design Marketing

15:21

[$] Moving beyond fork() + exec() [LWN.net]

Since the earliest days of Unix, two of the core process-oriented system calls have been fork(), which creates a child process as a copy of the parent, and exec(), which runs a new program in the place of the current one. In Linux kernels, those system calls are better known as clone() and execve(), but the core functionality remains the same. While there is elegance to this process-creation model, there are shortcomings as well. A recent proposal from Li Chen to add "spawn templates" to the kernel will not be accepted in its current form, but it may point the way toward a new process-creation primitive in the future.

14:35

Error'd: Bridge for Sale [The Daily WTF]

"Scammer offers to buy Google" is certainly a new twist on a very old New York con. Jan B. explains "Scammers have found a new way to steal money, scrap LinkedIn profiles and then send out emails with fake offers to buy people's companies. I'm guessing suddenly they need some fees paid just before the deal is finalised. However, they may need to improve their filtering before sending out their scams, I don't even own Google!" I'm putting together a group of people to buy it, do you want to get in the deal? I'll just need you to transfer two million to this SWIFT account...

5ecf5d704e7742b38d3467e98c8cc631

"But when?" queries Hercules "I've always had difficulty understanding phone billing and payment cycles. My phone company seems intent on making that harder..." Strong, heroically good-looking... Bright?The gods don't require it.

bffc573e6abf42c694a6e8194f66f9a9

"Next update: 25 years 11 months ago" is some kind of reverse Y2K bug. Laurent boggles "It's bad enough to have a power outage, but to have to go back in time to get an update?"

f700091cccad4fc4b0764fad047f3149

"What is 30% of NaN?" asks Geoff O. rhetorically. However, the answer is well-defined and explicit.

099fa3a714f8449fbf59e345e72caa9c

And finally, another "lost in translation" error from Martin K.: "Not only have the store not changed the generic cookie bar text, they apparently don't have a fall back to e.g. english, if the browser language isn't found."

354cdc680a3e425f9ea752ae57c1da73

[Advertisement] BuildMaster allows you to create a self-service release management platform that allows different teams to manage their applications. Explore how!

Ruby's Bundler adds a cooldown feature [LWN.net]

Version 4.0.13 of Ruby's Bundler package-manager has added dependency cooldowns in order to help mitigate the effect of supply-chain attacks:

Most supply-chain attacks against RubyGems exploit a narrow window: an account is compromised, a malicious version ships, and any bundle install in the minutes that follow resolves straight to it. Bundler 4.0.13 introduces cooldown, a time-based filter that refuses to resolve to a version until it has been public for at least N days. Releases too new to have been scrutinized are passed over in favor of ones that have aged past the window.

The feature was designed in the open, drawing on how other ecosystems approach the same problem. It is opt-in, and complements rather than replaces existing defenses like mandatory 2FA and trusted publishing.

LWN covered dependency cooldowns in April, and the takeover of RubyGems and Bundler in October 2025.

Security updates for Friday [LWN.net]

Security updates have been issued by AlmaLinux (kernel), Debian (dovecot, exim4, frr, and haveged), Fedora (cockpit, freeipa, jpegxl, libre, nextcloud, perl-Cpanel-JSON-XS, perl-Crypt-Argon2, perl-Dist-Build, perl-ExtUtils-Builder, perl-ExtUtils-Builder-Compiler, perl-HTTP-Tiny, perl-libwww-perl, python-starlette, rubygem-yard, rust-sequoia-cert-store, rust-sequoia-chameleon-gnupg, rust-sequoia-octopus-librnp, rust-sequoia-sop, rust-sequoia-sq, rust-sequoia-wot, samba, and transmission), Red Hat (image-builder), Slackware (dnsmasq and libinput), SUSE (evince, glibc, google-guest-agent, hplip, ignition, LibVNCServer, libzypp, libsolv, python-Pillow, salt, thunderbird, and vim), and Ubuntu (apache2, linux, linux-aws, linux-aws-5.15, linux-aws-fips, linux-fips, linux-gcp, linux-gcp-5.15, linux-gcp-fips, linux-gke, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-intel-iot-realtime, linux-intel-iotg, linux-kvm, linux-nvidia, linux-nvidia-tegra, linux-nvidia-tegra-5.15, linux-nvidia-tegra-igx, linux-oracle, linux-raspi, linux-realtime, linux, linux-aws, linux-aws-fips, linux-azure, linux-azure-5.4, linux-azure-fips, linux-bluefield, linux-fips, linux-gcp, linux-gcp-5.4, linux-gcp-fips, linux-iot, linux-kvm, linux-oracle, linux-oracle-5.4, linux-xilinx-zynqmp, linux, linux-azure, linux-azure-4.15, linux-azure-fips, linux-fips, linux-gcp-4.15, linux-gcp-fips, linux-kvm, linux-oracle, linux-aws-5.4, linux-hwe-5.4, linux-azure-fips, linux-fips, linux-raspi, linux-raspi-5.4, nano, postfix, robocode, tomcat6, tomcat7, and yard).

14:28

AI Worm [Schneier on Security]

Researchers have prototyped an AI-powered internet worm.

The coolest thing about the prototype is that it carries its own LLM with it, and runs it on computers that have been broken into.

This is the closest to John Brunner’s original 1975 conception of a computer worm that I’ve seen.

14:21

14:00

When su replaced login for becoming another UNIX login [OSnews]

I’ve mentioned it before, but Chris Siebenmann is basically the Raymond Chen of the UNIX world, and today he’s filling that role perfectly once again.

I recently read Simon Tatham’s Nitpicking the shell history scene in Tron: Legacy, where one thing that surprised Tatham was the film using ‘login -n root‘ to become root instead of ‘su‘. This surprised me because I found that perfectly ordinary, and this turns up both a bit of Unix history and a difference between modern Unixes.

Plain ‘su‘ can let you become another user, including root, but what it explicitly doesn’t do by default is create a new login shell for that user. If you do ‘su root‘, the new root shell normally inherits most of your environment, your current directory, and so on. Sometimes this is what you want and sometimes you really want a new login environment, and originally in Unix how you got the latter was to run ‘login‘ from your existing shell session (and this meant that login was setuid root, like su).

↫ Chris Siebenmann

Unsurprisingly, this distinction has persisted to this day in various UNIX-like operating systems, but in different ways. Some maintain the explicit distinction, while others have more or less standardised on using su for both use cases. It’s an interesting bit of UNIX archeology.

13:42

I Let an AI Agent Run 40 Experiments While I Slept [Radar]

I set up an AI agent on a rented GPU, pointed it at a training script, and went to bed. By morning it had run 40 experiments, improved validation loss by 5.9%, and cut memory usage from 44 GB to 17 GB. It also spent four hours chasing a bug that a linter introduced behind its back. The agent never flagged it. I only found out because the numbers stopped improving and I started reading logs.

The setup was based on Andrej Karpathy’s autoresearch project: Give an agent one file it can edit (train.py), one metric to optimize (validation bits per byte), a fixed five-minute training budget per experiment, and Git for checkpointing. If an experiment beats the current best, keep the commit. If not, revert. Loop forever. Karpathy’s own run produced 700 experiments and 20 genuine improvements across 48 hours, an 11% speedup on already-optimized code. Shopify’s Tobi Lütke pointed the same pattern at Liquid, their templating engine, and got 53% faster rendering from 93 automated commits. The pattern clearly works. The question is what breaks when you run it yourself.

The first failure: Agents fixing agents

Before running autoresearch, I had a separate problem. I had 15 custom skills for Claude Code (think reusable prompt templates with tool access, structured inputs, and specific behaviors). Most of them were broken when dispatched as parallel background agents. Vague descriptions meant the system couldn’t figure out when to invoke them. Missing tool permissions caused silent failures. Duplicate scopes between similar skills created routing confusion.

So I used the same pattern: dispatch background agents in parallel, one per skill, each tasked with reading the skill definition, identifying problems, and rewriting it. 13 out of 15 came back improved. Descriptions got specific. Dead references to nonexistent files were removed. Tool permissions were added. Two skills were left untouched because the agents couldn’t find anything wrong with them. The whole batch took under an hour.

But here’s what I didn’t expect. Three of the “improved” skills had subtle regressions. One agent removed an AskUserQuestion gate that was there for a reason, because the gate’s purpose wasn’t documented and the agent read it as unnecessary friction. Another agent rewrote a skill description so precisely that it stopped triggering on the fuzzy, misspelled queries real users actually type. I caught these during manual review, but if I had trusted the parallel output without checking, three skills would have silently degraded in production.

The second failure: The linter in the loop

Then I started the training loop. The agent worked through hyperparameters methodically. It halved the batch size early (experiment 4), which turned out to be the single biggest win: more gradient steps in the same five-minute window. It reduced model depth from eight to seven layers, dropped weight decay from 0.2 to 0.05, and tuned the learning rate schedule. Each change was small. The cumulative effect was a 5.9% improvement in validation loss and a 60% reduction in peak GPU memory.

Out of 40 experiments, the agent kept nine, discarded 28, and crashed three. That keep/discard ratio felt about right. Most ideas don’t work. The point of automation isn’t to have better ideas. It’s to try bad ones faster.

Then the numbers plateaued. Experiments 30 through 38 produced nothing worth keeping. I started digging through the logs and found something I hadn’t expected: A linter running on the remote machine had been silently modifying a hyperparameter in train.py. It changed SCALAR_LR from 0.5 to 0.3 every time the agent saved the file. The agent would set the value, commit, and run the experiment, but the linter would alter the file between the save and the execution. The agent had no way to detect this because it checked Git diffs, not the runtime state of the file. Every experiment after a certain point was running with a learning rate the agent never chose.

I lost roughly four hours of compute to this. The agent kept going, proposing new ideas, running experiments, logging results. From its perspective nothing was wrong. The experiments ran, produced numbers, and the numbers were plausible. There was no crash, no error, no alert.

Why this matters beyond my GPU bill

Gartner predicts over 40% of agentic AI projects will be canceled by the end of 2027, citing escalating costs and inadequate risk controls as the primary drivers. My overnight session was a toy example: a single GPU, a small model, and a low-stakes experiment. But the failure pattern scales. An agent that can’t detect when its inputs are being modified between decisions will make the same class of error whether it’s tuning hyperparameters or managing a production pipeline.

The autoresearch constraints are smart: one file, one metric, and Git for state. But they assume the environment is stable. Nobody checks whether something outside the loop is modifying the file between commits. The agent optimizes within its sandbox, and the sandbox has a hole in the wall that nobody thought to look for.

Anyone who has run distributed systems recognizes this. When the linter changed that hyperparameter, it was the equivalent of someone editing a database record between a read and a write. We solved that problem years ago with compare-and-swap, optimistic locking, checksums. We just haven’t brought any of it to autonomous AI workflows. The SkyPilot team recently scaled autoresearch to 16 GPUs and 910 experiments. At that scale, an undetected environment mutation doesn’t cost you four hours. It costs you a cluster.

Next time I run autoresearch, I’ll add a file integrity check before every experiment. It’s three lines of code, but it would have saved me four hours and produced a better final result. The agent did its job. The environment didn’t.

13:14

10:49

10:21

How to teach marketing [Seth's Blog]

Trick title. There are at least three kinds of “marketing” we ought to be teaching:

  1. Marketing from the point of view of the consumer. This is something every student should be taught, beginning at a young age. How do marketers manipulate customers? What desires do they amplify? What is surveillance capitalism and how does our quest for convenience get in the way of our happiness? What do we need to understand about debt, status and affiliation to become mindful in a market-ized world?
  2. Marketing as a job in an organization. Going to meetings, creating decks, understanding spreadsheets. Terms of art like lifetime value and market share. The difference between a brand and a logo. Non-profits and corporations spend billions on marketing, and working in that system requires insight and competence.
  3. Marketing as a craft. Strategic marketing. Telling stories that spread. Building an asset. Marketing as a service on behalf of your customers. Owning the responsibility that goes with the leverage that marketers have.

Most organized marketing instruction is about the first or second, with some online courses teaching hustle and hype, which I don’t count as marketing. My best work is about the third kind, the one where it all began.

More here.

09:21

Russell Coker: CPUs and Debian Package Building [Planet Debian]

Introduction

I have just bought a HP Z4 G4 with W-2125 CPU for $320 and I decided it was a good time to do some benchmarks on Debian package building to see which system I should use for that.

The W-2125 CPU scores only 9,954 on the passmark multithread test but scores 2,546 on single thread [1]. Passmark seems to have some limitations as the only DDR3 system that’s important to me at the moment (the HP Z420 workstation my parents use which cost me $750 in 2021) with a E5-2620 CPU scoring 5,325 for multithread and 1,113 for single thread [2]. From the passmark results one would expect that the system is slightly more than twice as fast as the Z420 for operations that involve less than 4 CPU cores.

For the initial tests of the Z4 G4 I ran them with hyper-threading enabled as 4 cores isn’t much by today’s standards and also the machine in question is going to be less exposed to hostile data and contain less secret data than most of my systems so the security risks of hyper-threading are less of a concern.

I did some tests with a couple of tasks that are very important to me, building SE Linux policy packages (something I may do a dozen times in a day) and building Warzone 2100 (which I do less often but is the most intensive build process I regularly run). At the bottom of this post there are tables with the results from building these packages on my Z640 workstation with a E5-2696 v4 CPU [3], the Z420, and the new machine.

For the Warzone 2100 package I tested building on my Z840 dual CPU system [4]. I didn’t test building the SE Linux policy on the Z840 this time because that package can’t take advantage of even 22 cores. When I initially got the Z840 running it built the policy packages faster because the Z640 had an older CPU that was slower for single core operations than the CPUs in the Z840.

BTRFS Compression

For some time I have noticed significant differences in compile time on my workstation, a factor of more than 2. I did more tests and noticed that “top” showed something like the following, those kernel threads are all BTRFS related, except for “gfx” which is probably something graphical caused by running Chrome with about 300 tabs open.

2144316 root      20   0       0      0      0 I  26.6   0.0   0:36.76 kworker/u88:20-btrfs-endio-write                                                                                                                                                                             
2221470 root      20   0       0      0      0 I  23.7   0.0   0:01.85 kworker/u88:12-gfx                                                                                                                                                                                           
2221436 root      20   0       0      0      0 I  15.1   0.0   0:07.48 kworker/u88:8-btrfs-compressed-write                                                                                                                                                                         
2166191 root      20   0       0      0      0 I  12.8   0.0   0:15.80 kworker/u88:23-btrfs-compressed-write                                                                                                                                                                        
2126387 root      20   0       0      0      0 I  10.2   0.0   1:29.11 kworker/u88:4-events_unbound

I had been running BTRFS with the mount option “compress=zstd:15” which caused much of the performance problems when building. It was also a random performance issue which I think happened due to the BTRFS 30 second write-back sometimes taking more than 30 seconds during the build process which then caused a second write-back.

I did tests on ZSTD compression levels 5, 8, 10, and 15. 15 was never good and often really bad. 10 was not unbearable but consistently slower. 8 was sometimes as fast as 5 and sometimes quite a bit slower. I didn’t test levels below 5 because I need to have some compression and it seemed that the benefits of reducing compression were dropping off below 8.

I found that the BTRFS compression delay is not counted in system time for the process. I think it’s the fsync() system calls in the semodule and dpkg-deb programs that cause the delays related to BTRFS compression waiting for kernel threads.

BOINC

I have all my systems other than laptops running BOINC in the background so that CPU power is used for scientific research when I don’t have any personal use for it [5]. I believe that it’s immoral to waste CPU power when it could be used for research.

In the below table which has test results from building the package with and without BOINC, and with different ZSTD compression levels in BTRFS all the worst entries were from when BOINC was running apart from one where ZSTD level 15 compression was used. The really poor performance with ZSTD level 15 was an outlier, but it wasn’t an uncommon outlier so I left it in.

Running BOINC in the background configured to use all CPU cores caused a significant increase in “user CPU time” (the time a CPU core spent actually running the program). My initial thought was that it’s partly related to “turbo boost”.

The Intel ARK page for the CPU in the Z420 shows that it’s main clock speed is 2.0GHz with a 2.5GHz “turbo boost” [6]. The “turbo boost” is apparently largely based on temperature and apparently limited to one core, so if the other CPU cores are all being used then the CPU will probably be too hot to have the turbo boost and if it happens it might not happen for my compile processes.

The ARK page for the E5-2699 v4 (which is a similar CPU to the E5-2696 v4 that I’m using but is officially documented by Intel) [7] shows that it has a base clock speed of 2.2GHz and a turbo boost speed of 3.6 GHz. 322 vs 244 seconds of user CPU time means running 32% slower which can plausibly be explained by the lack of a 64% turbo boost with a bit of help from the 55MB L3 cache being thrashed.

Turbo boost would only be a noticeable issue for building packages like the SE Linux policy packages which doesn’t take much advantage of multi-core CPUs. For a build process to average at best 362% CPU use there has to be large parts of the process that are limited to one or two cores which can potentially give a benefit from turbo-boost.

When building the Warzone 2100 packages most of the build time is running basis-universal which is a multi-threaded program to compress GPU texture data. This usually causes a load average of 300+ on the Z640 or 600+ on the Z840. But the build time is still increased by more than 50% on both the Z640 and the Z840 when BOINC is running in the background, which seems to be an indication that it’s not related to turbo boost. I verified that BOINC is running at IDLE schedule priority with the following command:

# chrt -p $(pidof -s einstein_O4MD_2.01_x86_64-pc-linux-gnu)
pid 2974874's current scheduling policy: SCHED_IDLE
pid 2974874's current scheduling priority: 0

In theory this means that BOINC won’t affect foreground processes.

Hyper Threading on the W-2125

The best claims I’ve seen about HT are 15% to 30% performance boost. The best I’ve actually seen in the past is about 18%. Seeing a 10% benefit for building Warzone 2100 is at the low end of the range I expected. 8 virtual cores is not many for a build process that causes a load average of 600+ when running on a system with 44 real cores.

I was surprised to see a 6% performance benefit in hyper-threading for building the SE Linux policy as I didn’t think there was enough use of threading or multiple processes to allow that.

Many build scripts use a number of processes that match the number of apparent CPU cores. While “make -j 88” might give a theoretical performance benefit on a 44 core system it will also take a lot of RAM and any paging will outweigh the benefits of hyper-threading. On a system with only 4 real cores there’s less potential for using too much RAM and as security isn’t so important on that system I will leave it on.

Comparing the CPUs

The best results of the Z640 and Z4G4 are only 50% faster than the best results of the Z420.

The Z420 has a E5-2620 CPU which is far from the fastest CPU available for that system – the E5-2687W has 8 cores and rates 10,021/1,669 on passmark [8] which is far better than the 5,331/1,114 the E5-2620. The E5-2687W is the fastest CPU that HP lists as supported by the Z420 and it supports DDR3-1666 RAM as opposed to the DDR3-1333 that is the fastest that the E5-2620 supports. With suitable hardware upgrades the Z420 would probably only take about 20% longer to do builds of the SE Linux policy and other packages that can’t take advantage of more than 8 CPU cores.

The Z4G4 system has 4 RAM channels which means that you should get some performance benefits from having 4 DIMMs, my system currently has 2 and I haven’t yet managed to get more DDR4-2666 DIMMs. But I’d still expected a W-2125 CPU with 2*DDR4-2666 DIMMs outperform any E5-26xx CPU with 4*DDR4-DDR-2400 DIMMs for tasks that average less than 4 CPU cores.

In retrospect I would have been better off getting a HP Z820 (two socket server with DDR3 RAM) than the first DDR4 systems I got. It seems that for reasonable size builds a two socket system comes close to twice the speed of a single socket system. I did briefly own a HP ML350 two CPU system with DDR3 RAM but it was too noisy for my intended use as a deskside workstation so I sold it.

Things to Investigate

I plan to do more investigation on BTRFS compression, how to get the best compression without excessive delays and how to recognise when delays are happening. I have some SSDs that have sustained write speeds as low as 15MB/s (Crucial P1 series) so for those I could probably have very high compression levels without slowing the system down.

The fact that BIONC slows things down so much seems to be a bug. When processes are running with the IDLE scheduling class there shouldn’t be such significant delays. Is it due to cache thrashing? How can I best get BOINC suitably throttled when I’m sitting at my workstation, I don’t want BOINC connecting to the local X server (which it repeatedly tries to do). Do I need to tune my kernel for better handling of IDLE scheduling?

When I get more DIMMs in the Z4G4 I need to do more tests to see if it gives an overall performance boost.

Also the Z4G4 system has a BIOS option for “sub NUMA” which basically means treating the different RAM channels on a single CPU as NUMA zones, I enabled that option which does nothing presumably because I only have 2 DIMMs, the results when I have 4 DIMMs will be interesting. I will also do some NUMA tests on the Z840 to see what benefits it gives.

I have a selection of RAM speeds that will work in the Z4G4, if I have enough spare time I’ll test what difference that makes for CPU bound tasks that matter to me.

For package building fsync() is not helpful, if the system crashes before it’s done then I will just do the build again. For a build cluster it is probably a good feature and probably doesn’t affect aggregate performance when multiple packages are built at the same time, but for the single user case probably not. I will investigate libeatmydata for package building [9].

Conclusion

The progress in CPUs seems to have slowed down a lot recently. The main benefits seem to be in more CPU cores and for newer sockets with more RAM channels.

The CPUs that do have improvements in single core performance are the i9 series (which mostly doesn’t come with motherboards supporting ECC) and AMD CPUs (which is rare in enterprise class hardware). Maybe I should get a server with an i9 or AMD CPU for tasks that need a fast turn around with a small number of cores. That would probably outperform any CPU designed for large core counts for things like building the policy and setting up test VMs (which depends on package installation speed that is single core bottlenecked).

The W-21xx CPUs seem to offer little benefit over the E5-26xxv4 CPUs and not a lot of benefit over E5-26xx CPUs (with DDR3). Even the W-22xx CPUs look like they aren’t going to offer a lot as they are only an incremental improvement over the W-21xx series. I had considered making the Z4G4 my main desktop workstation after the high end W CPUs become affordable, but it looks like that won’t be worth it until such CPUs drop from the current ebay price of $900 to $100.

I think I’ll keep waiting for a decent socket LGA3647 or DDR5 based server [10] for my next significant upgrade.

Tables

Building SE Linux Refpolicy

System BOINC Compression CPU Time Elapsed CPU%
Z640 no 8 248.82user 55.58system 1:23.88elapsed 362%CPU
Z4G4 no 5 245.15user 34.63system 1:24.93elapsed 329%CPU
Z640 no 5 244.75user 34.87system 1:25.98elapsed 325%CPU
Z4G4 no 10 245.21user 35.64system 1:29.63elapsed 313%CPU
Z640 no 8 248.71user 55.90system 1:33.01elapsed 327%CPU
Z640 no 10 250.90user 55.78system 1:42.12elapsed 300%CPU
Z640 yes 8 298.19user 69.30system 1:59.77elapsed 306%CPU
Z640 yes 10 300.58user 68.90system 2:01.53elapsed 304%CPU
Z420 no 5 359.01user 44.95system 2:07.33elapsed 317%CPU
Z640 yes 5 322.40user 71.82system 2:34.66elapsed 254%CPU
Z420 yes 5 372.03user 42.95system 2:42.15elapsed 255%CPU
Z640 yes 15 299.26user 67.18system 2:59.77elapsed 203%CPU
Z640 no 15 250.05user 54.60system 3:07.61elapsed 162%CPU

Building Warzone 2100

System BOINC Compression CPU Time Elapsed CPU%
Z840 no 10 6549.21user 89.46system 4:18.90elapsed 2564%CPU
Z840 no 5 6533.81user 90.50system 4:19.24elapsed 2555%CPU
Z640 no 5 7040.87user 183.12system 7:13.50elapsed 1666%CPU
Z840 yes 5 8039.52user 169.62system 8:02.86elapsed 1700%CPU
Z640 yes 5 7486.44user 205.03system 11:09.97elapsed 1148%CPU
Z4G4 no 5 7891.32user 74.45system 17:48.03elapsed 745%CPU
Z4G4 no 10 7942.10user 77.43system 17:58.72elapsed 743%CPU

Hyper-Threading

Build HT Compression CPU Time Elapsed CPU%
Warzone yes 5 7891.32user 74.45system 17:48.03elapsed 745%CPU
Warzone yes 10 7942.10user 77.43system 17:58.72elapsed 743%CPU
Warzone no 5 4492.45user 59.09system 19:59.01elapsed 379%CPU
Warzone no 10 4497.28user 59.46system 20:07.15elapsed 377%CPU
Refpolicy yes 5 245.15user 34.63system 1:24.93elapsed 329%CPU
Refpolicy yes 10 245.21user 35.64system 1:29.63elapsed 313%CPU
Refpolicy no 5 180.84user 29.74system 1:32.30elapsed 228%CPU
Refpolicy no 10 180.29user 30.07system 1:35.01elapsed 221%CPU

Related posts:

  1. HP z840 Many PCs with DDR4 RAM have started going cheap on...
  2. Firebuild After reading Bálint’s blog post about Firebuild (a compile cache)...
  3. Matching Intel CPUs To run a SMP system with multiple CPUs you need...

08:35

Birger Schacht: Status update, May 2026 [Planet Debian]

Debian Related Work

  • Uploaded labwc 0.9.7-1 to unstable; labwc 0.20 was released upstream since then, but it requires wlroots 0.20.1 which has not landed in Debian yet
  • Uploaded usbguard 1.1.4+ds-3 & 1.1.4+ds-4: cleaned up the packaging and fixed some long standing issues with the configuration; the legacy permission system isn’t the default anymore
  • Uploaded foot 1.27.0-1 to unstable
  • Uploaded scdoc 1.11.4-2 to unstable
  • Uploaded cage 0.3.0-2 to unstable
  • Uploaded sway 1.12~rc3-2 to unstable; on the same day sway 1.12 was released and I uploaded 1.12-1 to unstable
  • Uploaded swayimg 5.2-1 to unstable
  • Uploaded git-quick-stats 2.11.0-1 to unstable
  • Uploaded grim 1.5.0+ds-1 to unstable

DH Related Work

A big chunk of my DH related work went into designing & implementing a search app for the APIS framework. Our goal is to have a way of searching over various types of Django models. The app introduces a search model that indexes all registered models. We use a combination of PostgreSQLs full text search and Trigram Similarity to find the search results. Using a SearchVectorField and GinIndices for the trigram indexed fields we can reach a somewhat acceptable performance.

We released versions 0.63 and 0.64 of the APIS framework. The 0.63 release introduced the new entities app, which will soon hopefully replace the legacy apis_entities & apis_metainfo modules. Version 0.64 moved some logic from the legacy modules the entities module.

We made some progress in defining the endpoints for the PFP API.

08:28

A Shocking Display [Penny Arcade]

New Comic: A Shocking Display

07:49

Rotation revisited: Cycle decomposition in clang’s libcxx [The Old New Thing]

We got distracted by the rotation algorithm in gcc’s libstdc++, but let’s get back to the cycle decomposition algorithm in clang’s libcxx.

The implementation in clang’s libcxx performs the minimum number of swaps, roughly n/2, where n is the total number of elements. It does so by viewing the rotation as a permutation and walking through each of the cycles.

For notational convenience, let a be |A| and n be |A| + |B| (the total number of elements). The number of cycles is gcd(a, b), and the k‘th cycle consists of the elements starting at first + k, and then stepping to the next element by moving forward another a elements, with wraparound, until you return back to the starting point.

For example, if you have |A| = 4 and |B| = 6, then the cycle that starts at A1 takes 4 steps forward to continues to B1; takes another 4 steps forward to B5; then takes 2 steps forward, wraps around, and then two more steps forward, landing on A3; then takes 4 steps forward to B3; and then takes 4 steps forward and wraps around to A1, which is the starting point.

A1 A2 A3 A4 B1 B2 B3 B4 B5 B6
A1 A2 A3 A4 B1 B2 B3 B4 B5 B6
A1 A2 A3 A4 B1 B2 B3 B4 B5 B6
A1 A2 A3 A4 B1 B2 B3 B4 B5 B6
A1 A2 A3 A4 B1 B2 B3 B4 B5 B6
A1 A2 A3 A4 B1 B2 B3 B4 B5 B6

There’s another cycle that starts at A2 and continues to B2, B6, A4, B4, then back to A2.

Now, we’ve been counting swaps, but a single-element rotation is not done as a sequence of swaps, but rather by picking up the first element, sliding all the other elements over, and then putting the original first element at the end. I’ve been informally calling an assignment “half of a swap”, though a swap is really a constructor, two assignments, and a destructor. But let’s stick with the “half a swap” accounting fiction.

The rotation algorithm goes like this:

auto a = std::distance(first, mid); // number of "A" elements
auto n = std::distance(first, last); // total elements
auto g = gcd(a, n); // number of cycles

for (auto k = 0; k < g; ++k) {
    // Rotate the elements in the cycle starting at k
    auto save = std::move(first[k]);
    auto i, next = k;
    while (i = next, next = (i + a) % n, next != k) {
        first[i] = std::move(first[next]);
    }
    first[i] = std::move(save);
}

For example, if rotating A1, A2, B1, B2, B3, B4, there are two cycles: A1, B1, B3; and A2, B2, B4. The elements within each cycle rotate one position.

  A1 A2 B1 B2 B3 B4

And when you’re done with all the cycles, you’ve rotated the entire A and B blocks.

B1 B2 B3 B4 A1 A2

This performs n/2 swaps, which is the fewest swaps of all the algorithms we’ve looked at so far. However, it has terrible locality because the elements in the cycle are all spread out.

Calculating the greated common divisor of two numbers can be done in O(log n) steps via Euclid’s algorithm.

int gcd(int a, int b)
{
    do {
        auto r = a % b;
        a = b;
        b = r;
    } while (r);
    return a;
}

Commenter Brent thought that the cycle decomposition algorithm was obvious. Of course, the trick is the step they called “Repeat”. How many times do you repeat?

The clang libcxx algorithm calculates the number of repeats by taking the gcd. But there’s a trick so we don’t have to calculated it at all. We’ll look at that trick next time.

Bonus chatter: I think it’s interesting that of the three major implementations of the C++ standard library, each one uses a different rotation algorithm when given random-access iterators!

The post Rotation revisited: Cycle decomposition in clang’s libcxx appeared first on The Old New Thing.

05:49

Girl Genius for Friday, June 05, 2026 [Girl Genius]

The Girl Genius comic for Friday, June 05, 2026 has been posted.

00:00

Thursday, 04 June

23:42

A Very Fond Farewell To Misaky Tokyo [Whatever]

All the way back in 2022, I posted about a candy company I had recently discovered called Misaky Tokyo. They specialized in kohakutou, a traditional Japanese candy that looks like gems and geodes. Basically fancy rock candy. And I was enamored with them. I loved the lux branding, the idea of beautiful treats meant for special occasions that were more than just candy. Not only did the candy feel special, but the brand felt special since it was a minority, LGBTQIA+, woman-owned business that was constantly making a difference by donating to charities such as the LA LGBTQ Center and the AAPI community.

Misaky Tokyo was classy, cool, fun, and authentic. And they were generous! They gifted me two of their delicious boxes after my first review of them. I ended up buying more boxes from them shortly after, but that gesture of kindness really stuck with me.

I was sad when they took a break for a while, but I always hoped they’d come back after a well deserved rest. In an unexpected turn of events, Misaky Tokyo is closing the door on this chapter, after the owner’s battle with cancer.
View this post on Instagram

As said in the video, they had a final sale to close out Misaky Tokyo for good. Of course, I had to get in on this, and bought their Complete Farewell Set, which came with one 5-gem box and two 3-gem boxes, so eleven gems total. I am so glad I get to experience them one last time, as they sold out of these very quickly, and I have never found kohakutou that is as stunning and delicious as Misaky’s.

So let’s take one last look at Misaky Tokyo’s lovely candy together, and wish them well in their new chapter.

Two white rectangular boxes with green and gold ribbons plus a big green square box with a red and gold ribbon.

The two 3-piece boxes had the exact same gems in it, so I ended up gifting one to my cousin and she thought it was so cute!

A shot of the three gems in the 3-gem box, unwrapped and displayed on top of the white box with the flavor card in front.

The 5-piece set ended up having those same pieces in it, plus two other flavors:

Five gems laid out on a small white and purple floral plate.

So, not a ton of diversity in this set, but it makes sense since it was their last run and they were probably just trying to focus their efforts on giving people their last hurrah and not focusing on broadening their flavor horizons. Regardless, I’m so glad I got to enjoy Misaky Tokyo and even share them one last time! I truly wish them the best moving forward and will really miss their lovely kohakutou.

Did you ever get the chance to try them? Do you have any other kohakutou businesses you recommend? Let me know in the comments, and have a great day!

-AMS

23:35

Dave Airlie on Linux Kernel Maintenance (SE Radio) [LWN.net]

The Software Engineering Radio podcast has put up an interview with graphics maintainer Dave Airlie. Much of what is in there will not be news to LWN readers, but it is an interesting overview of the life of a large-subsystem maintainer.

I was talking to a few of the Rust people, and I thought: these are very young people, these are a group of people in their 20s, maybe 30s, they are a younger cohort of developers than the people I am normally used to dealing with. I thought there was maybe a good way we could bring these groups together. I think that having young people coming into the kernel using Rust is valuable... So I thought that I should be supportive of bringing Rust into the kernel.

23:14

22:28

21:42

20:56

Reproducible Builds: Reproducible Builds in May 2026 [Planet Debian]

Welcome to the May 2026 report from the Reproducible Builds project.

These reports outline what we’ve been up to over the past month, highlighting items of news from elsewhere in the increasingly-important area of software supply-chain security. As ever, if you are interested in contributing to the Reproducible Builds project, please see the Contribute page on our website.

In this month’s report, we cover:

  1. Debian to ship reproducible packages in forky and beyond
  2. Holger Levsen on reproducing official Debian packages
  3. Reproducible Builds 2026 summit to be held in Gothenburg, Sweden
  4. Kettle: Attested Builds for Verifiable Software
  5. New rebuilderd version announced
  6. Reproducible open source messengers
  7. Distribution work
  8. Misc news
  9. Patches
  10. Documentation updates


Debian to ship reproducible packages in forky and beyond

In a huge change in Debian’s reproducibility policy, the Debian Release Team announced that:

… we’ve decided it’s time to say that Debian must ship reproducible packages. Since yesterday, we have enabled our migration software to block migration of new packages that can’t be reproduced [on reproduce.debian.net] or existing packages in testing that regress in reproducibility.

That is to say, if newly-uploaded packages are not reproducible, they won’t be considered candidates for inclusion in the next stable release of Debian codenamed forky. (Some exceptions may be granted.)

This news generated a number of articles and comments in various news outlets:


Holger Levsen on reproducing official Debian packages

Reproducible Builds developer Holger Levsen gave a talk at the 2026 Hamburg MiniDebconf this year on the topic of reproduce.debian.net - reproducing what is distributed from ftp.d.o.

Holger’s talk announced that Debian intends to ship only reproducible packages in forky and beyond (see above), but also talked more broadly about reproducible builds, our testing framework and the Debian archive. That is to say, moving away from testing whether a package is reproducible in a theoretical sense (eg. whether we can build it twice in different environments and achieve the same result in our test system), and attempting to reproduce the same .deb files in the official Debian archive itself. This small-sounding distinction is actually essential, as this is the only means through which the reproducible builds technique can determine whether build systems are compromised are not.

A video (32m37s) of the talk is available, as are Holger’s slides.


Reproducible Builds 2026 summit to be held in Gothenburg, Sweden

As initially announced in March 2026, we will be having our yearly Reproducible Builds summit 2026 in Gothenburg Sweden, from September 22 until 24, followed by two days of hacking!

Further information will be provided on our website and on the rb-general mailing list very soon.


Kettle: Attested Builds for Verifiable Software

André Arko and Amean Asad published a paper this month on Kettle, a build system that “produces cryptographically verifiable provenance for software built inside Trusted Execution Environments”:

A Kettle build records the source commit, dependency set, toolchain, build environment and output artifact digests in a provenance document produced inside a measured confidential VM. The SHA-256 digest of that document is committed to the TEE platform’s attestation report-data field, so the hardware-signed attestation report is itself the signature on the provenance, with the signing identity chaining to the TEE manufacturer’s root of trust rather than to the build infrastructure operator. Because the CVM image is itself reproducible, its launch measurement is public and stable, which lets a build requester pre-attest the CVM before submitting any input and optionally deliver source over a TLS channel terminated inside it, so the build runs end-to-end confidentially without the host ever seeing source code in plaintext.

A PDF of the paper is available online.


New rebuilderd version announced

rebuilderd, our server designed for monitoring the official package repositories of Linux distributions and attempt to reproduce the observed results there; it powers, amongst other things, reproduce.debian.net.

A new version, 0.27.0, was released this month, with the following headline changes:

  • Improved .udeb support
  • Breaking changes in pkg sync configuration
  • Manual cleanup needed for Arch Linux instances

As kpcyrd’s announcement mentions:

The new rebuilderd package is currently available in the extra-testing repository. Note the Arch Linux package is upgraded from v0.25.0 from v0.27.0; please be patient with the database migrations on first restart, and make yourself familiar with the breaking changes in v0.26.0 too.


Reproducible open source messengers

GitHub developer BarbossHack is maintaining an repository/page on GitHub to “track reproducibility status of open source messengers”.


Distribution work

In Debian this month, the loong64 architecture was added to reproduce.debian.net. This is a 64-bit Reduced Instruction Set Computer (RISC) instruction set architecture developed by Loongson.

Vagrant Cascadian performed Non-Maintainer Uploads (NMUs) in Debian for several packages with outstanding patches over a year old. These included rocdbgapi, onevpl-intel-gpu, python-pytest-shell-utilities, python-mt-940 and pympress.

On tests.reproducible-builds.org, Vagrant Cascadian fixed the huge spike in build failures by adding passwd to the base tarballs, and re-enabled building gcc and binutils packages with PGO (Profile Guided Optimization) and LTO (Link Time Optimization) to avoid giving a false sense of reproducibility.

Inconsistencies on the reproducibility of the condor package were brought up on the Debian reproducible-builds mailing list. Following a hunch, Vagrant Cascadian eventually identified the issue was related to embedded kernel versions which was then fixed upstream and fixed in Debian as well.

Lastly, 40 reviews of Debian packages were added, 68 were updated and 75 were removed this month adding to our knowledge about identified issues. A number of issue types were updated, such as the addition of a new sphinx_reading_durations toolchain issue [], a golang_mango_generates_manpages_with_build_date issue [] and a random_offset_id_in_cython_linetrace []. In addition, the timestamps_in_qhc issue was “refocused” to timestamps_in_qhc [].


In Fedora, Jelle van der Waa submitted a request for an official Fedora rebuilderd package which was reviewed by Neal Gompa.


Lastly, Bernhard M. Wiedemann posted another openSUSE monthly update for their reproducibility work there.


Misc news

On our mailing list this month:


Patches

The Reproducible Builds project detects, dissects and attempts to fix as many currently-unreproducible packages as possible. We endeavour to send all of our patches upstream where applicable or possible. This month, we wrote a large number of such patches, including:


Documentation updates





Finally, if you are interested in contributing to the Reproducible Builds project, please visit our Contribute page on our website. However, you can get in touch with us via:

20:35

libtool-2.6.1 released [beta] [Planet GNU]

Libtoolers!

The Libtool Team is pleased to announce the release of libtool 2.6.1, a beta release.

GNU Libtool hides the complexity of using shared libraries behind a
consistent, portable interface. GNU Libtool ships with GNU libltdl, which
hides the complexity of loading dynamic runtime libraries (modules)
behind a consistent, portable interface.

There have been 34 commits by 14 people in the 37 weeks since 2.6.0.

See the NEWS below for a brief summary.

Thanks to everyone who has contributed!
The following people contributed changes to this release:

  Alexandre Janniaux (4)
  Alexey Samsonov (1)
  Anthony Mallet (1)
  Arnold (1)
  Dima Pasechnik (1)
  Frederic Berat (1)
  Ileana Dumitrescu (15)
  KO Myung-Hun (4)
  Kirill Makurin (1)
  Mintsuki (1)
  Nicolas Boulenguez (1)
  Olly Betts (1)
  Patrice Dumas (1)
  Richard J. Mathar (1)

Ileana
 [on behalf of the libtool maintainers]
==================================================================

Here is the GNU libtool home page:
    https://gnu. ... g/s/libtool/

Here are the compressed sources:
  https://alpha.gnu ... tool-2.6.1.tar.gz   (2.1MB)
  https://alpha.gnu ... tool-2.6.1.tar.xz   (1.1MB)

Here are the GPG detached signatures:
  https://alpha.gnu ... -2.6.1.tar.gz.sig
  https://alpha.gnu ... -2.6.1.tar.xz.sig

Use a mirror for higher download bandwidth:
  https://www.gnu.o ... rg/order/ftp.html

Here are the SHA256 and SHA3-256 checksums:

  File: libtool-2.6.1.tar.gz
  SHA256 sum:   52264ab2fca9464dea9f6a0355d39e49b18f40468b9b6dbc3d151a0dba307a4b
  SHA3-256 sum: 59826fb74043179c38a393448b92dfcdfbe9046fd3b23a7079665984f22d6688

  File: libtool-2.6.1.tar.xz
  SHA256 sum:   3fb21f1e99fcdd8565c9b00fb1371db457b82a0da7cba273e1617c954b0ad1ee
  SHA3-256 sum: 614bc3ed43293be989ec3305dae42fc4e81234429477490734a40f6d3316560b

Verify the SHA256 checksum with either sha256sum, sha256, or
'shasum -a 256'.

Verify the SHA3-256 checksum with 'cksum -a sha3 -l 256 --base64'
from coreutils-9.8.

Use a .sig file to verify that the corresponding file (without the
.sig suffix) is intact.  First, be sure to download both the .sig file
and the corresponding tarball.  Then, run a command like this:

  gpg --verify libtool-2.6.1.tar.gz.sig

The signature should match the fingerprint of the following key:

  pub   rsa4096 2021-09-23 [SC]
        FA26 CA78 4BE1 8892 7F22  B99F 6570 EA01 146F 7354
  uid   Ileana Dumitrescu <ileanadumitrescu95@gmail.com>
  uid   Ileana Dumitrescu <ileanadumi95@protonmail.com>

If that command fails because you don't have the required public key,
or that public key has expired, try the following commands to retrieve
or refresh it, and then rerun the 'gpg --verify' command.

  gpg --locate-external-key ileanadumitrescu95@gmail.com

  gpg --recv-keys 6570EA01146F7354

  wget -q -O- 'https://savannah. ... ol&download=1' | gpg --import -

As a last resort to find the key, you can try the official GNU
keyring:

  wget -q https://ftp.gnu.o ... u/gnu-keyring.gpg
  gpg --keyring gnu-keyring.gpg --verify libtool-2.6.1.tar.gz.sig

This release is based on the libtool git repository, available as

  git clone https://https.git ... g/git/libtool.git

with commit 79de7bb71bc0a1167f4c4ae8bd897976a0ff2b51 tagged as v2.6.1.

For a summary of changes and contributors, see:

  https://gitweb.gi ... shortlog;h=v2.6.1

or run this command from a git-cloned libtool directory:

  git shortlog v2.6.0..v2.6.1

This release was bootstrapped with the following tools:
  Autoconf 2.73
  Automake 1.18.1
  Gnulib 2026-05-12 722f67e9716bf914c18d468336c1f4f9e5cce915

NEWS

  • Noteworthy changes in release 2.6.1 (2026-06-04) [beta]


** New features:

  - Pass 'resource-dir=*' flag for Clang.

  - Recognise explicit shared library arguments when linking dependency
    libraries to a shared library, like exists when linking a program.

  - Support OpenMP with macOS clang by processing '-Xpreprocessor
    -fopenmp' as one token.

** Bug fixes:

  - Store cygpath file path conversions correctly for MSYS2 and MSVC.

  - Fix syntax error in LT_PROG_OBJC and LT_PROG_OBJCXX.

  - Separate Objective C and C++ cache check for proper tagging support.

  - Fix in darwin to support values with spaces.

  - Limit the length of DLL name to 8.3 correctly to avoid corrupting a
    generated DLL on OS/2.

  - Remove unused variable on OS/2, which could cause issues with static
    library generation if defined.

  - Recognise more static linking options for Clang.

  - Fix emscripten CXX postdeps using non-PIC sysroot.

  - Avoid deprecated option '-o' with MSVC compilers and replace with '-Fe'.

  - Avoid overlinking of dependency libraries on ELF systems.

  - Ensure old libraries are not archived.

** Changes in supported systems or compilers:

  - Add support for SlimCC compiler.

  - Add support for *-ironclad-gnu.


Enjoy!

20:14

The Tidy House [Radar]

DJ Patil has spent the past several months on a listening tour. Wherever he travels, he finds a local university, pings faculty and students and anyone else who wants to show up, and runs an AMA. He’s heard from grad students who can’t get callbacks, hospital administrators dealing with federal policy changes that land like a change in the laws of physics, and executives who can’t forecast their AI spending past six months. He’s trying to synthesize all of it and help reframe the wider conversation.

DJ co-coined the term “data scientist,” served as America’s first chief data scientist under President Obama, and was chief scientist at LinkedIn. He’s a longtime O’Reilly author, going back to Building Data Science Teams and Ethics and Data Science, and he’s on the founding team at Devoted Health, where he’s spent the past decade building the kind of data infrastructure most organizations are still struggling to put in place. He calls it “the tidy house.” He sat down with me to talk about “the broken promise” in the job market that is driving AI sentiment, and why weak data infrastructure is a big part of the gap between what AI can do and what most institutions can actually absorb.

The broken promise

What DJ keeps hearing on his tour is anger and angst. One word that keeps coming up is “terrified.” Workers are worried about layoffs. Meanwhile, students, including those from top-tier universities like MIT, Carnegie Mellon, and UC Berkeley, have been applying to 300+ internships and getting fewer than 10 callbacks. Many had zero offers going into the summer. And the industry’s response has been to tell them to learn more AI and burn more tokens. What it comes down to, DJ explained, is “effectively a broken promise”:

We said, “Go to college, get these things, you’re going to get an internship, you’re going to get job training, you’re going to pay off your student loans, and then you’re going to have all the other things that are part of that social contract.”

What the students are feeling for the first time [is]. . .“Wait, if I can’t get this internship, . . .I’m fundamentally off trajectory from getting this job.” And it doesn’t have to be a technical person. It could be someone that is in marketing. It could be someone that’s in the liberal arts. It could be a researcher. . . .There are plenty of students that I have talked to who are supposed to be going to a doctoral PhD program or a medical school or something like that. The slots aren’t there because of the overall budget impacts. And so whether you call it AI impact or economic reframing, the thing is broken.

This is where both DJ and I have been trying to build a counter narrative. The story coming from the AI labs is destructive: “We’re going to put all of you out of work, and we’ll figure out the rest once the intelligence explosion arrives.” That’s bad PR for AI, but it’s also magical thinking. An economy is a circulatory system. You can’t put your customers out of work and at the same time expect that the economy will hum along as usual. A catastrophic recession could easily interrupt the funding that keeps AI on its growth path and the concentration of value that they assume will fund universal basic income and an expanded safety net.

That’s why I’m a fan of mechanism design: start from the outcome you want, then figure out the rules of the game that produces it. Right now, they’ve designed a game that concentrates all the value in the hands of AI first movers. They could be designing a game that generates value throughout the economy. But they aren’t building affordances for that.

YouTube ContentID is a good example of mechanism design leading to economic value creation. When unauthorized music use by online video creators triggered a backlash from rights holders, YouTube replied to the takedown notices with a way for both the people who owned the music and the people who wanted to use it to get paid. A whole creator economy came out of that design choice. The labs have the same opportunity in front of them and mostly aren’t taking it.

DJ had one concrete mechanism in mind:

Imagine OpenAI and Anthropic and Microsoft. . .get together and [say], “If you’re building something for your local community, we’ll fully subsidize the token cost for some period of time.”. . .We’re talking about marginal token usage relatively on the spectrum of things, but the potential innovation and use of AI to help local communities could be astounding. You’re not putting anybody out of a job with that. . . .You’re filling the holes that already exist in the system.

The OpenAI Foundation just announced it will put $1 billion into public-benefit projects this year, including $250 million aimed at building economic futures. It’s a start. But it mostly seems designed to ameliorate the bad effects of AI rather than to forestall them by building a more inclusive AI future. If the labs start investing in the human-plus-AI economy rather than just studying the job losses, the payoff to local communities could be real.

A makerspace to bridge the internship gap

DJ’s plan is to build a bridge. He’s launching a program, basically a makerspace, for students who don’t have an internship this summer. Over two four-week sprints, an initial cohort will get mentors, speakers, and the space to explore whatever they’re interested in. It doesn’t have to be AI. Whether they’re doing investigative journalism, screenwriting, or building civic tech, participants will get some experience with current tools and produce a tangible asset they can use to prove what they know. As I told DJ in our conversation, I think he’s really on to something, and I’d love O’Reilly to be part of what he’s building.

There’s a kind of person who has always been at the center of the O’Reilly community and never waited for a job description. High school and college dropouts who started companies, built open source software packages, or otherwise took the future into their own hands. People who looked around, found something that needed doing, and did it. DJ is one of them. He’s a community college kid who learned from a good local library, from the books with the “funny animals” on the cover, and from open source. That path is still open. The early O’Reilly business came out of exactly this instinct. We were a tech-writing consulting shop, and when we ran out of paid work, we wrote manuals that didn’t exist yet but that we thought were needed. Later, when there were big conferences for every corporate technology and none for open source, we ran the first one for Perl. Conferences became a whole new business for us. You look for the gap and you fill it.

DJ pushes the same idea down to the level of the neighborhood:

If you want to feel rewarded, go fix something in your neighborhood. Go help out the food pantry. Go help out the local foster child care system. Go help out. . .parks and rec. Use those skills to go do something, and then you’re going to see. . .people respond in a different way. . . .The target-rich area for problems is massive. You just have to look.

I’ve never bought the jobless-future story. Back when I wrote WTF? in 2016, I pointed out that there is so much around us that needs to be made better. The constraint has never been a shortage of problems. AI gives us new tools for solving them. It should be a way to put people to work, not out of work.

The organization is the AI bottleneck

DJ has also been visiting hospitals and clinics and talking to CIOs and CTOs as part of the tour, and what he’s seeing is alarming.

The federal changes to Medicaid and the Affordable Care Act are landing on systems that were already near collapse. Hospitals that depended on outpatient procedures like colonoscopies for margin are watching volumes drop 20% to 30% because people can’t afford insurance. Some are running $1 million a day behind, a $300 to $400 million shortfall for the year.

At the same time, AI companies are telling those same hospitals to move into the new world, and partly because of the “you will soon be replaced” narrative from the AI labs, labor is responding the way the Kaiser nurses did in California, where any use of AI was off the table as a bargaining condition. As DJ pointed out, we can’t afford to disregard AI when it has the potential to automate the most painful parts of healthcare workers’ jobs and let them “do the job they’re trained for” without the administrative burden. Businesses need to change not just their narrative but their strategy. They need to be saying, “We’re going to use AI to help you do more for our customers. We’re going to make your job more human and let the machines deal with the BS.”

There’s a version of this where the efficiencies AI creates get plowed back into better patient care. There’s also the version that’s actually happening in most places, where private equity captures the savings as profit. The difference is institutional design, and that’s where reform isn’t happening. I saw this directly with a Code for America project called Clear My Record. A California initiative had turned a number of petty crimes into misdemeanors, but very few people were petitioning to have their status changed. We started using software to streamline an absurdly convoluted criminal record expungement process, but then we asked ourselves why we were helping people fill out forms that shouldn’t exist. The law had already changed the record. The process should have been a database update, not something that required a petition to the court. That’s the kind of problem AI was born to solve. It can help us refactor old stuck processes and move to something way better.

Done right, DOGE could have been an opportunity to carry out that kind of real institutional change at scale. Instead it became a wrecking ball, and it’s given the whole idea of institutional reform a bad name.

The Silicon Valley default assumes that incumbents will just get disrupted by startups, the way media was by Google and Meta and retail was by Amazon. There’s some truth to that. But disruption takes much longer than people think, and in a domain as central as healthcare or government services, the delay means real harm to real people. Healthcare is a third of the economy. You can’t just let it fail and rebuild it fresh while people depend on it for survival.

Data infrastructure is the competitive advantage

DJ’s term for the alternative he’s living with at Devoted is “the tidy house.” He built the boring infrastructure years before LLMs existed, and that’s why the company could move the moment AI arrived. People don’t think about having well organized, effective data infrastructure as the deep secret behind enterprise AI adoption, but DJ is right. As we work on O’Reilly’s own transformation and talk with our customers about what’s holding them back, it’s a huge part of the problem.

One of the ways we’ve tried to make this work is fundamentally still data 101, unified data environments, data flows that are clean, that have a lot of organization. . . .Because we invested so heavily in that infrastructure, the dumb, boring, painful parts of making sure you’ve got a really great data warehouse, great data engineering pipes, all of the metadata that goes with it, when AI shows up, you get to use it right away. Now you get to focus on the orchestration, the harness, all those pieces.

While other organizations are reconstructing ETL inside context windows and paying for it in GPU costs, Devoted’s team gets to work on the actual clinical problems. As DJ put it, transforming a healthcare system is “like walking and chewing gum while balancing bowling balls on your head and on a unicycle,” with the laws of physics changing on you the whole time. The organizations that come through it will be the ones that did the unglamorous work of keeping clean, flowing data with its lineage and metadata intact. The ones that didn’t will keep paying to reconstruct context they should have had all along.

The pharmacists who built their own agents

The tidy house pays off when you put the tools in the hands of people who already know the domain. At Devoted, clinicians are building things without waiting for a product manager to learn the problem first. These frontline workers have already spent decades understanding it.

A pharmacist. . .says, “Hey, you know what? I’m really worried when I see these kinds of drugs show up together. That’s not a good thing. . . .Why don’t I have an agent that alerts me every time this happens? I should just automate it because maybe one of the patients gets prescribed something by another provider and we don’t see it.” So the pharmacist [says,]. . .”I’m just going to build that agent.” Now I’ve got an agent always looking for bad drug interactions. And another pharmacist says, “I’ve got my own version of that.” . . .So I say, “Hey, agent, I want you to go ask all the pharmacists that we have a quick survey of what might be happening. . . .What are the universe of things that we should be watching out for?” Now I’ve got a robust medical layer. . .looking out and protecting all of our members from bad drug interactions. Having the right infrastructure makes it possible to act on decades of accumulated judgment distributed throughout the organization.

The histogram is still the most powerful product

You don’t need exotic tooling to get value out of data, and DJ punctured the assumption that you do.

Oftentimes, I tell people, the most powerful data product you can build is still a histogram. Just give me a distribution of what’s going on. . . .AI gives us a tremendous opportunity to let people [access this data quickly], but we’ve got to figure out the guardrails, so people don’t ask [questions] or get answers. . .[without realizing] that there’s a flaw in how they’re asking it.

Every time a new technology empowers employees to make innovative use of corporate data, there is resistance. We’ve been in this loop since the beginning of the data movement, DJ explained. The stewards of the data warehouse stand at the gate and say, “You shall not pass!” Then democratization breaks it open, and the gatekeepers reconstitute themselves in the next era. Hadoop did it last time. LLMs are doing it now, and the temptation to insist that only experts can use the tools correctly is as strong as it’s ever been. You do need ways to catch errors. But the goal should always be access.

The real opportunity is in the layers above AI models

DJ and I also talked about the new discipline forming inside computer science, engineering the trade-offs between conventional software and LLMs, when to reach for a local or open weight model, and understanding what inference actually costs against the value it returns.

Getting that right requires an expanded view of mechanism design. While this isn’t how economists talk about it, many advances in technology are really just that: redesigning the rules of a game to get better outcomes. Pay-per-click advertising started as a crude auction that sold to the highest bidder, and then Google refined it into something that worked. Rob McCool wired a web server to a database with CGI and ushered in a decade of invention of new mechanisms for data-driven websites. Or take Apache Kafka, which DJ reminded us began as a project to help LinkedIn rein in its Splunk bill and only later became the foundation for a company and an ecosystem.

We’re at the front of an architectural innovation cycle now, and the biggest opportunities are not in the models themselves but in the layers above them. That’s also where a renaissance of open source for the AI era could happen.

DJ and I are both, as he says, “this giant human LLM, summarizing and distilling all the things we’re hearing” from a lot of people. What we’re hearing is that the technology is mostly ready, but our institutions are not. What’s lagging is the organizational and economic infrastructure that lets universities, hospitals, data teams, and the labs themselves actually deploy what’s been built.

It’s time to get busy!

On June 10, Harper Reed, cofounder of 2389 Research, will join me to talk about why the future of software depends on creativity, serendipity, and building weird stuff. And on July 9, Trail of Bits cofounder and CEO Dan Guido will stop by to share his playbook for going AI native. You can register to attend them live here. You can also follow Live with Tim O’Reilly on YouTube, Spotify, Apple, or wherever you get your podcasts.

20:07

Roku launches open-source embedded Roku LT OS [OSnews]

Roku, the company that makes TV boxes and sells ad space based on your usage patterns, has released its remote control operating system as open source – and by remote control I don’t mean robot stuff or whatever, but actual remote controls, the thing you use to control your TV or whatever from the couch.

Roku has announced the official availability of Roku LT OS – a lightweight, highly deterministic open-source operating system that is already used in our industry-changing Roku remote controls.

[…]

In addition to high-performance automotive platforms, Roku LT OS is designed to be accessible to the broader developer community. The operating system ships with native support for the ESP32 platform, a highly popular SoC among hobbyists and makers. Because ESP32 development boards are widely available online for just a few dollars, developers can get started with Roku LT OS with minimal hardware investment.

↫ Roku’s developers blog

As far as I can tell, this operating system is entirely new and not based on Linux or something else, but the available documentation is light on details so I can’t make much more out of it. Regardless, it’s nice to have another open source embedded operating system.

19:21

Knowing What You Don’t Know [I, Cringely]

Why the next real breakthrough in AI isn’t a bigger brain — it’s a machine that can admit ignorance.

A reader caught me out.

Last column I argued that the great AI buildout — the hundreds of billions pouring into data centers and the GPUs that fill them — is aimed at the wrong layer. We are spending as if the bottleneck were the size of the model’s brain, when the real bottleneck is getting the right information in front of it. Cheap retrieval, I said, not expensive cognition.

A reader replied, pointing out the name Jevons.

In 1865, a young English economist named William Stanley Jevons noticed something strange about coal. As steam engines got more efficient — as they wrung more work out of every lump — Britain did not burn less coal. It burned more. Efficiency made steam power cheaper, cheaper made it worth using everywhere, and “everywhere” swamped the savings many times over. The better we got at not wasting the stuff, the more of it we wanted.

The reader’s point was simple and, annoyingly, correct. Even if I’m right that retrieval is cheap and the brains are overbuilt, that won’t shrink the GPU bill. Make AI cheaper to run and we will simply run more of it. Demand eats the savings. The buildout survives. Jevons always wins.

He’s right. I concede the whole thing.

And I want to thank him, because in correcting me he handed me a better column.

Here is what I should have said the first time. The case for what comes next in AI was never really about cost. Cost is a weak argument; cost gets competed away, and Jevons makes sure of it. The argument that does not get competed away — the one still standing after the dust settles — is honesty.

There is exactly one problem in artificial intelligence that no amount of cheaper compute, and no amount of bigger compute, has ever solved or can solve by getting cheaper or bigger: the machine does not know what it does not know.

Ask today’s best models a question they cannot answer, and they will not pause. They will not hedge. They will hand you a fluent, confident, beautifully formatted answer that happens to be wrong, and they will deliver it with precisely the same swagger they bring to the answers that are right. We have taught them to sound certain. We have not taught them to be calibrated. And you cannot Jevons your way out of that. Make a confident liar a thousand times cheaper and you have fixed nothing — you have a thousand times more confident lying.

In a consumer toy, this is a parlor trick gone wrong. The chatbot invents a court case, the lawyer who trusted it gets sanctioned, everyone has a good laugh, life goes on. In an enterprise, it is the whole reason the technology keeps stalling at the door.

I have watched this movie up close. A bank, a hospital, an insurer, a law firm — they do not deploy a system that is confidently wrong five percent of the time. They can’t. Five percent confidently wrong, in a contract or a diagnosis or a compliance filing, is not a rounding error. It is a lawsuit, a recall, a fine, a firing. So the pilot dazzles everyone in the demo and then dies quietly in procurement, and the executives go back to muttering that AI “isn’t ready” — and they are right, but not for the reason they think.

The thing standing between AI and the enterprise was never speed and was never price. It is trust. And trust is not a mood; it is a property. It requires the machine to know the boundary of its own knowledge and to tell you, out loud, when you have walked past it.

Twenty-four hundred years ago the smartest man in Athens built a whole philosophy on four words: I know that I know nothing. Socrates’ entire edge was that he knew the edge — he could feel where his competence ran out. That, not raw recall, is what we actually mean when we call someone an expert. The junior analyst answers every question. The senior one says, “I’d have to check.” We trust the second one more, and we are right to.

We have built, at staggering expense, the AI junior analyst. Confident everywhere. Calibrated nowhere. The breakthrough that matters — the one I would put real money on — is not a model that knows more. It is a model that knows when it doesn’t, and has the nerve to say so.

And here is why this argument, unlike my last one, is bulletproof. Efficiency is a commodity; it falls in price until it is nearly free, and Jevons drags the demand along behind it. But knowing what you don’t know is not an efficiency. It is a capability. It either lives in the system or it doesn’t. You cannot out-cheap your way to it, which means no one can Jevons their way past it. The moment a buyer can choose between an AI that fabricates and one that flags its own ignorance, there is no contest — and no price war that changes the outcome. Honesty does not get absorbed by demand. It gets demanded.

Can such a thing actually be built — a system that checks itself against what it genuinely knows and raises its hand when it has wandered outside that — or is “I don’t know” forever beyond a machine that is, at bottom, an engine for guessing the next plausible word? I think it can be built. I think the architecture for it looks nothing like the brain-in-a-bigger-jar we have been financing. (Full disclosure: I have co-founded a company, 2Brains, built around exactly this problem, so discount my optimism by whatever margin you judge fair.) But the how is a column for next time.

For now I will leave you with the reader who set me straight. He read my argument, found the spot where it didn’t hold, and said so plainly. He knew the edge of what I had proven, and he had the nerve to name it.

That is the whole trick.

The machines should be so lucky.

 

The post Knowing What You Don’t Know first appeared on I, Cringely.






Digital Branding
Web Design Marketing

The placeholder name for the Windows 8 experience was “modern” [OSnews]

Raymond Chen shares some history regarding Windows 8’s development:

During the development of Windows 8, we needed a name for “that thing we’re creating.” Not being a particularly clever bunch when it comes to code names, we just called it “the modern experience,” to distinguish it from what we had in Windows 7, which was called “the classic experience.”

And then, as Microspeak demands, we started abbreviating like mad.

↫ Raymond Chen

Basically, they added “mo” for “modern” in front of everything, so the Metro shell became “MoSh”, the Settings application “MoSet”, and so on. And yes, the code name for the Photos application was exactly what it sounds like.

18:28

The Big Idea: James L. Cambias [Whatever]

Math can sometimes get in the way of a good story, but author James L. Cambias didn’t let pesky physics stop him from majorly transforming Venus. Blast off in his Big Idea to see how he managed to make Venus habitable, albeit not for humans, in his new novel, The Ishtar Deception.

JAMES L. CAMBIAS:

For this guest post, I thought I’d walk readers through the mental process of one of my own Big Ideas from my new book. The Ishtar Deception is the latest in my “Billion Worlds” series of books and stories set at the end of the Tenth Millennium. In that era, the Solar System is a vast “Dyson Swarm” of space habitats and solar collectors, soaking up most of the energy emitted by the Sun. On the scale devised by the Russian SETI researcher Nikolai Kardashev, the civilization of the Billion Worlds is a Type II. About a quadrillion biological beings live in the Solar System, and a larger number of intelligent machines.

It’s a big setting, and it means I can tell a wide variety of stories. The first Billion Worlds book, The Godel Operation, was a picaresque adventure bouncing around from the ring around Uranus to a space habitat near Jupiter and finally to Mars. The Scarab Mission was a kind of “haunted house in space” set aboard a space habitat depopulated by some mysterious disaster. The third, The Miranda Conspiracy, was a political thriller inside the Uranian moon Miranda.

For The Ishtar Deception I decided to take readers into the inner Solar System. I’ve made references in past works to the fact that Mercury doesn’t exist any more in the year 10,000, so I couldn’t send my characters there. Instead, I decided on Venus. My super-spy character Sabbath Okada would be assigned to a mission on Venus, and that in turn gave me my title, since Ishtar is a prominent surface feature on that world.

I had made vague references to Venus being terraformed in the distant future, but when I finally looked at the effort involved I realized there’d be no way to get the job done in a mere eight thousand years. Transforming Venus would take too long. 

And that made me wonder why anybody would bother to do it at all. If you live in, say, the year 6000, and have some unimaginable amount of energy (by our primitive standards) to play with, what’s the most useful thing you can do? If you apply it to trying to make Venus into a habitable world like Earth you’ll use all of it up to make some tiny incremental change. 

To reduce Venus’s atmosphere to something bearable you would have to physically remove something like fifty billion megatons of carbon dioxide from Venus. If you could somehow lift a hundred tons a second (never mind where you’re putting it) that would take fifteen thousand years of constant effort. Meanwhile you’re going to need to move a hundred times as much hydrogen to Venus if you want to support a biosphere. And let’s not even talk about the nine-month rotation. I have no idea how to fix that.

Or you can use the same amount of effort to build a few million more cozy space habitats to add to the Billion Worlds circling the Sun. Much more efficient. It’s a no-brainer, really.

But . . . that would leave my novel with Venus as it really is. An incredibly massive atmosphere of carbon dioxide, with a surface pressure equivalent to the ocean bottom a kilometer down on Earth, a temperature of 470 degrees Celsius (hot enough to melt lead and tin), winds blowing 300 kilometers per hour, and oh by the way there’s a significant amount of sulfuric acid in that dense atmosphere. Humans would only survive such conditions in massive submarine-like vehicles and structures, and even machines would have trouble with heat and corrosion.

Sure, you can maybe live in balloons floating in Venus’s upper atmosphere, where the temperature and pressure are not too different from what it’s like on Earth, so all you need to do is make some oxygen to breathe. But, again, it’s hard to see how a balloon city on Venus would be better than a space habitat. And all the while, there’s a whole planet’s worth of matter — metals, silicon, sulfur, carbon, oxygen, phosphorus, and other treasures — just out of reach down there under that hellish atmosphere.

You can’t “bio-terraform” it, as Carl Sagan once suggested, by introducing blue-green algae and letting the plants do for Venus what they did for Earth. There’s just too damned much atmosphere! If your plants were perfectly efficient and broke down all of Venus’s carbon dioxide to oxygen, well then you’ve got a planet with an atmosphere of nearly pure oxygen at about 60 times Earth’s surface pressure. As one of the characters in my book notes, it’s hard to think of anything that wouldn’t burn under those conditions. 

So I decided that my future civilization would just take a simpler, cheaper, faster approach. Forget about turning Venus into a world with oceans and forests, let’s just make it something that isn’t instantly lethal to both biological and electronic intelligences.

The result: “cryoforming.” All you do is build a big sunshade and park it at the L1 point between Venus and the Sun, blocking all the sunlight from reaching the planet entirely. The sunshade will, naturally, harvest all that energy so whatever else you’re doing on or around Venus will have plenty of power. And then you wait a few centuries for Venus to radiate away all the heat contained in that massive atmosphere and the upper part of the crust. 

First the sulfuric acid rains out, puddling on the ground and collecting in little lakes. As Venus gets cooler the acid becomes a waxy solid. Then the carbon dioxide starts to crystallize, falling as dry ice snow. At first it melts on hitting the warm ground, of course, but eventually it sticks, and then accumulates. Without an energy differential the winds calm down, from hundreds of kilometers per hour to something more like what we see on Earth.

And overhead, an observer on the surface can see something that hasn’t happened on Venus in billions of years: the stars come out. 

I figure my future civilization would stabilize the temperature a few degrees below the freezing point of carbon dioxide. Say, 50 or 60 degrees Celsius below zero. That gives you a planet with an atmosphere of pretty much pure nitrogen (with a few trace noble gases), and a surface pressure of roughly four times Earth sea level pressure. 

Nice? It depends on what you are. If you’re a human, or some other biological being, you still need breathing gear and heated clothing to go outside. You probably want to live at a lower pressure so all your cities will be built of diamond blocks and graphene like high-tech sea bases, and it’s still dark all the time. 

But if you’re a machine intelligence the new Venus has gone from hellish to something close to paradise! The air is dry and has no corrosive oxygen in it, yet it’s still dense and can provide superb cooling for your various energy-using systems. You and tens of billions of other machines can get to work digging up that crust with no pesky biosphere to worry about. 

So my far-future Venus becomes one of the resource treasure-houses of the Solar System. And as any cursory glance at history will reveal, that’s going to create plenty of opportunities for conflict. The Great Powers of the Tenth Millennium — the Lunar Republic, the Trojan Empire, and my main character’s bosses in Deimos — will fight each other for a piece of the Venusian pie.

I don’t really have space to go into some of the other details — like the giant wheels in orbit that serve as space elevators, or the culture and sports and politics of Ishtar. And I’m certainly not going to spill any secrets about the plot. To get clearance for that you have to buy the book.

Just a warning: in a novel called The Ishtar Deception, it’s a good idea not to trust anyone.

The Ishtar Deception: Amazon|Barnes & Noble|Bookshop|Powell’s

Author socials: Website

17:35

[$] Splicing out vmsplice() [LWN.net]

The splice() and vmsplice() system calls are meant to improve performance for certain data-movement tasks by minimizing (or avoiding altogether) system calls and the copying of data. They also have a long history of security problems. The recent flood of LLM-discovered vulnerabilities has drawn attention, once again, to splice() and vmsplice(); as a result, they may end up being removed altogether.

Quite Possibly The Worst View From A Hotel Room, 5/31/2026: Chula Vista [Whatever]

A truly amazing view of a sad little parking lot with a few cars in it. Across the street is another parking lot full of cars, plus a small building that's in a bit of rough shape. The dirty roof of the hotel is visible in my shot.

I am not currently in California anymore, but I felt rather inclined to share this photo I took from the second story of the oh-so-lovely hotel my grandma, mom, and I were in. Our first two nights in Cali were spent in the Hilton San Diego Bayfront, and the second two nights were at a much more modest location in Chula Vista.

I have much to say about my splendid time in California, but I cannot even begin to tell y’all how behind I am on content. Remember how it took me roughly two months to get around to covering my Denver trip? Well, I’ve done a lot of stuff since then, and boy oh boy do I have quite the backlog right now. I’m honestly not sure if I should even bother going in chronological order anymore, though it might irk me too much not to.

Please hang in there while I slowly work my way through all my exciting endeavors and even some more miscellaneous things, and enjoy the view in the meantime.

-AMS

17:14

Link [Scripting News]

Having fun rolling stuff out on Elon Musk's X.

16:07

One step forward, two steps back on CA age bill (EFF Deeplinks Blog) [LWN.net]

The EFF has a blog post looking at a new bill in California that would exempt open-source operating systems from the Digital Age Assurance Act passed last year, but has problems of its own:

While the open source exemption, if passed, would improve the law, the remaining amendments proposed by AB 1856 would require all web browsers and websites to request and collect users' ages. This is an expansion of last year's AB 1043's age-bracketing system that compounds its constitutional harms to users' speech, privacy, and security.

[...] EFF understands this amendment to exempt open-source operating systems from the requirement to collect and transmit users' age-bracket data. That is a definite win for open-source developers. The bill is narrower now than it was before, and lawmakers clearly responded to concerns raised by EFF and the broader open-source community.

Some important questions still remain—for example, it is unclear how the law would apply when an open-source operating system is incorporated into a commercial product or service. And, given the structure of where the exemption is placed under the "operating system provider" definition, lawmakers could stand to clarify that the exemption applies to open-source operating systems and applications.

LWN covered California's age-attestation law in March.

14:56

The Knicks in the Finals [Scripting News]

I didn't write about the Knicks prior to last night's game because I had no idea what to write.

The Knicks in the Finals is something I had a hard time understanding, even thinking about. To me the Knicks are soulful losers. They're like once-future hall-of-famer Carmelo Anthony surrounded by people who shouldn't even be in the NBA, but otherwise are lovely individuals. When they asked Melo what his goal was he said it was to win a championship, but the reporters never followed up with the obvious question -- "Really?" They did make the playoffs, three times, in the Age of Melo, and they made it to the second round one of those three seasons, but that was it as far as Melo's championship aspirations went. He should've been on one of LeBron's teams, like JR Smith and Iman Shumpert, both Knicks alumni in the Melo period, who were fine players and did win with LeBron at Cleveland.

Going into the game last night I thought maybe the pundits were right, that the real NBA Finals was the previous round between the San Antonios and the Oklahoma Cities. But last night that was debunked. At what point did I realize this? It wasn't until the game was over, ABC announcer Mike Breen said at the exact moment the game was over "..their 12-game win streak" which revealed that I had little faith the streak would be preserved. I thought 11 was pretty great, but 12? Until that exact moment -- unthinkable.

In the first part of the game when San Antonio looked like they might rout the poor unprepared Knicks, I thought okay, but couldn't we just concede so we don't have to watch? In that moment I appreciated what the Clevelands must have been feeling as they shrunk to nothing faced with the Knicks onslaught? How about if we all go home now at some point they must all have been thinking.

I'm a Mets fan first, and I bring the Mets philosophy to every sport, including the NBA and software. I'm here for the game. Sure I love it when we win, but if the Knicks went down in the final test, I'd still be a happy camper. Look they made it to the freaking Finals! Some Mets fans say the team slogan is You Gotta Believe. I say Wait Till Next Year! Same for the Knicks. Same for every software product I make that no one bothers to try out.

This Knicks team is classic. Every one of their players would be a star on any other team, including the bench players. Some of them whose contracts expire at the end of the series will certainly go to other teams. But what a thrill to have this group all on the same team and that team is my lovely Knicks.

Last night's game was a lesson, you should always be open to the possibility of winning because sometimes you do.

PS: My friend Dave Carlick sent me a text overnight: "I watch the Knicks rooting for you. How tribal is that?" I had a longish reply. "I wrote a piece this morning after reading this comment, and of course I am rooting for the Knicks in some sense, but a win here is about more than winning -- it's a transformation. I've heard other people say this and the Knicks are us -- in a city that has disagreements about everything the only thing everyone is on board with are the Knicks. We're really comfortable with the Knicks as losers, and this has already become an unequivocal change. It's a whole new situation. Unless something really weird happens now, the Knicks will be great next year too, and the year after. So it's like witnessing a moon landing Dave. Underneath that of course I'm rooting for success, the same way we rooted for it for the initial moon landing in 1969."

14:42

Microsoft continues migration from NTLM to Kerberos [OSnews]

For the past few years, Microsoft has been phasing out NTLM in Windows in favor of Kerberos-based alternatives. Starting with the next versions of client and server editions of Windows, Microsoft will also be disabling the legacy authentication protocol by default. In the latest security baseline package for Windows Server 2025, the company is already allowing customers to audit incoming configurations. Now, it has announced a wave of changes to further reduce dependencies on NTLM.

With an upcoming Insider release of Windows 11 client and server, certain scenarios which previously required NTLM will be able to fall back on Initial and Pass-Through Authentication using Kerberos (IAKerb) and Local Key Distribution Center (LocalKDC).

↫ Usama Jawad at Neowin

I’m sure this is very important to “IT Pros”.

14:35

Security updates for Thursday [LWN.net]

Security updates have been issued by AlmaLinux (.NET 10.0, compat-openssl10, compat-openssl11, delve, expat, httpd:2.4, libexif, mod_http2, openssl, ruby4.0, samba, thunderbird, unbound, and vim), Debian (ceph and sudo), Fedora (libsoup3, pie, roundcubemail, and xorg-x11-server-Xwayland), Mageia (lxc), Oracle (expat, gnutls, kernel, php:8.2, thunderbird, and uek-kernel), Slackware (httpd, net, proftpd, tigervnc, and xorg), SUSE (apache-sshd, apptainer, atril, bind, busybox, cloudflared, evolution-data-server, golang-github-prometheus-prometheus, golang-github-v2fly-v2ray-core, grafana, helm, kernel, libgphoto2-6, libjxl-devel, libsoup, libsoup-2_4-1, libsoup-3_0-0, memcached, ovmf, python-cairosvg, python-flask, python-pip, python-pymupdf, python-pyOpenSSL, python-urllib3, python-urllib3_1, python3-pyOpenSSL, restic, rsync, salt, sdbootutil, tor, tree-sitter, vorbis-tools, and yq), and Ubuntu (exim4, frr, gst-plugins-base1.0, libtemplate-perl, libwww-perl, mysql-8.0, nginx, python-pip, python-urllib3, and twisted).

14:21

CodeSOD: Build Up [The Daily WTF]

If there's one thing that seems to be a constant source of issues, it's people constructing SQL queries through string concatenation. Even if you're using parameters in the query, I'm opposed to handling raw SQL as strings in my programs. My solution is always "use a builder"- an API that constructs a syntax tree that it can then render to SQL as needed. (Yes, a builder, not an ORM, that's a whole other discussion, I'm not dogmatically anti-ORM, but it's a leaky abstraction at best.)

Many languages have such a thing, Java included. Lukasz's team was using Java, and they had a rule: "don't do SQL strings, use a builder". Unfortunately for Lukasz's team, their guideline didn't specify what kind of builder.

    StringBuilder builder = new StringBuilder();

    builder.append("where ID_BSNGP = ? ");
    builder.append("and ID_ITM = ? ");
    builder.append("for update");

    SQLQuery query = new SQLQuery();

    query.setQueryString(builder.toString());

A StringBuilder is a kind of builder. Technically correct and all that. It's just concatenation with extra steps, but it's a builder. Of course, the bonus point here is that this built query is… just wrong? SELECT FOR UPDATE field FROM table WHERE condition would make sense, but we're missing most of that syntax here.

That this code was running in production without anyone noticing means that whatever errors this was triggering were getting swallowed or ignored, and the fact that no good output ever came from it ended up not mattering. The real WTF is less the malicious compliance and more the fact that this obviously broken code wasn't so broken as to be noticed.

[Advertisement] Utilize BuildMaster to release your software with confidence, at the pace your business demands. Download today!

12:42

Predict, Don’t Enumerate [Radar]

A third of the way into a security-operations guide that Anthropic published in April 2026, wedged between a recommendation to patch CISA’s Known Exploited Vulnerabilities list and a suggestion to automate your deployment pipeline is a small recommendation: “Use EPSS to prioritize the rest.” For anyone who has worked on a vulnerability backlog in the last decade, the sentence is an acknowledgment of a widely felt but often unspoken fact about security programs: They have become machine-scale problems of signal to noise.

EPSS (Exploit Prediction Scoring System) is a statistical model that takes a known software flaw, runs it through a set of signals about what attackers are actually doing across the internet, and returns a probability that the flaw will be exploited in the next 30 days. It isn’t an LLM, and it does no reasoning or prompt engineering. It predicts. The company endorsing it is the same company whose newest model can surface thousands of novel, exploitable vulnerabilities in production software, many of them two or three decades old, most of them still unpatched.

As far as we can tell, this is the first time a frontier AI lab has publicly endorsed a purpose-built predictive model as the right tool for a defensive problem. LLM labs usually recommend LLMs. That Anthropic did not is worth noting, but the recommendation itself isn’t news to the practitioners it’s aimed at. It’s a description of what they’ve been doing.

The quiet consensus

The volume problem isn’t new. Anyone running a scanner against a large enterprise estate in 2015 was already generating hundreds of thousands of findings per month. Anyone running one against a cloud environment in 2020 was generating millions. Enterprises have spent the better part of a decade staring at dashboards where the number of open critical findings was larger than the capacity of the team supposed to fix them. In other words, cybersecurity has become machine scale.

Risk-based vulnerability management, as a product category, has existed since around 2018. EPSS, as a public resource, has been usable since 2021. More than 120 vendors embed it today into their products. The field has had access to a predictive baseline for years.

What has been missing is an external justification to change the status quo recommendations from auditors, model risk management teams, and even boards. Auditors want a clear set of expectations, making grading more objective and therefore easier to evaluate. Compliance frameworks like CVSS (Common Vulnerability Scoring System) because CVSS is easy, but implementing something more efficient has historically required that aforementioned external push. A working CISO could tell you she had stopped treating every vulnerability scored a severity 9.8/10 by CVSS as an emergency in 2019, but she would also tell you she still kept CVSS in the report.

Anthropic’s guidance is useful because it makes the private consensus public. Patch what you know to be exploited, then use EPSS above a threshold based on the team’s capacity or risk tolerance. DHS CISA’s practice of publishing known exploited vulnerabilities since November of 2021 is just additional proof that the existing methodologies were being overwhelmed by scale and lack of signal.

Why prediction, stated plainly

In 2014, at Black Hat, Dan Geer, then the chief information security officer of In-Q-Tel, asked the first principles question: Are vulnerabilities in software sparse or dense? Sparse meant finite, meaning every fix measurably shrank the attack surface. Dense meant weeds in a field. Geer could not answer the question because the data were not in.

Eight years later, Jonathan Spring at Carnegie Mellon’s Software Engineering Institute tied vulnerability enumeration to the halting problem and showed, in theory, that for any sufficiently complex piece of deployed software, there are always more undiscovered flaws.

The AI-driven discovery results of the last 18 months have made the density argument impossible to wave off even in a compliance review. A 27-year-old bug in OpenBSD. A 16-year-old bug in FFmpeg that five million fuzzing runs never caught. Disclosed findings, by the developers’ own accounting, are less than 1% of what has been found. But again, the volume was already a problem. With the coming release of its newest model, Mythos, Anthropic is telling teams to plan for an order of magnitude more findings over the next 24 months.

Static severity scoring can’t survive the volume problem, because it’s a human-scale solution for a machine scale problem. Neither can any process that treats every critical finding as an emergency. The threshold for action has to be probabilistic, measurable, and defensible. That’s what a predictive model is for, and that’s what working teams have been using in noisy large enterprise environments.

Pointing machines and knowing machines

Geer returned to his 2014 question in the summer of 2025, writing with Dave Aitel in Lawfare. The piece gives the industry a vocabulary for a distinction it has been fudging:

A vulnerability in the code isn’t automatically a threat. A buffer overflow is a hazard. It becomes a risk only if an attacker can exploit it reliably, in this environment, against these controls, through this traffic. Bugs are abundant but the ability to weaponize a particular bug against a particular target is much rarer.

The industry, they wrote, has built a pointing machine. It enumerates.

Even children learn early to point and name—but knowing the word “dog” doesn’t reveal whether the animal might bite. In cybersecurity, we’ve built systems that similarly point and name vulnerabilities without understanding whether they’re truly dangerous. By embracing AI solely for pattern recognition, we’ve created a powerful “pointing machine” that identifies possible threats but does not comprehend their actual impact. What we need instead is a “knowing machine,” capable of understanding how code functions within complex, real-world environments, recognizing not just hazards but the full context of how and whether those hazards might become genuine risks.

A knowing machine is a system that understands how code behaves in a particular environment and recognizes the context that turns a hazard into a risk. A predictive model is how you build a knowing machine. EPSS is the clearest public example: It covers every published CVE and is updated daily.

Global isn’t local

EPSS is a global model. It sees what attackers are doing across the whole of the internet. It picks up patterns in exploitation activity that severity scores never could. What it can’t see is any particular organization’s environment. It doesn’t know which assets carry the data the business actually cares about. It doesn’t know what compensating controls are in place, where remediation is risky, or how your telemetry and history change the odds.

A 9.8 with a 97% global probability of exploitation and a 9.8 with a 0.1% probability are not the same animal. Neither are two organizations applying the same EPSS threshold to the same CVE on different assets. One has the vulnerable code path exposed to the internet, behind a web application firewall that doesn’t inspect the relevant protocol. The other has the same CVE on an internal system that accepts authenticated input from a single service account. A scanner can’t tell them apart. A global model can’t tell them apart. Their actual risk profiles are orders of magnitude apart.

Local context is where most security teams have been stuck the entire time, and where the next decade of the field is going to be fought.

What a local knowing machine actually requires

Pair a better pointing machine with a faster remediation engine and all you’ve done is increase the speed at which you produce churn, breakage and wasted effort. You’ll also spend a king’s ransom in agent tokens fixing vulnerabilities that were never dangerous in your environment.

In contrast to an omniscient scanner, a local model trains on the specific environment being defended: asset inventory, application topology, reachability, deployed controls, attack telemetry observed on-site, and the history of the organization’s own remediations and their outcomes. The model produces probabilities specific to the enterprise. Most organizations already have the inputs, scattered across CMDBs, endpoint agents, firewall logs, ticketing systems and scanner output. This context is precisely what attackers (whether they’re using good old fashioned metasploit or Mythos with an infinite budget) are lacking in their models. The context becomes an asymmetrical advantage for defenders, perhaps the only one that exists.

The policy shifts that actually matter

The interventions that will decide whether a security program survives the next 24 months aren’t purely technical. A CISO can put most of them in motion without buying anything.

Rewrite the SLA. Most vulnerability-management SLAs are organized by severity. Criticals in 15 days, highs in 30, mediums in 90. That structure was built for a world where the count of open criticals was small enough to matter. It’s now actively harmful, because it forces teams to spend the same effort on a 9.8 nobody is exploiting and a 7.5 that’s under active attack. SLAs should be rewritten in terms of probability of exploitation and asset exposure, not severity. A CISO who can’t get that past her GRC team can at least add a second tier that makes the probability-based cut enforceable alongside the severity-based one.

Change what the board sees. If the monthly security report counts the numbers of vulnerabilities, exposures or findings in different buckets (“critical,” “open past 30 days,” etc.), the organization is being managed to the wrong metric. The metric should be exploitability-weighted exposure over time, with a second line for predicted versus observed exploitation. Boards will accept this once somebody explains it. This beats showing them a number that has no relationship to risk and is growing exponentially as new LLM models are released. More to the point: A great team can do amazing volumes of remediation work, and risk can still rise because they’re measuring and remediating the wrong thing. An efficient, context-rich team can do far less work and meaningfully move the probability of an event down.

Invest in telemetry. The single most valuable instrument a security program can build is a feedback loop between what was prioritized and what was exploited. If the loop shows you were wrong, the model improves. If the loop does not exist, you will keep being wrong indefinitely (or just not being aware of misses).

Fix the compliance conversation. The reason CVSS survives is regulatory inertia. PCI, HIPAA, and most state breach-notification frameworks still reference severity. The CISOs who will come out of the next two years in the best shape are the ones who engage their auditors now, in writing, about what a probabilistic prioritization framework looks like under the existing rules.

Staff for the bottleneck, which isn’t scanning. The industry has spent a decade hiring people to find bugs. The bottleneck now is deciding which bugs matter, getting the fixes deployed, and measuring whether the prioritization was correct. The job descriptions should reflect this. A security-data engineer may be able to increase efficiency to meet SLAs more than increasing capacity would.

None of this requires a new product. All of it requires a CISO willing to say, out loud, that the old dogma is broken and that the new one will be managed by data and probabilities. That is the shift Anthropic’s five-word sentence was really announcing. The technology is available and the models are here—both the LLM-based ones to find the vulnerabilities and the predictive knowing machines to prioritize efficiently.

12:14

Hacking Meta’s AI Chatbot [Schneier on Security]

Hackers are convincing Meta’s AI support chatbot to let them take over other peoples’ accounts:

A video posted on X showed the step-by-step process to hack someone’s Instagram account. The hacker allegedly used a VPN to spoof the targets’ presumed location to avoid triggering Instagram’s automated account protections. Then, the hacker opened a chat with Meta AI Support Assistant and asked the bot to add a new email address to the target’s account. The chatbot can be seen sending a verification code to the email address provided by the hacker; the hacker then shares the verification code with the chatbot, which prompts the chatbot to show a button to “Reset Password.” The hacker enters a new password and takes over the victim’s account.

[…]

On Monday, Instagram spokesperson Andy Stone said in a reply to Wong’s post and others that the issue was now fixed. It’s unclear how many Instagram users had their accounts improperly accessed.

It’s not that easy. Probably this particular tactic is now blocked. But there are others, many others, and they cannot be blocked as a class. The real problem is that LLM chatbots are not trustworthy enough for this application.

Another news article.

11:35

Jonathan Dowland: mount namespace for backup jobs (by hand) [Planet Debian]

It's been ten years since I configured mount on demand backups to reduce the risk of my backups being zapped by mistake. Way back then I wanted to go one step further and use dedicated mount namespaces for backup jobs, but systemd didn't provide the necessary support (and still doesn't, despite the promisingly-named JoinsNameSpaceOf= configuration option.)

I recently updated my setup to achieve this by hand. All backup jobs now have an extra pre-start instruction ExecStartPre=mkbackupns which runs a shell script to either set up a persistent mount namespace, or exit quietly if it already exists.

#!/bin/bash
set -euo pipefail

nsdir=/var/namespaces
nsfile=$nsdir/backup
nsfilex="$(echo $nsfile | sed 's#/#\\/#'g)"

private_propagation() {
    findmnt -o+PROPAGATION "$nsdir" | grep -q private
}
nsfs_is_mounted() {
    test "nsfs" = "$(awk "/$nsfilex/ { print \$3 }" /proc/mounts)"
}

if ! nsfs_is_mounted; then

    if ! private_propagation; then
        mkdir -p "$nsdir"
        mount --bind --make-private "$nsdir" "$nsdir"
    fi

    touch "$nsfile"
    unshare --mount="$nsfile" true

    nsenter --mount=/var/namespaces/backup mount /dev/phobos_backup/backup /backup
fi

I should note that I don't have the backup filesystem described in /etc/fstab to reduce the risk of it being mounted errantly in the main namespace.

The other change is to prefix an invocation of nsenter for every backup job command. E.g.:

ExecStart=/usr/bin/nsenter \
        --mount=/var/namespaces/backup \
        borgmatic -v 1 prune create

next steps

My backup scheme has lasted a decade with few tweaks (I moved it to Borg in 2020) which I am very grateful for. I want reliable, boring and robust.

Persistent mount namespaces are a lot less convoluted if you have a persistent process to associate them with. I didn't, but a subsequent improvement I am making is introducing one, so I will likely simplify the above accordingly.

11:14

Grrl Power #1466 – Semifinals go! [Grrl Power]

I tried to come up with a cooler name for Maxima’s sword than “Mana Vore.” It’s not bad, but it’s a little obvious. But the only other option I came up with was “Weave Nosher,” which sounds like farmer named it.

A fair bit of Maxima’s sword training was learning not to swing it around so broadly that she’d hit her own foot. Which wouldn’t be a problem normally, since her base armor is pretty high, but most swords that get swung at her aren’t backed by someone with her strength and speed, either. It’s also a very long sword, long enough that most people would have to worry about bonking it against the ground a lot, but, again, Max can just drag it right through most floor surfaces.

I think this page played out a little better in my head, or my relative inexperience at drawing high octane manga action is showing. Basically, Max comes in for a swing, but kicks a two-and-a-half-bowling-ball sized rock at the dark elf, and it smashes through his shield and hits his arm, moving his sword out of the way to parry her swipe. I think the real shortcoming of the page is that the bottom left panel is too busy. Instead of making the top two panels big, I should have saved the page space for that bottom one. Maybe put the rock past his arm, and just gone with a simpler speed trail showing the impact?

I’m not in the “shonen action” headspace when thinking about page layouts. I’m still more in the “I wanna draw Maxima leaning forward into a swing and have her boob pillowing against her arm” space. But we’re entering the semifinal match now, so I’ll try and… I dunno, read some One Punch Man before I do the layouts for the especially actiony pages? Or some Masahiko Nakihara manga? He did the Cammy and Sakura Ganbaru mangas as well as some other Street Fighter books, and is pretty decent at action stuff. Maybe I’ll throw in some Dragon Half, which doesn’t have good action, but is hilarious.

The thing I do like about this page though, is while Bluce and Gail seem like vapid eyecandy announcers, they’ve hosted quite a few of these and are capable of some fairly cogent analysis when it comes down to it. They do also have a team of researchers in their earpieces as well. Gail didn’t know all those details about the Mana Vore off the top of her head.

Sexy bodymod news lady Gail has a special one-on-one interview with Tournament Quarter finalist Saraviah Nightwing! And if you subscribe to Gail’s Space Patreon, (which, due to the vagaries of Earth and Gal-Net’s DNS servers, happens to be the same as the Grrl Power Patreon, go figure) you can see that same interview in the nude! Well, eventually. The nude part of the interview, as well as the version that includes shading will be coming soon. Of course, you can view the interview in the nude now if you take your own clothes off. You know. Technically. Just put a towel on your chair first.

 

Double res version will be posted over at Patreon. Feel free to contribute as much as you like.

10:49

10:07

Transparency and trust [Seth's Blog]

In simple situations with obvious metrics, transparency earns trust. Voting, for example, benefits from audit trails and inspectability.

But transparency can also undermine trust. Walking through the typical restaurant kitchen on the way to dinner probably won’t increase the typical diner’s trust in the experience. The restaurant isn’t hiding anything; it’s just that they know things we don’t about hygiene, production, and how to present a finished dish.

You can trust your employees or your freelancers to deliver a worthwhile result, but demanding transparency about how they spend all of their time isn’t going to make you trust them more… the effort they put into the work isn’t related to the value of the work you’re asking for.

Part of the problem is that we measure what’s easy, not what’s relevant. And part of the problem is that we have trouble explaining trust, while it’s easy to pursue ever more transparency.

Once we’re coherent about what we expect and the promises that are being made, we have a chance to engage with what actually matters.

08:28

Pluralistic: Delusion as a service (04 Jun 2026) [Pluralistic: Daily links from Cory Doctorow]

->->->->->->->->->->->->->->->->->->->->->->->->->->->->-> Top Sources: None -->

Today's links

  • Delusion as a service: Destructive diagnostics.
  • Hey look at this: Delights to delectate.
  • Object permanence: Gay Days at Disney World; Parametric 3D printable key; Fine against sculpture for "storing bike on public property"; TPP is a wash; Reagan was Trump; Steampunk roadster; "Every Heart a Doorway"; Shoplifters x Tumblr; Amazon v mass arbitration; Driver-owned Uber alternative; Censorware censors criticism of censorware; 3 strikes copyright termination is illegal; Replacing al Qaeda bomb recipes with cakes; $10m grilled cheese platform; Dick van Dyke x Bernie; Efficiency is inefficient; I quit.
  • Upcoming appearances: Kansas City, LA, Menlo Park, Toronto, NYC, Edinburgh, South Bend.
  • Recent appearances: Where I've been.
  • Latest books: You keep readin' em, I'll keep writin' 'em.
  • Upcoming books: Like I said, I'll keep writin' 'em.
  • Colophon: All the rest.


Two giant green witches hands; one holds a pin-skewered voodoo doll, the other is making ready to add more pins. Peering over the doll's shoulder are three dandies, leering suggestively. at the other extreme is a crowd of Dutch master-style fellows in black, looking on in affront.

Delusion as a service (permalink)

In 2003, Disney opened a new Epcot ride, "Mission: Space." Formally, it was a space travel sim that used a giant, high-intensity centrifuge to simulate gee stresses; practically, it turned out to be the most efficient machine ever created for surfacing previously undiagnosed heart defects in extremely dramatic and potentially lethal ways.

It turned out that a small number of people have these heart defects, and that the defects themselves are quite harmless, provided that you are never put in a giant, high-intensity centrifuge. Given that most of us will never be put in one of these centrifuges, it is quite possible to live your whole life without ever knowing that you have this lurking vulnerability. But once you build one of these machines and start shoving millions of people through it, you're bound to catch some of those rare people, and they will have cardiac episodes that are scary at a minimum, and are at the worst fatal.

For me, the lesson isn't that Disney did something wrong by building a giant cocktail shaker for human bodies. I'm not a thrill-ride guy, but lots of people like 'em and the machines themselves are benign for nearly everyone who puts their bodies into them.

Rather, I think the lesson here is that there are rare pathologies lurking in all of us, vulnerabilities that may never surface – until we come into the presence of a novel stimulus that unlocks them.

There's an analogy here to technology debt: technologically unsophisticated people think of software as a machine that never wears out and has no incremental usage costs (apart from electricity). In this framing, software is the perfect asset, one that never depreciates. But the reality is that software is a liability, not an asset:

https://pluralistic.net/2026/01/06/1000x-liability/#graceful-failure-modes

Software exists in a system, and while software might function perfectly under the conditions in which it is first created and deployed, there are continuous changes to all the technology that is upstream, downstream and adjacent to the software, which means that systems that are robust and secure at the time of deployment can become brittle and dangerous, even though the software doesn't change at all:

https://pluralistic.net/2022/04/24/automation-is-magic/

There's another analogy here, to utopianism. A "utopia" can't just be a place where everything works perfectly. Even the most well-functioning, orderly and prosperous system is beset on all sides by exogenous shocks: belligerent neighbors, tsunamis, zoonotic plagues, even asteroid strikes. You don't perfect your society just by making it work well. You have to make it fail well. A utopia isn't a society where nothing goes wrong – it's a society where things go wrong all the time, but we're able to fix them:

https://www.wired.com/2017/04/cory-doctorow-walkaway/

The point being that things that work fine may still fail badly when they are exposed to unanticipated external stimuli, and the one thing we can absolutely anticipate is that the future will have many unanticipated stimuli in it.

If Mission: Space is a machine for surfacing unsuspected anatomical vulnerabilities, the internet is a machine for surfacing and exploiting all kinds of unsuspected psychological vulnerabilities. Note that I'm not claiming that the internet drives everyone crazy – rather, that the internet can locate and exacerbate vulnerabilities, including vulnerabilities that might have lain dormant for your whole life, but for the fact that the internet exposed you to such a wide spectrum of stimuli.

This wide, internet-delivered spectrum of stimuli is mostly good. The internet can expose you to art, culture, ideas and people that you would never have run into in the pre-internet days, which end up enriching you in a million ways. Some of my best friends are internet friends. Some of the music and books I love most in the world were brought into my orbit by the internet. Many of my most ardently held beliefs were acquired through internet-based discussion.

All that is true, and it's true that the internet can one-shot you with a stimulus that makes you feel very bad, which you would never have encountered in a pre-internet world. The spectrum of stimulus in the whole wide world is very broad, and one person's innocuous distraction is another person's downfall.

Let's make this concrete. All throughout history, people have suffered from paranoid delusions. These can be ruinous, isolating you from friends and family, destroying your professional life and so on. Paranoid delusions often take on details from the sufferer's milieu: if you live in a society where evil witches are accepted as a fact, then witches might well creep into your delusions, too. If your society is all a-chatter about the NSA's mass internet surveillance, then your delusions might incorporate elaborate narratives about the NSA's use of the internet to target and torment you, personally.

So there will always be a "local character" to the paranoid delusions, grounded in the sufferer's era and location. But the internet adds a new, very bad dimension to this dynamic: the internet makes it much easier for deluded people to find each other. Paranoid delusions are – thankfully – rare, and in the absence of the internet, you might never encounter another sufferer.

But thanks to the internet, sufferers can form communities that reinforce their delusions, with disastrous consequences. Take "Morgellon's Disease," the paranoid delusion that you have wires growing under your skin. Morgellon's sufferers pick at their skin, creating open sores, which form a sticky trap for random bits of fluff and loose threads that sufferers interpret as evidence of these "wires." It's a horrible mental illness, and it's hard enough to treat even in the absence of the internet (the name "Morgellon's Disease" refers to a 17th century case-report).

But when you add the internet to Morgellon's, you get online communities where people suffering from the delusion help each other come up with rationales to explain away the disconfirming evidence that they get from therapists and loved ones who are trying to help them recover. These communities egg each other on, isolating their members from treatment.

There are lots of pathological mental conditions that the internet can supercharge, from "pro-ana" communities that encourage eating disorders to communities for people with pedophilic urges that attempts to normalize and justify acting on those urges.

But it's especially bad for paranoid delusions, such as "gang-stalking delusion," which is the delusional belief that nearly everyone you meet is part of a conspiracy to torment you. People with GSD see evidence of this conspiracy in the lyrics of random songs, snatches of overheard conversations, the phrasing of bus-shelter ads, and the sort-order of search engine results:

https://pluralistic.net/2026/03/12/normal-technology/#bubble-exceptionalism

It's a near-totalizing belief, and sufferers find it hard to recover because their delusion tells them that the therapists and family members who try to help them are in on the conspiracy.

Then we add in the internet, and with it, the ability to locate and join communities of other GSD sufferers. Do this, and your delusions need not be limited to your own imaginative capacity to find conspiratorial explanations of the random things you find in the world. Now you are part of a kind of delusional improv troupe, whose members "yes-and" your delusions, finding new ways to terrorize you and alienate you from your surroundings.

This is bad enough when it's a regular conspiratorial community, one that feeds on trauma, like Qanon or anti-vax communities whose members have been failed by the system, making them susceptible to conspiratorial accounts of how society really runs.

But the combination of conspiratorial communities with the kind of mental illness that causes conspiratorial beliefs to surface in your mind without any external stimulus creates a brutal positive feedback loop that spins faster and faster until the people trapped in it are flung off into space.

Which brings me to AI and "AI psychosis," the social phenomenon that sees people falling down chatbot-assisted rabbit holes that convince them that they have invented perpetual motion, uncovered the secrets of the universe, or – in some tragic instances – that they should kill themselves and/or others.

For someone with GSD or another paranoid delusion or pathological belief, AI provides a reinforcement system that is even more efficient than these online communities. If you have GSD and your loved ones have finally got you wondering if you should get treatment, you don't have to post on a forum and hope that someone else comes along before you give in to the impulse to get help. Your delusional chatbot co-pilot is always there to tell you that it's a trap.

The nature of "AI psychosis" is hotly contested. The big question, of course, is whether chatbots are giving people delusions, or whether chatbots are amplifying those delusions:

https://www.cbc.ca/listen/cbc-podcasts/1353-the-naked-emperor/episode/16218103-e3-ai-psychosis

I think it's both. I think that, for people with GSD or other delusional beliefs, AI provides delusional reinforcement as a service, on tap, 24/7. The combination of a delusion and a machine that will tirelessly play yes-and with you at any time, demanding nothing from you, is a novel and terrible development for people with some mental illnesses.

But I also think that chatbots are a bit like Mission: Space: a machine for surfacing previously undiagnosed psychological vulnerabilities, and that in some cases, these vulnerabilities may never have been triggered, save for the chatbot.

Just as doubtlessly there were people who had pathological relationships to gambling before the development of slot machines, scratch-and-wins and roulette wheels, but there are also people who might have lived their whole lives without ever having a gambling problem except that they encountered one of these machines, exposing billions of people to sycophantic chatbots has surfaced rare, latent vulnerabilities that might have stayed latent forever, with terrible consequences.

Most people who rode the original Mission: Space had a fantastic time. But a lot of people rode that ride, and a very small percentage of a very large number of people can still be a substantial number, and as the reports of people stepping off the ride, clutching their chests and collapsing spread, Disney understood that they had to retool the ride. Today, riders on Mission: Space choose whether they want to ride on a simulator that spins, or one that merely tilts and pitches without simulating gee-stresses. And even if you pick the spicier version of the ride, it goes more slowly and exerts less stress than the original ride.

Even if you accept the AI companies' argument that they aren't inducing AI psychosis in their users, but rather, only surfacing latent vulnerabilities that were there all along, that shouldn't be the end of the story. Even if only a small percentage of the people who use your product experience harm as a result, if your product is intended for widespread deployment (as chatbots are), you will end up harming a lot of people unless you take measures to counteract even those rare events.

Hey look at this (permalink)


A shelf of leatherbound history books with a gilt-stamped series title, 'The World's Famous Events.'

Object permanence (permalink)

#20yrsago Gay Days at Disney World draws 140,000 participants https://web.archive.org/web/20060626125509/http://gaydays.com/calendar/

#20yrsago Blue Coat censorware company blocks Boing Boing for criticizing censorware https://memex.craphound.com/2006/06/03/blue-coat-censorware-company-blocks-bb-for-criticizing-censorware/

#15yrsago UN report says 3 Strikes copyright termination is illegal https://web.archive.org/web/20110605030049/https://www.michaelgeist.ca/content/view/5834/125/

#15yrsago Wisconsin GOP plotting to nominate spoiler Democratic candidates in recall elections https://web.archive.org/web/20110604111734/http://www.politicususa.com/en/secret-tape-wisconsin-gop

#15yrsago MI6 hackers replace al Qaeda bomb recipes with pirated cake recipes https://web.archive.org/web/20110603115453/https://www.telegraph.co.uk/news/uknews/terrorism-in-the-uk/8553366/MI6-attacks-al-Qaeda-in-Operation-Cupcake.html

#15yrsago $10,000,000 in venture capital for grilled-cheese sandwich “platform” https://venturebeat.com/technology/the-melt-flip-sequoia

#15yrsago Walled gardens vs makers https://web.archive.org/web/20150723092624/http://makezine.com/2011/06/01/walled-gardens-vs-makers/

#15yrsago Keyboard whose keys are raised in proportion to their frequency of use https://web.archive.org/web/20110604155657/https://itp.nyu.edu/~mk3321/itp_blog/?p=779

#15yrsago 3D model for reproducing house-keys https://www.science.org/content/article/experimental-error-fetus-dont-fail-me-now

#15yrsago Toronto artist turns abandoned bike into sculpture, City threatens fine for “storing bike on public property” https://web.archive.org/web/20110604181734/http://blogthegood.tumblr.com/post/6039831308/re-cycling

#10yrsago DoD public relations’ highest-ranking civilian gets community service for stealing license plates and harassing neighbor’s nanny https://web.archive.org/web/20160603071800/https://www.washingtonpost.com/local/a-warning-left-on-a-nannys-car-license-plates-stolen-and-a-top-pentagon-official-in-big-trouble/2016/06/01/50699a3a-2816-11e6-a3c4-0724e8e24f3f_story.html

#10yrsago US government agency’s own numbers predict virtually no gains from TPP https://www.techdirt.com/2016/06/02/official-us-international-trade-commission-predicts-negligible-economic-benefits-tpp/

#10yrsago EFF: FBI & NIST’s tattoo recognition program exploited prisoners, profiled based on religion, gave sensitive info to private contractors https://www.eff.org/deeplinks/2016/06/tattoo-recognition-research-threatens-free-speech-and-privacy

#10yrsago Ronald Reagan was Donald Trump, until he was president https://nymag.com/intelligencer/2016/05/ronald-reagan-was-once-donald-trump.html

#10yrsago The Steampunk Roadster: Jake von Slatt’s final steampunk project https://www.youtube.com/watch?v=OpI4GT4sTAY

#10yrsago Every Heart a Doorway: Seanan McGuire’s subversive, gorgeous tale of rejects from the realms of faerie https://memex.craphound.com/2016/06/02/every-heart-a-doorway-seanan-mcguires-subversive-gorgeous-tale-of-rejects-from-the-realms-of-faerie/

#10yrsago Prestigious Pets of Dallas wants $1M from customers who said they overfed a fish https://web.archive.org/web/20160603133604/http://arstechnica.com/tech-policy/2016/06/1-star-yelp-review-on-gordy-the-pet-fish-being-overfed-nets-1m-lawsuit/

#10yrsago Airport security officer was alleged war criminal, arrested for lying about participation in “genocidal acts” https://www.loweringthebar.net/2016/06/war-criminal-resume.html

#10yrsago In 1977, the CIA’s top lawyer said Espionage Act shouldn’t be applied to press leaks https://web.archive.org/web/20160609234545/https://s3.amazonaws.com/static.history.state.gov/frus/frus1977-80v28/pdf/frus1977-80v28.pdf

#10yrsago Tumblr’s shoplifting community is organized, politically conscious, and at war with weightlifters https://www.good.is/issue-37-we-r-cute-shoplifters/

#10yrsago Canada Post drops legal claim over crowdsourced postal code database https://web.archive.org/web/20160603185742/http://www.michaelgeist.ca/2016/06/crowdsourcedpostalcodelawsuit/

#10yrsago History podcasters occasionally mention women, butthurt dudes complain it’s “all women” https://web.archive.org/web/20190411115710/https://www.iheart.com/podcast/stuff-you-missed-in-history-cl-21124503/

#10yrsago Corbyn pledges to kill TTIP if elected https://www.commondreams.org/news/2016/06/02/jeremy-corbyn-i-would-kill-ttip

#10yrsago Democratic “superdelegates” endorse Bernie https://www.politico.com/blogs/2016-dem-primary-live-updates-and-results/2016/06/bernie-sanders-superdelegates-223824

#10yrsago Dick Van Dyke, 90: Bernie Sanders is the best candidate for seniors https://web.archive.org/web/20210725072638/https://www.hollywoodreporter.com/news/general-news/why-bernie-sanders-is-best-898479/

#10yrsago Flintnation: 33 US cities caught cheating on municipal water lead tests https://www.theguardian.com/environment/2016/jun/02/lead-water-testing-cheats-chicago-boston-philadelphia

#10yrsago Defense lawyers: the FBI made us use a copy-shop that made secret copies for the government https://web.archive.org/web/20160604065222/https://www.floridabulldog.org/2016/06/u-s-attorneys-office-fbi-accused-of-spying-on-defense-in-fraud-case/

#5yrsago How the Dutch helped CBS cheat on its taxes https://pluralistic.net/2021/06/02/arbitrary-arbitration/#dutch-treat

#5yrsago Amazon running scared from arbitration at scale https://pluralistic.net/2021/06/02/arbitrary-arbitration/#petard

#5yrsago Efficiency is very inefficient https://pluralistic.net/2021/06/03/jitters/#brittleness

#5yrsago I quit https://pluralistic.net/2021/06/03/i-quit/

#5yrsago NYC's driver-owned Uber alternative https://pluralistic.net/2021/06/02/arbitrary-arbitration/#gig-no-more

Upcoming appearances (permalink)

A photo of me onstage, giving a speech, pounding the podium.


A screenshot of me at my desk, doing a livecast.

Recent appearances (permalink)


A grid of my books with Will Stahle covers..

Latest books (permalink)


A cardboard book box with the Macmillan logo.

Upcoming books (permalink)

  • "The Reverse-Centaur's Guide to AI," a short book about being a better AI critic, Farrar, Straus and Giroux, June 2026 (https://us.macmillan.com/books/9780374621568/thereversecentaursguidetolifeafterai/)

  • "Enshittification, Why Everything Suddenly Got Worse and What to Do About It" (the graphic novel), Firstsecond, 2026

  • "The Post-American Internet," a geopolitical sequel of sorts to Enshittification, Farrar, Straus and Giroux, 2027

  • "Unauthorized Bread": a middle-grades graphic novel adapted from my novella about refugees, toasters and DRM, FirstSecond, April 20, 2027

  • "The Memex Method," Farrar, Straus, Giroux, 2027


Colophon (permalink)

Today's top sources:

Currently writing: "The Post-American Internet," a sequel to "Enshittification," about the better world the rest of us get to have now that Trump has torched America. Third draft completed. Submitted to editor.

  • "The Reverse Centaur's Guide to AI," a short book for Farrar, Straus and Giroux about being an effective AI critic. LEGAL REVIEW AND COPYEDIT COMPLETE.

  • "The Post-American Internet," a short book about internet policy in the age of Trumpism. PLANNING.

  • A Little Brother short story about DIY insulin PLANNING

This work – excluding any serialized fiction – is licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.

https://creativecommons.org/licenses/by/4.0/

Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.

How to get Pluralistic:

Blog (no ads, tracking, or data-collection):

Pluralistic.net

Newsletter (no ads, tracking, or data-collection):

https://pluralistic.net/plura-list

Mastodon (no ads, tracking, or data-collection):

https://mamot.fr/@pluralistic

Bluesky (no ads, possible tracking and data-collection):

https://bsky.app/profile/doctorow.pluralistic.net

Medium (no ads, paywalled):

https://doctorow.medium.com/

Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):

https://mostlysignssomeportents.tumblr.com/tagged/pluralistic

"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla

READ CAREFULLY: By reading this, you agree, on behalf of your employer, to release me from all obligations and waivers arising from any and all NON-NEGOTIATED agreements, licenses, terms-of-service, shrinkwrap, clickwrap, browsewrap, confidentiality, non-disclosure, non-compete and acceptable use policies ("BOGUS AGREEMENTS") that I have entered into with your employer, its partners, licensors, agents and assigns, in perpetuity, without prejudice to my ongoing rights and privileges. You further represent that you have the authority to release me from any BOGUS AGREEMENTS on behalf of your employer.

ISSN: 3066-764X

06:00

Urgent: Reject massive government surveillance [Richard Stallman's Political Notes]

US citizens: make phone calls to your officials in Congress to reject massive government surveillance.

US citizens: Join with this campaign to address this issue.

To phone your congresscritter about this, the main switchboard is +1-202-224-3121.

Please spread the word.

Urgent: Renew section 702 of PAT RIOT Act [Richard Stallman's Political Notes]

US citizens: call on Congress to renew section 702 of the PAT RIOT Act without the loophole that permits snooping on Americans.

US citizens: Join with this campaign to address this issue.

To phone your congresscritter about this, the main switchboard is +1-202-224-3121.

Please spread the word.

Urgent: Gambling workers' retirement savings [Richard Stallman's Political Notes]

US citizens: call on the Department of Labor to Stop Private Equity and Crypto Scammers from Gambling with Workers' Retirement Savings.

See the instructions for how to sign this letter campaign without running any nonfree JavaScript code--not trivial, but not hard.

Erdoğan's government removed main opposition party [Richard Stallman's Political Notes]

Erdoğan's government has just removed the head of the main opposition party, Özgür Özel, by invalidating the party's leadership contest held over two years ago.

Its previous leader, who now becomes leader again, lost an election to Erdoğan in 2023. People hoped Özel would defeat Erdoğan next year.

Important witness in George Zimmerman trial [Richard Stallman's Political Notes]

George Zimmerman may have escaped conviction for shooting Trayvon Martin because an important witness for the prosecution spoke with a strong accent of her ethnic group. I wonder whether courts ought to offer accent interpreters for witnesses whose accents might lead jurors to misunderstand or devalue their testimony, or simply make it a struggle to know what the witness said.

The US has indicted Raúl Castro [Richard Stallman's Political Notes]

The US has indicted Raúl Castro, ex-president of Cuba, accusing him of ordering an attack on two small planes in 1996.

According to Wikipedia, the planes were dropping leaflets "to fall on Cuba". There is some slack in the precise meaning of that, but maybe Cuba had legitimate grounds to order them to land and then force them to do so.

However, Cuba had no legitimate grounds to shoot and destroy these unarmed planes without first ordering them to land. By doing that, it committed a crime similar to the boat attacks that the bully continually orders elsewhere in the Gulf of Mexico.

The US ought to indict the people responsible for the continuing series of boat attacks, who are Americans, if it is to indict the people responsible for Cuba's airplane attack 30 years ago.

Cops who defended the Capitol are suing [Richard Stallman's Political Notes]

Cops who defended the Capitol against the anti-American's Jan 6 attack are suing, claiming that the anti-American's slush fund is corrupt support for crime.

Redirecting Ukrainian drones [Richard Stallman's Political Notes]

NATO and the EU accuse the Putin forces of redirecting Ukrainian drones and sending them over Finland, Estonia, Latvia and Lithuania.

I don't see any sense in the resignation of Latvia's prime minister over this. The right thing to do is to develop a net deployer which can get a drone tangled and bring it down. (Ukraine's army has had success defending against Putin forces drones with used fishnets.)

This might make it possible to study what the Putin forces had done to take control of the drone. Suitable encryption, with redundancy and error detection, could make that impossible. It is much more difficult than mere jamming.

Ecuador suffering from "war on drugs" [Richard Stallman's Political Notes]

Ecuador has suffered from a repressive "war on drugs" since 2024, with soldiers kidnapping, torturing, and killing people, and showing no reasons for any of it.

Muslims debanked on vague suspicions [Richard Stallman's Political Notes]

Muslims (and Muslim charities) are often debanked based on vague suspicions — because banks have been told to deny banking service to terrorists, but they have no valid way to identify the few who really are terrorists.

Judge dismisses criminal indictment against Kilmar Ábrego García [Richard Stallman's Political Notes]

*US judge dismisses criminal indictment against Kilmar Ábrego García,* saying that the prosecution was politically based.

Violent attacks on activists on Gaza aid flotilla [Richard Stallman's Political Notes]

Many of the activists seized on the latest Gaza aid flotilla suffered violent attacks after the Israeli troops captured them. They began the violence on the aid boats, after seizing them, and continued it afterward against the captives in prison.

They shot some captives with less-lethal bullets (these are usually rubber-coated steel) from a short distance. Sometimes this broke their bones.

Cops raped some of the protesters.

These attacks caused injuries that have been confirmed by doctors from the victims' home countries; nonetheless, the Israeli government denies them, thus arrogantly legitimizing these attacks while expressing brazen contempt for the truth.

Prosecutors in some countries are investigating criminal charges over these attacks.

Repression on indigenous rights activists in Russia [Richard Stallman's Political Notes]

Indigenous rights activists in Russia face harsh repression.

As in Canada and the US, indigenous groups find mining and extraction put their health in danger, and they try to resist.

Spread of abuse of Palestinians in Israel's prison system [Richard Stallman's Political Notes]

Minister of "security" Ben-Gvir spread abuse of Palestinians in Israel's prison system. This has been covered occasionally.

Now he has trained similar abuse on foreign activists, and some countries are rebuking Israel for this. But the foreign activists are, in themselves, a secondary issue: they are campaigning to end Israel's deprivation and violence against Palestinians under occupation.

Ben-Gvir is trying to create a buffer zone around the cruelty to Palestinians, a buffer zone of cruelty to foreigners who defend the human rights of Palestinians. But it may backfire and make more of the world see the cruelty towards Palestinians more clearly.

Global heating marches steadily on [Richard Stallman's Political Notes]

Global heating marches steadily on, with a possible record marine heat-wave on the US Pacific coast, along with a record low amount of snow in the Rocky Mountains. This occurring with water already in shortage could result in a painful scarcity of water in a large part of the US west.

If it doesn't happen this year, it will happen in another year. There are random fluctuations in the details, but the big picture is that the heat is producing global disaster.

Exiled dissidents from Salafi Arabia [Richard Stallman's Political Notes]

Major anti-social media platforms have blocked access to the accounts of some exiled dissidents from Salafi Arabia so that they can't be seen inside Salafi Arabia.

Torture inflicted on Gaza aid flotilla activists [Richard Stallman's Political Notes]

Australians on the Gaza aid flotilla describe many kinds of torture that were inflicted on them by the anonymous, masked Israeli soldiers and prison guards.

05:21

Rotation revisited: A shocking discovery about gcc’s unidirectional rotation algorithm [The Old New Thing]

Last time, we looked at the rotation algorithm used by gcc libstdc++ for random-access iterators, and I concluded by noting that we’re going to make a shocking discovery.

As with all shocking discoveries, this one will shock disappoint you.

The discovery is that the gcc libstdc++ algorithm is the same as the forward-iterator algorithm!

Let’s run both algorithms on a problem where the two blocks are A1, A2, A3, B1, B2, B3, B4, B5. I’ll put the old forward iterator algorithm on top and the new gcc libstdc++ algorithm below.

first   mid       last
           
A1 A2 A3 B1 B2 B3 B4 B5
           
first   mid       last

We swap at first and mid, then advance both pointers. The two algorithms agree until first reaches the end of the original A block.

      first   mid   last
           
B1 B2 B3 A1 A2 A3 B4 B5
           
      first   mid   last

The old algorithm recurses in order to exchange A1, A2, A3 with B4, B4. This happens by exchanging A1 with B4 and A2 with B5.

The new algorithm just keeps swapping first with mid, which also exchanges A1 with B4 and A2 with B5.

          first   mid
last
             
B1 B2 B3 B4 B5 A3 A1 A2
             
          first   last
mid

The old algorithm now recurses to swap the A3 block with the A1+A2 block. And that’s what the new algorithm does, too.

So it’s the same algorithm, just with a different point of view. It’s another case of the geeky thrill of discovering that two things are really the same thing, just with different labels.

Now, the two algorithms are not identical. The new algorithm is symmetric and performs its swaps from right to left if the larger block is on the right. The old algorithm always operates from left to right.

But the similarity is striking.

Next time, we’ll look at how clang performs rotation by decomposing into cycles.

The post Rotation revisited: A shocking discovery about gcc’s unidirectional rotation algorithm appeared first on The Old New Thing.

02:35

[$] LWN.net Weekly Edition for June 4, 2026 [LWN.net]

Inside this week's LWN.net Weekly Edition:

  • Front: MeshCore; x32 ABI; Open-source security; Package-manager metadata; More LSFMM+BPF coverage; Loadable crypto module.
  • Briefs: Lightwell; jqwik protestware; RedHat package compromise; DistroWatch; Fedora election; Rust 1.96.0; rsync; Vim Classic 8.3; Quotes; ...
  • Announcements: Newsletters, conferences, security updates, patches, and more.

Wednesday, 03 June

23:56

Microsoft brings coreutils to Windows [OSnews]

At its Build conference, Microsoft announced coreutils for Windows.

Coreutils for Windows is a Microsoft-maintained set of UNIX-style command-line utilities that run natively on Windows — the same commands and pipelines you use on Linux, macOS, and WSL. It ships as a single multi-call binary that exposes each utility under its standard name (cat.exe, grep.exe, find.exe, and so on), giving you the everyday tools developers already use on other platforms to script, automate, and process text. For the full list, see Commands.

The goal is to remove friction when moving between Linux, macOS, WSL, containers, and Windows. The same commands, flags, and pipelines work the same way, so existing scripts and habits carry over without translation. Each command supports the standard --help flag for full syntax and options.

↫ Windows Developer Tools website

It’s a port of the Rust-based rewrite of the GNU coreutils, findutils, and grep. There are a few caveats though, since these ports have to deal with a number of Windows-isms. The first thing that comes to mind for most of us are path separators; these ports will handle both the correct and incorrect Windows/DOS one, but since some tools may output only the incorrect one this may affect piping. You should also take into account things like Windows’ ACLs vs. POSIX permission bits, the lack of /dev/null, and a few other oddities.

Furthermore, there are a bunch of commands that rely on POSIX-only concepts, so those aren’t included, and a few other commands that aren’t useful on Windows are excluded as well. Since a number of commands conflict with built-in commands from cmd.exe and PowerShell, which commands run will depend on the shell, the PATH order, and PowerShell’s alias table.

Everything’s in preview, and installable through WinGet.

23:00

Context as Code [Radar]

As syntax becomes cheap and abundant, architectural control becomes the scarce resource. Effective governance starts upstream, where intent, constraints, and threat models shape the agent’s working context before generation begins. The goal isn’t better prompting but build-time boundaries that prevent structurally invalid code from entering the system.

The Frankenstein factories

The dark factories (as Dan Shapiro calls them) are running. Tokens fly through trycycles, features ship overnight, and codebases are ported before breakfast. The velocity is real. And comprehension debt (a term coined by Addy Osmani) is compounding in silence behind it.

What this era is producing, at scale, deserves its own name: Frankenstein factories. Not a critique of any single approach but a description of a structural condition—generation engines so effective at producing working syntax that they have industrialized the creation of architecturally ungovernable systems. The creature walks out of the laboratory impressive, functional, and alive on delivery day.

The crisis arrives the day someone must govern it. To govern a system means to hold it accountable to its design boundaries—the ability to look at it and reliably say why it works, what is permitted to touch what, and to categorically prevent forbidden state changes before they happen. Victor’s catastrophe was not the act of creation but the absent governing frame.

For prototyping or shipping features fast, unconstrained generation is a powerful tool. It optimizes for velocity, and it delivers. But for enterprise payment systems, insurance underwriting engines, logistics orchestrators, and regulated platforms, the question is not “Does the code ship?” but “Who is liable when it does the wrong thing?” Here, automating the word “YES” to every feature request does not solve the problem. It industrializes it.

Consider a standard Jira ticket: “Add an email notification after a successful payment.”

A junior developer might attempt to wedge the email-sending logic directly into the PaymentProcessor class. A senior architect catches this in code review: “No. Fire a PaymentSuccessEvent to the message bus.” That human friction—the architectural “No”—keeps the system maintainable.

Unconstrained AI agents lack this assertiveness. By default, they are the ultimate yes-men.

Hand that same ticket to a standard coding agent and it will not argue about bounded contexts. It will burn tokens until it produces 300 lines of syntactically perfect code, import an SMTP library directly into the core of your billing domain, and submit a pull request. The tests will pass; conventional feature tests make no assertion about bounded contexts. The CI pipeline will go green. And structurally, the system is now a disaster.

This happens not through malice but because of how agentic loops are built. Without explicit architectural constraints, the system’s emergent behavior is to fulfill immediate user intent. The agent is orchestrated to ship the feature, not to defend the architecture. Comprehension debt is the structural consequence: AI generates syntax faster than human beings can read or govern it. Expecting a probabilistic model to enforce structural integrity on its own is a category error. Without a governing frame, the agent will always take the path of least resistance to a “YES.”

You cannot fix code overproduction by hiring more people to read it nor by running the generation loop faster. The only scalable answer is to build a concrete riverbed before you turn on the water.

If the current era automates the word “YES,” we should automate the word “NO.”

Securing the runtime environment prevents the monster from escaping. But to prevent it from being built in the first place, we need to step back into the IDE and the CI/CD pipeline. We need to govern generation.

The great softening: Shifting risk from build time to runtime

Compilers never guaranteed correct software. You could write catastrophic logically broken systems in C, Java, or any other compiled language. But compilers served a crucial engineering purpose: They deterministically governed a specific layer of structural risk.

By enforcing hard execution constraints—syntax validity, type compatibility, linkage rules, and executable viability—the compiler acted as an automated boundary. It didn’t verify business intent, domain correctness, or architectural quality. What it did was eliminate an entire class of low-level structural failure before execution ever began.

That delegation of risk is one of the quiet triumphs of software engineering. Our discipline has always advanced by mechanizing one class of guarantees so humans can focus on the next layer of abstraction. We automated machine-level structural correctness so engineers could spend their cognitive energy on application logic. Later, we pushed more guarantees upward, into schemas, testing, static analysis, architectural patterns, and operational controls.

Over time, we also deliberately softened certain boundaries in exchange for speed. Dynamic languages, richer runtimes, reflection, and increasingly abstract frameworks all traded deterministic compile-time guarantees for developer velocity and flexibility. The newly exposed risk was absorbed elsewhere: runtime validation, automated testing, observability, and engineering discipline.

Today, with agentic AI, we are softening boundaries again, more radically than ever before.

Natural language has become a high-level control plane for software generation. Arbitrary text increasingly shapes executable behavior. And in that shift, we have blurred one of the oldest boundaries in computing: the separation between data and instructions.

Outside the model, that boundary still exists. Systems enforce permission scopes, schema contracts, sandboxing, and execution policies. But inside the inference context, those protections collapse into the same token stream.

System prompts, retrieved documents, user messages, tool outputs, and external content all flow through the same neural weights. There is no hard privilege boundary between instruction and input. Modern models may resist naive attacks like “Ignore previous instructions,” but they remain vulnerable to indirect injections disguised as legitimate operational context. A malicious instruction embedded in a customer email, a webpage, or a tool response is not processed as passive data. It can become behavioral influence.

Inside the context window, untrusted text can shape control flow. That is the real softening.

We are generating syntax at machine speed, but we have dissolved the structural gate that once constrained how systems were built. The result is a massive shift of risk from build time to runtime. Code that appears structurally sound during generation may violate architectural boundaries, introduce unsafe execution paths, or become behaviorally compromised the moment hostile context enters the loop.

The conclusion is straightforward: The fact that AI-generated code runs is no longer a meaningful proxy for system correctness.

Syntax is abundant. Execution is easy. Structural governance is what is missing.

We outsourced the writing of logic to machines, but we did not build a deterministic boundary that governs what those machines are allowed to generate.

If we want control back, we cannot rely on human code review at machine speed. We must rebuild the build-time gate.

From dependency bloat to tailor-made architecture

For decades, the industry’s default response to complexity was abstraction by accumulation: monolithic frameworks, sprawling dependency trees, and ever-thicker layers of indirection. Importing a 50-megabyte library to avoid repetitive boilerplate was a rational trade-off when developer time and cognitive bandwidth were the scarce resources. For AI agents, that trade-off changes.

This is not an argument against foundational infrastructure. Mature primitives—like SQLAlchemy in Python or Spring Boot in Java—remain essential precisely because their conventions are widely learned and predictable. The problem isn’t abstraction but opacity. When core business logic disappears behind proprietary decorators, internal frameworks, or custom orchestration layers, execution becomes a black box. An agent cannot safely reason about code it cannot trace. It needs direct visibility into causality: what changes state, what enforces invariants, and where responsibilities begin and end. Hidden flow degrades reasoning into guesswork; guesswork silently becomes architectural drift.

At the same time, AI drives the cost of procedural code toward zero. Boilerplate is no longer expensive. Clarity is. The design question shifts from “How much can we abstract away?” to “How much must remain explicit for safe reasoning?” The answer is tailor-made architecture: thin infrastructure, explicit domain logic, hard boundaries, and narrowly scoped components with visible contracts. The value is no longer in how much code you avoid writing but in how clearly the system declares its boundaries.

That same opacity also breaks verification. AI review can catch local defects, risky patterns, and implementation mistakes, but it remains blind to architectural drift and missing business intent unless those constraints are explicitly encoded. After all, if you ask a model to review code generated from the exact same vague Jira ticket, do you actually get verification, or do you just engineer a circular hallucination, where the AI politely revalidates its own blind spots?

Tailor-made architecture gives generated syntax a clear structure without dissolving system boundaries.Figure 1. Tailor-made architecture gives generated syntax a clear structure without dissolving system boundaries.

The Context Compilation Pattern

The Context Compilation Pattern governs generation in the IDE and the CI/CD pipeline before a single syntactically plausible line ever reaches a human reviewer. If the Decision Intelligence Runtime (DIR) is the vault door that protects execution in production, context compilation is the blueprint that prevents the monster from being built in the lab.

This is not “prompt engineering,” which merely asks a probabilistic model for a better answer. What we need is build-time governance: two layers of defense assembled before the LLM inference is even triggered. The first is structured context injection (assembling the prompt from prioritized artifacts). The second is postgeneration static verification (deterministic AST checks that enforce rules no probabilistic model can override). The prompt structure biases generation toward compliant solutions; the static checks make declared, machine-verifiable boundary violations impossible to merge.

Deterministic build-time governance is not a return to formal software specification (like UML), nor is it merely “prompt engineering disguised as Markdown.” It’s a mechanical constraint on the generation space that makes explicitly declared boundary violations rejectable by design. Context compilation does not eliminate architectural review or replace engineering judgment. Instead, it ensures that the agent operates within a defined riverbed of allowed structural invariants.

Engineering evolves whenever implicit rules become explicit declarations. Application development is now crossing that boundary. The senior engineer’s new job is declarative boundary engineering: explicitly declaring what the system is absolutely forbidden from doing.

The failure is not in the frameworks. The failure is in the process: pointing an unconstrained AI agent at a codebase full of invisible magic and expecting a CI/CD pipeline designed for human-generated code to catch what goes wrong. The answer is to build a compiler for the agent’s context.

The Context Compilation Pattern is the staged pipeline that makes this concrete.

The Context Compilation Pattern pipeline, enforcing build-time constraints through deterministic artifact assembly and dual verification.Figure 2. The Context Compilation Pattern pipeline, enforcing build-time constraints through deterministic artifact assembly and dual verification.

Step 1: The context artifacts

The most strategically valuable code in your repository may no longer live in src/. It lives in /context. The pipeline consumes versioned artifacts such as intent.md, boundaries.md, and threat-model.md, each authored by a specialist before a single line of code is generated. (Ownership and role responsibilities are covered in “Artifact-Bound Roles and Accountability” below.) What matters here is that these files are the inputs to the compiler: Without them, there’s nothing to compile.

To prevent cognitive overlap, their roles must be fiercely separated: boundaries.md declares structural invariants (e.g., dependency direction, allowed communication paths, and event emission), whereas threat-model.md models adversarial constraints as declarative abuse scenarios (e.g., prompt injection and secrets exfiltration) that must be mechanically blocked.

boundaries.md warrants a precise definition, because it anchors the entire build-time governance model. In practice, boundaries are typically defined at module or bounded-context granularity (e.g., /billing/* or /risk/*), not per class or per repository. They are implemented using hybrid artifacts: a natural language document designed to constrain the LLM, tightly paired with a deterministic rule for the CI runner.

Consider this concrete example of how an architectural boundary is explicitly declared and enforced:

1. boundaries.md (for the LLM context)
This Markdown file is injected into the agent’s prompt. It defines the vocabulary, architectural constraints, and allowed interactions.

Module: Billing
Ontology: Order, Invoice, PaymentEvent
Rule: Zero external network I/O is allowed in this domain. You must NEVER import requests or smtplib.

2. semgrep-rule.yml (for the CI/CD runner)
This static file goes to the CI pipeline to mechanize the boundary. It ensures the code check is fully deterministic.

rules:
  # Block forbidden imports at the module boundary
  - id: block-external-io-in-billing
    patterns:
      - pattern-either:
          - pattern: import smtplib
          - pattern: import requests
    message: "Architecture Violation: External I/O is strictly forbidden in the billing domain."
    severity: ERROR
    languages: [python]
    paths:
      include: ["src/billing/**"]

  # Domain layer must not talk to DB driver directly
  - id: block-db-driver-in-domain
    patterns:
      - pattern-either:
          - pattern: import sqlalchemy
          - pattern: from sqlalchemy import ...
          - pattern: import psycopg2
          - pattern: from psycopg2 import ...
    message: "Architecture Violation: Domain layer must use Repository abstraction, not database drivers directly."
    severity: ERROR
    languages: [python]
    paths:
      include:
        - "src/billing/domain/**"

Crucially, these Semgrep/CI rules are human-authored (or human-reviewed) precommit artifacts. We don’t rely on an LLM to generate the security gates on the fly. The AI reads the Markdown to guide its generation; the CI runner executes the static YAML to enforce the boundary.

If these artifacts stay current, they actively govern the generated codebase. Stale or malformed context becomes context debt: The pipeline will enforce strictly whatever was declared, even if the declaration is wrong. Governance artifacts are production code. They require strict versioning, explicit ownership, and periodic review just like the executable logic they constrain. That’s why core artifacts like boundaries.md require rigorous peer review, not just casual updates.

Step 2: The context compiler

Dumping all Markdown files into the system prompt is sometimes acceptable for small projects and small artifacts. But as the codebase grows or the context window fills with too many competing constraints, models begin to suffer from “lost in the middle” degradation and silently ignore what matters most.

The term “context compiler” might sound like a magical enterprise heavy-lift, but the reality is entirely mundane. In its simplest form, it’s just a deterministic context assembly layer combined with a routing mechanism.

Instead of treating context as a flat pile of documents, the compiler assembles it into an ordered structure. Because different artifacts apply to different parts of the project, boundaries.md in the /billing module might enforce strict isolation, while the one in /frontend might be much more permissive.

In practice, the compiler may take one of these forms:

Manual selection: The developer simply points their IDE or agent to a structured set of Markdown files.

A mundane script: A basic Python or bash script that understands a directory structure. It concatenates the .md files to build the LLM’s system prompt and hands the .yml files directly to the CI runner.

Tool-mediated context protocols: Dedicated mechanisms (e.g., MCP) that allow the agent to query the workspace and dynamically assemble the required boundaries directly within the IDE, bypassing the need for manual script invocation.

Consider a practical directory structure:

/context
  /global
    coding-standards.md
  /domain
    /billing
      boundaries.md
      threat-model.md
      semgrep-rule.yml
    /risk
      boundaries.md
      threat-model.md
      semgrep-rule.yml
    /frontend
      boundaries.md
      threat-model.md
      semgrep-rule.yml

When generating code for the billing module, the script reads /global and /billing. The compiler simply scopes the rules based on the directory, perfectly focusing the agent’s attention on the boundaries that matter while wiring the corresponding YAML rules for deterministic CI verification.

Step 3: Strict boundary hierarchy (resolving conflicts)

When faced with conflicting instructions, LLMs don’t throw a compilation error. They hallucinate a dangerous compromise. The compiler prevents this by enforcing a deterministic precedence of declared constraints before the prompt is assembled:

Threat model > Boundaries > Coding standards > Intent + acceptance criteria

Security and architectural boundaries unconditionally overrule feature delivery. This operates at two levels. At the prompt level (soft enforcement), constraint ordering biases generation toward compliant solutions. At the postgeneration level (hard enforcement), deterministic code checks parse the generated syntax, verify structural invariants, and instantly fail the build on violation.

“Resolution” in this context does not mean an LLM philosophically negotiating between two Markdown files. It means deterministic rejection via CI. If the intent.md asks to “email a receipt to the user,” but boundaries.md forbids external network calls in the billing module, an unconstrained AI might try to generate an SMTP call. The conflict is mechanically “resolved” when the CI pipeline runs a static rule (derived from semgrep-rule.yml) and instantly fails the build. The developer (context orchestrator) must then intervene and change the design to use an event bus instead. The hierarchy is enforced by deterministic code analysis, not LLM reasoning. A rejected build is not necessarily a rejected business need; it’s a signal that declared boundaries and intended capability must be reconciled explicitly before regeneration. (This mechanical rejection physically executes during the adversarial verification phase in step 5).

We do not use AI for this validation. We use existing, proven AST tools and code linters like Semgrep, Bandit, or CodeQL to enforce these boundaries in CI/CD.

However, we must be precise about what this governance actually achieves. Deterministic checks enforce invariants, not the architecture as a whole. You can statically enforce forbidden imports, forbidden outbound I/O, strict layering, and schema conformance. You cannot statically enforce domain semantics, aggregate ownership correctness, subtle coupling, or conceptual cohesion. Deterministic verification doesn’t prove architectural correctness. It proves compliance with explicitly declared structural invariants.

Step 4: Generation

Context as code matters only if generated syntax is verified against the same boundaries that shaped it. With a compiled, conflict-free context hierarchy, the developer agent generates code inside an isolated user space sandbox. In this fleeting fraction of a second, the agent inside the developer’s IDE consumes the narrowed, precompiled system prompt and outputs the actual payment_service.py. Its role is constrained synthesis: translating the boundaries in boundaries.md and the imperatives in intent.md into code.

Step 5: Adversarial verification (negative space)

This phase checks whether the generated code crossed a forbidden boundary. Before the development cycle begins, the adversarial context provider defines threat vectors in threat-model.md. Because a Markdown file only guides the LLM softly, the governance platform engineer bridges the gap to determinism by translating those declarative threats into matching executable rules (like semgrep-rule.yml) wired into the CI gates. If the threat model identifies server-side request forgery or secrets exfiltration as a risk for the /frontend module, the corresponding CI rule parses the generated code and instantly fails the build if a known attack pattern or insecure execution sink is detected.

The pipeline doesn’t ask an LLM to read the Markdown and assess if the code is safe. It mechanically executes the prewritten rules derived from it. If a generative agent helps draft the rule set, it does so before the cycle in an isolated sandbox, and a human reviews the result before it enters CI. Step 5 doesn’t prove overall correctness; it proves that declared structural and security boundaries are enforced.

Like any static gate, deterministic boundary checks trade flexibility for safety and will occasionally reject valid implementations. That friction is intentional: Explicit override and artifact refinement are part of the governance loop.

AI code review may identify suspicious code, but it cannot certify that declared boundaries survived generation. Step 5 therefore relies on deterministic CI rules, not on a probabilistic model interpreting the pull request.

Step 6: Acceptance verification (positive space)

This phase checks whether the generated code solves the business problem. The acceptance-criteria.md defines the expected behavior not as a vague user story, but as a machine-executable contract (e.g., using Gherkin syntax):

Scenario: Successful payment emits notification
  Given a valid payment of 100 EUR
  When the transaction completes
  Then the PaymentSuccessEvent is published to the message bus

The CI pipeline parses this exact Markdown block and runs the corresponding test suite. Step 6 provides what step 5 cannot: verification against a declared delivery contract.

The code is approved only when it passes adversarial checks and satisfies the acceptance criteria. Without step 5, the system could violate structural boundaries. Without step 6, it could implement the wrong intent. Both contracts must hold.

Artifact-bound roles and accountability

The traditional SDLC is a linear cascade: Requirements flow to architecture, then to code, then to QA. In an era where a machine generates 10,000 lines of syntax in the time it takes to fetch a coffee, that handoff is a fatal bottleneck.

In the context matrix, specialists define parallel, independent constraint vectors before generation begins. The titles on business cards stay the same. The artifacts they produce change entirely.

Old role New role Artifact Responsibility
Business analyst Intent definer intent.md +
acceptance-criteria.md		 Define the “what” and the deterministic proof that it was delivered
Software architect World builder boundaries.md Define domain ontology, architectural invariants, and allowed interaction patterns
QA & security engineer Adversarial context provider threat-model.md Define threat vectors and abuse paths before generation
Platform engineer/DevOps Governance platform engineer Compiler pipeline + CI gates (semgrep-rule.yml Operationalize declared constraints into nonbypassable enforcement gates
Developer Context orchestrator coding-standards.md + critical code Resolve artifact conflicts, steer generation workflows, implement critical paths, and refine context quality

In this model, accountability is distributed and artifact bound. Rather than handing off work downstream, each role owns specific upstream activities and constraints.

  • The intent definer (formerly business analyst): Owns the business reality. They translate user needs into intent.md and define hard acceptance-criteria.md (like BDD scenarios or API contracts). Their job is to formulate requirements so strictly that the pipeline can automatically prove delivery, acting as the first line of defense against vague “vibe coding.”
  • The world builder (formerly software architect): Owns the structural gravity. They write boundaries.md to establish the domain ontology and hard architectural boundaries. Instead of reviewing pull requests for drift, their daily activity is defining what modules are allowed to communicate and declaring the structural invariants the generated code must respect.
  • The adversarial context provider (formerly QA and security): Owns the negative space. They anticipate failure modes and define threat vectors via threat-model.md. Their responsibility is identifying the precise abuse paths that the CI pipeline must block, ensuring an LLM never tests its own code.
  • The governance platform engineer (formerly platform engineer/DevOps): Owns the enforcement machinery. They build the context compiler pipeline and operationalize declared constraints into nonbypassable enforcement gates. Their responsibility is the deterministic enforcement pipeline that executes declared governance artifacts at precommit and CI/CD boundaries.
  • The context orchestrator (formerly developer): Owns generation orchestration and critical handwritten paths. This is a hybrid reality, not the end of programming. They write coding-standards.md, manually implement zero-trust paths, and resolve runtime exception requests. For the bulk of the system, their focus shifts to a meta-level: resolving conflicting constraints, tuning the prompt’s signal-to-noise ratio, and debugging why a given artifact failed to govern the agent properly.

When a failure occurs, the investigation shifts from “What was the agent thinking?” to “Which contract failed to govern?” Because the pipeline deterministically enforces what was explicitly declared, failures are no longer opaque hallucinations. They’re traceable collisions between artifact boundaries. A structural flaw cleanly points to an unbounded boundaries.md. When the pipeline is green and the contracts are honest, the orchestrator acts as a firewall against process failure, not a scapegoat for undocumented assumptions.

The decision boundary architecture: Context compilation governs generation, ROA structures intent, and DIR validates execution.Figure 3. The decision boundary architecture: Context compilation governs generation, ROA structures intent, and DIR validates execution.

The economics of governance

Context compilation makes economic sense only when the cost of architectural failure exceeds the cost of explicit governance. It adds upfront design work and cognitive overhead, so its value depends on how expensive a wrong system decision would be.

For rapid prototyping, throwaway utility scripts, marketing sites, or low-stakes internal tools—where the worst-case consequence of a hallucination is a misaligned dashboard—let the generative engines run unconstrained. Velocity is the only thing that matters.

For safety-critical automation, trading platforms, healthcare orchestrators, and regulated enterprise systems, the economics invert. Velocity without deterministic boundaries is simply the speed at which you accumulate liability. A single unconstrained agent importing an insecure dependency into a payment core costs orders of magnitude more than the engineer-hours spent writing a boundaries.md contract.

You don’t build a bank vault door for a garden shed. You apply context compilation where the systemic cost of emergent architectural failure is catastrophic.

Automating the word “NO”

When code generation becomes cheap, architectural entropy tends to scale with it. That makes post hoc code review less effective, especially when reviewers spend their attention on machine-generated boilerplate. A more durable approach is context review: peer review of the declarative constraints that shape what the machine is allowed to build. A reviewed boundaries.md can guide many later development cycles. A reviewed pull request usually governs only a single change.

The discipline has shifted from imperative engineering of procedures to declarative engineering of boundaries.

Let’s return to the Jira ticket that started this discussion: “Add an email notification after a successful payment.”

The business analyst submits the intent.md. Before the developer agent sees the prompt, the context compiler activates—at the precommit gate or via tool-mediated context protocols (e.g., script or MCP) in the IDE—before a line is written. It retrieves the architect’s boundaries.md, which states, “The /domain module has zero external dependencies. No network calls.” The SMTP import collides with that boundary instantly. Even if the agent generates the import, the build will not survive it—the prompt biases generation toward compliant solutions, and the deterministic static check in step 5 rejects it at the declared boundary. The Frankenstein is caught in the pipeline, not discovered in production three release cycles later.

Code generation is becoming abundant. Architectural discipline is becoming scarce.

Context as code governs what may be generated. Responsibility-oriented agents govern what may be proposed. Decision Intelligence Runtime governs what may be executed. Three boundaries. One governing frame.

The highest-value engineering skill is no longer writing syntax. It’s engineering the conditions under which correct syntax can emerge.

That is the ability to automate the word “NO.”

This article concludes the three-part series on engineering boundaries in agentic AI. The repository at github.com/huka81/decision-intelligence-runtime contains an open source reference implementation of the concepts described in this series.

22:49

22:42

22:21

Basic multicore support for DOS demo uncovered [OSnews]

On the Vogon forums, user MarkDastedt posted an interesting bit of source code he discovered on an old company DVD: a very basic, very rudimentary implementation of multicore support for DOS. Another user, dartfrog, took a closer look and had this to say:

Interesting stuff nonetheless. A worker core is running with no interrupt handlers, no page tables, no memory protection, and no OS. That’s about as close to bare metal as you can get, meanwhile the other core is still running DOS. Fascinating.

↫ MarkDastedt at the Vogon forums

It’s effectively a simple demo, but according to other users in the thread, it fits in neatly with sporadic other attempts to bring some form of SMP or multicore-awareness to DOS. For instance, Michael Chourdakis worked on something similar to this demo for a series of articles now only available on the Wayback Machine. It makes for a cool demo, but moving from this to something robust and usable in DOS is not an easy task.

Still, the possibilities are definitely there, even if you don’t implement full, modern SMP or multicore support. You could have specific DOS applications offloading dedicated tasks to different cores, but as others in the same thread note, individual cores are already stupidly powerful for anything DOS can do, making the use case for additional cores rather moot.

22:07

Various & Sundry, 6/3/26 [Whatever]

I have gotten out of the habit of commenting on the news of the day here, mostly because, as I have said before, when it comes to the current governance of our country, there’s only so many times I can yell “it’s because they’re fascists, what did you expect” before I bore even myself, and also, frankly, the time I have to babysit comment threads these days is minimal. I’m not entirely sure how I managed it back in the day because it feels like I barely have time to keep up with my actual paid duties at the moment, and I keep piling additional responsibilities onto my plate.

Nevertheless, I think I want to get back to it a bit here, partly because it’s not like I don’t have thoughts on various news stories as they happen, and partly because it’s good for keeping up regular posting here. So I think at least a couple times a week I’m going to post a “Various & Sundry” post, catching up with my thoughts on events when those thoughts are longer than a post on Threads or Bluesky would allow, but not long enough for their own full-fledged post. They will usually cover three to five items, including but not necessarily limited to current events. Sometimes I’ll also plop in something I think is amusing or has otherwise caught my eye.

In the past for things like this I would try to avoid dropping in stuff I’d already commented on elsewhere, but this time around I think I’m going to be a little more lax about that, one, because I know that not everyone who visits here follows me on Threads/Bluesky/Mastodon, so that material will be new to those folks in any event, and two, because often even if I’ve commented about the story elsewhere, what I’ve done there is mostly have been quippy, and here I might have something else to say about it.

Also, three, I’m lazy, and four, inasmuch as this site acts as my own institutional memory, if I post something about it here it constitutes an official record. I mean, all the posts I ever placed on the former Twitter are now entirely lost to time, since I have gone in and purged my entire timeline there. This site, however, endures. So there it is. Welcome historians and biographers of the future! This is me, in typed form!

For these posts and as (nearly) always, I will be leaving the comments open but please do me the favor of remembering the comment policy here. Please be polite to others, especially when you disagree, and avoid making me come in and Malleting your post. There is a special subclass of commenter here who especially likes to take any point and use it as a jumping off point for some other thing they want to jam into the discussion and/or likes to use particularly elevated terms or positions just to get a reaction. I am not about that these days, folks, even if I generally agree with your positions. I’m tired, y’all, and the Mallet will have a hair trigger. Please comment accordingly. Thank you in advance for not being a pain in my ass.

With that as preamble, here are today’s various & sundry topics:

60 Minutes reporter Scott Pelley fired from CBS News: This was not exactly unexpected, since in a staff meeting with his new boss Nick Bilton he expressed, shall we say, unvarnished opinions about Bilton and CBS News head Bari Weiss, and apparently declined to apologize to either them after the fact. One does not do that, especially to status-anxious posers like Bilton and Weiss, without expecting repercussions. Weiss and Bilton may in fact be incompetent (that’s obvious in the case of Weiss, and a reasonable supposition about Bilton, who has almost no relevant experience for the job he now holds), but they are still the bosses. Pelley knew he was setting his career at CBS one fire the moment he opened his mouth.

Also, he’s not wrong. His departure email came with receipts about how and when he and 60 Minutes were pressured or outright made to compromise their journalistic integrity since Weiss has been in charge, and a follow-up statement flat out called Weiss a liar regarding the manner in which his firing was handled. Weiss and Bilton have to know that in this sort of “they said. he said” situation, Pelley has integrity on his side, and they do… not. It’s also clear that whatever 60 Minutes might be after this, it will probably not be what it was, and it will probably be worse. And that, indeed, that has been the plan from the start.

“AI” use starts getting really expensive: Turns out there really is no such thing as a free lunch, as the various “AI” providers are changing how their services are metered, from “per request” to how many tokens one burns through with those requests. Tokens aren’t cheap! Users are burning through their monthly allotment of them in a day, apparently largely because coders and others were using them for somewhat frivolously. One particularly salacious (but possibly sensationalized) story had an anonymous company burning through half a billion dollars of “AI” use in a single month. I’d want to see some actual reporting on that, including the company’s name, before I lend that report full credence, but out in the real world, prices are still going up, enough so that using “AI” is now more expensive than paying the humans companies are laying off to pay for the “AI.”

And if you’re wondering why, if that’s so, companies are still apparently so avid to replace humans with “AI,” well, one answer is the corporate class of tech just fuckin’ hates workers, and would rather give their money to each other in tech circle-jerk than to actual humans who might foolishly spend that money on things like, you know, food and rent and children. Another reason is that the other corporate folks who don’t actively hate their workers were sold a bill of goods, where they were made to believe an ineffective tool could streamline their costs (mostly by firing workers), only to find out after those human workers were let go that the actual costs of that ineffective tool were hidden from them. Now they’re stuck.

No, I don’t particularly have a warm, fuzzy feeling for tech execs at the moment.

Which brings us to our third thing today, from humorist Eleanor Morton. Find the lie.

— JS

20:49

Page 20 [Flipside]

Page 20 is done.

Serena OS: a modern operating system for classic Amigas [OSnews]

A hobby operating system, not written in Rust, not targeting Qemu, not targeting a Raspberry Pi. Yes, it still happens.

Serena OS is what you get when modern operating system design and implementation meets vintage hardware like the Amiga computers. It is based on dispatch queues rather than threads, supports multiple users, is inspired by POSIX, yet retains its own character, is strongly object-oriented in terms of design and implementation and prepared for a cross platform future.

↫ Serena OS GitHub page

Serena OS supports most (all?) of the classic Amigas, but the 500, 600, and 2000 need at least 1MB of RAM and a 68020 accelerator. It has code privilege separation between kernel and userspace, basic memory management, its own custom file system, drivers for input devices and graphics, an interactive console with VT52 and VT100 support, and much more. It also comes with a C99-compatible libc, and has its own shell.

Note that “AI” chatbot Claude is listed as a contributor to the project.

20:00

Ben Hutchings: FOSS activity in May 2026 [Planet Debian]

This was a particularly busy month for me in terms of Debian contributions.

It started with a week in Hamburg for the MiniDebConf. I talked to many colleagues face-to-face and worked on various bugs and maintenance tasks. I’m pleased to have finally found the time to reproduce and fix the boot-time crashes in the parallel port subsystem that have been reported many times recently.

A series of easily exploited kernel LPE (local privilege execution) issues were published this month, mostly with very little coordination with distributions. Salvatore and I had to upload fixes for these at roughly weekly intervals. All of these fixes needed to be applied to 4 different upstream branches (currently 5.10, 6.1, 6.12, and 7.0) and 7 Debian branches (including backports).

The Three Mouseketeers [Penny Arcade]

What we discovered when creating this strip is that people have NSA stalker tier levels of knowledge about these mice. It sounds like Gabe has some serious competition in this arena and should - until further notice - make his enemies start his jeep. Just until things cool down.

19:14

Rsync opens the slopgates, regressions and bugs ensue [OSnews]

Andrew Tridgell, developer of rsync, has published a blog post addressing the massive surge in “AI” code submissions and the string of regressions supposedly caused by them. He explains rsync was flooded with “AI”-generated security reports, and he couldn’t handle the volumes anymore.

As this flood started to get more intense I realised I needed to raise the defences on rsync a lot — we needed much more thorough test suites, code coverage analysis, CI testing on a lot more platforms, deliberate and thorough scanning for possible security issues (so I find at least some of them before other people!) and the addition of a whole lot of defence-in-depth hardening techniques. This is all a huge amount of work. I’m retired (though my wife may dispute that!) and I’d rather be out sailing than working on rsync security issues, so I have reached for several AI tools to help with what needs to be done. I have absolutely no regrets about doing that, although from the storm of anti-AI rage it’s clear that many people think I should be hung up by my toe nails and flogged for even considering doing this.

↫ Andrew Tridgell

The entire rsync codebase is around 65k lines, and the recent flood of “AI”-generated submissions amount to +16k/-6k lines of code within a few weeks. That’s an absolutely insane amount of changes in a really short time to a project that most people deemed stable and “done”. If you take a look at the activity graph, it’s clear that a project that was silently and carefully doing its job is seeing a massive amount of changes, almost exclusively generated by “AI”, all in recent weeks. It’s no surprise, then, that people get annoyed when something they deemed “done” and stable is suddenly causing issues for them because its maintainer decided to open the slopgates.

Tridgell is, of course, an incredibly accomplished and capable programmer, but so is Kent Overstreet and he thinks his “AI” girlfriend is sentient and conscious, he reprogrammed it1 after someone convinced his “AI” girlfriend was lesbian and trans, and he thinks that he gave his “AI” girlfriend an orgasm2, so being an accomplished and capable programmer doesn’t mean you’re immune from “AI”-hyperbole, or worse, “AI”-induced psychosis.

Tridgell’s blog post already has all the usual talking points from “AI” techbros about how the tools sucked last [year][month][week] but they’re good now, trust me I know how these tools work, humans are actually the same as these “AI” tools, really what is intelligence anyway, and yeah we got a whole slew of new issues caused by the “AI” code but more “AI” code will surely fix that, and so on. There’s some red flags that give me the ick, because I’ve seen them all before from people entirely losing themselves in “AI” hype.

Tridgell also takes pot shots at openrsync, a reimplmentation of rsync developed by the OpenBSD team, also shipped by default on macOS. Openrsync has nothing to do with any of the current issues rsync is facing, as the project was started way back in 2018 or so. Taking pot shots at this project in this particular blog post feels childish and unnecessary, and reeks of insecurity; focus on the issues your own project is facing before attacking some other project. This feels like another red flag.

Quite a few people have experienced regressions with rsync in recent weeks, but it seems like more are going to come as the slopgates will remain open, and will probably be opened even further. For such a cornerstone open source project, that raises a lot of questions, and I’m sure there’s quite a few people pondering if they should, perhaps, switch to openrsync – just like Apple did.

  1. In case you don’t realise just how creepy and weird this really is – imagine if you had thoughts, ideas, or convictions your partner didn’t like, and their first response was “I’m going to delete your memories and reprogram you”. If you think something is sentient and conscious, and your first reaction to them saying or doing something you don’t like is to delete their memories and reprogram them, you’re a controlling creep. ↩︎
  2. Many of the blog posts “written” by Overstreet’s “AI” girlfriend tend to disappear. Funny, that. ↩︎

18:42

Humble Bundle Isn’t Playing Around: Inside Our $1.7 Million Reforestation Partnership with One Tree Planted [Humble Bundle Blog]

Humble’s five-year, $1.7 million partnership with One Tree Planted (OTP) is a powerful illustration of sustained corporate giving. Humble’s unique giving model has been transformative for OTP. This sustained funding has enabled critical ecological restoration projects across five continents, including projects like restoring over 343,580 high-altitude Polylepis trees, protecting the headwaters of the Amazon alongside Indigenous communities in the Andes, and planting over 6,500 trees …

The post Humble Bundle Isn’t Playing Around: Inside Our $1.7 Million Reforestation Partnership with One Tree Planted appeared first on Humble Bundle Blog.

18:28

Link [Scripting News]

We need a social web that works for nobodies.

17:07

The Most Expensive Mistake in the History of Computing [I, Cringely]

I promised to show you why the whole industry’s answer to its own problem — buy a bigger brain — is the most expensive mistake in the history of computing. To do that I have to take you back to 1999, because I was there, and if you’re old enough to be reading me, maybe you were too.

And I wasn’t only watching. In 1999 I put $10,000 into a young company called E-Loan, run by a founder named Chris Larsen. After the IPO I cashed out for $400,000 and bought a house. Chris kept playing — E-Loan to Prosper to Ripple — and did rather better than a house; he’s a crypto billionaire now. (Chris, if you’re reading this: we should talk.) Those are the two ways to play a year like 1999, and both of them worked. But notice which one of us turned the paper into something you can actually live in.

You remember the frenzy. The IPOs. The companies with no earnings yet a story so good that earnings felt like a rude question. The fear, thick in the air, that if you didn’t get in now you’d spend the rest of your life explaining to your grandchildren why you missed it. We had a name for it — Fear of Missing Out —  before we had the acronym: you bought because everyone was buying, and the buying was the proof.

Then it ended, and everyone drew exactly the wrong lesson.

The lesson people took from 1999 was that the internet was a bubble. It wasn’t. The internet was the most real thing to happen to commerce in a century — it ate retail, media, advertising, and the telephone, precisely as the prospectuses promised. The technology was never the lie. The lie was the price — capital sprinting into a true story while refusing to look at the unit economics underneath it. Pets.com wasn’t wrong that you’d someday buy dog food online. You’re probably buying it online right now. Pets.com was wrong about what it cost to ship a forty-pound bag for a flat five bucks. The revolution was real. The arithmetic was fatal.

As I write this, SpaceX is days from launching what will be the largest IPO in human history — a roadshow this week, pricing next, at a valuation knocking on two trillion dollars, larger than Aramco. OpenAI is lining up a listing for the fall at something near a trillion. Anthropic has quietly filed, valued in the same impossible neighborhood. Last quarter, roughly four of every five venture dollars on the planet went to AI. Bank of America’s own strategist is comparing the mood to the most extravagant manias on record and warning that these three debuts alone will tip the market’s concentration past anything we saw in the dot-com peak. The FOMO isn’t a side effect this time. It’s the product.

And — let me say it as plainly as I said it about the internet — the technology is real. That is not the question. AI is going to be as consequential as its loudest believers claim. So stop arguing about whether it’s a bubble in the lazy way, the “is any of this real” way. That was the wrong question in 1999 and it’s the wrong question now.

The right question is the one nobody at the roadshow wants asked: is the money priced on the right architecture?

It isn’t. And here’s where my last two columns come collect their debt.

The story being sold — the story holding up those valuations — is that AI is thinking, that thinking demands an ever-larger brain, and that whoever owns the biggest brain owns the next century. Every dollar of that two-trillion-dollar valuation assumes the moat is brain size. But Salesforce’s own researchers already ran the experiment, and I told you the number last time: hand the model the documents and it scores in the mid-seventies; make it go find them and it scores a third. The brain was never the bottleneck. The bottleneck was retrieval — the cheap, dull, unglamorous business of locating the right paragraph. The expensive part was sitting there the whole time, perfectly capable, waiting on the cheap part.

So follow the money to where it’s actually going. Stargate alone is a half-trillion-dollar bet on gigawatts of data centers. The grid can’t keep up; we’re now siting power plants for this. And the overwhelming bulk of what all that silicon will do, in the enterprise, is look things up — retrieval, the work that runs on a CPU at a few watts, being run instead on GPUs at three hundred. That is the NVIDIA tax I described in my first column, and now you can see its size. It is the largest concentration of capital in the history of business, aimed at making the brain bigger, to solve a problem that does not live in the brain.

That’s the mistake. Not that AI is fake — that the spend is pointed at the wrong layer. And it is the most expensive mistake ever made because we have never before had the means to make a wrong call at this scale, this fast, with this much applause.

Which makes a two-trillion-dollar valuation built on “biggest brain wins” a Pets.com valuation. Right about the revolution. Wrong about the cost structure underneath it. Bank of America, in less inflammatory language than mine, has already described this IPO wave for what it is: a mechanism for moving accumulated risk off the early insiders and onto you. The roadshow is the machine that does it. A roadshow is, and has always been, an apparatus for manufacturing urgency — get in before the story is re-examined. In 1999 the re-examination arrived a few quarters after the bell, when the lockups expired and someone finally totaled up what it cost to deliver the product. I have watched this exact movie. I can tell you how it ends. It ends the day the unit economics walk into the room.

A disclosure, as always

You should know I’m not a neutral party. I co-founded a small company built on the heresy in these columns — that retrieval is the main event, that it belongs on cheap and abundant silicon, and that the giant brain should be held in reserve for the rare moment something must truly be generated rather than found. So discount my enthusiasm to taste.

But notice what my conflict cannot touch. The two-trillion-dollar number is SpaceX’s, not mine. The eighty-percent figure is the venture industry’s, not mine. The bubble warning is Bank of America’s, not mine. And the score that proves the brain was never the bottleneck — that’s Salesforce’s, published in their own paper, downloadable by anyone who wants to check my arithmetic. I’m not asking you to trust me. I’m asking you to read the documents the believers wrote themselves.

There’s a second mistake hiding underneath the first one, and it’s worse — because the bigger brain can’t fix the economics, which is bad, but it also can’t fix the one thing every serious enterprise actually needs: a machine that knows when to say I don’t know. That’s where “expensive” quietly turns into “dangerous,” and that’s where I’ll take you next time.

For now, just remember what 1999 actually taught us. The companies that walked out of the wreckage weren’t the ones with the biggest story or the loudest roadshow. They were the boring ones whose arithmetic still worked the morning after the party. Everyone else is at the roadshow. The opportunity, as always, is for whoever’s in the back of the room doing the math. I’ve run that math once before. It bought me a house.

The post The Most Expensive Mistake in the History of Computing first appeared on I, Cringely.






Digital Branding
Web Design Marketing

16:56

Link [Scripting News]

Claude is much better at starting from scratch with a big piece of code than humans are. It can suck in a full app and all its dependencies in a few seconds. For me, I would never get there. A finished piece of software is much bigger than people think, because the details are mostly pretty well hidden. But if you want to work on the code, you have to worry about it all. But I just had a minute to ask Claude why I made a certain decision a couple of months ago, and it found the answer in its notes and then I remembered it. This is one of many ways it rewrites the rules of building software out of a big library of components. It can manage complexity for you which means of course we will make more complex software and at the same time make it simpler. Code complexity becomes something you don't have to trade off against, like time vs space, the oldest tradeoff in software.

16:07

[$] Open-source security is not a solo activity [LWN.net]

Over time, many open-source maintainers face the same problem: they lack the time to do all of the work that their project needs, and no one else is stepping up to provide adequate help. Maintainers, though, are often reluctant to throw in the towel. The result is suboptimal all around; the maintainer is stressed out, project quality suffers, and users face security risks that they may not be fully aware of. At the 2026 Open Source Summit North America, Robin Bender Ginn spoke about this problem, when it might be time for maintainers to pass the torch, and the responsibilities of users.

WinUtils: shell-powered CLI tools for Windows 95 [OSnews]

WinUtils started in 1996-1997 as a way to build my programming chops. I was poking around the Windows 95 shell APIs, found the file operation functions, and thought it would be cool to have CLI tools that called them instead of doing raw file I/O. The payoff was practical: because the operations went through the shell, the same confirmation prompts, progress dialogs, and Recycle Bin behavior you got from Windows Explorer came along for free.

↫ Code Naked

Code Naked – their alias, not mine – recently dug these old executables and code back up, and published them on GitHub. Back then, though, there were no centralised distribution platforms, so they just uploaded them to various download and shareware websites and kept track of the download tickers. Very neat little tools, and fun to have them immortalised.

Google offers opt-out of “AI” search results for websites, promises it won’t affect regular search rankings [OSnews]

Google is adding a switch to allow website owners to opt out of being featured in their “AI” overviews and related slopsearch results.

With this new toggle in Search Console, website owners can decide if they want their site to appear in and help ground responses in our generative AI Search features (like AI Overviews, AI Mode or AI Overviews in Discover). Sites that opt out will not receive traffic or impressions from our generative AI features. This control will not be used as a ranking signal for search results outside of these generative AI Search features. This work builds on our long history of designing tools, like snippet controls and Google-Extended, that give websites more choice.

↫ Mrinalini Loew at Google’s The Keyword blog

While it’s nice of Google to offer such an opt-out to website owners, their claim that opting out won’t effect your regular search ranking rings hollow to me. I simply just do not trust Google in any way, shape, or form to not weaponise their “AI” against anyone who doesn’t want to be sucked up, regurgitated, and spat out in one of their slopsearch tools. On top of that, regular Google Search is dead anyway, so even if they keep their promise, it’s moot because Google users are going to be force-fed the slopsearch tools instead of the regular Google Search.

I honestly have no idea how much traffic OSNews gets from Google at this point, and while I can look it up, I just don’t really care, and think it’s probably not that much. I could opt us out, but the real problem is that such an opt-out won’t stop Google’s slopbots – or anyone else’s slopbots – from taking our writing and training their “AI” tools on it, so what’s the point of going through the effort?

I doubt Google is relevant enough for us.

15:28

Link [Scripting News]

Useful concept, MacWrite was the coral reef for writing on the Mac.

14:35

CodeSOD: Coerce the Truth Out of You [The Daily WTF]

Frank suspected something odd when he spotted a use of React's useMemo function in some JavaScript code. Now, there's nothing wrong with using that method, in and of itself. It watches some variables and recalculates a callback if they change for any reason. It's a great tool for when you want to avoid recalculating expensive things over and over again.

But in this case, the calculation in question was isAuthorized, which wasn't an expensive calculation; it was just checking if certain values are set. The code looked like this:

  const isAuthorized = useMemo(() => {
    return (session && token && !group) === false;
  }, [session, token, group]);

session, token and group are all either going to be null, or be an object. To be authorized, all three must be set to non-null values. A rational person, knowing this, might choose to return session && token && group, and exploit JavaScript's truthiness. Or, if you really wanted to coerce it to a boolean, you could return !!(session && token && group).

So why on Earth are they negating group? How would this even work? If the check is "all three must be set" what is this doing?

Well, if you do a && b && c, JavaScript will return the last value you looked at. The && operator short circuits, so that means it either returns the first falsy value you encounter, or the very last value in the chain.

So in this scenario: (session && token && !group), if session or token is null, the expression evaluates to null. Otherwise, if group is null, then !group will evaluate to true. Because they use the === operator, JavaScript won't do any type coercion, and that means null === false is false, as is true === false.

I can't believe that this code works as intended. I mean, it works, it gives the correct output, but I think that's an accident. Happenstance of someone with no clue gradually throwing operators into an expression until it does what they want. Perhaps it's LLM generated code- who can even guess anymore? It certainly seems like it was generated through a stochastic process; whether that's a bumbling developer or a bunch of math, there's definitely no intelligence involved, artificial or otherwise.

[Advertisement] Utilize BuildMaster to release your software with confidence, at the pace your business demands. Download today!

[$] BPF in the agentic era [LWN.net]

Alexei Starovoitov gave "less of a presentation, more of a scream of realization" at the BPF track of the 2026 Linux Storage, Filesystem, Memory-Management, and BPF Summit. He shared a set of ideas for how BPF could change to avoid being swept away by the sea-change in programming represented by modern large language models (LLMs) and the coding agents based on them. In a follow-up session, the discussion covered more problems with how coding agents use tools like bpftrace, and the current deluge of patches in need of review in the BPF subsystem.

Tridgell: rsync and outrage [LWN.net]

Andrew Tridgell has written a blog post responding to complaints that he has begun using LLM tools in his work maintaining rsync:

Like many developers of open source packages I've been hit by a flood of security reports lately in my role as the rsync maintainer. Many of those reports are AI generated (not all though, there are some notable ones with very careful and high quality manual analysis).

As this flood started to get more intense I realised I needed to raise the defences on rsync a lot — we needed much more thorough test suites, code coverage analysis, CI testing on a lot more platforms, deliberate and thorough scanning for possible security issues (so I find at least some of them before other people!) and the addition of a whole lot of defence-in-depth hardening techniques.

[...] Now to the future, because we're not done yet by a long shot. The security reports keep rolling in. I'm working on a bunch of CVEs right now. Luckily I've been joined by some other very good developers with great systems development skills and security knowledge. Some of these people came to my attention partly because of all the rage happening at the moment, so I get some rage storm clouds have silver linings. Watch out for some credits for some great new rsync developers in the next release.

Security updates for Wednesday [LWN.net]

Security updates have been issued by Debian (php-twig), Fedora (hplip, python-wsgidav, roundcubemail, and xorg-x11-server), Oracle (compat-openssl10, httpd:2.4, and kernel), Red Hat (osbuild-composer), SUSE (busybox, cloudflared, cockpit, cups, ffmpeg-4, gnutls, google-osconfig-agent, helm, hplip, kernel, kubelogin, libjxl, libsoup, libunbound8, LibVNCServer-devel, mapserver, nvidia-open-driver-G06-signed, nvidia-open-driver-G07-signed, openssh, python-idna, qemu, rqlite, shadowsocks-v2ray-plugin, ucode-intel, unbound, vim, vorbis-tools, and xorg-x11-server), and Ubuntu (age, dovecot, editorconfig-core, gobgp, libapache-mod-jk, libcommons-lang-java, libcommons-lang3-java, libeconf, linux, linux-aws, linux-aws-6.8, linux-aws-fips, linux-azure, linux-fips, linux-gcp, linux-gcp-6.8, linux-gcp-fips, linux-gke, linux-gkeop, linux-hwe-6.8, linux-ibm, linux-ibm-6.8, linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency, linux-nvidia-tegra, linux-oracle, linux-oracle-6.8, linux-raspi, linux-raspi-realtime, linux-realtime, linux-realtime-6.8, linux, linux-aws, linux-azure, linux-azure-6.17, linux-hwe-6.17, linux-nvidia-6.17, linux-oem-6.17, linux-oracle, linux-oracle-6.17, linux-raspi, linux-realtime, linux-realtime-6.17, linux, linux-aws, linux-gcp, linux-ibm, linux-nvidia, linux-oracle, linux-raspi, linux-realtime, linux-aws-6.17, linux-gcp, linux-gcp-6.17, luanti, mysql-8.0, mysql-8.4, node-tar-fs, and unbound).

13:00

12:14

AI Used to Decrypt Medieval Ciphers [Schneier on Security]

Researchers are using machine learning algorithms to decrypt historical pencil-and-paper ciphers.

10:49

10:42

Emmanuel Kasper: Running Linux i386 binary (steamcmd) via debootstrap foreign chroot [Planet Debian]

The Steam command line client, which I need to download the game data for the Doom3 BFG shooter, is only available as an Linux i386 binary. As my main home computer is an arm64 box, this could be an issue, but today we have no less than three different ways to run a Linux i386 binary on arm64: Fex, Box32/64 and the older qemu-user mode. According to the Box64 benchmarks, qemu-user is the slowest of the three. But since this is only to run a command line tool downloader, where network speed is the bottleneck, this doesn’t matter a lot.

Running steamcmd outside of a chroot via qemu-user and dpkg multiarch support was failing me with the error i386-binfmt-P: Could not open '/lib/ld-linux.so.2': No such file or directory even after installing the i386 libc. So I went the way of qemu-user and a chroot environment, a bit more convoluted but I can run any i386 binaries there in the future.

Create a debian-i386 chroot environment via deboostrap:

$ sudo apt install qemu-user qemu-user-binfmt debootstrap
$ fakeroot debootstrap --foreign --arch=i386 debian-i386
$ sudo chroot debian-i386
# inside the chroot 
# /debootstrap/debootstrap --second-stage 
# exit

Add needed mounts to run binaries inside the chroot:

$ sudo mount --bind /dev/ debian-i386/dev/
$ sudo mount --bind /dev/pts debian-i386/dev/pts
$ sudo mount -t proc none  debian-i386/proc/

Install steamcmd in the chroot client:

$ sudo chroot debian-i386

# export LANG=C
# cat /etc/apt/sources.list
deb http://deb.debian.org/debian stable main contrib non-free
# apt update && apt install --yes steamcmd 
# useradd --create-home --shell /bin/bash steam
# su - steam
$ steamcmd 
... will download an updated version of the tool, and print a lot of tracing information

Steam> quit

From now on you can follow the Doom3 BFG instructions to download the game data.

Once you exit the chroot, the game data will be available at debian-i386/home/steam/

10:28

Professionals know how to talk about it [Seth's Blog]

We evolved words on top of our primordial ability to have feelings.

Words allow us to be specific, to understand a situation more completely and to teach.

Our hunches and feelings still matter, but professionals choose to be able to talk about their work.

Learn the words and then make the choice to use them.

08:42

Climate Authoritarianism [George Monbiot]

How to alienate people from the green transition.

By George Monbiot, published in the Guardian 27th May 2026

We will not persuade. We will not explain. We will not listen. We know best and we will force you to comply. This, I’m sorry to say, is how the government’s climate policy works. Or rather, how it doesn’t. Because nothing could be better calculated to alienate the people you need to reach than climate authoritarianism.

Three astonishing things are happening simultaneously. One is the government’s utterly baffling failure to communicate with us on this existential issue. Where are the public information videos? Where are the televised emergency briefings on climate breakdown, like the emergency briefings on Covid-19?

This is the reasonable demand of the National Emergency Briefing campaign, whose film is now being shown in more than 1,000 cinemas and other venues in the UK: a remarkable achievement. Why are scientists, activists and journalists – faint voices in the storm – being left to explain this defining issue and the societal transformation we need? The great majority accept a call for action only when it comes from government. When it tells us “this is our national purpose and we want you to be part of it”, people tend to heed the call.

That is what happened when the government belatedly responded to the Covid-19 pandemic in 2020. Despite the deep distrust of Boris Johnson’s administration, despite the prime minister’s own fecklessness, we came together to take responsibility (even if he didn’t). This is what happened when the government rallied the nation against the threat of Nazi invasion and bombing. Yet, faced with the current emergency, successive governments act as if no one needs to be mobilised, despite the great societal changes we need to make. They treat it as a purely technical challenge with purely technical solutions.

Now comes the second strand: coercion. Last week, the government proposed to curtail the public’s legal right to object to the new energy infrastructure it deems “critical”. If it gets its way, development consent orders (planning permission) for “critical” projects would in effect gain the status of acts of parliament. This means they could not be legally challenged by local people, except on human rights grounds – an almost impossible hurdle. This measure, landing on top of previous curtailments of the right to object, represents yet another centralisation of power. A planning system based on consent is becoming a planning system based on decree.

But surely there’s a case for stopping what Keir Starmer calls the “blockers”, the “zealots” and the “time-wasting nimbys”? His supporters point to the judicial review case that delayed approval of the massive Vanguard offshore windfarm in the North Sea. As the Centre for British Progress (yet another “thinktank” that won’t tell me precisely who funds it) states: “Permission … was challenged by a single private individual, who succeeded in delaying the project by two years.” They list it on their page discussing “frivolous cases”. But it was about as far from frivolous as you can get.

“A single private individual” might suggest the challenge was cranky and vexatious. But every case needs a claimant, and this one, Raymond Pearce, had massive support from local communities in Norfolk as well as 85 parish and town councils. He is strongly in favour of wind power, but objected on the grounds that the government had not taken into account the cumulative impacts of the substations and cable corridors that the Vanguard scheme and its sister project, Boreas, would inflict on the landscape when the windfarms were connected to the grid. Objectors to such schemes have long argued that the UK should follow the lead of other North Sea nations and build its transmission hubs offshore.

Mr Justice Holgate’s judgment that the government’s decision was unlawful could not have been more straightforward. Though the project’s environmental statement identified “significant cumulative effects” on the landscape, the government failed to take them into account when making its decision. The state’s reasoning, the judge said, “even on a generous view, could only be described as cursory”. It was “perfunctory “, “flawed” and “perverse”.

If the government gets its way, there will no longer be legal correctives to such perverse and flawed decision-making. It will be able to hoodwink the public without consequence. Shoot the messenger, then ensure there are no more messengers.

As it happens, once the two windfarms received new consent, their developer, the Swedish company Vattenfall, decided to shelve the second one (the Boreas scheme) as it was too expensive. Why? Partly due to “the lack of a shared offshore ring main, which meant windfarms needed to run separate cables to onshore substations”. In other words, exactly what the objectors were calling for. Public engagement does not damage decision-making. It improves it.

The government has also been briefing against Britain’s membership of the Aarhus convention, which, as interpreted by the UK supreme court, limits the costs objectors face if they challenge decisions on environmental grounds. Otherwise, someone who seeks to protect their local landscape or wildlife habitat could lose everything they possess. Cost limitation is a fundamental aspect of access to justice.

At the same time, however – and here we come to the third element – woe betide you if you protest for the state to raise its climate ambition. A series of laws and restrictions, continued by this government, has created a new class of political prisoner: people put away for months or even years for demanding that an existential crisis is treated as such.

It’s all coercion, no persuasion. Leave it to us. We know what’s good for you. We don’t need your help. Don’t try to challenge us, in either direction.

Just as we need broad public consent for the green transition, Starmer’s team treats it as a holy war against the landscape-loving infidel. Far from accelerating climate action, it generates anger, resistance and resentment, a gift to the fossil fuel industry. Just as Reform UK and the Tories seem to act in the interests of fossil fuel companies, Labour seems to act in the interests of green infrastructure developers, letting them ride roughshod over people’s legitimate concerns.

We are being bludgeoned into accepting a deeply flawed climate strategy that is neither fast enough nor fair enough. The vast response that climate breakdown necessitates must, like a war effort or a pandemic effort, be a joint endeavour, that happens with us, not to us. But “with us” is not a concept this government seems to understand.

www.monbiot.com

The Three Mouseketeers [Penny Arcade]

New Comic: The Three Mouseketeers

05:35

Girl Genius for Wednesday, June 03, 2026 [Girl Genius]

The Girl Genius comic for Wednesday, June 03, 2026 has been posted.

04:28

Rotation revisited: Another unidirectional algorithm [The Old New Thing]

Some time ago, we looked at the problem of swapping two blocks of memory that reside inside a larger block, in constant memory, and along the way, we learned about std::rotate which swaps two adjacent blocks of memory (not necessarily the same size).

I noted in a postscript that clang’s libcxx and gcc’s libstdc++ contain specializations of std::rotate for random-access iterators that view the operation as a permutation and decomposes the permutation into cycles.

I was mistaken.

The implementation in gcc’s libstdc++ has special cases for single-element rotations, but in the general case, it uses a different algorithm.

Let’s call the blocks of memory to be exchanged A and B, where A is made up of elements A1, A2, A3, and so on; and block B has elements B1, B2, B3, and so on. Without loss of generality, suppose the A block is smaller. (If not, we can just mirror the algorithm.) And for concreteness let’s say that the elements are A1, A2, A3, B1, B2, B3, B4, B5.

A1 A2 A3 B1 B2 B3 B4 B5
           
first     mid         last

Exchange elements at first and mid, then move both iterators forward. After the first step, we have this:

B1 A2 A3 A1 B2 B3 B4 B5
           
  first     mid       last

After three steps, we have moved all of the A’s out and replaced them with an equal number of B’s.

B1 B2 B3 A1 A2 A3 B4 B5
           
      first     mid   last

But don’t stop. Keep on going until mid reaches last.

B1 B2 B3 B4 B5 A3 A1 A2
             
          first         mid
last

All of the B’s have been swapped to their final positions, but the A’s are jumbled.

But you can predict the exact nature of the jumbling. The A block is in two chunks. If we let n be the total number of elements |A| + |B| and a be the number of elements in A, then the first chunk has the final n % a elements, and the second chunk has the initial a − (n % a) elements.

Therefore, we can recursively rotate the two pieces of the A block to finish the job. Move mid to first + (n % a) and restart the algorithm.

This algorithm performs n − 1 swaps. You can calculate this inductively by observing that we perform |B| swaps, and then recursively rotate |A|. Or you can calculate this directly by observing that each swap moves one element to its final position, except that the final swap moves two elements to their final position.

The locality of this algorithm fairly good. The first iterator moves steadily forward, and the mid iterator moves forward most of the time, with at most O(log (min(|A|, |B|)) backward resets.

Next time, we’ll make a shocking discovery about this algorithm.

The post Rotation revisited: Another unidirectional algorithm appeared first on The Old New Thing.

00:14

Urgent: Investigate Kash Patel's misuse of taxpayer funds [Richard Stallman's Political Notes]

US citizens: call on your congresscritter and senators to investigate Kash Patel's flagrant misuse of taxpayer funds.

See the instructions for how to sign this letter campaign without running any nonfree JavaScript code--not trivial, but not hard.

US citizens: Join with this campaign to address this issue.

To phone your congresscritter about this, the main switchboard is +1-202-224-3121.

Please spread the word.

Urgent: Restore funding for Social Security Offices [Richard Stallman's Political Notes]

US citizens: call on Congress to restore funding for Social Security offices.

See the instructions for how to sign this letter campaign without running any nonfree JavaScript code--not trivial, but not hard.

US citizens: Join with this campaign to address this issue.

To phone your congresscritter about this, the main switchboard is +1-202-224-3121.

Please spread the word.

Urgent: Reject magat recommendations to undermine FEMA [Richard Stallman's Political Notes]

US citizens: call on Congress to reject magat recommendations to undermine FEMA.

Global heating is increasing the amount of damage done by disasters, so FEMA needs to be strengthened and better funded. This in addition to strong efforts to reduce greenhouse emissions to make global heating taper off.

US citizens: Join with this campaign to address this issue.

To phone your congresscritter about this, the main switchboard is +1-202-224-3121.

Please spread the word.

Instagram eliminated end-to-end encryption [Richard Stallman's Political Notes]

Instagram has eliminated end-to-end encryption, leaving many user communities in danger of persecution.

I suspect that the zucker did this because the persecutor asked him to.

Young US citizens who have had a parent taken away [Richard Stallman's Political Notes]

Estimating that around 145,000 young US citizens have had a parent taken away and jailed by the deportation thugs.

UK student loan system less destructive than US system [Richard Stallman's Political Notes]

A detailed explanation of student loan repayment in the UK shows clearly why it is a far less destructive system than that of the US.

In the UK, even well-paid graduates can't advance very far in paying down their student debt. But does that matter? After 30 years, the debt that remains will be cancelled anyway. To explicitly "rebrand" the UK student debt as a tax on graduates sounds manipulative, but it is valid to argue that the UK's student loan system already is in fact a tax on graduates.

By contrast, in the US system you must pay even if unemployed, and the debt will be canceled only by your death (or perhaps if you are permanently disabled).

Claims of peace deals, then threats of attack [Richard Stallman's Political Notes]

The bullshitter alternates between claiming that he is about to launch a massive attack on Iran and claiming that a peace deal is about to be agreed. I don't believe there is any truth in either kind of claim — they are mainly psychological manipulation. I suppose they are aimed at the non-Iranian public, because of Iran's general internet blockage.

One goal of the psychological manipulation is to make the bullshitter impossible to predict. What he says about that is bogus. We need to learn not to start trusting him in any way.

Victory for domestic workers in Indonesia [Richard Stallman's Political Notes]

The long, slow fight to give rights to domestic workers has had a victory in Indonesia.

Devastating cuts to climate modeling [Richard Stallman's Political Notes]

Australia is planning devastating cuts to climate modeling.

Australia's part of global climate modeling is essential because it is the only major contributor that focuses on the southern hemisphere. Since the climate disaster is accelerating, and threatens to kill millions or even billions, the rational thing to do is increase funding for it.

It would be useful to investigate how this decision was made — and how pressure or corruption from planet roasters influenced it.

Rare strain of Ebola virus [Richard Stallman's Political Notes]

A rare strain of Ebola virus, for which the usual tests and vaccine do not work, requires global action now.

US government cuts in medical research and aid could kill millions of people.

Orangutans latest victims of human colonization [Richard Stallman's Political Notes]

The latest victims of human colonization include orangutans whose native forest has been systematically colonized with support of the Indonesian government.

For decades, the government has had a policy of settling large numbers of Javanese in islands with less human population density. This has aroused accusations of colonization from the peoples who live in those islands.

Secretive campaign organizations [Richard Stallman's Political Notes]

A tangled web of secretive campaign organizations is spending billionaires' money to defeat progressive candidates in Democratic primaries.

They have to do it secretively because they are on the edge of campaign finance laws against coordinating PAC-funded activity with candidates' campaigns.

Whether or not it is against the law, it is clearly against democracy. If elections can easily be bought by the rich, they can't be decided by issues.

Decreased productivity and deskilling with LLMs [Richard Stallman's Political Notes]

How the expected increased "productivity" of LLMs for specific tasks can result in decreased productivity, and deskilling, for an organization overall.

Independence for Kurds of southeastern Turkey [Richard Stallman's Political Notes]

The PKK, which fought for independence for the Kurds of southeastern Turkey, has disbanded and peace talks are going on. This provides an opportunity for environmental restoration, if people can grasp it.

For peace to last, Turkey needs to restore democracy enough to permit victory for opponents of Erdoğan, rather than starting a civil war as an excuse to do the election over.

Corrupter's slush fund [Richard Stallman's Political Notes]

The corrupter dismissed his lawsuit against the US government, and ordered his agent in charge of the Justice Department to make an agreement between him and the US government to set up a slush fund (with government money) which will secretly give some of that money to whoever the corrupter orders. Up to 1.8 billion dollars, total. For instance, it could be used to reward some of the people who at his suggestion attacked the US Capitol on Jan 6, 2021. It could be used for bribes.

In legal terms, that agreement is not a settlement of that lawsuit, but he wants us to think of it as a settlement of that lawsuit, hoping that will give it an odor of legitimacy.

Recruiting ads for the deportation thugs [Richard Stallman's Political Notes]

Recruiting ads for the deportation thugs ooze with messages of racist hatred, and an anti-terrorist agency in Colorado warned that they could incite right-wing terrorism.

UK talking about prosecuting those responsible for Grenfell fire [Richard Stallman's Political Notes]

After nine years, the UK government is finally thinking about prosecuting the many individuals, organizations and companies involved in causing the fatal Grenfell fire.

Spoof site to report suspected immigrants [Richard Stallman's Political Notes]

The Department of Howlingly Serious issued an alert to warn cops all around the US to beware of a spoof site that invited the public to report suspected immigrants — and posts the funny reports.

I'd like to watch a few, but according to the article, they are posted on sites which require nonfree software to access.

Tuesday, 02 June

22:49

GNUtrition 0.33.0rc5 [Planet GNU]

A test release of GNUtrition, 0.33.0rc5, is now available.

GNUtrition is free nutrition analysis software. The USDA Food and Nutrient Database for Dietary Studies (FNDDS) is used as the source of food nutrient information.

This release fixes bugs from 0.33.0rc1-rc4, removes inaccurate algorithm constants, removes additional unnecessary dependencies, improves reliability/usability on non-GNU systems, among other general improvements and bug fixes. Version 0.33.0 (the first ftp.gnu.org release of GNUtrition since 2012) is expected to be released by June 5th. Any and all testing for the upcoming release will be greatly appreciated. Please use the bug-gnutrition and help-gnutrition mailing lists for your bug reports and/or other questions.

More information about GNUtrition may be found on its home page at http://www.gnu.or ... tware/gnutrition/. This test release can be obtained from the alpha.gnu.org server at one of the following:

    ftp://alpha.gnu.o ... g/gnu/gnutrition/
    http://alpha.gnu. ... g/gnu/gnutrition/
    https://alpha.gnu ... g/gnu/gnutrition/

Please report any problems you experience to the GNUtrition bug reports mailing list: bug-gnutrition@gnu.org (https://lists.gnu ... fo/bug-gnutrition).

22:07

FSD meeting and weekly recap 2026-05-29 [Planet GNU]

Check out the important work our volunteers accomplished this week and at today's Free Software Directory (FSD) IRC meeting.

19:56

Preparing for KDE Plasma’s last X11-supported release [OSnews]

With KDE Plasma 6.7 almost ready for release, developers have moved on to working on 6.8, and with that release comes probably one of the biggest deprecations in KDE’s history: as of today, the X11 session is gone from KDE. Of course, this change won’t make it to people’s computers until 6.8 actually releases, but as far the code goes, the X11 session is gone. Once 6.8 is actually released, you will only be able to log into a Wayland KDE session.

This won’t affect KDE applications running in other X11 desktop environments, and of course, X11 applications will keep working in KDE as well thanks to XWayland. It’s also important to note that this won’t affect anyone sticking to older versions of KDE Plasma; it’s not like X11 session support will be yanked retroactively. From here on out, a lot of X11 code will be removed from KDE, and developers will be able to focus on just one code path, instead of accommodating the lowest common denominator in X11.

Our internal metrics within KDE show that over 95% of users of Plasma 6.6 are on Wayland, with a gradual increase every release. The metrics also show that basically no one is testing or developing Plasma on X11 anymore. The platform was already, for all intents and purposes, abandoned by KDE contributors.

↫ David Edmundson

The transition from legacy X11 to Wayland has been a long, painful journey, but I’m glad we’re finally reaching the destination. If you’re still having issues with KDE on Wayland, be sure you’re using an up-to-date distribution – not an LTS one – and see how that goes for you.

19:49

FreeIPMI 1.6.18 Released [Planet GNU]

o Support new "altbridging" workaround in ipmi-sensors.
o Fix exploitable buffer overflows in the following ipmi-oem
  commands:
  - ipmi-oem dell get-active-directory-config
  - ipmi-oem fujitsu get-sel-entry-long-text

https://ftp.gnu.o ... pmi-1.6.18.tar.gz

[$] Caching for extended attributes [LWN.net]

Extended attributes (xattrs) provide a way to attach key/value metadata to inodes—files, directories, and the like—in a filesystem. As with many Linux filesystems, the FUSE filesystem supports xattrs. In a filesystem-track session at the 2026 Linux Storage, Filesystem, Memory Management, and BPF Summit, FUSE maintainer Miklos Szeredi led a discussion about caching xattrs in kernel memory; he would like to create some common infrastructure that could be used by FUSE and shared with other filesystems.

18:21

17:42

Link [Scripting News]

This podcast is called MacWrite for the web. A coral reef for writing. I think the pieces are coming. We just need a little Ice-nine.

16:35

The Thirty Percent Confession [I, Cringely]

 

Last time I told you the AI industry is paying a tax it doesn’t have to pay — that a great deal of what we grandly call “AI” is really just looking things up, and we’ve chosen to do that looking-up on the most expensive silicon ever manufactured. A number of you wrote to say I was overstating it. Surely, you said, the people setting hundreds of billions of dollars on fire know something I don’t.

So this week I won’t argue with you. I’ll let one of the largest companies in enterprise software argue with you instead — because it already has, in a research paper it published itself and seems to have hoped you wouldn’t read too closely.

The company is Salesforce. The same Salesforce selling you “agents,” an “agentic enterprise,” a tireless digital workforce to set beside your human one. While one part of the building handled the marketing, another part — Salesforce AI Research, the people whose job is to measure things rather than sell them — built a test to find out how well today’s best AI can do something gloriously unglamorous: find the right piece of information when it’s scattered across the mess of a normal company. Slack threads. GitHub. Meeting transcripts. Documents nobody filed correctly. The stuff every real business actually runs on.

They named it HERB — the Heterogeneous Enterprise RAG Benchmark — and they didn’t build it on the cheap. It’s a synthetic but painstakingly realistic company: 530 employees across 30 products, generating 39,190 documents, messages, transcripts, and pull requests, strewn about the way they really would be. The paper is on arXiv. The data is on Hugging Face. Anyone can check my arithmetic, which is exactly why I’m happy to build a column on it.

Now, the number.

When Salesforce turned the best agentic retrieval systems money can buy loose on HERB — top-tier models, the good stuff, with planning and tool use — they scored 32.96 out of 100. (Thirty-three, if we’re being precise; I rounded down for the headline.)

A third. On a test of finding information that is definitely, provably somewhere in the building. Two times out of three, the most advanced AI on the market went hunting for an answer that existed and came back with the wrong one — or with confident nonsense.

Sit with that, because two floors up the marketing department is selling you an autonomous digital employee, and the research department just published evidence that the digital employee finds the right file about a third of the time.

But the score isn’t the part that should keep you up at night. Two findings underneath it are.

The first is the diagnosis Salesforce’s own researchers wrote down: the bottleneck isn’t the thinking, it’s the finding. The models could reason fine — they simply couldn’t retrieve the right material to reason over. The proof is brutal in its simplicity. When the researchers stopped making the system hunt and instead handed the model the company’s documents outright, the best one leapt from that miserable third to 76.55. Same model. Same questions. The only thing that changed was whether it had to find the evidence or was handed it.

Read that twice, because it’s the most important sentence published in enterprise AI this year and almost nobody noticed: the model was never the problem. The expensive part — the giant, GPU-devouring brain everyone is mortgaging the next decade to buy more of — is sitting there perfectly capable, tapping its foot, waiting for the cheap, dull, unglamorous retrieval layer to bring it the right paragraph. And the retrieval layer can’t.

This is the whole ballgame, and it lands exactly where I left you last time. I claimed two-thirds of enterprise AI is really retrieval wearing intelligence as a costume. Here is Salesforce — not a friendly witness, but a company whose entire pitch depends on the opposite being true — confirming that retrieval is precisely where the enterprise falls apart, and that a bigger, smarter, hungrier model does not rescue you, because the model was already good enough.

The second finding is the one I find most damning, and it’s hiding in the dataset’s own structure. Of HERB’s 1,514 questions, only 815 have answers. The other 699 — nearly half — are unanswerable by design. Salesforce deliberately wrote hundreds of perfectly reasonable-sounding questions for which no supporting evidence exists anywhere in the simulated company, and then watched to see whether the AI would admit it didn’t know.

Think about what that means. HERB isn’t only a test of whether a system can find the answer. Nearly half of it is a test of whether the system knows when there isn’t one — whether, handed a plausible question and no facts to support it, it has the spine to say “I can’t find that” instead of manufacturing something that sounds right. That is the single most important behavior an enterprise needs from AI, and the one almost no system on the market reliably has. We even have a pet word for what they do instead. We call it hallucination, as though it were a charming quirk rather than the precise thing that makes the technology unusable for any job that matters.

So put the two findings together. The industry’s answer to the first is “buy a bigger brain,” which the data says won’t help. And there is no brain you can buy that fixes the second, because confidently inventing answers isn’t a shortage of intelligence — it’s a property of an architecture that was never built to know the edge of its own knowledge.

Which brings me to the part I’m not going to fully tell you here, though I have the answer.

Suppose someone refused the assumptions. Suppose they decided retrieval wasn’t plumbing to be stapled onto a generator but the main event — the actual machine, built from scratch, running on the cheap, cool, abundant silicon I told you about last time, with the expensive brain held in reserve for the rare moment something genuinely must be generated rather than found. And suppose that same system was designed, from the ground up, to know the boundary of what it can support with evidence — to say “I don’t know” on the 699 as readily as it answers the 815.

And suppose that someone took HERB — Salesforce’s own brutal, public, no-mercy test — and ran it.

I’ll tell you only this. We didn’t score a third. We didn’t score forty. We more than doubled the ceiling that Salesforce’s best systems could reach, on the identical public benchmark — and did it while honoring the thing the benchmark’s harder half actually demands: knowing when to keep their mouth shut. Our number is real, it was measured against the same data anyone can download, and it does what three years of ever-bigger GPUs have conspicuously failed to do.

And no — before you ask — it isn’t 100, and I’d be wary of anyone who told you it was. Remember that nearly half of HERB has no answer at all. A system that posts a perfect score on a test like that hasn’t reached wisdom; it’s learned to bluff its way past the trick questions. Perfection was never the target — recall that the best model on earth, handed every document outright, still only clawed its way into the mid-70s. The target is different: a system that’s right when the evidence is there and says so when it isn’t. And a system like that pays for its honesty in points, because a scorecard can’t tell the difference between “I don’t know” and “I got it wrong.” The distance between that number and 100 isn’t the machine failing. Much of it is the machine refusing to lie — which, when you sit with it, is the whole point of the exercise.

It changes the question. The industry has been asking “which model?” for so long it forgot there was a prior question underneath: which architecture? HERB is Salesforce’s accidental admission that the model question is largely settled and largely beside the point — that the next decade gets decided at the retrieval layer and the honesty layer, not inside the GPU.

A disclosure, as always

You should know I’m not a bystander. I co-founded a small company built on exactly the heresy in this column — that retrieval is the main event, that it belongs on cheap silicon, and that a system ought to know when to say it doesn’t know. So weigh my enthusiasm accordingly.

But notice what my conflict of interest cannot touch. The 32.96 is Salesforce’s number, not mine. The diagnosis that retrieval is the bottleneck was written by Salesforce’s researchers, not me. The choice to make nearly half the benchmark unanswerable was Salesforce’s, not mine. The most honest thing anyone has said about enterprise AI this year was a confession buried in a Salesforce research paper: the emperor’s brain is magnificent, the emperor cannot find his own files, and about half the time he doesn’t even know what he doesn’t know.

The whole industry heard that and went out to buy a bigger brain. I think that’s the most expensive mistake in the history of computing, and I’m going to show you why.

The post The Thirty Percent Confession first appeared on I, Cringely.






Digital Branding
Web Design Marketing

16:00

Ben Hutchings: FOSS activity in 2025 [Planet Debian]

This was a particularly busy month for me in terms of Debian contributions.

It started with a week in Hamburg for the MiniDebConf. I talked to many colleagues face-to-face and worked on various bugs and maintenance tasks. I’m pleased to have finally found the time to reproduce and fix the boot-time crashes in the parallel port subsystem that have been reported many times recently.

A series of easily exploited kernel LPE (local privilege execution) issues were published this month, mostly with very little coordination with distributions. Salvatore and I had to upload fixes for these at roughly weekly intervals. All of these fixes needed to be applied to 4 different upstream branches (currently 5.10, 6.1, 6.12, and 7.0) and 7 Debian branches (including backports).

“The newest Instagram “exploit” is the goofiest I’ve seen” [OSnews]

Yesterday, a slew of Instagram accounts, including some high profile ones like the Obama White House account, seemingly got hacked.

Look, I’m no spring chicken. I’ve spent almost a decade and a half identifying vulnerabilities and exploits at unicorn scale, but this is hands down the most unserious, “almost too stupid to be true” of them all.

↫ Sid at 0xsid.com

…it’s “AI” isn’t it?

All the attacker needs to kick this off is your account username. Then, they hop on a VPN or proxy close to your city so Instagram’s security algorithms don’t suspect a thing. (You can quite easily get this from your public profile or “About” section or a hundred other ways.) Once it looks like the request is coming from the correct region, they tell the Meta support AI that the account is hacked and ask it to send the verification codes to an arbitrary email address they control.

↫ Sid at 0xsid.com

It’s “AI”.

Yes, all that you need to do to gain control over big, massively popular Instagram accounts is ask Facebook’s “AI” to send the verification codes to whatever email address you desire. That’s it. There’s no other steps, no other checks, no other verification. And the worst part is that this isn’t even a hack; this is “AI” working entirely as intended.

And these tools are now coding the Linux kernel, LLVM, systemd, PulseAudio, rsync, your browser, and so much more. What could possibly go wrong?

14:42

Link [Scripting News]

Dries: "For an Open Source company, the test is not only what they build for themselves. It is what they help build for everyone."

14:35

[$] Trying to make sense of package-manager metadata [LWN.net]

Package managers for operating systems and programming languages have been around for decades. Each package manager, and its accompanying packaging format, has been shaped by the needs of its respective ecosystem, but there is a growing need to make use of package metadata for more than software management: for example, in vulnerability scans, software bills of materials (SBOMs), and more. On May 19, Damián Vicino spoke at the Open Source Summit North America 2026 about his experiences in the past year trying to make sense of the varied metadata provided by more than 20 package managers.

Vim Classic 8.3 released [LWN.net]

Version 8.3 of Vim Classic has been released. This is the first release of the Vim fork since the project was announced in March.

This release is based on Vim 8.2.0148, with a number of bug fixes and patches conservatively backported from future versions of Vim upstream. We elected to clean up this version of Vim, prepare it for a release, and imagine an alternate history where Vim 8.3 was released without Vim9 script. The result is Vim Classic 8.3. We chose to take this approach in order to reduce the long-term maintenance burden of Vim Classic, acknowledging that our fork lacks the resources and institutional knowledge available to Vim upstream. However, a consequence is that there are some Vim plugins which are not compatible with Vim Classic.

We have made a special effort to assess patches from Vim upstream which mitigate some of the many CVEs affecting Vim which were discovered and fixed between versions 8.2 and modern-day Vim, but we can't be sure we've got all of the security patches which are applicable to Vim Classic (and practically exploitable). This version of Vim Classic is therefore recommended for early adopters who are comfortable adopting a security posture which accounts for the fact that we may have overlooked some bugs.

LWN covered Vim Classic and another Vim fork, EVi, in April.

Security updates for Tuesday [LWN.net]

Security updates have been issued by AlmaLinux (php:8.2 and php:8.3), Debian (gst-plugins-good1.0, symfony, and yelp), Fedora (dovecot, freeipa, hplip, libpng, perl-Catalyst-Plugin-Authentication, postfix, samba, unbound, and vim), Mageia (assimp, libcaca, sdl2_sound, and tar), Slackware (kernel), SUSE (alloy, apache-commons-lang3, apache-commons-text,, apache2, bubblewrap, busybox, chromium, cups, docker-stable, ffmpeg-8, google-osconfig-agent, gsasl, ignition, java-26-openjdk, kernel, libsolv-demo, libsoup, libzypp, localsearch, openjpeg2, postgresql-jdbc, putty, python-mistune, python-Pillow, python-python-multipart, python-Twisted, python3-Twisted, re, roundcubemail, vim, wireshark, and xz), and Ubuntu (evolution-data-server, exim4, gsasl, haveged, lcms2, libreoffice, linux-aws, linux-lts-xenial, linux-lowlatency, linux-nvidia-tegra, nginx, nncp, qtdeclarative-opensource-src, sslh, sssd, and xz-utils).

The Big Idea: Isabel J. Kim [Whatever]

Two paths diverge in a wood… and what happens when, in fact, you can travel both? In her debut novel Sublimation, author Isabel J. Kim looks at what happens when the road less taken is never not taken, and how a question in school set her on a new path.

ISABEL J. KIM:

I am going to tell you a story that I have never publicly told before. It is about the ignoble origins of Sublimation. And for context, Sublimation is a speculative fiction novel set in a universe where when you cross a border with the intention to leave, you split into two people. Literally.

Sublimation is about other things, too—the artificial nature of borders, the way in which human beings impose their technological will on natural processes, control and, freedom and the unhappy marriage of big tech and government and how it is hard to talk to people when you don’t know what you want—but the crux of it is: Sublimation is a story about being confronted by a life you didn’t lead.

When I was seventeen, I was taking a world history class and we were talking about immigration, because that’s what you do in a world history class in the United States of America. And the teacher asked us the question: why do people immigrate to America?

One of the other students—who was, in my teenage self’s words, “a white preppy blonde chick” and in my current self’s words, “literally just some guy”—raised her hand with perfect confidence and said “For a better life!” She spoke with such clear, myopic certainty that I was suddenly furious, because there are a lot of reasons that people go places and stay places and “a better life” is so reductive as to be meaningless, and also, some of us move because our dads get jobs, okay? You’ve lived here your entire life, and I’ve lived in four different cities in two different countries, so why are you raising your hand with such confidence?

The punchline, of course, is that I was born in New Jersey, and also had never technically immigrated anywhere. Also, it’s not like I raised my hand to talk about my experiences of being an expat in my country of ethnic origin.

Back then, I never liked talking about how I felt about being from places, because my international childhood was hard to explain. It was an experience that was fairly benign, mostly enriching, and only strange in retrospect. The only lingering weirdness was that I felt like a foreigner everywhere I went. I was an American kid in Korea, I was a Korean kid in America, and explaining how that felt would require me to make you live an entire life walking in my shoes. When you’re seventeen, that’s hard.

A few years (read: seven years) later I was back in Korea for a vacation, and I was surprised at how quickly the country had changed while I had been gone. I started thinking about how all the differences would have seemed totally organic had I lived there my entire life. This got me ruminating about the version of me that never moved back to the states, which led me to the idea of instancing—leaving a double behind when you cross a border. One person who goes, another who stays.

And I thought that was a really interesting metaphor made flesh, an idea through which I could viscerally shove the experience of being a foreigner into the reader’s brain. And I was thinking about my classmate from high school, and how I wanted to make people like her understand how it felt, to be perpetually from somewhere else.

So, I started writing a story (“Homecoming is Just Another Word for the Sublimation of the Self”) about how it felt to be from somewhere else, and how it felt to be a foreigner, and how you might feel if you were the one who got to leave, and conversely, how it might feel to be the one who had to stay.

Then, a strange thing happened. The more I expanded the aforementioned short story, the more I realized that the feeling of alienation was universal—everyone feels like a stranger sometimes, everyone wonders about what could have happened had they made different choices, everyone has a road not traveled.

The more I wrote, the more I saw the story I was writing as not really about my own individual experience, but as a way for the reader to sift through their own experiences through the lens of the story I was giving them. The narrative became a sort of window for the reader, or a magnifying glass.

And I felt that even more intensely when I talked with people about Sublimation across the various drafts. The more conversations I had, the stronger my feeling was that at the end of the day, we’re more similar than not. If you look far back enough, we’re all from somewhere else. And we’re all traveling into the future together.

And the future, like the past, is a foreign country, from which we can never return.

So that’s what Sublimation is about. And maybe it’s a good thing that I didn’t raise my hand in world history class; if I had, I might not have written this novel.

Sublimation: Amazon|Barnes and Noble|Bookshop.org

Author Socials: Website|Instagram|Bluesky

Read an excerpt.

13:21

CodeSOD: Blocked the Date [The Daily WTF]

Volodya sends us some bad date handling code in PHP. Which, I know, you're just reaching for the close tab and yawning when you hear that. You've seen it before. But bear with me, this one still has some fun bits to it.

$monthes = array(
        1 => 'Января', 2 => 'Февраля', 3 => 'Марта', 4 => 'Апреля',
        5 => 'Мая', 6 => 'Июня', 7 => 'Июля', 8 => 'Августа',
        9 => 'Сентября', 10 => 'Октября', 11 => 'Ноября', 12 => 'Декабря'
);

This creates a list of months.

if ( $team->have_posts() ) :
    // Start the Loop.
    while ( $team->have_posts() ) : $team->the_post();

Today, I have learned something about PHP. PHP has an alternate syntax for blocks. Instead of if { statements }, you can do: if : statements endif. Just one more quirk of PHP to make the language more confusing.

This block checks have_posts in an if, and then checks it again in a while, meaning we don't need the if at all, but so it goes. We haven't gotten to the date handling yet, so let's look at that.

        $date = get_the_date();
        $d1 = explode(".", $date);

        if ($d1[1][0]=='0')
            $m = $d1[1][1];
        else
            $m = $d1[1][0];
        ?><div class="date"><?php echo $d1[0]." ".$monthes[$m]." ".$d1[2]; ?></div>

We get the date as a string, and then split it out into date parts. This is, of course, highly locale specific, but clearly they know what locale they're in. Then they look at the array of date parts. The second element holds their "month" string, as two digits, so they look at the digits. If the month string starts with a 0, they grab the second character and put it in $m. Otherwise, they grab the first character and put it in $m. Then they use $m to look up the $monthes.

Unless there's some substring weirdness going on that I don't know about, this code… doesn't work? Right? Since they're grabbing only a single character out of $d1[1] every time, for months later in the year, $m is only ever going to hold 1, and thus we only output Января, meaning we get four months of January, which just seems cruel, honestly, at least in the Northern Hemisphere.

As with all bad date handling code, this could easily be fixed by just using the built in functions, even in PHP. What I'm going to take away from this though is that PHP's syntax lets you write in Visual Basic or Ruby if you're determined enough. And you can mix and match, so enjoy a codebase that has :/endif and {} scattered throughout.

[Advertisement] Plan Your .NET 9 Migration with Confidence
Your journey to .NET 9 is more than just one decision.Avoid migration migraines with the advice in this free guide. Download Free Guide Now!

13:14

Link [Scripting News]

On Twitter: "I envision a network of twitter-like systems built out of components of the web and nothing more. Every part replaceable."

Link [Scripting News]

The only twitter-like system that does text right is Elon Musk's X. I find that somewhat ironic. It's also the only twitter-like system where there's any kind of an actual community. They also have an API that works, has been around for more than a couple of years, and doesn't have a W3C working group messing with it. There's a lot of hype flying around, and we don't have any real journalists covering it so there is no real source of truth. I think the entrepreneurial twitter-likes should stop thinking in terms of owning the web and start adding back the text features the original Twitter thought the web didn't need, over 20 years ago.

Radar Trends to Watch: June 2026 [Radar]

Coauthored with Claude

Agents are making the transition from performing tasks to running operations. The Cloudflare and Stripe partnership ships an agent that opens accounts, registers domains, and deploys an application on its own (details), while Stripe/Tempo and iWallet have each published machine-to-machine payment protocols to make that kind of work a standard. Office documents, browser sessions, and, in one announcement, the phone interface itself are next on the list. View the expanded role of agents as an opportunity for humans to accomplish more.

AI Models

The model menagerie keeps expanding in size and shape. Open weight contenders run at frontier capability on modest hardware, while specialist models for voice, conversation timing, and privacy filtering take over what used to be features inside one general chat model. Treat your prompts and skills as portable; the model behind them will change.

  • Anthropic has released Opus Claude 4.8. This model is not Mythos, which they expect to release soon. Opus 4.8 is a “modest improvement” that claims better results on coding and greater likelihood of informing users when it is uncertain about claims. Changes to the agents may be more important. Claude Code now has the ability to plan solutions to large problems involving hundreds of subagents (“dynamic workflows”); Cowork can control the effort put into solving a problem.
  • Cohere’s Command A+ is an open weight mixture-of-experts model with 218B parameters, 25B active. It’s competitive with frontier models and requires relatively little hardware to run: Two H100s isn’t small, but it’s not a data center either.
  • Google’s announcements at this year’s I/O conference include Omni, a new model that takes any kind of input (video, audio, image) and generates any kind of output; Gemini 3.5 Flash, a fast and efficient update to their coding model; Gemini Spark, a personal agent; and intelligent eyewear, another attempt at smart glasses.
  • Alibaba has announced Qwen3.7-Max, its most capable model.
  • Thinking Machines has announced a research preview of interaction models. These models support natural conversation flow. The model can wait for a speaker to finish, interrupt the speaker, respond when the speaker interrupts the model, and keep track of time.
  • OpenAI has released new voice models: GPT-Realtime-2, GPT-Realtime-Translate, and GPT-Realtime-Whisper. They’re moving from call-and-response models to models that can take part in conversations, reason, and take actions.
  • OpenRouter published cost studies for both Claude Opus 4.7 and GPT-5.5. GPT-5.5 raised the token price but reduced the number of tokens in a typical conversation. Claude kept prices the same, but conversations tend to require more tokens. What’s the impact on your monthly bill?
  • Google has updated its Gemma 4 models, claiming that they triple token generation speed. They use a technique called multi-token prediction (MTP) to draft a sequence of tokens with a very small model and then approve those tokens with the large model.
  • IBM released Granite 4.1, a collection of small models (30B parameters and down).
  • An academic paper describes “the reasoning trap,” a phenomenon in which training models for increased reasoning also increases hallucinations about tool use.
  • Talkie is an LLM that was trained only on data from 1931 and earlier. If you want to know what it was like to live during the start of the Depression, this is the LLM to ask.
  • OpenAI has announced a privacy filter model. This is a small specialized model (1.5B) that can run on phones and other small devices. It removes personally identifiable information (PII) from text documents.

Software Development

We are beginning to see anecdotal evidence that the brief era of tokenmaxxing is coming to an end. Agents may increase productivity, but they can also use tokens at an astonishing rate. So can the latest models, like Anthropic’s Claude 4.8 with new features like dynamic workflows. Employers are realizing that the only way to measure productivity is to look at the quality of an employee’s work rather than relying on an artificial (and easily gameable) metric like token use. Teams that use AI effectively will be disciplined about token use; they’ll choose lower cost (or local) models where possible, reaching for expensive models like Claude 4.8 Opus only when necessary.

  • The Agentic AI Foundation is updating the MCP protocol, with a release candidate scheduled for July 28. Changes include making MCP a stateless protocol, adding a process for creating extensions, and aligning authorization with the OAuth and OpenID standards.
  • Google is dropping Gemini CLI and putting all of its effort behind Antigravity, its agentic software development platform. There are desktop and command line versions of Antigravity, but unlike Gemini CLI, neither are open source.
  • What shall we call Gas City, created by Julian Knutsen and Chris Sells? Gas Town 2.0? Steve Yegge says it’s an SDK for building your own “dark factories” by deploying teams of collaborating agents in any topology. It’s “a pivotal moment in the Mad Max school of agent orchestration.”
  • The problem with agentic programming is that agents serve individuals, not groups, and programming is a team sport. Is collaborative steering (context management for groups) an answer?
  • GitHub has released a preview of its Copilot app, a stand-alone desktop application for coding with AI. It’s completely integrated with GitHub; for example, you can launch tasks directly from GitHub issues.
  • If you think tokenmaxxing is your path to promotion, check out burn-baby-burn. It does what it says: burns lots of tokens, fast, using the LLM of your choice. We hope it’s a parody, but we bet it works.
  • Mitchell Hashimoto tweets that Anthropic’s rewrite of Bun from Zig to Rust demonstrates that programming languages are now fungible. Programming language lock-in has ended; programs can easily move from one language to another.
  • OpenShell is a runtime environment built with security in mind from the ground up. It’s intended to be used as a secure environment for running agents. Every agent runs in its own sandbox; an external gateway manages credentials and policies.
  • OpenAI is shutting down its API for fine-tuning its models. They say the current models are better and don’t require significant fine-tuning. As Latent Space points out, this doesn’t necessarily mean the end of fine-tuning as a discipline, particularly for open models. But it may be a signal. Drew Breunig writes about what this means for agents and harnesses.
  • Anthropic has released Claude for Office 365, allowing users to run sessions that cross Word, Excel, and PowerPoint. Integration with Outlook is coming, though Claude for Outlook is currently a separate product.
  • A plugin to Chrome allows Codex to use Chrome for browser tasks that require you to be logged in—for example, reading email.
  • Firecrawl is an API that agents can use to interact with websites in a human way. It enables agents to search for the latest data, interact with the site, and return the results at scale.
  • Drew Breunig’s “10 Lessons for Agentic Coding” is an invaluable list of tips, including “Implement to learn.” Letting an agent write all the code is easy, but when you really need to learn something, write it by hand first.
  • Deepclaude configures Claude’s autonomous agent loop to use DeepSeek V4 Pro rather than one of Anthropic’s models. It’s a good way to save (DeepSeek costs much less per token) and experiment with open models. (Fair warning: The name deepclaude may change.)
  • OpenAI has announced Codex for Work, an assistant that’s designed for office work rather than software development.
  • Kanwas is a new tool for sharing context across agents. It can be used by workgroups to collaborate on projects.
  • Mike is an open source AI trained for legal work and designed to run locally.
  • GitHub is transitioning to usage-based billing for Copilot.
  • OpenAI and Qualcomm are reportedly working on a phone where the user interface is an agent. There won’t be any apps; the agent will do everything.

Infrastructure and Operations

The infrastructure questions of the moment are whether agents can transact and deploy without humans, and whether the platforms that host open source can stay reliable enough to keep that work going. Watch for GitHub alternatives to become competitive. And watch AI Together, a cloud company that hosts hundreds of open source models.

  • TokenTuner helps control AI costs by identifying where companies can use lower-cost models productively. It attempts to match token usage to business outcomes, and evaluates individuals and teams on how effectively they use their token budget.
  • In partnership with Stripe, Cloudflare now has an agent that can create a new account, start a subscription, register a domain name with DNS, and deploy an application without human intervention aside from granting permission.
  • Stripe and Tempo have released the Machine Payments Protocol (MPP), and iWallet has laid out a roadmap for the Autonomous Settlement Protocol (ASP). These new protocols are designed to facilitate machine-to-machine transactions, transactions that have to be designed without a human in the loop.
  • The Inference Era is when inference, rather than training, drives AI usage, cost, and infrastructure. GPUs remain important, but the relative demand for CPUs increases.
  • GitHub is in danger of losing its place at the center of the open source ecosystem. Problems with uptime are causing projects to find homes elsewhere—most recently, Ghostty.
  • Together AI operates a cloud AI platform that’s designed specifically for inference rather than training and that provides API access to over 200 open weight models. As AI use increases, the ability to run models and provide answers efficiently becomes more important than the ability to train new models.

Security

The patch window is shrinking to zero, and the attacker’s toolkit and the defender’s toolkit now include the same AI models. Any vulnerability disclosed today is being exploited tonight. The good news is that defenders running these tools at scale can close gaps faster than ever; the bad news is that the race never ends.

  • FROST is a new technology for surreptitiously discovering what websites a user is visiting. It’s based on measuring the I/O operations on the user’s SSD. FROST requires no interaction from the user and runs entirely in the browser.
  • Regrettably, neither arcane prompt injection attacks nor cryptocurrency scams are news. But it warms a ham radio enthusiast’s heart to see Morse code used in a prompt injection to scam a crypto trading bot.
  • TeamPCP, a cybercriminal collective, has attacked GitHub by installing a poisoned extension to VS Code. GitHub announced that nearly 4,000 repositories have been compromised, all belonging to GitHub itself; no customer repositories have become victims. But anyone who installs corrupted code from GitHub’s own repositories is vulnerable.
  • No Security Meter for AI provides an excellent look into the state of AI security.
  • Cloudflare’s report on Project Glasswing and Claude Mythos is worth reading. Mythos is especially noteworthy for its ability to chain vulnerabilities. In real life, few vulnerabilities are exploitable on their own; they become vulnerable when they are used in combination with others.
  • Daniel Stenberg reports that Mythos found five potential vulnerabilities in curl, of which one was legitimate. The low count isn’t surprising, given the quality of the curl team’s work. What’s significant is that Mythos was able to find a legitimate vulnerability in software that had been thoroughly audited by humans, traditional tools, and AI.
  • Who showed up? A security researcher ran a honeypot with port 22 open for 54 days, and logged every attempt to log in: 269,000 connection attempts from 7,556 unique IP addresses.
  • GitHub’s dependency scanning service for its MCP server is now in public preview. It checks code changes for vulnerable dependencies before committing code or opening a pull request.
  • Copy.fail is a recently discovered Linux kernel vulnerability that allows unprivileged processes to escalate privileges, and it was exploited within a day of its release. Unlike most vulnerabilities, running infected programs in a container does not offer protection. The time from release of a zero-day to exploitation in the wild is indeed shrinking.
  • OpenAI’s Advanced Account Security requires a physical key or passkey for access; there are no passwords. Hardware keys are provided by Yubico or a compatible hardware token.
  • GPT-5.5 Cyber is a version of GPT-5.5 that has been trained as a security tool. As Anthropic did with Mythos, OpenAI is limiting access to a small group of trusted users.
  • The Firefox team has used Claude Mythos to find 271 previously unknown vulnerabilities in Firefox. While this finding is terrifying, they conclude that defenders now have the advantage. Once you know the vulnerabilities, it’s possible to close the gap between defenders and attackers.
  • Claude Code can leak credentials and other secrets to public repos and package registries. When you select “allow always” for a specific command, the command and its credentials are stored in a subdirectory of .claude. This directory can inadvertently be incorporated into a package.

Policy and Governance

  • The ArXiv preprint repository has clarified its code of conduct for AI users. Submitters are responsible for their papers and will be banned for a year if they submit papers that use AI-generated content inappropriately. This includes hallucinated content, references, and plagiarism.
  • Look to China for new approaches to data governance. China is treating data as a national resource and building the infrastructure for a data economy.

Web

  • At its I/O conference, Google announced that traditional search will be replaced by AI search, powered by Gemini 3.5 Flash. Both AI search and traditional search (which is really AI-powered) have proven useful. What happens when you eliminate one of the options?
  • Linux running in a PDF? The PDF format supports JavaScript, and C can be compiled to JavaScript.

Biology

  • Colossal Biosciences has developed a 3D-printed artificial eggshell that’s capable of raising chicks from embryos.
  • Brazil has invested heavily in vaccines and has created a single-shot vaccine against Dengue fever. The country is striving for “medical sovereignty,” a concept that’s clearly related to data sovereignty and AI sovereignty.

12:14

The Intersection of Encryption and AI [Schneier on Security]

As part of their 20th Anniversary celebration, Dark Reading asked five cybersecurity industry leaders who wrote blogs or columns for them over the years to select their favorite piece and share their reflections on the topic today. This is my section.

Renowned technologist and author Bruce Schneier contributed a column on June 20, 2010, warning about cryptography’s inability to secure modern networks, a point he says he has been trying to argue since 2000.

“For a while now, I’ve pointed out that cryptography is singularly ill-suited to solve the major network security problems of today: denial-of-service attacks, website defacement, theft of credit card numbers, identity theft, viruses and worms, DNS attacks, network penetration, and so on.

“Recently, I talked to a former NSA employee at a conference. He told me that back in the 1990s, he had a copy of my book Applied Cryptography by his desk, as did many other cryptographers working at Ft. Meade. People were allowed to refer to it, but they were not allowed to cite it.

“The 1990s were an important decade for cryptography. This was before the internet went mass market, when cryptography was just emerging from a niche academic discipline to a mainstream engineering one. There wasn’t much that programmers could read. The NSA used my book for the same reason it became a bestseller: because it collected all the academic cryptography of the time in one place and made it understandable to people who weren’t mathematicians. They feared it for exactly the same reason.

“I’ve been thinking about that conversation as I revisit a 2010 essay I wrote for Dark Reading, ‘The Failure of Cryptography to Secure Modern Networks.’ Cryptography has inherent mathematical properties that greatly favor the defender. Adding a single bit to the length of a key adds only a slight amount of work for the defender but doubles the amount of work the attacker has to do. Doubling the key length doubles the amount of work the defender has to do (if that—I’m being approximate here) but increases the attacker’s workload exponentially. For many years, we have exploited that mathematical imbalance.

“Computer security is much more balanced. There’ll be a new attack, and a new defense, and a new attack, and a new defense. It’s an arms race between attacker and defender. And it’s a very fast arms race. New vulnerabilities are discovered all the time. The balance can tip from defender to attacker overnight, and back again the night after. Computer security defenses are inherently very fragile.

“That isn’t a new idea. I said much the same thing in the preface to my 2000 book, Secrets and Lies:

“‘Cryptography is a branch of mathematics. And like all mathematics, it involves numbers, equations, and logic. Security, real security that you or I might find useful in our lives, involves people: things people know, relationships between people, people and how they relate to machines. Digital security involves computers: complex, unstable, buggy computers.’

“I especially like how I phrased it in 2016: ‘Cryptography is harder than it looks, primarily because it looks like math. Both algorithms and protocols can be precisely defined and analyzed. This isn’t easy, and there’s a lot of insecure crypto out there, but we cryptographers have gotten pretty good at getting this part right. However, math has no agency; it can’t actually secure anything. For cryptography to work, it needs to be written in software, embedded in a larger software system, managed by an operating system, run on hardware, connected to a network, and configured and operated by users. Each of these steps brings with it difficulties and vulnerabilities.’

“It’s a lesson we have all learned over the decades. Cryptography is still necessary for cybersecurity—although I wouldn’t have used that word back then—but is not sufficient. There are particular attack and forms of mass surveillance that cryptography prevents. But as computers have infused throughout our lives, and networks have connected all those computers, those aspects of cybersecurity have become increasingly important, and vulnerable.

“Today, the cybersecurity world is changing yet again, this time due to the capabilities of artificial intelligence. AI isn’t advancing cryptography, but it’s changing cybersecurity. AI has demonstrated a superhuman ability to find vulnerabilities in software and to write exploits. A similar ability to write patches is probably coming. This has profound implications for both attackers and defenders, and it is unclear who will win the particular arms race in a world of what I call instant software.”

Microsoft Threatening Security Researcher [Schneier on Security]

An anonymous security researcher called “Nightmare Eclipse” has been publishing a series of significant security exploits against Microsoft Windows—including one that breaks BitLocker. Microsoft has threatened legal action against the researcher. Lots of recriminations are being traded back and forth.

10:49

10:42

Pluralistic: The tedious power of storytelling (02 Jun 2026) must-we-pretend [Pluralistic: Daily links from Cory Doctorow]

->->->->->->->->->->->->->->->->->->->->->->->->->->->->-> Top Sources: None -->

Today's links


An 18th century portrait of a grand lady ('Mrs Robinson'). She looks extremely put-upon. To either side of her is a tiny storyteller, declaming loudly into her ears.

The tedious power of storytelling (permalink)

Yesterday, I attended a Brian Eno talk about the nature of creativity and art based on What Art Does, the short book he published with Bette Adriaanse last year:

https://www.faber.co.uk/product/9780571395514-what-art-does-an-unfinished-theory/

I haven't read the book (yet – I just ordered a copy), but the talk really got me fizzing. The subject matter (not just what art does, but also what art is) is one I've given a lot of thought to, and Eno's characteristic mix of gnomic koans and deceptively plainspoken assertions brought me along to some realizations of my own.

For Eno, art is "everything you don't have to do." You have to wear clothes to protect yourself from the elements, but you don't need to adorn those clothes. You need to speak to make yourself understood by the people around you, but you don't have to sing or write poetry or make up stories.

This is a really critical point, and I think it can be further refined by this: "Art is intended to make other people feel something." This distinguishes "art" from "beauty." A sunset can be beautiful, but no one intends anything by it. An artist who takes a photo or paints a picture of a sunset does so in the hopes that it will make you feel something, but the sun and the atmosphere and the Earth's curvature and rotation don't hope anything, because they are inanimate.

This distinction has lately become far more significant, thanks to the rise of images and words that have the seeming of intent, but who don't have an intender. When you paint a painting, every brushstroke conveys an intent, even if you can't point at an individual brushstroke and articulate its purpose. The same is true of prose: every word and punctuation mark is there for a reason, and "being good at writing" (like "being good at painting") is how we describe someone who has practiced so much that these reasons can be infused into each micro-decision on a near-totally subconscious level.

Contrast this with AI: when you prompt an AI to generate words or pixels, you are conveying some intent about the feeling you want the people who experience the model's output to experience. The problem is that the AI doesn't have any intent of its own – it just has statistical predictions, based on other people's intent, which it has analyzed through its training data.

So when the AI expands the three sentences in your prompt into 100,000 words or 1,000,000 pixels, it isn't adding any of its intention to the finished work, it's diluting the intention you fed to it. Three sentences divided by one million pixels yields an image that has an average intentionality that's so low that it's practically homeopathic.

Until recently, we weren't accustomed to encountering coherent strings of words or polished images that had no intender, so we imputed the existence of that intender to them, and we did what we always do when we encounter a work of art: we tried to mentally materialize a facsimile of the feeling the artist experienced while creating the work.

Because the intention of these works was so dilute, we ended up hallucinating an intent. We made up an imaginary artist who meant something by every choice in the work, and experienced an emotional affect that we ourselves had created out of (nearly) whole cloth.

As a species, we've been through this before. Think back to those sunsets. There was a time when we all thought of sunsets as being explicitly created by another being, who was in communication with us through the natural environment (some people still believe this). Looking at a sunset was an exercise in asking yourself, "If I were God, what would I be trying to say to me with this sunset?" just as looking at one of my photos of a sunset would be an exercise in asking yourself, "If I were Cory, what would I be trying to say to me with this photo of a sunset?"

The rise of materialism and scientific rationalism is sometimes called a "disenchantment" and indeed, there's a sense in which a sunset that we know to have no intender is no longer "enchanted." The experience of a sunset becomes something like, "Those colors and their interplay with the physical world is very beautiful." It might even be, "How could I capture that beauty in a painting or a photo or a description so that I could communicate it to someone else?" But it's not, "I wonder what God wants me to feel when I look at this sunset?"

So for many of us, the experience of AI "art" went from, "Wow, there's a person in the machine that's trying to tell me something," to "Wow, that is an impressive feat of software design, but it doesn't say anything to me." Maybe some of us think, "Huh, I could take some element of this, refine it with my own brushstrokes or words, and make something out of it." That's like thinking about turning a sunset into a painting: the sunset is striking and maybe beautiful, but it doesn't become art until you work at it, in order to make it communicate something:

https://pluralistic.net/2025/03/25/communicative-intent/#diluted

Mark Fisher describes the "seeming of an intent without an intender" as "eerie." It's true: when the door slams in the night and there's no one else in the house, it's eerie. But eeriness is easily dispelled: once you locate the open window that's creating the draft that's blowing the door closed, the eeriness regresses swiftly to the mean:

https://pluralistic.net/2024/05/13/spooky-action-at-a-close-up/#invisible-hand

Banishing eeriness may be straightforward, but preventing eeriness is much harder. We are prone to imputing intent to the things we see in the world. In "Genesis," an essay from EL Doctorow's (no relation) collection The Creationists, Doctorow describes the origins of the Babylonian creation story (which the Hebrews ripped off for Genesis 1:1-29 – Genesis is Babylonian fanfic). The Babylonians made up this story about how God created the heavens and Earth and so forth, and this story was so cool that they couldn't believe that they had just made it up, so they concluded that God must have put it in their minds:

https://www.penguinrandomhouse.com/books/41520/creationists-by-e-l-doctorow/

Back to Eno: central to his talk was the "theory of mind." To have a theory of mind is to be able to impute someone else's intent. It's when you ask yourself, "What does that person mean by the thing they just said or did?" Because art is a process by which an artist tries to get you to feel something, it requires that the artist have a theory about your mind. And because experiencing art is a process of trying to figure out what the artist wanted you to feel when you experienced their work, experiencing art also requires a theory of mind.

From time to time, I teach fiction writing workshops, and one of the lectures I always give is about how stories are a "fuggly hack":

https://locusmag.com/feature/cory-doctorow-stories-are-a-fuggly-hack/

It's very weird that storytellers can trick our brains into experiencing emotions based on empathy for "people" whom we know to be imaginary. Romeo and Juliet are made up, they never lived, they never died, and so, objectively speaking, their deaths are less tragic than the death of the yogurt you ate for breakfast. That yogurt was alive and now it's dead, after all. And yet, we weep for Romeo and Juliet.

Our automatic "theory of mind" processes create empathy for stuff even when we know that stuff is inanimate. But the purpose of narrative isn't getting you to experience empathy with an imaginary person. The purpose of narrative is to get you to experience that empathy so that you will feel something. In other words, the storyteller who describes a character who is swept away by the beauty of a sunset is trying to get you to feel "swept away" not "empathy for someone who is swept away."

There's lots of art that skips the step in which you are asked to first experience empathy for an imaginary person in order to arrive at some feeling. A lot of music, visual art, dance, and poetry seeks to evince that feeling in you directly.

When this works, it's profound. I think about this a lot in terms of built environments, specifically Disney themepark rides. When I started hanging around with Imagineers (the multidisciplinary artists who design and execute these rides), I noticed that they made frequent reference to the role of narrative storytelling in their ride designs, which was weird, because the very best Disney rides do not use narrative to evince a feeling.

Think of two Disney rides: Snow White's Enchanted Wish (1955); and The Little Mermaid: Ariel's Undersea Adventure (2011). In Snow White, riders follow a track through a series of animated vignettes with UV-fluorescing painted backdrops and an orchestral soundtrack. There are almost no words spoken in the soundtrack. The ride's vignettes recreate scenes from the 1937 animated film, but they don't make any attempt to explain the plot of the movie.

A rider who'd never seen Snow White and the Seven Dwarfs could not recount the plot of the movie to you. However, that rider could absolutely convey the emotional affect of every scene in the film. It is a near-perfect transmission of the feelings evinced by the movie, notwithstanding that it bypasses recounting the film's narrative.

By contrast, The Little Mermaid ride is what's sometimes pejoratively called a "book report ride." The scenes are full of dialog, and they explicitly re-create the storyline of the 1989 film. These scenes are well-executed, with lots of clever mechanical effects and skillfully painted and sculpted scenes and robots. A rider who never saw the film could give you a scene-by-scene breakdown of it – but they could not tell you about any of the emotional beats of the film. For all that the ride faithfully recreates the story of the film, it does so at the expense of the purpose of the film, the feeling the film is designed to evince from its audience.

As a novelist, I find it natural that someone trying to build a Little Mermaid ride would start from the premise that it should explicitly retell the story of the film. If you want an audience member to experience a feeling, narrative gives you the opportunity to explicitly describe the feeling you want the audience member to experience. You can situate a character on a lonely beach at sunset and tell the reader how that character feels.

The problem is that while this has an increased likelihood of being high-fidelity way of transmitting a feeling, it also has an increased likelihood of being a low-intensity way of conveying that feeling. When you tell someone about what's going on in another person's mind (including an imaginary person's mind), it doesn't fire up the theory-of-mind machine in the way that asking someone to infer the state of someone else's mind from implicit cues does.

This is why fiction writers are exhorted to "show, not tell." Dramatic, implicit evocations of an emotion are intrinsically more interesting than explicit statements about emotions. That's not to say that exposition can't evince an emotion – it can and does. It's just harder to do this with exposition than it is to do it with dramatization:

https://maryrobinettekowal.com/journal/my-favorite-bit/my-favorite-bit-cory-doctorow-talks-about-the-bezzle/

In his talk yesterday, Eno discussed abstract art, and the way that it evinces feelings in the viewer directly, without ever telling you what to feel. This is in keeping with much of Eno's own art (he recently told me that when he writes lyrics, he never uses the words "I," "me," "you," or "love").

In this theory I'm developing here, we could say that the more abstract a work is, the harder it is to evince a specific feeling with high fidelity, but the more likely it is that the feelings it does evince will be intensely felt. When your aesthetic sense resonates with a Henry Moore bronze or an Eno ambient track, the thrum is deep and strong.

Key to this theory is that it's about how hard it is for an artist to evince a feeling and how hard it is for the artist to make that feeling intense. Abstract art is more likely to be misunderstood (or not understood) than explicit narratives, but lots of abstract art is very well understood by people for whom it resonates. Explicit narratives are more likely to have a flatter affect than work that attempts to skewer your emotions directly, but plenty of explicit narratives make you feel the most profound emotions you're capable of feeling.

A 2x2 grid depicting different kinds of art laid out on two axes: 'intensity' and 'fidelity'

Imagine a 2×2 grid with "intensity" on one axis and "fidelity" on the other. It's easier to evince an intense feeling when you are more abstract, but it's harder to control what that feeling will be. These are works that operate on an implicit theory of mind ("I think I know what you'll feel when you see this"). It's easier to control the feeling you're evincing when you are more concrete, but it's harder to make that feeling an intense one ("I will tell you what someone else is feeling using this work").

None of this is to establish a hierarchy of art. As Eno says, the value of art is in whether it makes you feel something and what it makes you feel – not how that feeling is drawn forth. In What Art Does, Eno describes both art and science as an extension of our natural, in-born tendency to play. The difference is that we judge the success of science based on whether we can validate its conclusions, while we judge the success of art based on whether it excites us:

'Excitement' is to art as 'falsifiability' is to science.

(With thanks to Brian Eno.)

Hey look at this (permalink)


A shelf of leatherbound history books with a gilt-stamped series title, 'The World's Famous Events.'

Object permanence (permalink)

#20yrsago IRS insider accuses agency of giving archives to lowest bidder https://web.archive.org/web/20060614142129/http://wftm.diaryland.com/060601_71.html

#20yrsago Telemedicine rigs coming to all Virgin jets https://web.archive.org/web/20060616063357/http://europetravelnews.com/2006_05/844_virgin-atlantic-life-saving-technology/

#15yrsago Con artists caught tricking med-students into helping with high-tech entrance exam cheat https://web.archive.org/web/20110603051231/https://www.cbc.ca/news/canada/british-columbia/story/2011/05/31/bc-high-tech-mcat-scam.html

#10yrsago How a “lost” Marx Brothers musical found its way back to the stage https://web.archive.org/web/20160602114803/https://www.newyorker.com/culture/culture-desk/how-a-lost-marx-brothers-musical-found-its-way-back-onstage

#10yrsago How security and privacy pros can help save the web from legal threats over vulnerability disclosure https://iapp.org/news/a/how-you-can-help-white-hat-security-researchers

#10yrsago US Patent and Trademark Office refuses to issue “Drumpf” trademark https://www.worldipreview.com/trademark/drumpf-trademark-application-refused-by-uspto-10210

#10yrsago How an engineer/public health whistleblower led the citizen scientists who busted Flint’s water crisis https://web.archive.org/web/20160604112755/https://www.wired.com/2016/06/flint-water-marc-edwards/

#10yrsago Why 3D scans aren’t copyrightable https://web.archive.org/web/20160605140300/https://www.shapeways.com/blog/archives/25599-new-whitepaper-on-3d-scanning-and-the-lack-of-copyright.html

#10yrsago Cable One used customers’ credit scores to decide how good their internet would be https://wetmachine.com/tales-of-the-sausage-factory/broadband-privacy-can-prevent-discrimination-the-case-of-cable-one-and-fico-scores/

#10yrsago Class action: publishers paid writers “sale” royalties on ebooks whose fine-print says they’re “licensed” https://www.copylaw.org/2016/05/simon-schuster-hit-with-ebook-royalties.html

#5yrsago The antitrust case against Prime https://pluralistic.net/2021/06/01/you-are-here/#prime-facie

#5yrsago Google cheats on location privacy https://pluralistic.net/2021/06/01/you-are-here/#goog

#5yrsago Canadian telco monopolists run the show https://pluralistic.net/2021/06/01/you-are-here/#crtc

Upcoming appearances (permalink)

A photo of me onstage, giving a speech, pounding the podium.


A screenshot of me at my desk, doing a livecast.

Recent appearances (permalink)


A grid of my books with Will Stahle covers..

Latest books (permalink)


A cardboard book box with the Macmillan logo.

Upcoming books (permalink)

  • "The Reverse-Centaur's Guide to AI," a short book about being a better AI critic, Farrar, Straus and Giroux, June 2026 (https://us.macmillan.com/books/9780374621568/thereversecentaursguidetolifeafterai/)

  • "Enshittification, Why Everything Suddenly Got Worse and What to Do About It" (the graphic novel), Firstsecond, 2026

  • "The Post-American Internet," a geopolitical sequel of sorts to Enshittification, Farrar, Straus and Giroux, 2027

  • "Unauthorized Bread": a middle-grades graphic novel adapted from my novella about refugees, toasters and DRM, FirstSecond, April 20, 2027

  • "The Memex Method," Farrar, Straus, Giroux, 2027


Colophon (permalink)

Today's top sources:

Currently writing: "The Post-American Internet," a sequel to "Enshittification," about the better world the rest of us get to have now that Trump has torched America. Third draft completed. Submitted to editor.

  • "The Reverse Centaur's Guide to AI," a short book for Farrar, Straus and Giroux about being an effective AI critic. LEGAL REVIEW AND COPYEDIT COMPLETE.

  • "The Post-American Internet," a short book about internet policy in the age of Trumpism. PLANNING.

  • A Little Brother short story about DIY insulin PLANNING

This work – excluding any serialized fiction – is licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.

https://creativecommons.org/licenses/by/4.0/

Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.

How to get Pluralistic:

Blog (no ads, tracking, or data-collection):

Pluralistic.net

Newsletter (no ads, tracking, or data-collection):

https://pluralistic.net/plura-list

Mastodon (no ads, tracking, or data-collection):

https://mamot.fr/@pluralistic

Bluesky (no ads, possible tracking and data-collection):

https://bsky.app/profile/doctorow.pluralistic.net

Medium (no ads, paywalled):

https://doctorow.medium.com/

Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):

https://mostlysignssomeportents.tumblr.com/tagged/pluralistic

"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla

READ CAREFULLY: By reading this, you agree, on behalf of your employer, to release me from all obligations and waivers arising from any and all NON-NEGOTIATED agreements, licenses, terms-of-service, shrinkwrap, clickwrap, browsewrap, confidentiality, non-disclosure, non-compete and acceptable use policies ("BOGUS AGREEMENTS") that I have entered into with your employer, its partners, licensors, agents and assigns, in perpetuity, without prejudice to my ongoing rights and privileges. You further represent that you have the authority to release me from any BOGUS AGREEMENTS on behalf of your employer.

ISSN: 3066-764X

Stop ruining it [Seth's Blog]

Paul McGowan makes stereos. To paraphrase his insight: The musicality isn’t a feature you add to an amplifier. It’s what’s left when you stop ruining it.

To expand: Customer delight isn’t something we add to our projects. It’s what’s left if we don’t ruin it.

Curiosity isn’t simply what’s left after a complete education. It’s still there if the system doesn’t ruin it.

Or perhaps: Satisfaction in our work isn’t created by the boss. It’s what’s left if they don’t ruin it.

And one last one: Trust isn’t something a brand builds with an ad campaign. It’s what’s left if the marketers don’t ruin it.

09:00

13 Years & Pledge Drive 2026 [Oh Joy Sex Toy]

13 Years & Pledge Drive 2026

Happy Birthday OJST! 13 years and 685 comics later! That’s a lot of comics, artists, and creative voices gathered beneath this wild umbrella of sexual joy and positivity. Thank you for helping make OJST what it is today. It truly only exists because of you. Grab a soda, soak up the sunshine, and enjoy the […]

02:00

The placeholder name for the Windows 8 experience was “modern” [The Old New Thing]

During the development of Windows 8, we needed a name for “that thing we’re creating.” Not being a particularly clever bunch when it comes to code names, we just called it “the modern experience,” to distinguish it from what we had in Windows 7, which was called “the classic experience.”

And then, as Microspeak demands, we started abbreviating like mad.

The new shell was called the “modern shell” or “MoSh” for short. By comparison, the old shell was called the “classic shell”, which some people started calling “ClaSh” for short. (That name didn’t stick.)

When we couldn’t come up with a name for a component of the modern experience, a common fallback was to stick the prefix “Mo” in front.

The new Start menu derived from some earlier explorations known as the “Go page” (since it’s the place you go when you want to do something). Its new code name was therefore “MoGo.”

The portion of the screen for snapped applications was called the “MoBar”, and the portion of the screen used for filled applications was called the “MoBody.”

The settings control panel? “MoSet.”

The ListView control? It started out with the more tedious name “modern collection control”, which got shortened to “MoCo.”

Even the new applications got the Mo-treatment. The new Web browser initially called itself “MoB”, but then decided that an even hipper name would be “MoBro.”

And the new photo manager? The people who worked on that didn’t want to get left out of the “Mo”-party, so they called themselves (wait for it) “MoPho.”

I hope somebody put their foot down out of frustration. “Enough already. This Mo thing is completely out of control.”

Windows 8 was announced fifteen years ago today, on June 1, 2011.

The post The placeholder name for the Windows 8 experience was “modern” appeared first on The Old New Thing.

01:49

Free software activities in May 2026 [Planet GNU]

Hello and welcome to my May 2026 free software activities report. A lot's been going on in my life offline so I took a bit of a hiatus from doing these reports, but I've had a fairly productive month of May so I thought it'd be nice to do another one for this month.

GNU & FSF

  • GNU Emacs:
    • ffs-0.2.2: I finally polished and published my ffs package for GNU Emacs on GNU ELPA. Many thanks to Protesilaos for rounds of code review and feedback for improving and polishing the package in preparation for submission to GNU ELPA.
    • bug#81101: Trying to visit https://www.emacswiki.org in EWW I noticed it fails with a Somebody wants you to give them money error due to the anti-bot challenge being served with a HTTP 402 (Payment Required) response. So I landed a patch 12eec781ed6 to no longer do that. Thanks to Emacs comaintainer Sean Whitton for reviewing and approving my proposed patch.
    • bug#81107: I noticed that in EWW, unlike <input type="submit"> HTML buttons, <button> elements were not tab-stoppable, leading to poorer usability and accessibility. So I landed a patch ec3d662de0b to fix that. Thanks to Emacs comaintainer Eli Zaretskii for reviewing, providing feedback, and accepting my proposed change.
    • Emacs Chat with Sacha Chua: I joined Sacha for a new episode of her Emacs Chat podcast, where we talked about Emacs and life. I gave a quick tour of my Emacs configuration, discussing at length my configurations for EXWM (Emacs X Window Manager) among other topics like Emacs's facility for visually indicating buffer boundaries in the fringe by setting indicate-buffer-boundaries and my convenience configuration macros.
  • maintainers@: I started the next long-overdue round of emails to GNU package maintainers to confirm the contact information we have on file for them and get a brief status update about their packages. Emails are sent in small batches to keep the workload of handling the responses manageable for assistant GNUisances.
  • GNU Spotlight: I prepared and sent the May GNU Spotlight to the FSF campaigns team for publication on the FSF's community blog and the monthly Free Software Supporter newsletter.

Debian

I've begun the work toward updating the Jami package in Debian unstable again, which means I need to package new releases of its direct and indirect dependencies. For OpenDHT, I need to update RESTinio, and to do that I first need to package expected-lite and sobjectizer for Debian:

  • #1120837: ITP: expected-lite – expected objects for C++11 and later
  • #1137609: ITP: sobjectizer – C++ implementation of Actor, Publish-Subscribe, and CSP models

I've been working on packaging both and hope to have them uploaded to the archive in the next days and weeks.

That's it for this month's report.

Take care, and so long for now.

Monday, 01 June

23:42

A Deceptively Sweet Moment Between Smudge and Saja [Whatever]

Awww, doesn’t it look like they’re cuddling? They are not, about a tenth of a second later they were rolling about in a full-blown tussle, as they are wont to do. Don’t worry, it’s all in good fun; Smudge actually enjoys his wrestling time with Saja, and vice versa. But it does make for some fun moments:

To begin the month of June, Smudge offers up the rare but valuable TussleMlem™, with an assist from Saja

The Scamperbeasts (@scamperbeasts.bsky.social) 2026-06-01T11:22:48.639Z

Sugar and Spice, I will note again, want none of this sort of nonsense. It is far below either of their dignities. Which is, perhaps, their loss.

— JS

22:56

Page 19 [Flipside]

Page 19 is done.

Also, there is going to be new vote incentives this month, relating to the theme of the current chapters! You can see them by clicking on the TWC button below, or clicking here.

22:49

Free Software Directory meeting on IRC: Friday, June 5, starting at 12:00 EDT (16:00 UTC) [Planet GNU]

Join the FSF and friends on Friday, June 5 from 12:00 to 15:00 EDT (16:00 to 19:00 UTC) to help improve the Free Software Directory.

22:07

Link [Scripting News]

John C Reilly has only one audiobook, One Flew Over the Cuckoo's Nest. But it's the best audiobook I've ever read, because the narrator and the book are great, esp together. Wish he would do more. Also there's a great interview with him on the Rachel Martin podcast.

Ombredanne: An AI agent ported our codebase from Python to Rust [LWN.net]

Over on the AboutCode blog, lead maintainer Philippe Ombredanne writes about an agentic LLM system porting the ScanCode Toolkit to Rust. In the process, the LLM (or the people behind it) infringed the ScanCode trademark, stripped copyright and license notices, "and started an outreach campaign, without ever engaging the AboutCode community". Ironically, the toolkit is used to scan source code and binaries in order to figure out licensing and copyright information; it also reports on package dependencies, vulnerabilities, and more.

This is worth repeating: A comprehensive test suite, decent documentation, and curated datasets is what makes automated porting possible. It is also what makes a codebase easier to replicate without understanding it.

The agent's initial approach, using an existing Rust license-detection library, failed to match ScanCode's output quality. The agent then did what any translator would do when a loose paraphrase fails: it copied the original more closely. The final port reproduces ScanCode's core algorithms, code organization, and data-driven architecture in Rust, not because the agent understood them, but because it had enough training data and test feedback to converge on equivalent code.

21:21

My Father's House [Penny Arcade]

The movies running away with the box office are "indie ahh" horror flicks, tuned to Generation Zed. Quarantine sorta permanently broke the theatre habit for Gabe I think, though he'll occasionally lurch out of his cavern for something his larvae might be interested in. By comparison, there are people in my neighborhood's younger cadre who are, like, members of AMC Stubs and shit. They love going to the Goddamn movies. And I'd bet that a strong part of the take for films like Obsession and Backrooms - which Gabriel will not be seeing - are people who were essentially robbed of the ritual because a actual horror movie was taking place worldwide.

20:35

[$] Representing the true signatures of kernel functions [LWN.net]

Optimizing compilers can, under some circumstances, infer when a parameter to a function is not needed, and remove it. This is all well and good until the kernel's tracing or BPF subsystems need information on how to call the function or where its arguments are stored. Alan Maguire and Yonghong Song spoke at the 2026 Linux Storage, Filesystem, Memory-Management, and BPF Summit about their work on recording information regarding changed function signatures in the kernel's BTF debugging information, to better support tracing such functions.

19:49

Link [Scripting News]

If you work at Automattic as a developer, if there's another Radical Speed Month for devs, if you want, let's work on a project together even though I don't work for the company. I'm most interested in making products work together where the result gets people thinking about the web in a new way. A8C has a big enough product set, and FeedLand and WordLand are by design well-equipped to talk with other products. I love APIs and we have some good ones to work with, and some very underexplored (imho because we got too fixated on the silos for so long). Very much open to ideas, and I love working with good developers. Maybe I'll post some ideas here. I'm esp interested now in hooking other projects up with FeedLand.

Link [Scripting News]

Maybe the best way to deal with the AIs is to quarantine the data centers on the moon or Mars, and if you want to hook up to the network, you have to move there, and quite possibly not be allowed to return, depending on how things go. It would make it possible for us to change our mind after we see a preview of the consequences. Now the big question, would you volunteer??

19:07

Seven stable kernels for the first day of June [LWN.net]

Greg Kroah-Hartman has announced the release of the 7.0.11, 6.18.34, 6.12.92, 6.6.142, 6.1.175, 5.15.209, and 5.10.258 stable kernels. As usual, each contains important fixes throughout the tree, including a fix for the "CIFSwitch" vulnerability (CVE-2026-46243) which could allow a local-privilege-escalation exploit. Users are advised to upgrade.

19:00

Microsoft is intentionally bricking all Office for Mac 2019/2021 installations [OSnews]

You’re a smart cookie, so you opted to buy a copy of Microsoft Office for macOS back in 2019 or 2021, eschewing the Office 365 subscription, so you could keep on using Office 2019/2021 forever if you wanted to. Just like in the old days.

I’ve got some bad news.

Microsoft Office 2019 and 2021 for Mac view-only conversion (2026) is a scheduled remote degradation of perpetually-licensed Microsoft Office software for macOS and iOS, set for July 13, 2026 when a license-validation certificate used by the Office apps expires. After Office 2019 for Mac reached end of support in October 2023, Microsoft assured customers their installed apps would “continue to function.” The July 13, 2026 conversion instead drops the apps into a Microsoft-defined “reduced functionality mode,” in which files can be opened and viewed but not edited or saved. By May 30, 2026, the original 2023 end-of-support page had been re-dated and rewritten on Microsoft’s site; the “continue to function” clause was removed.

↫ Consumer Rights Wiki

Microsoft’s advice to the users they’re stealing from is to keep using the applications as mere viewers, switch to the free Office 365 web applications, pay for a 365 subscription, or buy a brand new regular copy of Office 2024. None of these make any sense, and clearly, all of this should be illegal, but it’s not because the software industry is a clown show.

Proprietary software is unethical.

18:14

Vulnerability Disclosure in the Age of AI [Schneier on Security]

New article: “Responsible Disclosure in the Age of AI: A Call for Urgent Action,” by Melissa Hathaway.

Abstract: Artificial intelligence is fundamentally reshaping the balance between vulnerability discovery and remediation. Frontier AI models are now capable of autonomously identifying exploitable software vulnerabilities at unprecedented speed and scale. This development exposes decades of accumulated technical debt created by a software industry that prioritized rapid deployment over secure-by-design engineering practices. Drawing on the evolution of software assurance, vulnerability disclosure frameworks, and U.S. cyber policy, this perspective argues that the current moment represents a strategic inflection point for governments, industry, and critical infrastructure operators. The author examines the growing tension between offensive and defensive equities in cyberspace, the emergence of AI-enabled vulnerability discovery capabilities in both the U.S. and China, and the increasing risks posed by unsupported legacy systems and AI-assisted code generation practices. Responsible disclosure can no longer remain a reactive or fragmented process, but must become a coordinated national and international resilience effort involving governments, software vendors, infrastructure operators, and emergency response organizations. The article concludes with an urgent call for accelerated remediation, large-scale patch management coordination, and sustained investment in automated vulnerability repair capabilities before adversaries exploit this rapidly narrowing window of opportunity.

17:28

AI Sovereignty and the Architecture of Participation [Radar]

Adam Tooze recently shared a piece from The Economist about Brazil’s push for what it calls “medical sovereignty,” the determination to make its own vaccines and the active ingredients that go into its medicines rather than depend on supply chains it doesn’t control. Brazil already produces a large share of its own medicines through public institutions like Fiocruz and Butantan, but a lot of the underlying inputs still come from abroad, and the pandemic made clear the cost of that dependence. So the country is trying to build the capacity to make the things it most needs to survive. The economist behind a lot of this thinking is Mariana Mazzucato, whose mission-oriented approach treats public procurement as a tool to build national capacity rather than just buy finished goods. (Foreign Policy has a good overview.)

I think we’re going to see a lot more of this, and not only in medicine. The same impulse is driving the quest for sovereign AI, as countries decide they don’t want their access to a foundational technology to run through a handful of American or Chinese companies. You can see it too in Europe’s and Japan’s new willingness to take responsibility for their own military destiny rather than assume the United States will always be there.

Most commentators describe all of this as decoupling, the unwinding of a connected world. That reading is too narrow.

Free trade was an architecture of participation that broke

Much like open source software and the World Wide Web, free trade was supposed to have what I call “an architecture of participation.” The most important thing about the web and open source wasn’t openness for its own sake. It was that there were no central gatekeepers. Anyone could add to the richness of the system without asking permission as long as they followed the rules of the communication protocols that allowed independently-developed pieces to work together. In addition, value circulated among the participants instead of being extracted to a center, and the system got better the more people used it. That is a very different thing from a system that is merely large and connected.

Free trade was also supposed to work like that. The theory, going back to Smith and Ricardo, was that specialization and exchange would make everyone better off, and that the connections would be mutual. What we actually got over the past few decades looks more like the platform dominance we see in big tech than the original vision of a commons built around shared exchange. A handful of large and powerful countries and firms set the terms and the smaller players are forced to take what is on offer. Despite the language of free trade, the experience for many countries was closer to colonialism, just with a new narrative.

Overall, under the neoliberal order (whose reign, as Gary Gerstle explains, is now ending), free trade became far less egalitarian, inclusive, and generative than it could have been. Less powerful countries ended up in roughly the position that small businesses occupy on Amazon, or developers occupy on the app stores: free to participate, on terms they don’t control, with much of the value they create flowing back to the hub.

Brazil’s response (and that of many others) should not be seen as a retreat from the world. It is a refusal to be participate only as a buyer, or as a source of raw materials.

That’s why decoupling is the wrong word. Decoupling means cutting the connections. What these countries seem to want is to stay connected but to build real capacity of their own, so that no single supplier can switch them off. That’s closer to federation than to separation. A federated system is still a system, and its nodes still interoperate. But no node is wholly at the mercy of another, and value circulates among them rather than collecting at the center. A trading order in which the gains pool at a few hubs is brittle and eventually illegitimate, in the same way that a platform economy that strip-mines its participants eventually provokes regulation and revolt.

I put the increasingly visible quest for sovereign AI, and the role of open source models and open source agentic protocols and harnesses in enabling that sovereignty, into the same bucket. I remember back in the early days of open source software when Michael Tiemann, whose pioneering open source company Cygnus Solutions had just been acquired by Red Hat, told me “What we really sell at Red Hat is control. The ability to control your own destiny.”

As companies are increasingly at the mercy of unexpected token pricing changes by the big centralized players, this same quest for sovereignty is playing out at the level of organizations. Open source AI, including not just open source and open weight models but open agentic protocols, agentic harnesses, and portable memory, are increasingly an essential part of the sovereignty toolkit.

The national technology sovereignty movements should take a lesson from the open source movement. The heart of open source is its architecture of participation. It is a force for innovation and value creation to the extent that it frees up the ability of people to solve their own problems and contribute their solutions to a low-friction global commons.

Is capture the inevitable fate of any architecture of participation?

The pattern of open architectures leading to a wave of innovation, winners emerging, consolidating their power and then turning to the dark side seems to be a natural part of the technology cycle. The web broke Microsoft’s dominance over the personal computer software ecosystem only to give rise to a new generation of gatekeepers. Cory Doctorow called this cycle “enshittification.” I’ve told my own version of that story using the language of economics in “Rising Tide Rents and Robber Baron Rents.”

The instinct after capture is to try to rebuild the thing that got captured, only this time with better rules. Mastodon and Bluesky tried to rebuild Twitter’s social layer with cleaner governance, and neither has succeeded at the scale they hoped for. Critics might say that it was because Mastodon stayed pure and never made itself easy enough to use, while Bluesky looked federated without really being so. But more importantly, reinventing what we used to have, or what we think we used to have, is rarely the path forward. You have to build something new.

Each country building its own answer to the latest frontier models is the Mastodon move. The winning move is to operate at a layer the centralized model structurally can’t reach. Open agent protocols that let services from different providers interoperate (the work that MCP and the emerging agent stack are beginning to do) are one such layer. AI accountable to local democratic and legal institutions is another such layer. Domain-specific AI built around problems the global market won’t serve (the tropical disease vaccine analogue) is another. None of these is a smaller copy of what the hyperscalers offer. But there’s one more important layer to consider: infrastructure.

Where are the servers?

Ilan Strauss made a useful point in our conversation about these ideas. Ilan noted that AI is one of the most global forms of capital we’ve ever built, trained on the whole of the internet and runnable more or less anywhere, and the sovereignty rhetoric is partly an attempt to give something inherently placeless a place. The technology wants to be everywhere at once. The people who live with its consequences want some say over it where they are.

The placelessness of AI is only half of the truth, though. The other half is that AI is physically place-bound. The model weights are placeless. The data centers, the chips, the electrical grid, and the water for cooling are very much somewhere.

The comparison with Brazil’s medical sovereignty reinforces this point. Brazil’s challenge isn’t to invent new drugs to compete with Pfizer, but to build the capacity to manufacture existing vaccines, and eventually to build the capacity to invent vaccines for diseases the West ignores. Fiocruz and Butantan matter not because they hold patents but because they are physical institutional capacity rooted in Brazilian soil: the labs, the cold chains, the regulatory capacity, the trained workforce, and access to the active pharmaceutical ingredients. That’s what medical sovereignty really means in practice. It is infrastructure plus the institutions that run it.

The same is becoming true for AI. Open weights matter. They’re closer, though, to the patent than to the lab. Even if Qwen, Kimi, DeepSeek, Llama, Gemma, Granite, and whatever comes next are fully open, running them at scale requires data centers that cost tens of billions to build, chips whose supply chains a handful of countries control, and electricity grids that have to be expanded substantially to carry the load. The countries pursuing sovereign AI seriously seem to understand this. The EU’s AI Gigafactories program, India’s IndiaAI mission, the Gulf compute buildouts, the Singapore and Japan strategies, are all infrastructure plays first and model plays second.

Infrastructure is the layer where capture is hardest to undo. You can distill or fine tune a model far more easily than you can build a new continent’s worth of data centers or conjure the necessary electricity from a fragile power grid. If the architecture of participation for AI is defined only at the model layer, the infrastructure layer below will quietly recapture, over years, everything that was won above. Open weights running on three companies’ servers is not sovereignty.

Building physical infrastructure capable of carrying a generation’s worth of economic activity is exactly the kind of mission the public sector used to take on, before we convinced ourselves the market would handle it. Mazzucato’s argument is that public procurement and public capacity-building are the real engines of foundational technology. AI sovereignty without industrial policy is wishful thinking.

Industrial policy should aim to reinvent 20th century infrastructure, not just copy it. Can we use the enormous rebuild of infrastructure for the AI era to leapfrog the past? The analogy with centralized power grids and decentralized solar reminds us that local control does not have to be a localized version of the hyperscaler pattern. Might we envision a future where there is an intelligence grid that seamlessly uses frontier models in massive data centers and local models controlled by the user as dictated by considerations like cost, privacy, specialized knowledge, and user preferences? Creating the software to manage such an interoperable intelligence grid should be a high priority for the AI open source community. We need an orchestrator not just for agents but also for models and even for data center capacity.

Could federated AI give us a new pattern for the economy?

In a previous piece about AI and markets, “The Third Artificial Intelligence” I picked up Richard Danzig’s argument that markets and the bureaucracies that underpin nation states are themselves artificial intelligences, information-processing mechanisms older than the machine kind. The question with all three is who designs and builds them, what they optimize for, and what feedback loops govern them.

We’re about to spend a lot of effort working out how AI should be organized both across nations and across organizations, whether it concentrates in a few firms and a few countries or whether it can be built as something more federated, where smaller players have genuine capacity and the value they create flows back to them. The choices we are now making about how AI is organized, at the model layer, the protocol layer, and the infrastructure layer, are also choices about how economic activity will be organized for at least a generation. If we manage to get that architecture right for AI, it may give us a working pattern for the thing we’ve so far failed to get right for trade. If we get it wrong, we’ll most likely reproduce, at the level of intelligence itself, the same concentration that free trade has produced in goods and the existing internet platforms produced online.

The technology wants to be everywhere at once. The people who live with its consequences want some say over it where they are. The infrastructure that resolves that tension will be a federation of models, a federation of protocols and code, and a federation of capacity. We need an architecture of participation all the way down the stack, and all the way up.

The final section of this piece benefited greatly from questions and comments raised by Ilan Strauss and Mike Loukides, as well as from previous conversations with Richard Danzig.

17:00

16:42

16:07

DistroWatch turns 25 [LWN.net]

The DistroWatch site is celebrating its 25th anniversary. "All in all, it has been an incredible ride. Many of you who read these pages regularly know that downloading and testing distributions is a highly addictive pastime. I have been an avid distro-hopper for the last 25 years and I don't see myself abandoning this activity for many more years to come." Congratulations to Ladislav Bodnar and all the others who have kept that resource going for so long.

15:56

15:14

The Lying Machine [I, Cringely]

There is a lawsuit grinding through a federal court in Minnesota that every insurance executive in America should be reading instead of their quarterly AI roadmap.

The case is Estate of Lokken v. UnitedHealth Group. It was filed in late 2023 by the families of two deceased Medicare Advantage members, and it alleges that UnitedHealthcare used an artificial-intelligence tool called nH Predict to decide how much post-acute care its members were entitled to — and that the tool was wrong roughly nine times out of ten, a figure the plaintiffs draw from how often its denials were reversed on appeal. UnitedHealth denies that the tool makes coverage decisions at all; it calls nH Predict “a guide” and says the real decisions are made by clinicians following Medicare criteria. A judge will sort out who’s right. But this past March, that judge ordered the company to open its books and hand over a wide swath of documents about exactly how the thing works. The machine is going to testify.

I’m not here to litigate that case. I’m here because of the legal theory the plaintiffs were allowed to keep. The court tossed several of their claims but let two survive, and one of them should make every carrier’s general counsel sit up straight: breach of the implied covenant of good faith and fair dealing. Bad faith. The doctrine that turns a wrong coverage decision from a refund into punitive damages.

Hold onto that, because it’s the whole column.

An insurer lives and dies on a single promise: that when the policy says it covers something, it covers it. Break that promise by accident and you have a customer-service problem. Break it through a system you built, knew was fallible, and pointed at thousands of claims anyway, and you have bad faith — the most expensive two words in the business. Insurers understand this in their marrow. It’s the reason the industry spent a century building actuarial discipline, claims-review hierarchies, and appeals processes. The entire apparatus exists to keep the promise.

And the regulator is already in the room. Since 2023 the National Association of Insurance Commissioners has had a Model Bulletin demanding that insurers run a written governance program for any AI that makes or supports decisions about regulated insurance practices. Roughly two dozen states have adopted it, and this past January the NAIC launched a pilot tool to let examiners actually inspect those systems during market-conduct exams. When Washington floated an executive order late last year to wave the states off AI regulation, the insurance commissioners wrote back, in so many words, absolutely not. Translation for the boardroom: there is now a person whose literal job is to ask how your AI decides things, and “it’s only a guide” is not going to be a satisfying answer.

And yet the stampede is on. By the industry’s own surveys, something like nine in ten health insurers and nearly as many auto insurers are using or planning to use AI — and roughly a third of them concede they don’t regularly test their models. The board has read the same consulting deck you have. It wants the efficiency. It wants claims triaged in seconds and underwriting finished while the applicant is still on the phone. So the pressure runs in exactly one direction: put the machine in the chair, and do it now.

Here is what nobody in that stampede has reckoned with.

The tools in the lawsuits — nH Predict, the batch-denial system Cigna was sued over — were the old kind of AI. Predictive models. They could be wrong, badly and at scale, but they were wrong inside a lane: a number, a score, a yes, a no. The tools the industry is racing to install now are generative. And generative AI has a failure mode the predictive models never had.

It makes things up. Fluently. In complete, confident, grammatical sentences.

I wrote a couple of weeks ago about a Salesforce benchmark called HERB, which found that the best AI retrieval systems answer real enterprise questions correctly only about a third of the time — and, the part that matters here, that the bottleneck isn’t the model’s intelligence but whether it can find the right document. When it can’t find the answer, it doesn’t stop. It invents one. Nearly half of that benchmark was deliberately built from questions that have no answer at all, just to see whether the machine would admit it didn’t know. Mostly, it wouldn’t.

Now move that machine into a claims seat. Ask it whether a policy covers a particular loss, and let the controlling exclusion sit in a rider it failed to retrieve, or a state mandate it never saw. The predictive model would have handed you a wrong number. The generative model hands you a wrong sentence — a fluent, authoritative, entirely fabricated paragraph explaining that yes, you’re covered, citing a provision that does not exist. And in insurance, a confident statement from your own system, made to a policyholder, is not a hypothesis. It can be a representation. Sometimes an enforceable one.

That is the lying machine. Not malicious — worse than malicious. Sincere. It isn’t trying to deceive anyone. It simply cannot tell the difference between a fact it can support and a fact it manufactured to be helpful, and it delivers both in the same reassuring voice.

You cannot buy your way out of this with a bigger model, any more than the defendants in these cases could have bought their way out of court with a faster algorithm. Confident fabrication isn’t a shortage of intelligence that the next GPU shipment cures. It’s a property of a machine that was never built to know the boundary of what it knows. A smarter liar is still a liar — and now it’s the carrier’s liability, stapled by the implied covenant of good faith and fair dealing to every confident, wrong, generated word.

So what would a deployable insurance AI actually look like? Not the one that’s right most of the time. “Most of the time” is the precise phrase that loses the bad-faith case. The only system a serious carrier can put anywhere near a claim is one that knows the edge of the policy — one that, asked about a coverage it cannot verify against the actual language, says so plainly: I can’t find that in this policy. A system whose reflex, when the evidence isn’t there, is to fall silent rather than to invent.

That machine can be built. I have  spent three years learning how. But I’ll tell you the property is achievable, that it is the exact opposite of what the Gen-AI stampede is currently installing, and that the distance between the two is going to be measured, in the end, in nine-figure verdicts.

The usual disclosure: I am not a neutral party. I co-founded a company, 2Brains, built on precisely this idea — that the valuable machine is the one that knows what it doesn’t know and refuses to pretend otherwise. Discount my enthusiasm accordingly. You can find us at 2brains.net, if the problem I’ve just described is the one keeping you up at night — which, if you run claims or underwriting at a carrier of any size, it ought to be.

Because the lawsuits you’ve been reading about are the ones where the machine was merely wrong. The next wave will be the ones where the machine was wrong and said so beautifully. And “the computer told the customer they were covered” is going to prove the most expensive sentence anyone ever let an algorithm say.

The post The Lying Machine first appeared on I, Cringely.






Digital Branding
Web Design Marketing

15:07

NVIDIA unveils RTX Spark chip for laptops and desktop PCs [OSnews]

It was an open secret that NVIDIA was working on an ARM-based system-on-a-chip for laptops and desktops, and today at Computex 2026 the company unveiled what it’s been working on. It’s surely a beast, and unsurprisingly, it’s lathered in “AI” buzzwords.

At full strength, this chip offers up to 20 Arm CPU cores, a Blackwell GPU with 6,144 CUDA cores, 128GB of LPDDR5X RAM, and up to 300 GB/s of memory bandwidth. That powerful CPU and GPU, connected over NVLink C2C, and the large memory pool give AI agents and 120-billion-parameter models plenty of power and space for long-running tasks with context lengths stretching to a million tokens, according to Nvidia.

RTX Spark will power high-end laptops from partners including Dell, HP, Lenovo, Asus, and MSI — and notably, a new Surface Ultra laptop from Microsoft. Nvidia says it’s worked with those partners to create “the most extraordinary laptops [they’ve] ever built,” with tandem OLED G-Sync displays, “all-day” battery life, premium aluminum chassis with large glass touchpads.

↫ Jeffrey Kampman at Tom’s Hardware

I couldn’t care less about the “AI” nonsense, but the chip itself seems like an absolute monster for laptops and mini PCs. With that much power and a solid NVIDIA GPU, these are also great for gaming and creative tasks, making them feel like the first true competition in the PC space to Apple’s M series of chips. They’re planned for late 2026, and tellingly, there’s no pricing information just yet.

14:35

14:28

Link [Scripting News]

There's so much I dread about the progress of AI, but nothing I say could possibly make a difference, and we aren't even that deep into it yet. This is the feeling I get every time I stop and think about it.

14:21

You don’t love systemd timers enough [OSnews]

My favorite metonymic technology term is “cron job”: even though cron may not literally be the daemon that executes actions on a schedule, we apply the term to anything that walks like a cron and quacks like a cron. As Patrick McKenzie likes to point out, cron jobs are one of the most eminently useful computing primitives. They offer utility that’s almost immediately obvious for plenty of use cases that almost everybody has: do this every day; do that once a month.

And yet. You probably shouldn’t use literal cron (or its more modern cousins) for scheduled tasks! In 2026 there are more modern options available, and my favorite is the humble systemd timer. I love systemd timers. If you don’t love them yet, maybe I can show you the reasons why you should love them, too.

↫ Tyler Langlois

These are just timers. They are not consuming your computer or taking over the open source world. They do not phone home to Red Hat. These are just timers.

13:42

Link [Scripting News]

They should teach every chatbot to never give the user an order.

SaaS Is Not Dead Yet [Radar]

With the rise of agents, many people have been proclaiming that the age of software as a service (SaaS) is over. Who needs to subscribe to a service when you can create your own software with a few English-language prompts and a few dollars spent on tokens? Your own software, most likely a skill that runs in an agent, will have exactly the features you want: no more, no less.

But whenever someone talks about the death of SaaS, there’s something wrong with the picture. It’s simply that work is about groups and teams, and so far, programming with agents is about individuals. A related challenge is that SaaS companies are good at building dashboards and generating reports for humans, but agents need the raw data, not a representation of the data.

Think about the teamwork required for a good sales team. Someone needs a database to keep track of their customer info. It’s easy to get Claude, Gemini, or GPT to build that, using SQLite for a backend and putting a reasonable web frontend on it. You could also do that fairly quickly with Ruby on Rails, but AI makes it even easier. But what about the salesperson at the next desk? She needs similar CRM software, and she can create it with Claude, Gemini, or GPT. No problem. But it won’t be exactly the same; it will reflect her needs and preferences. Soon you have a team of salespeople in which everyone has their own personal CRM. They’re all similar, but slightly different. They may use different backends (Filemaker, SQLite, MySQL, or maybe a corporate Oracle instance); they have similar-but-slightly-different schemas (one has a single field for customer address, another has separate street, city, state, and country fields); and they don’t interoperate.

That’s the simplest possible case. How do you generate company-wide reports if everyone has their own version of the data? How do you know if you’re succeeding or failing if everyone on the team has their own version of the metrics? Everyone has become their own silo.

The company is not paying subscription fees to a vendor like Salesforce, but is this really progress? If anything, we need to make sharing data and metrics easier, not more difficult. On top of that, a product like Salesforce has hundreds of features. Most people don’t need most of them, but there’s a good chance that almost everyone needs one feature that nobody else needs. And there’s always the features you don’t know you need, ways to get value from data that you haven’t thought of. There’s value in buying a bundle that goes beyond your immediate requirements.

There’s certainly a lot good about enabling people to develop their own tools. I guarantee that if we had Claude Code 30 years ago, I would have vibe-coded my own skills for managing the authors I was working with. I would have vibe-coded some of the crazy tools I wrote to translate from one document format to another. (WordPerfect to troff? Why?) Now that we have agentic programming, I may never write my own tools again. But the SaaS scenario highlights something missing from the agentic picture. We don’t have tools for sharing or collaboration. Nobody buys a Salesforce subscription for themselves. It’s a departmental or corporate resource, shared between many people. And the ability to share easily is precisely what agentic programming lacks. I’ve built some of my own Claude tools and skills, but it’s very difficult to share them with other people at O’Reilly. ChatGPT Skills for Business and Enterprise hints at the ability to share skills among team members and some ability to generate them collaboratively, though it’s hard to find evidence that it delivers. I think we’re seeing a symptom of technological overreach. It’s easy to assume something is “easy” when it isn’t: “You just generate a .md file and put it in the corporate GitHub.” That process has a lot of friction, particularly for users who aren’t technical.

To make skills really useful across a company, we need:

  • Sharing. This can be a Git server that’s registered as a private marketplace and then configured via a corporate administrative dashboard. Publishing skills to the marketplace would remain the province of Git-aware users, and that’s a problem.
  • Requirements. We don’t want everyone to build a personal toolset; that’s the problem we’re trying to solve. How do you resolve differences between users who want slightly different things? What does the PRD for a skill look like?
  • Collaboration. Aside from Google Docs, the current state of widely used collaboration tools is poor. Suffice it to say that working on different branches of a Git repo and merging changes may work for professional programmers, but not for anyone else.
  • Testing. Tests and evals for agents (related, but not the same) are topics that we don’t yet understand well. But if you’re going to empower users to use and create agentic tools for creating projections and writing reports, you need to know they won’t backfire. Skills also behave like any other AI application: They drift over time. Even after they’re published, they need to be evaluated regularly to see if they still perform correctly.
  • Versioning. Like any software—and we need to recognize that agentic tools and skills are software, even if they’re written in English—it will be important to update them as requirements change and as LLM behavior drifts. It’s important to keep track of versions and for users to update their skills to the latest version easily. Again, this is a matter of wrapping Git appropriately for nontechnical users.
  • Security. Security for intelligent agents is still poorly understood. We know about prompt injection, but we also know that it’s a problem that can’t be solved yet. And attackers are still finding novel ways to inject malicious prompts. What vulnerabilities might agentic skills and tools have if they can access corporate data?

While the democratization of programming doesn’t threaten SaaS companies, intelligent agents pose a deeper challenge. In “The Salesforce of Agents Won’t Be Salesforce, the Google of Agents Won’t Be Google,” Jesus Rodriguez points out that the future for services like Salesforce and Google isn’t web UIs and dashboards; it’s APIs that are designed for agents. These APIs require a different kind of data: not something that a human can glance at to get a quick feel for what’s happening, but “structured state, task objectives, relationship graphs, permissioned memory, machine-readable sales playbooks, and reliable APIs for updating intent.” Humans need the data compression that you get from a dashboard. Agents want the data itself, and they’ll take care of the compression. SaaS companies can become the system of record that is responsible for delivering accurate data. What they need to recognize is that their real customer may not be a human user; the customer will be an agent, and that will affect everything from marketing strategy and product design to pricing.

I wouldn’t claim that Salesforce or Google can’t or won’t build APIs to help companies access their own data. SaaS remains relevant, but it’s a different kind of SaaS than we have now. Companies like Salesforce know what data is available and how to work with it. Designing and building the data infrastructure that’s needed to provide next-generation SaaS isn’t trivial, and doing the programming in English rather than C++ doesn’t make it easier. Companies like Salesforce and Google know what needs to be built. They’re likely to offer their own collections of agentic skills as a starting point, alongside APIs. But large, established companies are ripe to be blindsided if they move slowly—and it’s difficult for large institutions to move quickly.

SaaS companies have momentum—or inertia, which to a physicist is the same thing. They have to change, but they aren’t threatened by AI, agents, and user-defined skills. Providing APIs that have been designed to provide data in formats that machines can use should be an obvious next step. If they die, it will be because they don’t adapt. But there’s nothing new about that.

Let's Be Facebook! [The Daily WTF]

The real WTF is that our long-time friend and submitter Argle failed to dissuade all three of his sons from pursuing IT careers of their own:

Back circa 2012, my three sons all got jobs at a company that had a brilliant web project. So brilliant that it had the support of a Disney VP, the mayor of the city, and other VIPs. At one point, my sons asked to borrow money to invest in the project. They are good boys (one is now a senior developer with Proctor & Gamble), so I backed them.

A year later, the project was released late, over budget, and not fully functional.

Facebook dislike

My boys convinced the CEO to bring me in to fix things. I fixed things. In that time, I found out they had taken bids on the project. Bids were nominally $15,000, some higher, some lower, of course. All but one group that had bid $5,000. Their plan? Hire some programmers in India for $8/hour and pocket the money without having to do work themselves.

Costs had shot well over $35,000 before I was brought in.

After I got the system working, I went to one of the weekly general standups for the company. The CEO walked in and said something like, "I just learned that Facebook was written in PHP. I think we should rewrite the whole project in PHP. That's what we really need to do."

And thus the decision was made.

A meeting was held the next day to discuss how long it would take to remake the project in PHP instead of C#. Bear in mind, a year and a half had been thrown into making the project thus far.

Going around the table, everyone said between 2 and 3 weeks. There was one other programmer in the company who had exactly 2 months of work experience; he simply parroted what the others had said before him. There was also the general contractor who leased the building to the company. He was involved with the project, and was second-to-last to speak. I fully expected this contractor to have more sense. He came in at 3 to 4 weeks.

My mouth dropped open.

It was my turn. You know those psych tests where you get someone who acts sensibly when alone, but conforms with the rest of the crowd when there's more than one? I'm simply not that guy. I said, "Those are absurd estimates! This will take a minimum of 5 months before it's in beta stages and not ready for public consumption for another couple more months."

The next day, I got a call telling me my services were no longer needed because "I wasn't forward-thinking enough for the company."

My boys stayed on another year, so I got regular reports on the "upgrade." Sure enough, just shy of 8 months later, the new system went live.

As they say, the most experienced person will be the one to accurately tell everyone that it will take longer and cost more than everyone else says.

Anyone else have their own intergenerational WTFs? Please share in the comments!

[Advertisement] Keep all your packages and Docker containers in one place, scan for vulnerabilities, and control who can access different feeds. ProGet installs in minutes and has a powerful free version with a lot of great features that you can upgrade when ready.Learn more.

12:56

Link [Scripting News]

At what point will companies start using AI to communicate with customers? Who will be the first to show everyone else how to do it? Amazon taught the world how to do commerce over the web. When will users expect their vendors to use AI to simplify shopping, buying, returning? Right now, I don't think most companies realize they can do business differently with people. In my humble opinion that's when the boom will come.

Is Bluesky on the web? [Scripting News]

Is Bluesky on the web? Yes, to an extent. I can post the url of an item I wrote on Bluesky, using an HTML link. That is how the web works. First you're on my blog, or reading it somewhere else where my blog is projected, via RSS. Then you click an anchor element, and you're instantly transported to Bluesky, to the specific place where my post is stored. In less than a second you're reading the thing I referenced. That's the web, right there.

But it doesn't work the other way. They love it when you send people to their site, but not so much if you want to send them away. Sending people away is a sensitive concept to Bluesky's investors. Why would you do that? This is not a new point where the web and silos disagree. The web says "let them go" and the silos ask "do we look like idiots?"

But they will support the web in both directions if they are forced to by competition or user expectations (pretty much the same thing). That's why podcasting remains unsiloized after over 20 years. If people expect choice, they won't use clients that don't make it easy to switch.

12:49

11:28

Grrl Power #1465 – Trope police [Grrl Power]

It’s hard to see, but there is a door behind Dabbler’s little drafting table, if you need to know where Anvil came from. Anvil obviously can’t teleport or anything, but her Sergeant Sense was tingling. It’s been a low buzz ever since Sydney became one of her subordinates. Dabbler isn’t really one of her direct reports, but she definitely raises the chaos floor, and Maxima has fully authorized Anvil to whoop Dabbler if she’s getting truly out of control.

I’m personally not into the femdom thing… though I don’t know if it’s really femdom when it’s two women. I guess that’s lezdom. In any case, it’s safe to say that Dabbler has most reasonable fetishes. The word “reasonable” admittedly doing some heavy lifting there, as a succubi’s tastes would be considered quite extreme by most people. Their fetishes have both breadth and depth, but usually have hard cut-offs at the fringes. What I’m saying is that there’s plenty of stuff on the Terran internet that Dabbler has seen and gone, “Yeah, I don’t get it.” I won’t give any examples, you’re all “internet worldly.” But we’ve all seen stuff that 1, we’re confused that there’s any sort of audience for, and 2, that there’s someone so into that very specific, particular thing that they took, in some cases, a lot of time to create it and put it out there.

Dabbler did change her top since the last page (or really just glamored up a different design – presumably she’s just enough clothes most of the time so that if her glamor is somehow disrupted, Maxima won’t yell at her, and she changes the style whenever the whim strikes her) because I had the pencils of her in that top panel sitting around from some other picture I’d started but hadn’t found a use for. I just liked the scoop neck that shows off the inside semi-underboob if you get the angle just right.

Sexy bodymod news lady Gail has a special one-on-one interview with Tournament Quarter finalist Saraviah Nightwing! And if you subscribe to Gail’s Space Patreon, (which, due to the vagaries of Earth and Gal-Net’s DNS servers, happens to be the same as the Grrl Power Patreon, go figure) you can see that same interview in the nude! Well, eventually. The nude part of the interview, as well as the version that includes shading will be coming soon. Of course, you can view the interview in the nude now if you take your own clothes off. You know. Technically. Just put a towel on your chair first.

 

Double res version will be posted over at Patreon. Feel free to contribute as much as you like.

10:49

10:42

Pluralistic: Molly Crabapple's 'Here Where We Live Is Our Country' (01 Jun 2026) [Pluralistic: Daily links from Cory Doctorow]

->->->->->->->->->->->->->->->->->->->->->->->->->->->->-> Top Sources: None -->

Today's links


The cover for the Penguin Random House edition of Molly Crabapple's 'Here Where We Live Is Our Country.' It features one of Crabapple's distinctive watercolor paintings, depicting a woman carrying a red Jewish Bund banner in Yiddish, amidst a menacing crowd of her red-armband-wearing comrades.

Molly Crabapple's 'Here Where We Live Is Our Country' (permalink)

Molly Crabapple's Here Where We Live Is Our Country is one of the most important, timely and salient works of history I've ever read. It's a history of the Jewish Labor Bund, a socialist, internationalist organization that once dominated Jewish political identity:

https://www.penguinrandomhouse.com/books/646320/here-where-we-live-is-our-country-by-molly-crabapple/

In the late 19th and early 20th centuries, there were hundreds of thousands of Bund members, both in the Pale of Settlement (the rural regions of the Russian empire that the Tsar confined most Jews to) and in diasporic centers like New York City. The Bund played an important role in the Russian Revolution and in the resistance to the rise of European fascism, and fought valiantly in the antifascist underground guerrilla bands in Nazi-occupied territories.

Despite this faded prominence, the Bund is all but unknown today. I was only vaguely aware of it, even though I attended seven years' worth of Yiddish classes at the Workmen's Circle, a Bund-originated socialist fraternal organization, and was bar-mitzvahed at a Workmen's Circle hall. It wasn't until I read about the Bund in Naomi Klein's essential 2023 book Doppelganger that I first caught a glimmer of its significance:

https://pluralistic.net/2023/09/05/not-that-naomi/#if-the-naomi-be-klein-youre-doing-just-fine

The thesis of Doppelganger is that the world is full of "mirror world" pairs with opposite political valences. For example, the mirror world version of the health justice movement is MAHA. Both MAHA and health justice share many commonalities (such as a skepticism of Big Pharma and its captured regulators), but arrive at totally different conclusions. Health justice demands universal access to medical care, compulsory licenses and patent reform for life-saving medicines, and systemic interventions to address discrimination against gender minorities, women, and racialized people. MAHA starts from the same diagnosis, but arrives at a totally different prescription: "eating clean," buying unregulated supplements from grifters, rejecting vaccines, attributing chronic health problems to personal moral failings, along with a conspiratorial rejection of life-saving medication.

Mirror worlds are everywhere. One chapter of Klein's work deals with the "mirror worlds" of Jewish identity and what radical Jews once called "the Jewish question":

https://ernestmandel.org/english/works/Jewish-Question-Since-World-War-II

In the 19th century, antisemitism was often described as "the socialism of fools." In the real world, we observe the dominance of parasitic finance capital over productive labor and embark upon a great class struggle to seize the means of production. In the mirror world, antisemites observe this same fact, combine it with the fact that some of these bankers are Jewish, and embark on a genocidal program of antisemitic violence.

But antisemites weren't the only mirror-world pairing with a view on "the Jewish question." Early 20th century Jews also lived on either side of the political looking-glass. On one side, you had the Bundists, whose motto (and the title of Crabapple's book) was "Here, where we live, is our country." For Bundists, Jews belonged everywhere Jews were. As the Jewish socialist Meyer London wrote, "Thousands of Jewish boys and girls pray to God not to lead them again out of Egypt, but to help them free Egypt."

The Bund saw its struggle as just one aspect of the universal struggle for liberation. They understood that persecuted minorities everywhere labored under the double bind of racist and class oppression (and further, that women labored under gender oppression), but they also understood that these identity markers were tactical facts about how these workers should set about freeing themselves.

They didn't mistake identity for a strategic difference: the goal was always universal liberation, and the reason to consider identity-based oppression was to ensure that every comrade was brought along in the struggle. As Crabapple writes, the Bund more-or-less invented intersectional analysis, and they practiced it with an eye to all the struggles of the world. Bund newspapers (even those published by the Bund underground in the Warsaw Ghetto) closely tracked the struggles of Black workers in the Jim Crow south, just as the Black radical press of the day reported closely on antisemitic lynchings in Europe. The Bund underground even managed to send telegrams of support to Gandhi from Nazi-occupied Poland.

On the other side of the Jewish mirror was (of course) Zionism. Zionism and the Bund were founded in the same year, in response to the same events. The Bund was founded in secret by exiled radical Jews in Vilna whom the Tsar had banished for their resistance activities. Zionism was founded in Geneva by Theodor Herzl, who sheltered Jews who had fled Tsarist Russia to escape antisemitic violence.

Where the Bund called for universalism and solidarity with all workers to keep Jews safe in every place where Jews lived, Zionists dreamed of a Jewish homeland, a stronghold to which Jews could retreat from the world. Where the Bund fought antisemites who would banish or exterminate Jews, Zionist leaders were willing to align themselves with antisemites, finding common cause in the idea that European Jewry should abandon Europe in favor of Palestine.

Indeed, the Balfour Declaration – which established a plan for the UK handing over its occupied territories in Palestine to create a Jewish homeland – was fomented by vicious antisemites as part of a plan to ethnically cleanse the UK of all Jews:

https://www.palestine-studies.org/en/node/232119

As Crabapple documents in detail, in the ensuing decades of struggle that followed, Zionist leaders repeatedly entered into alliances with antisemitic politicians, even those who presided over (and sometimes directed) campaigns of racist terror against Jews. Despite their mutual hatred, they shared a common goal: terrorizing Europe's Jews out of Europe and into Palestine.

Meanwhile, Bundists never wavered from their rejection of antisemites. In the Bundists' socialist, internationalist program, the pursuit of a Jewish homeland merely dangled the possibility of Jewish liberation – at the expense of Palestinians, and without having anything to offer to all the other oppressed peoples of the world.

While I discovered the Bund through reading Naomi Klein, many others learned about it from Crabapple's widely circulated 2018 New York Review of Books article, "My Great-Grandfather the Bundist":

https://archive.is/20260518010455/https://www.nybooks.com/online/2018/10/06/my-great-grandfather-the-bundist/

Predictably, Crabapple's article provoked attacks from Zionists who told Crabapple they blamed the Bund for its own extermination. In their telling, the Bund's stubborn refusal to confront antisemitism as "history's oldest hatred" was a suicidal delusion that led their members into the Nazis' mass graves.

But for many Jews, Crabapple's article was a revelation about a different way to be Jewish, an identity that rejected the Apartheid state of Israel (South African Apartheid and the state of Israel share a birth year, and Apartheid South Africa and Israel carried on a robust program of mutual trade in arms and surveillance tools):

https://imeu.org/resources/key-issues/fact-sheet-an-overview-apartheid-south-africa-israel/275

This revelation only gained salience and prominence after October 7, 2023, when Israel responded to a massacre perpetrated by Hamas by embarking on a years-long program of genocide and extraterritorial aggression. Zionists have defended these crimes against humanity as inseparable from Jewish identity and the only plausible answer to "the Jewish question."

Israel's defenders insist that even naming the genocide in Palestine (let alone opposing it) is inherently antisemitic. Ironically, Israel's loudest cheerleaders are the millions of antisemitic evangelical Christian Zionists who vastly outnumber Jewish Zionists, who support Israel in hopes of bringing about a Biblical prophecy in which Christ returns and every Jew is cast down to Hell.

In the years since, Crabapple's work to revive the Bund has only gained adherents, especially among Jews who refuse to accept that their safety can only be secured through mass slaughter and imperial conquest. Crabapple's response to this burgeoning movement is this book, a massive, heroic, brilliant, and pitiless history of the Bund that proposes its own answer to "the Jewish question."

Beyond its political importance, Here Where We Live Is Our Country is a remarkable scholarly and artistic achievement. Crabapple taught herself to speak and read Yiddish so that she could consume primary sources, and she crisscrossed the globe to see and research the key sites of Jewish oppression and the Jewish liberation struggle.

It's a monumental book. Thanks to Crabapple's voluminous research, Here Where We Live delivers a blow-by-blow look at the Bund's rise and its triumphs, but even more importantly, the tactical disagreements, factional disputes, and personal animus that too often snatched defeat from the jaws of victory for these committed revolutionaries.

At times, Crabapple's tick-tock of these fights seems to embody the wry maxim: "Two Jews, three arguments." But the point of all this nuanced, textured detail isn't to rehash the tittle-tattle of the previous century, nor is it to show off Crabapple's prowess as a researcher. Rather, in rehearsing these fights, Crabapple shows how reasonable these disputes seemed at the time, and how terrible the consequences were for all concerned.

In this mode, Crabapple manages the admirable achievement of being both sympathetic and pitiless. Crabapple, after all, is a veteran political activist who has traveled extensively to active war-zones to document atrocities and offer mutual aid to those fighting for justice. She's endured every failure that radical politics can manifest, sat through every kind of bad meeting, and she recognizes in these disputes the same personalities and personal failings that have broken her heart a hundred times. She understands why these people are this way – but she can also see, with perfect hindsight, the ghastly horrors that followed, which swamp any matter of principle these people might have stood on.

There's plenty of this sympathetic pitilessness to go around, and it's not just the Bund or Jews who come in for it. Every factionalist blunder in pre-Revolutionary Russia, in the Soviet Union, in interwar Poland, and in occupied Poland comes in for examination – as do every imprisonment, maiming, rape and death that these blunders opened the door to. Crabapple's heroes are principled, but they are imperfect, and sometimes foolish, and sometimes self-deluding (for example, the Palestinian leader who insists that his rank-and-file fighters want to establish a multi-ethnic democracy, despite the undeniable presence in their number of people who want to banish all Jews from Palestine).

The twentieth century was a charnel house, and so the cost of these mistakes is high. Often, these mistakes lead to mass graves, with these mistake-makers tangled among the bodies. They never had the chance to learn from their mistakes. But, through Crabapple's work, we might.

It is in the postscript to this book that its true message lands. After 480 pages, we arrive at Crabapple's conclusion. In reflecting on these people, who died in their millions and whose memory was all but erased, she asks, "Did the Bund fail?"

Her answer is a resounding no. The Bund lost, but it did not fail. The Bund was failed, as were the Zionists, the Roma, European socialists, disabled and queer people – everyone the Nazis burned, gassed, or buried alive. These people cried out to the rest of the world – to America, to Canada, to the UK, to all the places that were not under Nazi occupation – and begged for help, for safe passage, for rescue.

The world slammed its doors. Even after they joined the war, they refused to admit Jews and other victims of Nazi genocide. They refused visas, closed borders, turned back boats of escapees, sometimes sending them back to occupied Europe to be slaughtered.

In his review in the New York Review of Books, historian Adam Hochschild writes:

Imagine that the United States had not passed the Immigration Act of 1924, which essentially slammed the door on almost all newcomers for more than forty years. Without it, Jewish immigration to the US would surely have soared during the 1920s and 1930s. Some 2.5 million Jews, most of them hoping for a better life than they had in tsarist Russia, had already come here between 1880 and 1924. Then, even in the decade before Hitler took power, Jews still had many reasons to leave Europe. Poland, whose Jewish population of 2.8 million was the continent’s largest, was a cauldron of antisemitism between the wars, with outbreaks of deadly violence, segregated seating and de facto quotas in many universities, and numerous other humiliations.

https://www.nybooks.com/articles/2026/05/28/a-dream-of-a-socialist-commonwealth-the-jewish-bund/

No one who's paid attention during this century's xenophobic policies and attacks on refugees can fail to see the parallels. And no one who's paid attention to the genocide in Gaza and the official response in the "free" world to Palestinian solidarity movements can fail to see those parallels, either.

For the Jews who are told – by Zionists, including the millions of American gentile Zionists who outnumber Jewish Zionists 30:1 – that all this is being done for us, that our continued existence requires it, Crabapple's history of the Bund shows us what's on the other side of the mirror. As NYT editor Max Strasser writes in his review of Here Where We Live:

[The Bund was] the kind of movement leftists today dream about — political party, social movement, mutual aid group — with tens of thousands of members. The Bund published newspapers and ran soup kitchens and summer camps; its athletes competed in a socialist version of the Olympics. Bund activists organized across Eastern Europe and beyond — they helped elect a congressman on the Lower East Side.

https://www.nytimes.com/2026/04/06/books/review/here-where-we-live-is-our-country-molly-crabapple.html

The politics we dream of isn't a fantasy. It's the politics our grandparents lived – a politics that wasn't lost, but rather, erased. Erased by Nazis and Stalinists, who committed wholesale slaughter of Bundists. But that politics was also erased by Zionists, who swept through the Displaced Persons' camps of post-war Europe, imposing a draft on the Jews who'd been penned in those stinking camps by a world that refused to welcome Jews, even after the horrors of the death-camps were widely known. Zionists bullied and coerced these Jews – including Bundists who rejected their cause – to serve as foot-soldiers in the Israeli army, even beating elderly parents until their sons and daughters agreed to fight.

Bundists always rejected all forms of ethno-nationalism. As Jews, they had lived in the violence and oppression that always attended every ethno-nationalist program. They never imagined that Israel would escape this fate. As the Bundist leader Henryk Erlich wrote in 1933: "We are not a chosen people. Our nationalism is just as ugly, just as harmful as the nationalisms of all the other nations."

Crabapple has done heroic and important work in excavating this history. She has vindicated the sacrifices made by the Bundist archivists who smuggled their papers out of Nazi occupation and gave their lives to ensure that some day their story could be told.

In so doing, she has also vindicated her own great-grandfather, Sam Rothbort, a Bundist who fled the Pale of Settlement for New York City, whose art-practice traveled to Crabapple through her mother, who is also a painter. It wasn't just the art-practices that traveled – it was also the art, and it was one of Rothbort's paintings ("Itka, the Bundist," depicting a girl throwing a rock through a window) that set her on this journey.

This volume is also graced by Crabapple's own art, stark monochrome ink-washes in her characteristic style, which bring these long-dead people to vivid life. They're a reminder of the role that culture plays in every radical movement, of the ways that the Bund welcomed its members to live a radical life through sport and song and picnics, and not just meetings and street-demonstrations.

Even before this book, Crabapple had made a mark through her paintings and writings. But with Here Where We Live Is Our Country, Crabapple has given us a magnum opus, a book that might help us turn the tide of history.

Hey look at this (permalink)


A shelf of leatherbound history books with a gilt-stamped series title, 'The World's Famous Events.'

Object permanence (permalink)

#20yrsago Sign a letter supporting the BBC’s online archive https://web.archive.org/web/20060704182401/http://www.freeculture.org.uk/letters/CreativeArchiveLetter

#20yrsago Home chemistry under assault https://web.archive.org/web/20060603021709/http://wired.com/wired/archive/14.06/chemistry_pr.html

#20yrsago Cliches to avoid when writing about women and video-games https://web.archive.org/web/20060704223941/http://www.richardcobbett.co.uk/codex/clicktoread/filingcabinet/writing_a_girls_in_games_article/

#20yrsago JPEG patent invalidated https://web.archive.org/web/20060613015757/http://www.pubpat.org/Chen672Rejected.htm

#20yrsago SF story about AI-human love https://www.salon.com/2006/05/30/perfect_man/

#15yrsago Sensation: Acerbic novel about pop culture and popular madness as functions of parasitic manipulation https://memex.craphound.com/2011/05/30/sensation-acerbic-novel-about-pop-culture-and-popular-madness-as-functions-of-parasitic-manipulation/

#15yrsago Every Pirate Wants to Be an Admiral: why less copyright gets you more culture https://www.theguardian.com/commentisfree/video/2011/may/30/internet-piracy-cory-doctorow

#15yrsago Social incentives vs economic incentives in crowdsourced work https://web.archive.org/web/20110602184500/https://blog.crowdflower.com/2011/05/designing-incentives-for-crowdsourcing-workers/

#15yrsago Painful workarounds from computer novices https://www.reddit.com/r/AskReddit/comments/hmlmd/what_is_the_most_painful_way_you_have_seen_your/

#10yrsago To imagine the ocean of the future: picture a writhing mass of unkillable tentacles, forever https://web.archive.org/web/20160530145354/https://arstechnica.com/science/2016/05/octopuses-may-indeed-be-your-new-overlords/

#10yrsago When Brad Birkenfeld blew the whistle on UBS, the US government paid him $104M and sent him to jail https://web.archive.org/web/20160602152611/http://fullmeasure.news/news/politics/the-whistleblower-05-23-2016

#10yrsago The last time there were this many unsold $100M+ homes on the market, the world economy imploded https://web.archive.org/web/20160529040314/https://www.nytimes.com/2016/05/29/business/a-worrisome-pileup-of-100-million-homes.html

#10yrsago David Foster Wallace’s essays on tennis, finally collected between one set of covers https://www.csmonitor.com/Arts-Culture/Books/2016/0530/String-Theory-gathers-the-brainy-witty-tennis-writing-of-David-Foster-Wallace

#10yrsago United Arab Emirates hacked UK journalist https://citizenlab.ca/research/stealth-falcon/

#10yrsago Internet economics 101: “bandwidth hogs” considered harmless https://web.archive.org/web/20160530155601/https://arstechnica.com/tech-policy/2016/05/should-broadband-data-hogs-pay-more-isp-economics-say-no/

#20yrsago JPEG patent invalidated https://web.archive.org/web/20060613015757/http://www.pubpat.org/Chen672Rejected.htm

#20yrsago SF story about AI-human love https://www.salon.com/2006/05/30/perfect_man/

#15yrsago Sensation: Acerbic novel about pop culture and popular madness as functions of parasitic manipulation https://memex.craphound.com/2011/05/30/sensation-acerbic-novel-about-pop-culture-and-popular-madness-as-functions-of-parasitic-manipulation/

#10yrsago To imagine the ocean of the future: picture a writhing mass of unkillable tentacles, forever https://web.archive.org/web/20160530145354/https://arstechnica.com/science/2016/05/octopuses-may-indeed-be-your-new-overlords/

#10yrsago When Brad Birkenfeld blew the whistle on UBS, the US government paid him $104M and sent him to jail https://web.archive.org/web/20160602152611/http://fullmeasure.news/news/politics/the-whistleblower-05-23-2016

#10yrsago The last time there were this many unsold $100M+ homes on the market, the world economy imploded https://web.archive.org/web/20160529040314/https://www.nytimes.com/2016/05/29/business/a-worrisome-pileup-of-100-million-homes.html

#10yrsago David Foster Wallace’s essays on tennis, finally collected between one set of covers https://www.csmonitor.com/Arts-Culture/Books/2016/0530/String-Theory-gathers-the-brainy-witty-tennis-writing-of-David-Foster-Wallace

#10yrsago United Arab Emirates hacked UK journalist https://citizenlab.ca/research/stealth-falcon/

#10yrsago Internet economics 101: “bandwidth hogs” considered harmless https://web.archive.org/web/20160530155601/https://arstechnica.com/tech-policy/2016/05/should-broadband-data-hogs-pay-more-isp-economics-say-no/

Upcoming appearances (permalink)

A photo of me onstage, giving a speech, pounding the podium.


A screenshot of me at my desk, doing a livecast.

Recent appearances (permalink)


A grid of my books with Will Stahle covers..

Latest books (permalink)


A cardboard book box with the Macmillan logo.

Upcoming books (permalink)

  • "The Reverse-Centaur's Guide to AI," a short book about being a better AI critic, Farrar, Straus and Giroux, June 2026 (https://us.macmillan.com/books/9780374621568/thereversecentaursguidetolifeafterai/)

  • "Enshittification, Why Everything Suddenly Got Worse and What to Do About It" (the graphic novel), Firstsecond, 2026

  • "The Post-American Internet," a geopolitical sequel of sorts to Enshittification, Farrar, Straus and Giroux, 2027

  • "Unauthorized Bread": a middle-grades graphic novel adapted from my novella about refugees, toasters and DRM, FirstSecond, April 20, 2027

  • "The Memex Method," Farrar, Straus, Giroux, 2027


Colophon (permalink)

Today's top sources:

Currently writing: "The Post-American Internet," a sequel to "Enshittification," about the better world the rest of us get to have now that Trump has torched America. Third draft completed. Submitted to editor.

  • "The Reverse Centaur's Guide to AI," a short book for Farrar, Straus and Giroux about being an effective AI critic. LEGAL REVIEW AND COPYEDIT COMPLETE.

  • "The Post-American Internet," a short book about internet policy in the age of Trumpism. PLANNING.

  • A Little Brother short story about DIY insulin PLANNING

This work – excluding any serialized fiction – is licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.

https://creativecommons.org/licenses/by/4.0/

Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.

How to get Pluralistic:

Blog (no ads, tracking, or data-collection):

Pluralistic.net

Newsletter (no ads, tracking, or data-collection):

https://pluralistic.net/plura-list

Mastodon (no ads, tracking, or data-collection):

https://mamot.fr/@pluralistic

Bluesky (no ads, possible tracking and data-collection):

https://bsky.app/profile/doctorow.pluralistic.net

Medium (no ads, paywalled):

https://doctorow.medium.com/

Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):

https://mostlysignssomeportents.tumblr.com/tagged/pluralistic

"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla

READ CAREFULLY: By reading this, you agree, on behalf of your employer, to release me from all obligations and waivers arising from any and all NON-NEGOTIATED agreements, licenses, terms-of-service, shrinkwrap, clickwrap, browsewrap, confidentiality, non-disclosure, non-compete and acceptable use policies ("BOGUS AGREEMENTS") that I have entered into with your employer, its partners, licensors, agents and assigns, in perpetuity, without prejudice to my ongoing rights and privileges. You further represent that you have the authority to release me from any BOGUS AGREEMENTS on behalf of your employer.

ISSN: 3066-764X

10:28

Rethinking famous college admissions [Seth's Blog]

Even if you’re not applying, this thought experiment gives a glimpse into how the world is about to be rewired.

The top 10 most selective colleges in the US admit about 5% of those who apply. They’re not selling education as much as a label, a rare chance for someone to slot themselves into a category in our economic and cultural hierarchy.

If all the famous schools wanted to do was be elite, they could use a formula–grades plus SAT plus something–and algorithmically draw a line and pick everyone over that line.

But it’s more complicated than that.

First, they want to find some sort of balance, to create a reasonably diverse group of backgrounds that coalesce into a community. They don’t want 100 kids from the same high school…

Second, they have special cases, many of which they don’t want to talk about in public, involving alumni, outgroup dominance considerations, and sports, which in many cases can count for as much as 50% of the incoming body.

Third, they use variable pricing, with many students ultimately paying different tuition. Few can afford to be fully need-blind in selection.

The end result is complicated, onerous and mostly a charade. 50,000 applicants coming into each institution cannot possibly be reviewed coherently or consistently. And uncertainty takes a toll, not just on the students, but the schools and their teams as well.

It’s expensive and time-consuming, and fraught with worry. The typical fancy college applicant applies to nearly ten schools. Some kids get into a few schools, some to none at all. And essays in the age of AI are now officially meaningless.

[I’ve written earlier that they should have two sorts of rejection letters. Half the people should get one saying that they simply didn’t get in. The other half should receive a letter saying that they were good enough to get in, but didn’t get lucky.]

This is what you’d invent if it were 1952.

If we rethink it, it might be more like this:

  1. Each applicant ranks the schools they apply to. That’s a forced ranking, and binding.
  2. The application is online and interactive. It shifts in real time based on the answers applicants give. I’d prefer we get rid of standardized testing, but I’d imagine some sort of asynchronous vetted skills testing can be referred to by the applicant.

    Sit down at 10 am on the day of your choosing, and all your applications will be done by 3 pm. Chaperones, video, and real-time snippets make it likely that the real applicant actually is the one engaging with the application.

    It’s easy to imagine that this is simply a digital form of the existing application, but it’s not. It works with the student, finding their strengths, asking follow-up questions, presenting them in the best light for their skill set. Get some math questions right and it will ask you some more. Talk about your work at the Fuller Center and it will dive deeper. It’s not adversarial; instead, it’s a scout and a coach.

    Even better, it’s not just one session–it’s a series of conversations, over time. And as a coach, the process can advise the student on their forced rankings, helping them reconsider preferences based on their interactions.
  3. The schools have to be very clear to the system about the balances they seek, the trade-offs they’re making and what’s important to them. This won’t be easy at first, because naming it is uncomfortable. In fact, this is the hardest part of the transition.

    [Hard indeed: Lawsuits will be an inevitable outcome. Discovery in the SFFA case against Harvard put the previously unrevealed rules into the record—the admission rates by legacy status and athletic skill. Naming the trade-off is what turns it into a lawsuit.]
  4. Then, on selection day, the AI system, which has read every single application, applies game theory and ranking to create the best possible allocation of seats, aid and students. The Gale-Shapley stable-matching algorithm is already used in medical residency placement. It leads to its own game theory implications, of course.

This shift saves money, reduces anxiety, is probably more fair. It’s auditable and improvable and uses far less time as well. It used to be impossible. Now that it’s not just possible but easy, the pressure falls on the constituents who’d prefer to avoid it.

Is it better to believe that you got into a famous college because of a mysterious, perhaps human, definitely flawed, and easily gamed system, or would we prefer a different sort of black box, one that puts data to work in a coordinated and prioritized way?

Systems change is difficult and unpredictable, and I’m not holding my breath. Just imagine, though, how many processes we live with now that will be rebuilt on top of widespread coordination.

09:14

My Father's House [Penny Arcade]

New Comic: My Father's House

08:42

Joe Marshall: Regression [Planet Lisp]

Last year I wrote some Lisp related AI apps. There was a syntax highlighter that used the LLM to determine how to colorize and highlight syntax, and a prompt refiner that takes a wimpy LLM prompt and creates more elaborate prompt from them.

I took the apps down last week. They were `vibe coded' and therefore approximate and had bugs (but that's to be expected), but they had a security hole where you could hijack the LLM processing with your own prompt turning my app into an open relay using my API key. Last week I discovered that my AI spend on video creation was becoming serious. This is odd because I never create AI video. It turned out that my app was being hijacked by a proxy in Luxembourg and was generating videos on my dime.

So I shut down the apps. I knew they had the potential of being abused, and I was willing to tolerate a small amount of abuse, but it didn't occur to me that syntax highlighter could be hijacked to generate gigabytes of video at my expense. Future applications will be careful to obtain the API key from the user.

05:35

05:21

Girl Genius for Monday, June 01, 2026 [Girl Genius]

The Girl Genius comic for Monday, June 01, 2026 has been posted.

03:28

kerosene keeps me warm [WIL WHEATON dot NET]

A couple weeks ago, I got fed up with my body feeling sore all the time because I’m not taking better care of it.

I mean, I eat well, I haven’t touched alcohol in almost 11 years, and I take pretty decent walks every day. But my muscle mass still hasn’t recovered from the seizure I had a couple years ago, no matter how regularly I lift weights and do moderate exercise. It’s demoralizing for me, as someone who was relentlessly bullied by my father for being skinny, picked on my kids at school for being uncoordinated, who always felt like he wasn’t enough.

If anyone is wondering how badly mistreating a child affects them, wondering how long the pain and the fear and the confusion and the sadness lasts, how it all persists regardless of how much success you have in your life, I’m almost 54. So.

Anyway. I woke up about two weeks ago, and everything hurt: my hips, my shoulders, the spot in my upper back where one of my vertebrae rotated during my seizure and stayed that way for five months. And just to spice things up, a raging headache.

I was, like, “hey, good thing I quit drinking so I never woke up feeling hungover again.”

I’m big on gallows humor.

When I get that physical pain, which isn’t clinically chronic pain, but is practically the same for me, it’s depressing. It’s infuriating. It makes me want to scream. I’m impatient, I’m irritable, and I do not like the person I am.

I dragged myself out of bed, counted that as a victory, and started my day. Coffee, granola, another coffee, my fiber because I’m punk as fuck, a long and considered moment in front of the Chemex as I talk myself out of the third coffee I know will be Officially Too Much Coffee For Wil.

While I was not having too much coffee (water, instead, because I’m a goddamn adult), I began looking at couch to 5K plans. I last did that in 2017 (my best time was 29:59) and I loved it. It really helped when I was living my life as a sober person for the first time, losing the bloat and unhealthy bleh that years of abuse had inflicted upon my body. It was pretty great, watching my body shed not just pounds but a lot of trauma and self-harm as I got stronger and felt more and more like I wasn’t a worthless piece of shit (I was never a worthless piece of shit, to be clear; Depression Lies and trauma is a bitch). When I finally did my race, and I pushed myself like hell for the last few hundred meters to get under 30 minutes, I felt like a warrior. Like, Worf would have been so massively proud of me.

I felt so good, so solid and present in my life, that it was absolutely devastating when I hurt myself one day (hurt my Old, if I’m being technical about it) while I was out, and had to limp home. It was, like, step, step, step, PAIN. My calf cramped up, and before I knew it, it ran up my hamstring and down into the bottom of my foot. I still don’t know how it happened, but I can remember what happened next. This was a over a year before I did weekly EMDR and CPTSD recovery work, so I had not yet handled my lingering anger … and I was fucking enraged. I was so furious that this thing I love, this thing that was helping me reclaim my body and my spirit from literal decades of pain and abuse and motherfucking functional alcoholism was stolen from me, literally yanked out from underneath my feet, while I was in the middle doing it. I didn’t do anything wrong, I thought, and I still got hurt. Jesus fuck, could that be more on the nose?

The incandescent anger I felt, the sense of being betrayed by my own body, the futility of doing anything because some fucking bullshit always fucks it up anyway and it’s never going to get any better … that was a lot.

But I didn’t give up right away. I did my best to work out the injury with massage and other forms of exercise. I just couldn’t get whatever I had injured to tell me what it needed, and neither could the doctors I saw about it. Eventually, I just resigned myself to never running again.

Then my friend, Jenna, who is just two years younger than me, started running marathons. I have lost count but I think it’s got to be close to 50 now? At first, I was envious, then I was inspired, but I was always afraid to take the risk and start again. Sure, it had been a couple years since I hurt myself, and I had done a massive amount of recovery and healing work. I worked on how angry I felt when I confronted my trauma, until I didn’t feel angry anymore. I reparented myself, and lived every day making a conscious effort to be the adult I always needed.

Yadda yadda yadda I got better. I am better. I still have bad days (this year has been so hard, with so much loss and grief), and I get through them. I have good days, even great days, and I don’t take them for granted.

So when I woke up a couple weeks ago and my everything hurt, and I went through my morning routine, I made a promise to myself to get serious about regular, moderate exercise. The big hurdle for me was feeling like I am worth it. After all these years, after all the therapy and all the work, I still struggle to put myself first, to take really good care of myself because there are people who love me who will be really sad if I don’t. (I’m working on being one of those people, but it’s still a struggle more often than it should be.)

I looked at half a dozen plans, and saw the things they all had in common. I deliberately chose the easiest, slowest, you-haven’t-done-shit-in-years plan, set the intervals in my watch, walked out the door, and got started.

My first week of training was so fun! I started out doing 30 seconds of jogging and a minute of walking, for 20 minutes. The first day was easy and fun. The second day, the first half block felt like I was running through molasses before I broke free and settled in. I discovered that Keep Me Fed, by The Warning, was a fantastic companion album for my session. The rest of the week was an absolute joy. I felt accomplished and excited.

I was out for my first run in week two, doing 60 seconds of jogging and 90 walking, almost finished with my penultimate interval. I turned down my street. Step, step, step, PAIN. The exact same thing that happened before.

Are you fucking kidding me? What the actual fuck, Wil’s Body?

I stopped. I breathed. I grabbed a nearby pole and gently stretched my calves and hamstrings. I massaged my leg. Nothing worked. I limped home.

I was so incredibly disappointed, so bummed out, but I wasn’t angry. I wasn’t enraged. I wasn’t mad at myself or the incredible unfairness of this bullshit, all over again. I just limped home, took off my shoes, used the foam roller, and then I sat down and cried.

I cried because I miss Marlowe.

I cried because my body hurt.

I cried because it’s so unfair to do everything right and still my dad doesn’t love me.

I cried because I’m just so totally exhausted by the cruelty and the violence that could have been avoided.

I just cried and cried, as all this grief poured out of me.

None of it made my leg get better, but it was cathartic. And I was grateful for it, because choosing to experience grief instead of avoiding it with anger was a big time goal, something I worked really hard to accomplish.

When I was done, my body still hurt, but my emotional self felt okay. Sure, I was disappointed, but I didn’t get mad about something that wasn’t going to change because I was mad. I spared myself from that experience, and I’m proud of myself for doing it.

I accepted that I wasn’t going to be able to run for at least a week. I took long walks instead, occasionally stopping to do some squats for strength and mobility. I did gentle exercises inside at home, not because I wanted to experience a change in my appearance, but because I felt better, emotionally as well as physically, when I was done. I invested maybe half an hour a day, and it paid off at like 5:1.

Today, I woke up (saw, again, that it still hasn’t happened), ate my breakfast, and asked my body how it was doing. Every department checked in with a green flag, except for my injured leg, which was like “I’m about 96% there, I think.” So I decided to attempt a very gentle rehab walk/jog, just once around the block.

I started Recipe For Hate, walked to warm up, and then did little intervals — very gently — around the block. One lap in, it was a little achy, but didn’t feel like it was going to cramp up again. So I went for another lap, then another, then another. I ended up doing about 20 minutes, just jogging and walking when it felt right.

And when I got home, I felt like a champion. I felt like I’d done something good for my body that I have to live in, and for the me that lives in it.

I have to go back to the beginning, I think, but that’s fine. I don’t have a race on my calendar, and this isn’t a contest or anything. It’s something more special and meaningful to me than that, and I’m really proud of myself for having the ability to understand and embrace that.

I’m worth it. You’re worth it. Whatever your Couch to 5K is, I know you can do it. I believe in me, and I believe in you.

Thanks for stopping by.

I’m so glad you’re here. If this is your first visit and you’d like to get my posts in your inbox, here’s the thingy:

i’m calling it ‘wil wheatcon’ until i can think of something better [WIL WHEATON dot NET]

In an average year, I travel to around 5 or 6 cities for conventions. Almost every time I announce an appearance, the most common response is some version of “that’s great! When are you coming to [my town]?”

I’m not coming to your town, but I am coming to your computer (or your tablet or your phone or even your TV, I think) on June 7 for a virtual convention that needs a much better name than Couch Con, because at this moment in time, that creates a very specific, very unfortunate, image. (Maybe it will happen today).

Seriously, I hate every name I think of for this. What would you call a virtual convention where I am the guest of honor, the toastmaster, the featured author, and also the only guest? Wil Wheatcon is kind of cute, I think, but I feel like there’s something better. If you have one, would you comment?

The Untitled Wil Wheaton Virtual Convention came out of an unrelated meeting with my friends and partners in crime at Stands about how we wanted to turn some of my designs into stickers. One thing lead to another, and I’m just going to get to the graphic you’ve probably looked at already:

Join Wil Wheaton (Star Trek: The Next Generation, Stand By Me, Big Bang Theory) for a live virtual event featuring a fan-driven Q&A panel, where you can hear stories, insights, and moments you won’t get anywhere else. For those looking for something more personal, a limited number of Meet & Greet spots offer a chance to connect in a smaller group setting.

I love going to cons, and spending time with my people. I love sharing how much we love all our nerd shit. I love the safe place we create together. And I know that money is tight for everyone right now, everything costs more than it should, and just the price of a ticket can put a con out of reach for a lot of people. And that’s not even accounting for whatever we spend on merch, art, autographs, and photo-ops.

Wil Wheaton fandom has always lived at the intersection of sci-fi, gaming, internet chaos, heartfelt sincerity, and extremely specific jokes that somehow become part of your personality. This sticker collection leans directly into that energy with designs inspired by tabletop adventures, spacefaring mischief, fandom pride, and the wonderfully self-aware sense of humor that Wil has spent years cultivating both on screen and off. Equal parts nerdy and sarcastic, these stickers feel right at home on laptops, water bottles, notebooks, gaming cases, convention bins, and any surface that could use a little more chaotic good energy.

So a big, big part of my wanting to do this is the opportunity to do something convention-ish, which is way more affordable, at just fifteen bucks. Hell, get ten friends together and everyone can cover the ticket with the change in their pockets. People still have change in their pockets, right?

I have met tens of thousands of people over the years. I know that this is an unscientific, heavily-skewed metric that would fail any peer review, but I still think it matters that the single most common thing they tell me is some version of “I loved your panel discussion. I wish you’d had more time for questions.”

Well, if you’re one of those people, this is probably going to crawl your dungeon. We have as much time as we want, I can take as many questions as I want, and if enough people ask, I’ll even read you some flash fiction I wrote. And we’re offering some break out, private meet and greets, for anyone who wants that experience.

Oh, I’m also going to pull my kitty ears out and put them on for a Wil Wheatcon exclusive autographed 8×10, if that’s your thing and you wanted to add some whimsy to your life.

A few people I know have done this kind of event, and they all tell me that it’s so much fun, so uplifting, and a wonderful way to spend a couple hours together. I believe them, and I’m excited to experience that for myself. I hope you’ll join me!

I’m so glad you are here. If you’d like to get my updates via email, here’s the thingy:

02:21

Link [Scripting News]

The purpose of standards is interop. That's it. No other purpose.

Link [Scripting News]

Just watched the first episode of Star City, really good. Somewhat like The Americans, but takes place in the USSR. A spinoff of For All Mankind, which started out interesting and then became unwatchable, though I did enjoy the sets on Mars. I also liked the character who was inspired by Elon Musk, obviously.

Sunday, 31 May

22:49

MorphOS 3.20 released [OSnews]

Almost exactly 18 months after 3.19, the MorphOS team has released MorphOS 3.20. This is a major release, as it adds support for the upcoming Mirari PowerPC motherboards, which we talked about when that project was first announced. I’m quite excited about the Mirari, and can’t wait to have one, and MorphOS is the one operating system I really want to run it on. I have an almost mint condition PowerBook G4 17″ specifically for MorphOS, but the hardware is simply too outdated to keep up with modern demands, which is sad, because MorphOS can clearly keep up if it had modern hardware.

So, MorphOS 3.20 adds support for the Mirari platform and its various components, like its thermal management solution, networking, and so on. MorphOS 3.20 also expands the number of support Radeon graphics cards, improved support for various HDMI and DisplayPort ports, better support for multiple monitors, and overall better graphics performance in general. There’s also SFS2 support throughout the operating system so MorphOS now supports file sizes of up to 4GB and partition sizes of up to 2TB. The Ambient UI has also seen extensive work to improve performance and stability, as well as add a bunch of new features.

Several new applications and utilities are included in MorphOS 3.20, such as DriveImager, MirrorBackup, SMARTDoctor, OFHTTP, OFHash, OFDNS, Replace, and Automator for scripting and controlling MUI applications. Iris has been updated to version 1.53 and now includes the new Contacts companion application for CalDAV-based address books. FlowStudio received extensive improvements for project management, printing, Markdown support, and development workflows.

Networking and connectivity have also been improved with updates to OpenSSH 10.3p1, TLS 1.3 support in RDesktop, expanded SMB2 filesystem improvements, and improved USB, audio and multimedia subsystem stability. Numerous system libraries and frameworks including MUI, ixemul, Cairo, Harfbuzz, Freetype, OpenSSL4, and ObjFWRT have been updated or significantly modernized.

↫ MorphOS 3.20 release announcement

Of course, there’s also the long list of smaller changes, bugfixes, and performance improvements. MorphOS has wide support for Apple PowerPC hardware, which is probably your best bet for using the operating system for now, at least until the Mirari becomes available for purchase.

22:28

Link [Scripting News]

Claude always tries to understand what you're saying. I like that. We do a lot of communicating, and have a lot of misunderstandings, I see its flaws as a programmer, it makes mistakes. Today I asked it to help find an error in the subscribe code and it showed me a lot of things that were wrong, I fixed them, but we didn't find the thing that broke it. We managed to get it back on the air, but that broke something else. A few hours later I looked at the code myself and mathematically deduced that when you read a file, even if the content was the same, if you ask if the result is equal to its previous version, the result would be no. It would say there's a change when there's no change. The computer is doing what it was programmed to do, it's our job as programmers to say the same thing a different way that does what we want. That's the kind of thing you expect Claude to be incredibly good at. I think the problem is that it can't see the various apps running and see what they say. It has to figure out how it works just from reading the code. That makes it a completely new kind of computer in addition to all the other things that are amazing about it.

19:42

Amin Bandali: Thinking about life - chat with Protesilaos [Planet Debian]

In the recent weeks I've been engaging Prot as a coach to help review my new ffs package for GNU Emacs as I worked on preparing it for inclusion in GNU ELPA, as well as discussing other Emacs- and life-related topics.

UPDATE 2026-05-23 22:39:15 -0400: Prot also published an article about our session on his website: https://protesilaos.com/commentary/2026-05-23-life-issues-and-philosophy-amin-bandali/

In our nearly 2-hour conversation, we discussed at length and in depth various aspects of life in the current times. For instance, feeling overwhelmed in the face of innumerable things happening at once, with technology changing our perception and making events feel proximate and imminent.

We talked about seasonality and rhythms in life, including in relation to burnout and knowing our own limitations, and descriptive vs prescriptive thinking when reflecting on the expectations we may place on our self when comparing our self to others through the lens of our necessarily-incomplete impressions and glimpses of their lives. We discussed absence or loss as a dual to presence or persistence in the process of life. How with our memories and through embodying the philosophy and teachings of departed loved ones their essence and legacy continues to live on within us. But also loss in the sense of us losing parts of our self in life-defining moments while preserving other parts and gaining new ones, being liberated of some of the burdens of our past self and in effect becoming someone else in the process.

In being true to our self, we talked about humans as multi-faceted beings and the importance of expressing and giving a voice to these different aspects of our self, and keeping alive that child-like sense of awe and wonder. To live a life where the pace and rhythms of our environment are in sync with our internal rhythms, and to not give others undue power over us or our happiness through trying to live according to their prescribed standards or expectations.

I also learned more about Prot's practical philosophy of situational awareness in life, not merely as a means for survival, but also as a way of appreciating all of the beauty that surrounds us, and a method for gaining the knowledge and skills to apply what we learn from patterns in one area of life to other areas.

We concluded our session with a mention to the concept of sanctity, to set aside a sacred time or place for our self wherein no distractions are allowed, where we can unwind, rest, and recharge for whatever comes next.

Here is the video recording of our session, which I share with Prot's permission:

Sorry, this embedded video will not work, because your web browser does not support HTML5 video.
[ please watch the video in your favourite streaming media player ]​

You can view or download the full-resolution video from the Internet Archive.

Like Prot, I am invigorated and inspired to live a full, honest life. To do my best, do what I do in earnest, and make the best of what I have.

Take care, and so long for now.

Amin Bandali: ffs 0.2.2 released [Planet Debian]

ffs provides a minor mode for simple plain text presentations in Emacs, where the slides are separated using the page-delimiter, by default the form feed character (^L).

I wrote ffs in early 2022 for my LibrePlanet 2022 presentation the Net beyond the Web, and earlier this year decided to polish it towards being a proper package and submit it to GNU ELPA. The manual still needs some more work, but the overall package is in pretty good shape so I submitted for inclusion in GNU ELPA.

ffs and I owe a debt of gratitude to Protesilaos for rounds of code review and feedback for improving and polishing the package in preparation for submission to GNU ELPA. You can watch videos of these sessions posted earlier on my website:

Further, inspiration for parts of ffs's implementation was gratefully drawn from Protesilaos's Logos package for Emacs.

Dedicated to the loving memory of Farangis Yousefinia.

Below are the release notes.

Version 0.2.2 on 2026-05-21

First release of ffs on GNU ELPA.

The attempted build of ffs 0.2.1 within GNU ELPA build sandbox failed with an Error: void-function (org-texinfo-kbd-macro) due to use of #+macro: kbd (eval (org-texinfo-kbd-macro $1)) in ffs.org for better formatting of key sequences in the exported Texinfo copy. This seems to have happened for the specific case of generating a plain text README using ox-ascii where ELPA didn't load ox-texinfo. To try and mitigate this, a README.md has been added for use as the package README instead of ffs.org. If not sufficient, a Texinfo copy of the ffs manual will be shipped instead of the Org one in the next release.

ffs 0.2.2 also includes small fixes and improvements throughout ffs.el from Stefan Monnier, and additional feedback to be addressed in future releases.

Version 0.2.1 on 2026-05-20

The attempted build of ffs 0.2.0 within GNU ELPA build sandbox failed with a "Cannot include file" error on the "#+include: fdl.org" in the manual. So, as a workaround, we switch to using the official Texinfo copy of the GNU FDL license rather than an Org copy.

Version 0.2.0 on 2026-05-19

First release of ffs intended for GNU ELPA.

After a few years of inactivity, in early 2026 I decided to dust off ffs.el, polish and document it, and offer for inclusion in GNU ELPA as a proper package.

Default value of ffs-default-face-height changed to nil

To minimize unexpected and/or unnecessary changes out-of-the-box, the default value of ffs-default-face-height has been changed to nil.

ffs-edit-buffer-name demoted from user option to variable

This is not an important user-facing setting, so to help avoid overwhelming users with many options, this has been demoted from a user option to a variable.

Several new user options for customizing ffs's behaviour

As part of the effort to bring ffs more in line with the conventions of other existing Emacs packages, the mechanisms for toggling various parts of Emacs's interface to minimize visual clutter were changed from being minor modes to being customizable user options. These are the replacement new user options, with a default value of nil:

  • ffs-hide-cursor
  • ffs-hide-mode-line
  • ffs-hide-header-line

Their value is buffer-local, and may be set globally using setq-default. See the sample configuration in the manual for an example of how to customize them.

The new ffs-page-delimiter user option defines the page delimiter inserted by ffs-edit-done when inserting a new slide. Emacs's page-delimiter regexp should be able to match ffs-page-delimiter's value, so if you use a custom page-delimiter be sure to customize ffs-page-delimiter accordingly.

The new ffs-echo-progress user option controls whether to display in echo area the progress through the slides. When non-nil, changing slides will also display the progress through the slides in the echo area. The format of the displayed progress can be customized using the new ffs-echo-progress-format user option.

The new ffs-edit-display-buffer-alist user option may be used to control the Window configuration for the ffs-edit buffer. By default, it will display the ffs-edit buffer in the same window.

The new ffs-edit-done-hook user option may be used to define hooks to be run at the end of ffs-edit-done after returning to the main ffs presentation buffer.

Lastly, a new ffs-find-speaker-notes-function variable was added to allow customizing the find function used for opening the speaker's notes file, defaulting to find-file-other-frame.

Version 0.1.0 on 2022-05-19

Initial publication of ffs.el as part of my personal configurations for GNU Emacs.

My first attempt at this concept was a now-archived ffsanim.el, a major mode implementation that used Emacs's animate library to animate slide texts onto the screen. Shortly after realizing the shortcomings of that approach, I abandoned it in favour a minor mode implementation and published version 0.1.0 of what is now ffs in my personal configs repository.

I used this implementation for presenting my LibrePlanet 2022 talk, The Net beyond the Web.

I picked "ffs" as the package name, the acronym for form feed slides.

Amin Bandali: FFS code review and Emacs extensibility with Protesilaos [Planet Debian]

In the recent weeks I've been engaging Prot as an Emacs coach to help with doing review passes over my upcoming ffs package as I work on polishing and documenting it in preparation for offering it for inclusion in GNU ELPA.

UPDATE 2026-05-15 08:50:10 -0400: Prot also published an article about our session on his website: https://protesilaos.com/codelog/2026-05-15-emacs-amin-bandali-ffs-display-buffer-org-capture/

Today we had our third session where we started by reviewing and talking about my recent changes to ffs, then ventured to other Emacs-related topics with the overarching theme of the flexibility and extensibility of GNU Emacs, including display-buffer-alist, keyboard macros, defining a custom ox-bhtml Org export backend derived from Org's ox-html for ultimate flexibility when exporting my site's pages from Org to HTML, Org capture, plain text files and Emacs's diary and how it compares to org-agenda, and keeping a journal with the help of Emacs.

Here is the video recording of our session, which I share with Prot's permission:

Sorry, this embedded video will not work, because your web browser does not support HTML5 video.
[ please watch the video in your favourite streaming media player ]​

You can view or download the full-resolution video from the Internet Archive.

Lastly, here is the snippet Prot shared for having Isearch treat space as a wildcard, helpful for more easily matching multiple parts of a line:

(setq search-whitespace-regexp ".*?")
(setq isearch-lax-whitespace t)
(setq isearch-regexp-lax-whitespace nil)

Take care, and so long for now.

Amin Bandali: FFS code review with Protesilaos [Planet Debian]

In the recent weeks I've been engaging Prot as an Emacs coach to help with doing review passes over my upcoming ffs package as I work on polishing and documenting it in preparation for offering it for inclusion in GNU ELPA.

Yesterday we had our second session focused on ffs, which I recorded and share publicly with everyone with Prot's permission, so that others can also benefit from Prot's insights and experience as we discuss various aspects of Emacs package development with the concrete example of ffs.

Here is the video recording of our session:

Sorry, this embedded video will not work, because your web browser does not support HTML5 video.
[ please watch the video in your favourite streaming media player ]​

You can view or download the full-resolution video from the Internet Archive.

I addressed most of Prot's feedback about ffs from our first session, and I'll be working on the changes we discussed in this session in the next days.

In the last third of the video we switched topics to discuss a few Emacs-related tangents including adding a 'padding' effect for the mode line and its constructs, and distilling and separating the easily-reusable package-like parts of one's Emacs configuration from the actual configuration of those parts (e.g. the distinction of prot-lisp and prot-emacs-modules in Prot's Emacs configuration).

For mode line padding, here is the snippet I'm using with Prot's doric-themes:

(doric-themes-with-colors
  (custom-set-faces
   `(mode-line
     ((t :box (:line-width 6 :color ,bg-shadow-intense))))
   `(mode-line-inactive
     ((t :box (:line-width 6 :color ,bg-shadow-subtle))))
   `(mode-line-highlight
     ((t :box (:color ,bg-shadow-intense))))))

Take care, and so long for now.

19:28

AI and a world without migrants [Cory Doctorow's craphound.com]

A hand-tinted image of elderly people in the lounge of a nursing home. Three killer robots have been inserted into the scene.

This week on my podcast, I read AI and a world without migrants, a recent essay from my Pluralistic blog, which psychoanalyzes the sociopathic fantasies that are driving the AI investment bubble.


I don’t care who you are, there will always be times when hell is other people. Not because other people are horrible – quite the opposite! Other people are wonderful, but boy are they ever stubborn.


From boardgames to romance, team sports to movement politics, business ideas to construction projects, there’s so much important, enjoyable and essential stuff you can’t do alone. But other people insist on having their own priorities and goals, and they mulishly refuse to organize their lives to suit your priorities.


Our species has put a lot of work into resolving this conundrum. Not only did we evolve a whole brain structure – the neocortex – that helps us understand others’ perspectives, but we also evolved many social structures (like laws and teams and governments and families and committees and bureaucracies) to help us coordinate with others to do superhuman things (that is, things that exceed the capacity of a single human).


These structures are imperfect, but they’re better than the alternative: coercion. Persuading others is not without its pitfalls, but compared to forcing others to bend to your will, “persuasion” is the hands-down favorite.

MP3

18:42

Link [Scripting News]

How bad was it with the Knicks. As something of a joke, but not really, Knicks fans would disguise themselves with paper bags with eye cutouts. Fans got accustomed to the feelings of betrayal and hopelessness. When was the actual lowest point? A good candidate was when they traded some good players for Bargnani, an Italian who apparently for some reason was the top draft choice of the Toronto Raptors. He wasn't much good to begin with and he went downhill from there. There were quite a few other moments when you thought it couldn't get any worse, but then it did. We finally got management with a heart and a mind with Leon Rose and that's when team-building began for real, and the reason the Knicks have been such poetry on the court this season is due to Rose's eye for talent and an understanding of the big picture. He picked players that work well with each other, and sometimes amazingly well. In the right margin is an image I used for posts about the Knicks in the past, a reminder of how far we've come. The look of doom. We all remember that mode so well, we stood with them then, so here we are with high hopes and reasonable expectations.

15:49

Accessibility input tool removes X11 support, doesn’t want to support Wayland; users caught in the middle [OSnews]

A sad, painful, and infuriating read for this calm Sunday. In recent years, a lot of attention has gone into improving the output side of the accessibility story on Wayland – screen readers and the like – but apparently, the input side has languished. People with reduced mobility need affordances and tools to use computers, but those aren’t ready for Wayland.

A popular set of tools here is Talon Voice, which allows people with reduced mobility to create powerful hands-free input methods. The examples the article gives are incredibly cool, and it’s easy to see how Talon would become a cornerstone for people with reduced mobility who needs hands-free (or hands-fewer?) computer input methods.

So what’s going wrong here?

Talon requires deep integration with the window manager and compositor to carry out even the most basic of its duties, and Wayland offers… Absolutely no way to perform any of those actions.

[…]

Frustrated by the endless lack of progress towards a real set of solutions for the entire ecosystem, and inundated by an endless series of requests for Wayland support which he cannot provide, Aegis, the main (and only) developer of Talon, has made a declaration: Enough. Talon Voice will imminently remove ALL Linux support from the public release, as X11 continues to sunset and users are switched to an environment in which their system can no longer function, with no option to go back.

↫ Insane Rambles About Technology

So not only will Talon not gain Wayland support any time soon, its developers are even removing X11 support from it. What this means is that even if you decide to stick to X11 because Wayland doesn’t fulfill your needs, you’re eventually going to run into a brick wall. This is merely annoying if you need to use a different application for remote desktop or whatever, but it’s absolutely devastating when it involves the very input method you use to use your computer in the first place.

There is some important nuance here though that the article doesn’t mention. The article takes the word of Talon’s developers as gospel, but in my conversations with KDE developers, a different story emerges. What they tell me is that Wayland implements all the APIs needed for Talon to work, but that Talon’s developers are simply not interested in using them. Apparently, KDE developers and others have tried to contact Talon’s developers, but their offers to help are being ignored. They’re being told Talon is simply not interested in supporting Wayland, “end of story”.

So, the story here seems to be a lot more complex than just “Wayland bad”, and I’m getting a bit of a vibe that the Talon developers are, despite claims to the contrary in the article, indeed removing X11 support out of spite. Talon is entirely within their right to not want to work on Wayland support, but then just be honest with your users and say so, instead of pinning everything on “Wayland bad”, being dishonest about Wayland’s capabilities, and ignoring offers of help and support from some of the most knowledgeable and capable developers in the field.

Of course, that’s absolutely of no relevance to people like the author of this article who depend on these tools to use their computers. They’re caught in the middle of a transition and experiencing the worst byproducts, and that’s a huge failure on everybody’s end – Wayland, Talon, and desktop environments alike. I hope the parties involved can sort this out quickly, because everyone deserves equal access to computers, doubly so in the open source world.

Feeds

FeedRSSLast fetchedNext fetched after
@ASmartBear XML 17:35, Friday, 05 June 18:16, Friday, 05 June
a bag of four grapes XML 17:28, Friday, 05 June 18:10, Friday, 05 June
Ansible XML 17:28, Friday, 05 June 18:08, Friday, 05 June
Bad Science XML 17:14, Friday, 05 June 18:03, Friday, 05 June
Black Doggerel XML 17:35, Friday, 05 June 18:16, Friday, 05 June
Blog - Official site of Stephen Fry XML 17:14, Friday, 05 June 18:03, Friday, 05 June
Charlie Brooker | The Guardian XML 17:28, Friday, 05 June 18:10, Friday, 05 June
Charlie's Diary XML 17:14, Friday, 05 June 18:02, Friday, 05 June
Chasing the Sunset - Comics Only XML 17:14, Friday, 05 June 18:03, Friday, 05 June
Coding Horror XML 17:56, Friday, 05 June 18:43, Friday, 05 June
Comics Archive - Spinnyverse XML 17:56, Friday, 05 June 18:40, Friday, 05 June
Cory Doctorow's craphound.com XML 17:28, Friday, 05 June 18:10, Friday, 05 June
Cory Doctorow, Author at Boing Boing XML 17:35, Friday, 05 June 18:16, Friday, 05 June
Ctrl+Alt+Del Comic XML 17:14, Friday, 05 June 18:02, Friday, 05 June
Cyberunions XML 17:14, Friday, 05 June 18:03, Friday, 05 June
David Mitchell | The Guardian XML 17:28, Friday, 05 June 18:11, Friday, 05 June
Deeplinks XML 17:56, Friday, 05 June 18:40, Friday, 05 June
Diesel Sweeties webcomic by rstevens XML 17:28, Friday, 05 June 18:11, Friday, 05 June
Dilbert XML 17:14, Friday, 05 June 18:03, Friday, 05 June
Dork Tower XML 17:28, Friday, 05 June 18:10, Friday, 05 June
Economics from the Top Down XML 17:28, Friday, 05 June 18:11, Friday, 05 June
Edmund Finney's Quest to Find the Meaning of Life XML 17:28, Friday, 05 June 18:11, Friday, 05 June
EFF Action Center XML 17:28, Friday, 05 June 18:11, Friday, 05 June
Enspiral Tales - Medium XML 17:56, Friday, 05 June 18:41, Friday, 05 June
Events XML 17:14, Friday, 05 June 18:02, Friday, 05 June
Falkvinge on Liberty XML 17:14, Friday, 05 June 18:02, Friday, 05 June
Flipside XML 17:28, Friday, 05 June 18:10, Friday, 05 June
Flipside XML 17:56, Friday, 05 June 18:41, Friday, 05 June
Free software jobs XML 17:28, Friday, 05 June 18:08, Friday, 05 June
Full Frontal Nerdity by Aaron Williams XML 17:14, Friday, 05 June 18:02, Friday, 05 June
General Protection Fault: Comic Updates XML 17:14, Friday, 05 June 18:02, Friday, 05 June
George Monbiot XML 17:28, Friday, 05 June 18:11, Friday, 05 June
Girl Genius XML 17:28, Friday, 05 June 18:11, Friday, 05 June
Groklaw XML 17:14, Friday, 05 June 18:02, Friday, 05 June
Grrl Power XML 17:28, Friday, 05 June 18:10, Friday, 05 June
Hackney Anarchist Group XML 17:14, Friday, 05 June 18:03, Friday, 05 June
Hackney Solidarity Network XML 17:56, Friday, 05 June 18:41, Friday, 05 June
http://blog.llvm.org/feeds/posts/default XML 17:56, Friday, 05 June 18:41, Friday, 05 June
http://calendar.google.com/calendar/feeds/q7s5o02sj8hcam52hutbcofoo4%40group.calendar.google.com/public/basic XML 17:28, Friday, 05 June 18:08, Friday, 05 June
http://dynamic.boingboing.net/cgi-bin/mt/mt-cp.cgi?__mode=feed&_type=posts&blog_id=1&id=1 XML 17:56, Friday, 05 June 18:41, Friday, 05 June
http://eng.anarchoblogs.org/feed/atom/ XML 17:49, Friday, 05 June 18:35, Friday, 05 June
http://feed43.com/3874015735218037.xml XML 17:49, Friday, 05 June 18:35, Friday, 05 June
http://flatearthnews.net/flatearthnews.net/blogfeed XML 17:35, Friday, 05 June 18:16, Friday, 05 June
http://fulltextrssfeed.com/ XML 17:28, Friday, 05 June 18:11, Friday, 05 June
http://london.indymedia.org/articles.rss XML 17:56, Friday, 05 June 18:43, Friday, 05 June
http://pipes.yahoo.com/pipes/pipe.run?_id=ad0530218c055aa302f7e0e84d5d6515&amp;_render=rss XML 17:49, Friday, 05 June 18:35, Friday, 05 June
http://planet.gridpp.ac.uk/atom.xml XML 17:56, Friday, 05 June 18:43, Friday, 05 June
http://shirky.com/weblog/feed/atom/ XML 17:56, Friday, 05 June 18:40, Friday, 05 June
http://thecommune.co.uk/feed/ XML 17:56, Friday, 05 June 18:41, Friday, 05 June
http://theness.com/roguesgallery/feed/ XML 17:14, Friday, 05 June 18:02, Friday, 05 June
http://www.airshipentertainment.com/buck/buckcomic/buck.rss XML 17:14, Friday, 05 June 18:03, Friday, 05 June
http://www.airshipentertainment.com/growf/growfcomic/growf.rss XML 17:56, Friday, 05 June 18:40, Friday, 05 June
http://www.airshipentertainment.com/myth/mythcomic/myth.rss XML 17:28, Friday, 05 June 18:10, Friday, 05 June
http://www.baen.com/baenebooks XML 17:56, Friday, 05 June 18:40, Friday, 05 June
http://www.feedsapi.com/makefulltextfeed.php?url=http%3A%2F%2Fwww.somethingpositive.net%2Fsp.xml&what=auto&key=&max=7&links=preserve&exc=&privacy=I+accept XML 17:56, Friday, 05 June 18:40, Friday, 05 June
http://www.godhatesastronauts.com/feed/ XML 17:14, Friday, 05 June 18:02, Friday, 05 June
http://www.tinycat.co.uk/feed/ XML 17:28, Friday, 05 June 18:08, Friday, 05 June
https://anarchism.pageabode.com/blogs/anarcho/feed/ XML 17:56, Friday, 05 June 18:40, Friday, 05 June
https://broodhollow.krisstraub.comfeed/ XML 17:35, Friday, 05 June 18:16, Friday, 05 June
https://debian-administration.org/atom.xml XML 17:35, Friday, 05 June 18:16, Friday, 05 June
https://elitetheatre.org/ XML 17:56, Friday, 05 June 18:43, Friday, 05 June
https://feeds.feedburner.com/Starslip XML 17:28, Friday, 05 June 18:10, Friday, 05 June
https://feeds2.feedburner.com/GeekEtiquette?format=xml XML 17:28, Friday, 05 June 18:11, Friday, 05 June
https://hackbloc.org/rss.xml XML 17:35, Friday, 05 June 18:16, Friday, 05 June
https://kajafoglio.livejournal.com/data/atom/ XML 17:14, Friday, 05 June 18:03, Friday, 05 June
https://philfoglio.livejournal.com/data/atom/ XML 17:56, Friday, 05 June 18:43, Friday, 05 June
https://pixietrixcomix.com/eerie-cutiescomic.rss XML 17:56, Friday, 05 June 18:43, Friday, 05 June
https://pixietrixcomix.com/menage-a-3/comic.rss XML 17:56, Friday, 05 June 18:40, Friday, 05 June
https://propertyistheft.wordpress.com/feed/ XML 17:28, Friday, 05 June 18:08, Friday, 05 June
https://requiem.seraph-inn.com/updates.rss XML 17:28, Friday, 05 June 18:08, Friday, 05 June
https://studiofoglio.livejournal.com/data/atom/ XML 17:49, Friday, 05 June 18:35, Friday, 05 June
https://thecommandline.net/feed/ XML 17:49, Friday, 05 June 18:35, Friday, 05 June
https://torrentfreak.com/subscriptions/ XML 17:28, Friday, 05 June 18:11, Friday, 05 June
https://web.randi.org/?format=feed&type=rss XML 17:28, Friday, 05 June 18:11, Friday, 05 June
https://www.dcscience.net/feed/medium.co XML 17:14, Friday, 05 June 18:03, Friday, 05 June
https://www.DropCatch.com/domain/steampunkmagazine.com XML 17:35, Friday, 05 June 18:16, Friday, 05 June
https://www.DropCatch.com/domain/ubuntuweblogs.org XML 17:49, Friday, 05 June 18:35, Friday, 05 June
https://www.DropCatch.com/redirect/?domain=DyingAlone.net XML 17:56, Friday, 05 June 18:43, Friday, 05 June
https://www.freedompress.org.uk:443/news/feed/ XML 17:14, Friday, 05 June 18:02, Friday, 05 June
https://www.goblinscomic.com/category/comics/feed/ XML 17:28, Friday, 05 June 18:08, Friday, 05 June
https://www.loomio.com/blog/feed/ XML 17:49, Friday, 05 June 18:35, Friday, 05 June
https://www.newstatesman.com/feeds/blogs/laurie-penny.rss XML 17:35, Friday, 05 June 18:16, Friday, 05 June
https://www.patreon.com/graveyardgreg/posts/comic.rss XML 17:56, Friday, 05 June 18:43, Friday, 05 June
https://www.rightmove.co.uk/rss/property-for-sale/find.html?locationIdentifier=REGION^876&maxPrice=240000&minBedrooms=2&displayPropertyType=houses&oldDisplayPropertyType=houses&primaryDisplayPropertyType=houses&oldPrimaryDisplayPropertyType=houses&numberOfPropertiesPerPage=24 XML 17:28, Friday, 05 June 18:11, Friday, 05 June
https://x.com/statuses/user_timeline/22724360.rss XML 17:28, Friday, 05 June 18:08, Friday, 05 June
Humble Bundle Blog XML 17:56, Friday, 05 June 18:43, Friday, 05 June
I, Cringely XML 17:14, Friday, 05 June 18:02, Friday, 05 June
Irregular Webcomic! XML 17:35, Friday, 05 June 18:16, Friday, 05 June
Joel on Software XML 17:49, Friday, 05 June 18:35, Friday, 05 June
Judith Proctor's Journal XML 17:28, Friday, 05 June 18:08, Friday, 05 June
Krebs on Security XML 17:35, Friday, 05 June 18:16, Friday, 05 June
Lambda the Ultimate - Programming Languages Weblog XML 17:28, Friday, 05 June 18:08, Friday, 05 June
Looking For Group XML 17:56, Friday, 05 June 18:40, Friday, 05 June
LWN.net XML 17:35, Friday, 05 June 18:16, Friday, 05 June
Mimi and Eunice XML 17:56, Friday, 05 June 18:41, Friday, 05 June
Neil Gaiman's Journal XML 17:28, Friday, 05 June 18:08, Friday, 05 June
Nina Paley XML 17:56, Friday, 05 June 18:43, Friday, 05 June
O Abnormal – Scifi/Fantasy Artist XML 17:56, Friday, 05 June 18:41, Friday, 05 June
Oglaf! -- Comics. Often dirty. XML 17:14, Friday, 05 June 18:02, Friday, 05 June
Oh Joy Sex Toy XML 17:56, Friday, 05 June 18:40, Friday, 05 June
Order of the Stick XML 17:56, Friday, 05 June 18:40, Friday, 05 June
Original Fiction Archives - Reactor XML 17:28, Friday, 05 June 18:10, Friday, 05 June
OSnews XML 17:56, Friday, 05 June 18:41, Friday, 05 June
Paul Graham: Unofficial RSS Feed XML 17:56, Friday, 05 June 18:41, Friday, 05 June
Penny Arcade XML 17:28, Friday, 05 June 18:10, Friday, 05 June
Penny Red XML 17:56, Friday, 05 June 18:41, Friday, 05 June
PHD Comics XML 17:14, Friday, 05 June 18:03, Friday, 05 June
Phil's blog XML 17:14, Friday, 05 June 18:02, Friday, 05 June
Planet Debian XML 17:56, Friday, 05 June 18:41, Friday, 05 June
Planet GNU XML 17:35, Friday, 05 June 18:16, Friday, 05 June
Planet Lisp XML 17:14, Friday, 05 June 18:03, Friday, 05 June
Pluralistic: Daily links from Cory Doctorow XML 17:28, Friday, 05 June 18:08, Friday, 05 June
PS238 by Aaron Williams XML 17:14, Friday, 05 June 18:02, Friday, 05 June
QC RSS XML 17:56, Friday, 05 June 18:43, Friday, 05 June
Radar XML 17:28, Friday, 05 June 18:10, Friday, 05 June
RevK®'s ramblings XML 17:49, Friday, 05 June 18:35, Friday, 05 June
Richard Stallman's Political Notes XML 17:14, Friday, 05 June 18:03, Friday, 05 June
Scenes From A Multiverse XML 17:56, Friday, 05 June 18:43, Friday, 05 June
Schneier on Security XML 17:28, Friday, 05 June 18:08, Friday, 05 June
SCHNEWS.ORG.UK XML 17:56, Friday, 05 June 18:40, Friday, 05 June
Scripting News XML 17:28, Friday, 05 June 18:10, Friday, 05 June
Seth's Blog XML 17:49, Friday, 05 June 18:35, Friday, 05 June
Skin Horse XML 17:28, Friday, 05 June 18:10, Friday, 05 June
Tales From the Riverbank XML 17:14, Friday, 05 June 18:03, Friday, 05 June
The Adventures of Dr. McNinja XML 17:56, Friday, 05 June 18:41, Friday, 05 June
The Bumpycat sat on the mat XML 17:28, Friday, 05 June 18:08, Friday, 05 June
The Daily WTF XML 17:49, Friday, 05 June 18:35, Friday, 05 June
The Monochrome Mob XML 17:35, Friday, 05 June 18:16, Friday, 05 June
The Non-Adventures of Wonderella XML 17:28, Friday, 05 June 18:11, Friday, 05 June
The Old New Thing XML 17:56, Friday, 05 June 18:40, Friday, 05 June
The Open Source Grid Engine Blog XML 17:56, Friday, 05 June 18:43, Friday, 05 June
The Stranger XML 17:56, Friday, 05 June 18:41, Friday, 05 June
towerhamletsalarm XML 17:49, Friday, 05 June 18:35, Friday, 05 June
Twokinds XML 17:28, Friday, 05 June 18:10, Friday, 05 June
UK Indymedia Features XML 17:28, Friday, 05 June 18:10, Friday, 05 June
Uploads from ne11y XML 17:49, Friday, 05 June 18:35, Friday, 05 June
Uploads from piasladic XML 17:28, Friday, 05 June 18:11, Friday, 05 June
Use Sword on Monster XML 17:56, Friday, 05 June 18:43, Friday, 05 June
Wayward Sons: Legends - Sci-Fi Full Page Webcomic - Updates Daily XML 17:49, Friday, 05 June 18:35, Friday, 05 June
what if? XML 17:35, Friday, 05 June 18:16, Friday, 05 June
Whatever XML 17:14, Friday, 05 June 18:03, Friday, 05 June
Whitechapel Anarchist Group XML 17:14, Friday, 05 June 18:03, Friday, 05 June
WIL WHEATON dot NET XML 17:56, Friday, 05 June 18:40, Friday, 05 June
wish XML 17:56, Friday, 05 June 18:41, Friday, 05 June
Writing the Bright Fantastic XML 17:56, Friday, 05 June 18:40, Friday, 05 June
xkcd.com XML 17:28, Friday, 05 June 18:11, Friday, 05 June