Latest Posts (20 found)

AI Mania Is Eviscerating Global Decision-Making

Note: This has been cross-posted to my company's blog, in case you think there is some use in sharing with someone in a format that looks more authoritative. Link here . I strongly believe there are entire companies right now under heavy AI psychosis and it’s impossible to have rational conversations with it about them. I can’t name any specific people because they include personal friends I deeply respect, but I worry about how this plays out. – Mitchell Hashimoto, of HashiCorp and Ghostty fame Over the past year, I’ve run point on all of our company’s sales, led the technical components of all but two of our engagements, and over the lifetime of this blog have had something like 300 catchups with professionals from around the world. This has ranged from people on the ground in niche service industries to executives at Fortune 500 companies 1 . Because of this, I've had a front-row view to our collective institutions across both the private and public sector undergoing breath-taking mass psychosis. This essay is an attempt to describe the bizarre dynamics that are currently at play, as I am in the rare position where my wellbeing is not contingent on paying lip service to madness, and to reassure the people trying to survive amidst all of this that they are not crazy. The reality is thus: the people in charge either have no plan, or see no path forwards other than keeping their heads down. Not at banks, not at hospitals, not in our government institutions. The world’s organisations have been captured by people in the throes of frothing excitement, and saner people who now live in a state of constant commingled fear and frustration. Reading this while working for a division that pivoted to provide interfaces for agentic workflows, only to discover that only ten users had ever touched the products we made for agents, only to pivot again to support for agentic workflows, which has a lot of competition because every company has to do something agentic now and there's only like four things you can do in that space, is bracing. – An editor of this essay Are companies actually seeing massive productivity gains from their AI adoption? Does any of this sordid affair make sense ? This should be an easy question, but it is surprisingly hard to get a straight answer to it. Executives that tell the press that their company has gone insane will quickly find themselves removed from their positions. Employees who are honest will find themselves fired in short-order, or “randomly” selected for a round of layoffs. In fact, it is in the interests of almost every actor in the space – boards, executives, employees, vendors, consultants – to obfuscate and misrepresent the success rate of AI projects. Many publicly traded companies are putting out announcements about their AI productivity gains when I know for a fact that the businesses have done nothing other than purchase Copilot licenses and declare victory. Yet we need to know if these projects are panning out – if the total focus on AI as a core tenet of business strategy is succeeding at a reasonable rate, then a discussion about the relative risk and reward is warranted. Unfortunately, we live in a dark timeline. All of the AI projects we have observed as a team are failing. Every single one – we have seen 0% success in a year and a half, not only amongst projects we have been asked to participate in 2 , but even within projects that we have observed in passing while doing totally unrelated work. Even if you grant that AI tooling accelerates specific workloads, the method and scale of the current investments is senseless. Frequently the failure is not related to AI itself, but rather that companies are terminally bad at running software projects effectively, and as I have remarked previously , AI projects are subject to all the failure modes of normal projects plus you can get everything right and then still fail because of the method's novelty. Very few companies are so good at shipping software that they can afford the extra risk profile. Often enough, though, it’s an actual failure in what LLMs can accomplish. The most common version of this, being rolled out across businesses around the world, is the internally-facing chatbot, or for the more daring company, the customer-facing chatbot. The story is always the same. For the former, I’ve never seen substantial internal uptake from inside a business. Employees don’t use internal chatbots because companies tend to have low-quality documentation and an LLM is not psychic – it can only know things that have been written down and made accessible. For the latter customer-facing applications, I have rarely had a pleasant experience as a consumer, with perhaps the exception of live transcription during medical appointments – hardly something worth pivoting an entire organisation around. In both cases, project leaders are very careful to avoid tracking basic metrics, such as whether the tools are being used at all, or they track metrics that are easily gamed. For example, my last consumer interaction was attempting to get help from Mitsubishi following an automotive failure, where a very polite robot asked me to describe the problem and that I’d receive a call back as soon as someone was available. This was the single most competent implementation of such a project I’ve seen in the wild, in that the voice was natural sounding, responded quickly, was clearly “live” in production, and promised a swift resolution. That was six months ago, and I did not, in fact, get a call back. When Mitsubishi did not call me back, what happened? Did that request just go into the void, showing one less incident for the year? Does it appear that the phone bot resolved my query without the need for human intervention? All we know is that it didn’t show up as an error, or I’d have received a call. I’m sure it looks great in all sorts of ways except the one that matters, which is that I was planning to buy a car and decided not to buy another one of theirs. For this reason, our team has quickly learned while on an engagement not to ask anything about ongoing AI projects in any context – by the time that project has started, it is too late for the management team, and intervention is not possible until a crisis point is inevitably reached. There is no conceivable positive outcome. The failure rate is so high that even basic inquiry leaves us in an untenable position. Any coherent question about how it’s going, what the goal is, who is using it, constitutes an inadvertent attack on the chain of command responsible for the work because there are no good answers to anything . Even in rare cases where my interlocutor has stated that things are going well (usually while the project is still mid-flight and failure has not had a chance to manifest), it is generally obvious that they are doomed, but at least in these cases I can simply agree and then go home to scream into a pillow for six hours straight 3 . All of this is to say that I am very confident that almost every report at a company about “massive AI productivity gains” is untrue as a matter of brute fact. Even if some companies are seeing clear gains, this is the exception, not the norm. With that assumption in place, we can talk about the dynamics at play, and how it has become impossible for many organisations to stay focused on things that actually matter to their long-term (or even short-term) health. It has become outright dangerous to even raise the possibility that AI might not be the solution to a problem, let alone be the sole focus of a company’s entire strategy. In every sufficiently large business we have observed (say, with 500+ employees), we have noted that continued advancement, and increasingly continued employment, has started to require repeated professions of belief in the transformative power of AI for said business. I am not talking about providing ideas about how to use AI in the business – I mean religious profession, declarations of faith. Overwhelmingly these statements are made by non-technicians, though it is not uncommon for technicians to emit deranged statements to curry favour. There have been several occasions where I have seen someone, apropos of nothing, blurt out almost word-for-word “AI is changing everything”, only to concede moments later that their organisation does not currently use LLMs for anything, and indeed, that they cannot name a single thing that has changed other than they get some use out of ChatGPT (frequently the free-tier). In one extreme case, I have seen an executive confess that they had never even used ChatGPT or any AI tool in their life, immediately after producing a technical strategy for an organisation with $2B+ in revenue which was entirely centered around AI. Initially these statements were so absurd on their face that I thought it was some cynical ploy to achieve thought leader status, and there are certainly some people doing this – I have had it admitted to me. But the broader reality is so much worse: people who have no background in the technology at all actually believe what they are saying . As a general rule you should avoid getting into business with a liar, but if you must , you can at least reason with them even if only in private. A true believer is much more threatening because they are impervious to even inducement by self-interest. The turning point in my belief was watching someone with a spectacular amount of money on the line fire their highest performers because they were achieving that performance without LLMs. When an employer publicly talks about AI innovation, we have to ask ourselves if they’re simply trying to manipulate the market or customers. When they privately commit to strategies like this with their own money at stake, with no attempt to communicate that strategy to external clients, I can only assume they really mean what they’re saying. A while ago, I wrote “Contra Ptacek’s Terrible Article On AI” , which was focused on the fact that many of Ptacek’s points in his own essay “My AI Skeptic Friends Are All Nuts” were internally inconsistent 4 . But on the crux of the matter, we are actually in total agreement, because he opens his essay with this: Tech execs are mandating LLM adoption. That’s bad strategy. Which is to say that we can sidestep arguments about the precise utility of LLMs entirely and we’re left in a very simple place – it is entirely obvious to both myself and Ptacek, two people that are coming at this from fairly opposed views, that people are being really, really stupid about this, and that organisations are demanding bizarre workflow constraints from their specialist staff. 5 These mandates have led to extremely strange places. Several of my peers now “AI-wash” their work, meaning that even when they can perfectly competently execute on their jobs to the satisfaction of their management teams, said managers are unhappy if the engineers haven’t used AI in the work… so now they’re lying about using LLMs even in contexts where their professional judgement is that they aren’t the appropriate tool. They just do the work, the same way they have for decades, and say Claude did it. Others are being measured on their AI bills with “token leaderboards”, where higher is better because I have evidently fallen into the pocket of Hell where the demons torment me by doing elaborate impressions of absolute fucking morons, so the people hired for their freakish ability to perform system optimisation do the obvious thing. They set the LLMs prompting themselves in a semi-plausible loop in case someone inspects the token consumption and then they watch Netflix. Not a single one has been caught, even when their own assessment of the output is that it isn’t suitable for deployment. Checking out a parallel copy of our Go repository and telling the AI to rewrite the whole thing in Zig while I work on something else just so I can keep my job. I hate this shit so much. My job has usage tracking and quotas. I don’t use it for actual work, I just spin it up and disregard the output. – An actual software engineer In fact, the only people I know of to be fired over this whole thing are people that have expressed visible doubt about this organisational strategy, which again, even Ptacek thinks is transparently dumb. The net result is that everyone has learned very quickly to praise executives on their visionary AI prowess, or they will be gunned down in the proverbial streets. Bless me, Father, for I have sinned. It has been ∞ days since my last confession. I accuse myself of the following sins: One of the main pieces of infrastructure we deploy at our clients is an analytics-focused database called Snowflake – for a typical business, the bill is tiny because it’s a pay-as-you-go situation and we can process all their data in one minute a day, you get a very hands-off deployment, and in short it has many characteristics that are very pleasant for our work. One of the features in Snowflake that we don’t use is called Cortex. Cortex is their AI chatbot layer, with the ability to plug into metadata (for non-nerds, descriptions of your data, like what a column in a spreadsheet means) and query a company’s database autonomously. In theory, you can ask a question like “What was our revenue for last week?” and it will spit out an answer. It is not really suitable for production usage. From memory, the last time I was given a presentation on it, by actual Snowflake staff, they reported that ideal configuration results in something like ~92% accuracy due to the complexity of data at a large business (see: probably best-in-class for these tools, but imagine your CFO having one in every ten of their numbers be outright wrong) and there were serious issues with managing deployments. Nonetheless, it can be used to produce some very flashy demonstrations. On several occasions, we’ve been exposed to folks that have been sort of lukewarm on our main offerings, but they really, really wanted to use AI to perform a natural language query on their data. And we thought “Okay, if you really want to see it, maybe we can caveat this appropriately and show you what it might look like.” This was a terrible mistake . It backfired in the most predictable way imaginable – every lukewarm client that saw the chatbot in action, even with us telling them that it was not going to accomplish what they wanted , wanted to buy it immediately. Every other consideration, including millions of dollars that we could plausibly help them achieve by non-AI means, was swept aside. It was like a dark and terrible force seized control of their limbs, plunged their hands into their own chests, and presented their still-beating credit cards to us in grim supplication. We were so mortified by the inexplicable shift in energy that we (wisely) declined to take the money and ended the sales process, and soon thereafter removed Cortex from our list of demonstrations. It would have been too irresponsible to exploit this gap in their reasoning, and frankly, it was already irresponsible to have even run the demonstration – doctors don’t walk around showing off cool pills that they’d never prescribe. Watching the total 180°, that shift from ice-cold to red-hot buying frenzy, was a deeply unsettling experience. It was personally uncomfortable to see people that clearly didn’t gel with us interpersonally suddenly dying to enter an ongoing relationship, but more broadly uncomfortable because for a brief moment I began to understand what is happening in sales meetings around the world. There was no warning I could have given that would have made them refuse to buy the damn thing – their appetite was as large as their budget could stretch, and some part of me wonders if this is because they knew that their ravenous hunger would be present in their own customers. They’d just buy it from us, then pivot right to a larger company and mind control their leadership team until the buck finally stops with the loser that needs to justify the expense. The main protection against this seems to be that the median vendor is so bad at their jobs that we had presented the first even somewhat-working products these people had seen, and this included an ASX-listed company that was already bragging about their AI usage . It took our team two hours to produce something that was frankly not that good – basically just typing text descriptions of data into a web browser – and it was still better than anything the leads had seen because they had nothing to show for all the investment. In fact, we have been forced to opt out of every sale where the lead has expressed anything beyond the most fleeting curiosity in the use of AI in their business. I don’t mean that we’ve heard that they’re interested in AI and elected to drop the contract on moral grounds. I mean that, over the course of the engagement, these people have exhibited a pattern of behavior that has made it near-impossible to sell to them without incurring reputational and legal risk, and are furthermore crafting management environments that I can only describe as cultish, ineffective, and “please dear God, do not let it be on earth as it is on LinkedIn”. The good news is, CISOs are used to having to protect the business from their hare-brained initiatives, and this one isn’t really that different, except that there’s a cult-like atmosphere to it that you didn’t see with, say, the cloud. It almost doesn’t matter whether you embrace the initiative or not; there’s work to be done to manage the risk, so that’s what you do. From talking to CISOs everywhere, I would say most of them are quietly skeptical but afraid to speak up. – Career CISO and well-known speaker that asked to remain anonymous Despite the substantial prevalence of true believers, many of the people running large AI initiatives, or making public statements about them, do not believe what they are saying. There are “heads of AI” who read this blog, at companies with $1B+ in annually recurring revenue, who have written in to say they believe their job is totally fraudulent but it was the only promotion pathway remaining at the organisation. On a trip overseas, I had the privilege of a meeting with one of the Fortune 500 executives mentioned at the beginning of the post, who will remain anonymous so that they are not executed by firing squad by their board. As we were chatting, it became clear that they were very switched-on and technically competent, and they also happened to be at a company that had committed to the usual battery of exorbitant claims about their recent innovations – we’ve 100x’d our productivity, AI is the future of everything, I am but a vessel for OpenAI to make love to my wife. You know, normal things. But since I had them there without any microphones around, I asked why this was being repeated without opposition. Was it just sales fluff? The answer was a lot more interesting. It was partially ridiculous sales material being delivered to an easily excitable audience, but this was not the dominant factor constraining honesty. Executives at their customers were saying absurd things about achieving 100x productivity, and this meant that if any executive at the vendor said that these gains were not plausible, it would undermine the credibility of the customer’s executive, be perceived as an attack (or heresy), and possibly result in an enterprise contract cancellation. And getting enterprise contracts cancelled because you wanted to opine on something that doesn’t really matter to your organisation’s mission is a great way to get fired. But this company was also a major player, of the kind that signs enormous enterprise contracts with other companies. So presumably there is another vendor that has sold to them, and their CEO is worried that saying something sane will contradict this executive, and very quickly we can see how we can have executives around the world nervously pointing guns at each other, not wanting to be shot first but also watching everything gradually spiral out of control 6 . This is to say that we’re facing a coordination problem around executives being honest around the AI gains they’ve witnessed – if they co-operate, they keep their jobs. If they defect, they will possibly be fired by their embarrassed peers (who have now been implicitly called liars, cowards, or incompetents) and then replaced with someone that will toe the line anyway. If they could all admit the truth at once there might be some hope, but there is no way to coordinate that event. This sounds deeply concerning, but it is worth noting that it means that some executives who are emitting nonsensical statements are not as dull as they might seem at first – they’re in a fraught political environment, where they are surrounded by many people that are gunning for their roles, and subject to the whims of a board that is undergoing similar pressure. Against all the dictates of reason, I have presented on navigating AI hype to people on S&P 500 boards 7 and they are in exactly the same situation – the main comments I remember from the session were board members admitting they were skeptical, but expressing anxiety that their positions were contingent on demanding AI investment. One of them commented “investing this early seems like risk without much upside”. About two years later, I can see now that their decade-old multi-billion dollar organisation is now branded as “AI-native”, whatever the hell that means. All of the above converges on the state that we find ourselves in now, where effective decisionmaking has ground to a halt. Collectively, what started as a few people undergoing either destabilising psychological events or being caught up in hype has now resulted in an environment where leaders cannot speak honestly about their beliefs on how best to guide organisations, for fear of being removed, creating a sort of distributed government by assassination. This means that the least sensible recommendations are going totally unchallenged, resulting in employees being evaluated on totally gameable metrics such as “money spent on AI”, and those employees must play along to avoid being terminated. This has also created an insatiable appetite for purchasing “AI” solutions, which target both true believers that will believe implausible claims, and also non-believers that cannot decline the purchases without having their commitment to the cause coming into question. This means that all offers that are subject to internal politics at an ideologically captured organisation must include AI alignment, even if the value proposition is patently ambiguous. My assessment of the market so far is that a substantial component of the outburst of AI projects are actually non-AI projects with an AI element slapped on after the fact to pass the purity test. For example, I recently witnessed an organisation handling a database migration from an Oracle database to Snowflake – instead of handling the migration directly, the vendor bolted on a preliminary phase which involved trying to get an LLM to automate the translation of the Oracle-flavored SQL to Snowflake-flavored SQL. When the project failed (due to issues getting enough permissions to automate the work, not because an LLM can’t do something that easy), the vendor simply started handling the translation by hand but the company billed it as an AI-driven success because some inconsequential portion of the SQL had been translated by AI before being pasted over. What was actually purchased? A totally standard database migration to help an executive meet the strategic deliverable of decommissioning a system prior to license renewal. What was sold to their superiors? “I allocated a substantial percentage of my budget to AI and it helped me accomplish my mandate.” True AI projects, of the kind that is driven by an LLM as the sole mechanism underlying it, where the project can clearly fail to deliver specific numbers, are actually very rare. We mostly see them in the context of startups, and frankly we have stopped engaging with them because we kept getting to the end of the sales conversation and finding out they wanted us to build the product that they were marketing as completed . However, some projects simply do not have an easy way to tack on the AI label, or the person advocating for them either does not want to lie or has not understood that lying has become necessary. In all cases, this either kills the request for funding outright, or adds a pervasive and intractable drag on all communications, as every request must be worked and re-worked until it is “AI enough”. Failure to comply will either result in denial or, in many cases, a demand from a true believer to know why the extra work “can’t be done with AI”. Many companies have actively publicized that this is their new hiring policy – when a member of staff requests additional headcount, they must demonstrate that they have tried to use AI first. The part that’s being left out is that if you say you used AI and still need the help, you will be labelled “bad at AI” and potentially laid off. The net result of this is that almost every large organisation that I am aware of is no longer able to focus on anything important, unless they are one of the (very) few organisations where AI happens to address their highest priorities. They cannot buy sensible software, hire competent talent, communicate honestly with executives about the state of projects, or undertake any sort of sensible initiative. An emptiness falls through you As you realize what this means You're starting to feel what I feel Now you've seen what I've seen – So Sick , Domesticated Incels This is an unfortunate situation to be in, but it will pass eventually. I’ve learned a lot about the latent insanity that we have inculcated in our leadership strata, and unfortunately those traits will persist long past the current bubble, merely awaiting another similar reactivation trigger – and some organisations will stay captured until they have totally collapsed, in the way that not everyone has successfully moved away from the dreadful blockchain affair. That’s something to write about for another time. What I wanted to get to were some thoughts on surviving the immediate crisis, either by directly making systemic improvements or by holding onto your sanity. I’ll start with the “making improvements” part, because that’s the situation I find myself in the most frequently. We’re going to do a lot of sucking it up and smiling here. This section assumes that you are trying to achieve some goal that isn't repairing the organisation's manic stance, but either trying to course-correct a specific project (and possibly risk getting fired as either a leader or consultant) or achieve some totally unrelated goal. This is for people that are just waiting for the bubble to burst and trying not to go nuts. Fight the good fight, and don’t let the bastards grind you down. Godspeed. Also, and this is 100% true, Matt Mullenweg once asked me for coffee because he read the AI piledrive essay , and in context probably enjoyed it, but had to cancel because he hadn’t realized he had a flight later the same day. I am willing to pay a competent witch to hex him for this slight.  ↩ We have rejected all AI implementation work. It is absolutely a gigantic bubble and we have minimized our exposure to it – every single one of our current contracts would be totally unaffected by OpenAI collapsing, save for perhaps some second-order effects such a recession causing a client to become unable to pay us. And there’s nothing we can do to insulate ourselves from that anyway.  ↩ One of the most valuable rules I’ve heard, from Gerry Weinberg, is that consulting is influencing people at their request . Unless someone has indicated that they want us to stick my nose in, usually by explicitly saying they want guidance on general data strategy, we just let the projects fail in peace. You can barely recognize me, I’m so calm these days.  ↩ We have since kissed and made up in private, though I don’t think we’ve budged at all on the core points of our viewpoints. I maintain that Thomas is a very talented writer with a lot of good advice who just happened to blow it massively that one time because he takes Hackernews commenters too seriously. We all have our weaknesses. Mine is people telling me that “Scrum is good if you do it right”.  ↩ This is always baffling to me as a matter of being a responsible adult. If I was somehow CEO at a hospital or civil engineering firm, I would not for a second think it’s my place to start mandating specific procedures or building techniques without explicit agreement from the professionals on staff – how fucking clueless are the non-technicians who have attended a few talks and are now making mandates about how their extremely expensive professionals are doing their jobs?  ↩ If you’re an executive, board member, or anyone in charge of an “AI project” that feels trapped, I would love to hear from you. I will file the serial numbers off any stories very carefully, as I’ve done here and in every other article.  ↩ This sounds very fancy, but I think it was secretly one of those compulsory professional development things and half the audience were just like, making dinner. Truly, HR and professional bodies make victims of us all.  ↩ Where possible, when raising issues, do not have conversations about the state of AI projects in group settings, as this creates a dynamic where each individual member of the group is worried about outing themselves in front of their peers. Arrange for one-on-one settings. Make it clear that you are willing to countenance that the current AI environment is frothy, and that you will keep opinions unidentifiable when raising them elsewhere. Be extremely aware that the most outspoken people can be identified by their peers, so take care to avoid exposing your sources by, e.g. direct quotes. In the event that only a small minority (say, one person in a group of six people) is willing to speak out, it might be worth giving up and moving on to a patient that has better chances. For ongoing projects, an effective trick that I believe I picked up from Secrets of Consulting is the anonymous poll, where you can ask individuals to rate their opinion of an AI project’s success chances on a scale of 1 to 10. The typical split I have observed is half of those involved rating the project at a 3/10 and others at around an 8/10 – a clear bimodal split on a project that was already three years late . Bringing this data to a CEO can be an effective method of pointing out that some information is clearly being hidden from them on the state of the project. Always involve people on the ground. The only source of data on whether projects are succeeding or the investment is going anywhere are the people that use it for their day-to-day activity. Care must be taken to bring them into the environment where they are treated with respect (all sufficiently large companies have people that view subordinates as not-quite-real-people). It is not uncommon to uncover worldview-shaking information in short order – with one client, we uncovered that staff were totally unaware they had been given licenses for AI tooling, which cast into doubt all productivity claims. Do not question the broadest claims about AI. I cannot emphasize this enough. If someone says “AI is changing everything”, just let it pass if your goal is to fix an object-level problem rather than challenge the reality at the institution. The challenge can only come after you have gained the trust of the most senior person involved. Trust is gained over a meal in private where you assuage their anxieties, not by embarrassing them in front of peers. Remember that you do not know what statements have been emitted prior to entering a room. There will sometimes be people that have publicly committed to statements like “I am 100x more productive than I was last year”, and some may even wish they hadn’t said that but are too embarrassed to walk it back. In an untested room, common sense like “LLMs should not be allowed to deploy code without human review” can kill your chances to make an impact before you’ve even started. My practice requires me to maintain an honest relationship with my clients or the whole thing falls apart, so I can’t do this – but honestly, if you work in the fire service and need money to stop a puppy from catching fire, just lie. It’s fine. History will forgive you. Add a $10,000 AI chatbot to your project, exclusively discuss that part in meetings, whatever . Save that puppy. I have bad news – accept that you are probably not going to meaningfully push back on any of this. This is not a feature of AI, it’s a feature of dysfunctional companies. If you feel like you’re going absolutely nuts, consider switching over to contracting. I’ve advocated for contracting many times over full-time employment, but you’ll get paid a lot more and be left out of most internal politics. Also when you run into a really intolerable situation, you’ll know that you’ve got a fixed end-date. I do my best to limit my uptake of AI-related news, as it is pretty crazy-making and unproductive to consume. I no longer visit Hackernews, Reddit, or really anywhere where I am going to be drip-fed nonsense, though I allow myself exceptions for very funny things like Apple suing OpenAI over alleged corporate espionage . Consume exactly the amount you need to feel like you aren’t going insane, then stop . Ditto for complaining with friends – and tell them that’s why you’re talking about it, which buys a lot of tolerance. When someone tells me they are using AI for something when they really shouldn’t be, I smile and nod as long as they are unlikely to get themselves killed. Even family. Especially family. When someone asks me for my opinion of AI as a programmer, I recommend saying “Oh, that stuff is pretty overblown” and then changing the topic, unless they are in a position where their opinion might influence something important. Non-programmers need this guidance the most. If you’re being asked to review huge volumes of terrible AI code, just assume that the organisation is going to burn you out and fire you. You will not convince the person drowning you in 2000 line PRs to stop. Start looking for a new job as if you have already been fired. I have seen this happen many times now, and it always plays out the same way – do the job search while you have energy. Don’t worry if your speed drops or management gets annoyed at you. There is no way to avoid that, you can simply choose whether it happens now because of your job search, or later because you are too depressed to work anymore. If your manager is responding to you with clearly AI-generated text, use AI to respond to save your sanity and then look for a new job. Many people assume they will get in trouble for being that obviously rude. You will not, this particular behavior is exhibited only by true believers, and they actually like that you’ve clearly not bothered to engage with them. I know, it’s fucking wild. If you’re being asked to max out on token usage, look for a new j – okay look, you get it, right? Go find a job that isn’t going to wrench reality from your tenuous grasp. They do exist, largely at companies so small that they don’t turn up on job platforms. It might take months to find one, so start now. Also, and this is 100% true, Matt Mullenweg once asked me for coffee because he read the AI piledrive essay , and in context probably enjoyed it, but had to cancel because he hadn’t realized he had a flight later the same day. I am willing to pay a competent witch to hex him for this slight.  ↩ We have rejected all AI implementation work. It is absolutely a gigantic bubble and we have minimized our exposure to it – every single one of our current contracts would be totally unaffected by OpenAI collapsing, save for perhaps some second-order effects such a recession causing a client to become unable to pay us. And there’s nothing we can do to insulate ourselves from that anyway.  ↩ One of the most valuable rules I’ve heard, from Gerry Weinberg, is that consulting is influencing people at their request . Unless someone has indicated that they want us to stick my nose in, usually by explicitly saying they want guidance on general data strategy, we just let the projects fail in peace. You can barely recognize me, I’m so calm these days.  ↩ We have since kissed and made up in private, though I don’t think we’ve budged at all on the core points of our viewpoints. I maintain that Thomas is a very talented writer with a lot of good advice who just happened to blow it massively that one time because he takes Hackernews commenters too seriously. We all have our weaknesses. Mine is people telling me that “Scrum is good if you do it right”.  ↩ This is always baffling to me as a matter of being a responsible adult. If I was somehow CEO at a hospital or civil engineering firm, I would not for a second think it’s my place to start mandating specific procedures or building techniques without explicit agreement from the professionals on staff – how fucking clueless are the non-technicians who have attended a few talks and are now making mandates about how their extremely expensive professionals are doing their jobs?  ↩ If you’re an executive, board member, or anyone in charge of an “AI project” that feels trapped, I would love to hear from you. I will file the serial numbers off any stories very carefully, as I’ve done here and in every other article.  ↩ This sounds very fancy, but I think it was secretly one of those compulsory professional development things and half the audience were just like, making dinner. Truly, HR and professional bodies make victims of us all.  ↩

0 views

Fighting games tournaments can still be great

Last week I took a plane to Lyon, France, to participate in a Street Fighter 3: Third Strike tournament. You might have notice that I wrote a a few notes about the game recently, but I also wanted to write my feelings about the tournament. Street Fighter 3 is a very peculiar game in all its aspects. First of all, it doesn't feel, play or even functions like a traditional Street Fighter game, even according to its creators: Its first version (New Generation) had a very rocky development (as narrated in this article ) and the last one, Third Strike was purposely a swan song of the Capcom fighting game arcade era, with the next entry in the series only releasing almost 10 years later. Surprisingly, 24 years later, its creators hopes are realized. We still play it on arcade cabinets and had more than 100 players at the tournament (a first in Europe!) ; and if the game is kind of "solved" and well discovered and documented, players keep looking for answers and solutions on their own personal journey with the game! I'm not a serious Third Strike player, I just have fundamentals in fighting games, but I love playing this game in a tournament setting even if I lose all the time. There are multiple reasons for why specifically this game, and that's what I wanted to write about today. First of all, the game is fun. The parry mechanic is intoxicating and makes you want to bet your whole life bar on a single risky read. The characters are diverse and charming, both in look and gameplay . Also the game is incredibly well animated, pretty, and its soundtrack is a banger. Secondly, the game is notoriously known for its unbalanced roster. What could be an issue actually acts as a filter. In recent years complaining about perceived unfair game balance has become standard due to social media, consumer culture and professionalization (it's always capitalism). It undermines my enjoyment of this whole genre of games, and going to a tournament knowing that noboby will complain about it felt super great . The other thing that felt great are the side effects of the hardware. Most fighting games tournaments are run on consoles provided by the tournament organizers, and each player brings its controller. When the tournament is not running, players freeplay on available stations. But it takes a bit of time: players have to plug their controller, go back to the character select screen, check if their buttons are configured properly, pick a character, and finally the match starts. It may not sound much, but it takes usually 2 to 5 minutes, and a fighting game fight rarely lasts longer than that. So quite logically, people run sets. First to 3 or 5, best of 3 or 5. The players waiting behind have to announce they will play the winner of the set, or the already installed players won't move. Newcomers often find this situation anxiety-inducing, as you are interrupting people who are often better than you and asking a person to leave. But Third Strike has not satisfactory console ports, so all tournaments are held on arcade cabinets (most of the time the Sega Astro City ) running the 1999 original dedicated arcade boards . Quite logically, nobody brings a controller, everyone has the same button config, and the game automatically falls back to the character select screen after each match. You just sit, pick the character and play. And in a true arcade culture fashion, you only have a single chance to prove you're the best. If you win, you stay and play against a new opponent. If you lose, you stand up, go back in line and wait for your turn. That may sounds harsh but it's actually a blessing in disguise. The dynamics of play are very different. You have to get into the game fast, commit on your actions, reflect on what went wrong or you'll lose all the time. But even when I lost, I did not wait long to play again due to the 20 (!) arcade cabs. It actually was one of the fighting games events where I played the most in my entire life . And finally, it was not an e-sport event, which means it excluded a whole bunch of annoying things that became standard when capitalism immersed itself into fighting games tournaments. There was no money to win, no sponsor to announce, no ad breaks, no ugly jerseys, no external pressure to perform, no fanboys, no autograph sessions. The tournament was self-funded and organized by two non-profits, but still managed to bring an impressive production value to the table with an amazing scene, a stream that regularly rolled commentators from different countries so everyone felt included, and prestigious guest players from Japan. Going there, I was not expecting much. I just wanted to hang out with friends and see folks I missed for years, maybe visit the city. But when the first day ended, my roommates and I talked at length during the night about how fun and great fighting games are . It was a feeling of enjoyment I had forgotten, as if I had finally reconnected with a lost friend. The sudden realization that yes, fighting games tournaments can still be great, and that I missed them so much.

0 views
Unsung Today

text.makeup

I am generally not someone who cares much for easter eggs (unless they come with interesting stories ), but John Gruber’s one-liner made me pause for an unexpected reasons: Joanna Stern explains why this emoji is correct today: 📅. (This one too: 📆) I thought the two different calendars was some trickery, but the answer is simpler than that. I did not realize that, inexplicably, there are two distinct calendar emoji: one for calendar, and one for a tear-off calendar. The way I learned about it was to use a tool I made a few years ago called text.makeup : I thought this would be a nice opportunity to share it with you. If you’re debugging a string you don’t understand, or are just interested in learning about various Unicode or encoding secrets through playing (see the left sidebar!), it might be a fun thing to use. I just updated it with the most recent emoji (and Unicode goodies) that will drop after September this year. #encoding #marcin wichary #toolmaking #typography

0 views
Unsung Yesterday

“No such thing as too fast”

On Mastodon , Alex Russell, a product architect who’s worked on Chrome and Edge, and has focused on tech standards for a while: Once Upon A Time At Google, a team presented results that had confounded them: making the system load several times faster increased engagement somewhat, but in line with Tammy’s findings, engagement went way up for every 100ms improvement below the 1s threshold. Going fast enough to become “dial tone” changed user behaviour and expectations in a hugely positive way for the product. This sort of “no such thing as too fast until you prove it” lesson is everywhere . Phrasing it as “no such thing as too fast” is really interesting, and not something I encountered before. (The way I understand the “dial tone” remark is commenting on reliability of landline phones in the second half of last century. The landlines were extremely reliable and even came with their own power source; you could pick up the handset and the dial tone – the system’s confirmation it’s ready for you to dial – was inevitably and immediately always there, already waiting for you. There was never any delay when the phone had to get ready for you to call.) Russell links to a report by Tammy Everts : If you make websites for a living, stop what you’re doing and read this research by Tammy Everts; it shows what many of us have been saying for a long time: even if there is such a thing as “fast enough” (there isn’t), it’s generally much faster than you are targeting. The report itself is perhaps too deep and jargony for this blog, but the TL; DR seems to be: Google suggests the time for the site to finish loading its largest piece is 2.5 seconds, and Everts argues and shows evidence that it’s a lot less. I have before focused on “finger speed” – making sure the interactions operate at the “speed of flow,” which requires sweating speeds counted in milliseconds. Everts’s and Russell’s comments confirm that millisecond-speeds matter for other reasons, too. #performance #web

0 views
Stratechery Yesterday

2026.29: Mainframes and Main Characters

Welcome back to This Week in Stratechery! As a reminder, each week, every Friday, we’re sending out this overview of content in the Stratechery bundle; highlighted links are free for everyone . Additionally, you have complete control over what we send to you. If you don’t want to receive This Week in Stratechery emails (there is no podcast), please uncheck the box in your delivery settings . On that note, here were a few of our favorites this week. This week’s Stratechery video is on A Script for Mark Zuckerberg . The End of the Mainframe? IBM’s stock experienced the worst day in its history, which is saying something considering the company has been a public stock for 115 years. The product most synonymous with that history is the mainframe computer; mainframes defined the first wave of IT , and they are so useful and essential that IBM’s customer base is largely the same as it was half a century ago. Now, however, mainframe sales and the software that runs on them are faltering; management blamed AI spend, but as I argued in Wednesday’s Update , the real concern for IBM is that AI’s ability to port the essential backend programs that run on archaic technology will mean those missed sales never come back. — Ben Thompson The Continuing Adventures of OpenAI.  The fun with OpenAI never ends, and the middle of the summer is no exception. In Monday’s Update Ben parsed a new lawsuit from Apple that looks like more smoke than fire, and in Tuesday’s Update he doubled back to cover the revamped ChatGPT app on the Mac and what it signals about the company’s priorities going forward. On this week’s episode of Sharp Tech , and both episodes of Dithering , we discussed all these topics, as well the reports of OpenAI’s new hardware product — an ambient speaker, with robotic components — and why that idea sounds like a great first experiment in the hardware category.  — Andrew Sharp Is Netflix Washed? It was only last December that Netflix was set to buy Warner Bros. Discovery, dominate Hollywood in perpetuity, and compete with YouTube using a massive library of hit franchises and HBO IP. That idea was abandoned in February and it’s been a rocky year ever since, including another hit to the stock on Thursday and Friday. I wrote about all of it on Sharp Text this week , where I marvel at how disposable the original content has become and argue that the attempts to retain attention by mimicking YouTube (and possibly Tubi?) have left the biggest premium platform in the world looking more mortal than ever.  — AS Apple Sues OpenAI, Apple’s Real Problem — Apple is suing AI for stealing trade secrets; there is one guilty employee, but this mostly feels like lashing out. The OpenAI Super App, ChatGPT = Codex, Whither Chat — OpenAI has refashioned Codex as the new ChatGPT; is the company abandoning the chat category they pioneered? IBM Misses, IBM’s Mainframe Moat, IBM’s Many AI Problems — IBM announced preliminary results that spooked the software market generally; this is a story, however, specifically about IBM and its mainframe franchise. Is Netflix Washed Now? — Watching Netflix as the platform exits its prime. Apple Sues OpenAI OpenAI Hardware The Cochlear Ear Miracle K-Shaped Economic Data And Its Implications; Ma Xingrui News; Closing Window for Open Source AI?; The SCS and International Law Everyone at Summer League Is Thrilled, The Summer of Second Apron Angst, How to Be an NBA GM The Continuing Adventures of OpenAI, Apple’s Trade Secrets Lawsuit, Q&A on Mainframes, Meta, Daylight Savings Time

0 views
matduggan.com Yesterday

Art Doesn't Scale

Listening to two acquaintances argue about if AI art is "art" is not a new experience for me, the now eternal debate between Doomer and Boomer. In this particular context, I'm listening to it as I wait for my surprisingly expensive iced latte in downtown Copenhagen. This coffee shop is one of my favorites, a small hole in the wall where the shop starts on the second floor. Everything is hand painted in a way I associate with the hippie roots of Copenhagen. They have an older golden retriever lying on the floor in the heat with a sign on his crate telling people not to bother him if he's taking a break. "Sometimes he needs his alone time". Me fucking too I think as this conversation drags on. There is a certain irony to the people having this conversation. One is a well-off tech worker, telling the much less well-off artist that the thing he has made through a prompt and the thing she practiced for years to make are functionally the same thing which is a classic AI Boomer argument. "I'm not saying I would sell mine, but isn't the point of art the emotion it brings out when you see it?" The artist seems somewhat baffled by the question, which I understand because she doesn't see the world as a machine that inputs ideas and outputs profit. I use some LLM tools while programming but I would argue I am still more Doomer than Boomer. As someone who straddles these two worlds, both working for large corporations and interfacing with these borderline sociopaths in business casual pants and expensive watches and also as someone who finds the joy in their life through the celebration of the artistic output of others, I understand them both. One sees it as a capacity problem, a barrier broken down so that now he can do everything and no choices have cost. The other sees it as a baffling attack on her passion. You could always learn to draw, nothing was ever stopping you is her refrain. Which is true but doesn't resonate with him, in part because I suspect he believes he could do anything. But I hear this argument enough that I thought we should talk about it, if for nothing else than to give me something to think about as I stare at the dog crate and hope the dog comes out to say hi. So I love books of all sorts, including a lot of very trashy books. Nothing I enjoy more than a Space Marine ripping the head off an alien. One medium that I really like as an adult with limited free time are comic books. I love everything about them, the feel of the too slippery covers and the rub-off on your fingers of old comics. I love how weird they are, how stories that don't work are dropped on the floor and never mentioned again. It's like watching someone build a railroad as the train rides down the tracks. My routine for years was to go pick up my pull list and then wander around for a bit while they assembled it. This is how I found great series like Sandman and countless others that ended up being some of my favorite reads. One of these pull list discoveries I made while standing around surrounded by the delightful acidic smell of a comic book shop was The Black Monday Murders. You can find it here . The story of The Black Monday Murders is genius and I won't ruin it. You can read the first issue for free at the link above. My friends and I still text each other "All Hail God Mammon" when the stock market goes way up or down. The basic concept was "what if money and magic were related and banks were basically worshiping the god of greed". I consumed this series and fell in love with it. I mean come on what's not to love about that. So the first issue comes out in 2016, we get a....very slow drip of new releases through 2018. 2018 is when I got issue 8 and then that's it. Since then we have had teased new issues, every year or so someone posts on social media "oh there's a new one coming". There is a lot of media like this but for me, this is the one I think of most often as "what-if". I think it is a genius idea that is especially relevant in today's world and I am sad that we may never get another one. So I was expressing this to a boomer friend who casually responded with "why don't you just make your own"? LLMs allow us to generate lots of artwork like this now, you can maybe cobble together a story, wouldn't it be fun to make your own issue for your own personal consumption? To him, this is the perfect use of this technology, allowing a fan to make more of the thing they love. To me it feels like if someone said "if you are hungry, there's a puppy over there, just pop that bad boy in the oven for 2 hours and have yourself a snack". To me that's not a tribute or the act of a fan. It's making a forgery. The thing has no value to me as a reader if I removed it from the entire creative context of its creation. There's a great short essay by the philosopher Denis Dutton from 1979 called Artistic Crimes . It's about forgeries, not AI, but every paragraph rings like a bell for the argument I keep having. You can read the entire thing here (it's not that long I promise). What I was struck by was how many parallels you can draw between the two issues. Like AI art, the existence and occasional acceptance as real artistic works of forgeries has a special power to discredit the art critic and historian community. The success of a forgery creates a belief that the entire criteria by which art is judged by is fundamentally flawed. If something is amazing before you knew it was a fraud and trash after you came to find out it was fake, then the assessment of art has no basis in aesthetic properties. It is pointed to as a demonstration that the only reason a "masterpiece" is valued over a random painting at the flea market is that a famous person made the first one. Effectively all art is bullshit and LLM slop/forgeries are equally valid because they invoke the same emotions in the audience before the deception is revealed. Now everyone, or at least everyone whose opinion I value, can agree that knowing if a piece of art is real of fake matters in terms of both its monetary value and its value historically. Even the most staunch Boomer I know would admit that fake paintings shouldn't hang in museums next to real ones. Where the two groups diverse, in LLM art and forgeries, is whether the assessment of its aesthetic merits should not be impacted by its status as real or fake. Part of what is impressive about the performance of making something is that you are celebrating how much a person or group of people succeeded. This is why we delight in stories like "Stardew Valley was made by one person in his house for years with no money hand-drawing each piece of art in the game, so intense was his love and commitment to the project". You don't have to know that to enjoy the game, but pretending it changes nothing about how you enjoy it once you do it is nonsense. Same with movies like "Good Will Hunting". Sure it's a good movie, but the story of two childhood friends making it for not a lot of money and one of them leaving Harvard to shoot it changes your connection to the material. It can't not. You love the thing, you learn more about the human story behind the thing, you love the thing even more. Part of the magic of wandering through a museum is that I cannot do the things the artists here have done . I cannot make modern art, I don't have a vision like those people do. I don't have the strength of character and conviction to commit to something like they do. I frankly lack the fucking spine to stand there next to a creation of mine that a thousand morons a day will look at and say "I could do that". No you couldn't and that's part of why its impressive to look at. Forgeries, like LLM art, are misrepresentations of achievement. You want the same credit and respect as someone who actually did a thing, but you haven't done the thing. Once that discovery is made or, frankly, one that is suspected, the relationship to the work has been permanently changed. I'm no longer viewing it from the perspective of the output of a human who I want to succeed but instead skeptically as someone attempting to steal credit for work they didn't do. The other argument the boomers make is about bottlenecks. My favorite comic isn't finished because the author is busy and human. But we could feed the machine the premise, let it crank out pages, have him touch them up, and, bim bam boom issue nine, ten, eleven, a hundred. Let me be clear that I'm not precious about everything in my life. I am not one of those people who thinks everything must be handmade by candlelight. I love a Dunkin Donuts coffee. I love the ridiculous bucket-sized cup, the sugar content that could kill a horse, the milk-adjacent liquid that has clearly never seen the inside of a cow and is shelf-stable until the heat death of the universe. I love standing in line behind two guys in Carhartts complaining about a foreman named Chris who is, and I quote, "a real fucking prick, man." I could eavesdrop in an IHOP for the rest of my natural life and die happy. Sometimes I want the $22 burger. Sometimes I want the McDonald's cheeseburger, no pickles. Both are fine. Both have their place. But here's the thing the boomers keep missing: I get to pick. The choice is the thing. And the AI rollout, as currently constructed, is designed to remove the choice. Not offer a new option but replace the existing one. The boomer argument, stripped of its language about productivity and democratization, is really this: we're going to make the cheaper thing, we're going to stop labeling it, and you're going to keep paying the same price because what are you going to do, not consume media? Because it is cheaper and faster to make doesn't make it something anybody wants. My favorite local bakery makes a great sourdough that I try to get whenever I can. If they sell out, I don't buy a loaf of Wonder Bread and pretend it's the same thing. I go home without bread. Sometimes the honest answer to scarcity is going without . This is what boomers can't hear. They think we're arguing about the quality of the output, and so they keep showing us better and better outputs as if that will close the deal. But we're not arguing about the output. We're arguing about what it means to receive a made thing from another human being. Every comic in my pull list, every trashy Space Marine novel, every weird indie game are letters from strangers who cared enough to spend years of their lives making something for me to find. The value isn't in the artifact. The value is in the fact that somebody bothered . A machine cannot bother. It can only produce. I would rather have eight issues of The Black Monday Murders and the ache of never getting a ninth than a thousand AI-generated issues that continue the story forever. The ache is part of the art. The waiting is part of the art. The possibility that the thing I love might never be finished is part of what makes it real. Forgeries don't ache. They just fill space, like the paintings in a Best Western lobby, hung there because a wall needed something on it. All hail God Mammon. He always did prefer the cheaper option.

0 views

On ethics and usefulness

Kevin sent me a link to this email from Linus Torvalds the other day, and I found that to be a great example of something that has been bothering me for a while now. It’s about AI—everything is about AI these days, so damn boring—and, more specifically, Linus’ position when it comes to the use of LLMs. What I find bothersome is the lack of any consideration for the moral and ethical implications of the technology itself. The justification for its use essentially boils down to “it’s a useful tool”, which is a totally unconvincing argument in this context. In his defense, Linus also mentioned that «There are other questions around AI» but it’s telling that the one example he picked was «what the economy of it will actually look like in the end» which, again, has nothing to do with anything related to the ethics around the use of these tools, how were made, and so on. And look, I understand that this is a very complex landscape to navigate since it touches A LOT of different aspects. But to quote Linus, «the solution is not to put your head in the sand and sing "La La La, I can't hear you”» . This is a technology that is deeply entangled with moral and societal issues, and you have to accept the fact that you need to confront those ethical and moral dilemmas. There’s no way around it. And if you decide to sweep everything under the “it’s useful” rug, well, that’s disappointing to say the least. Thank you for keeping RSS alive. You're awesome. Connect via email :: Sign my guestbook :: Support for 1$/month

0 views
Lalit Maganti Yesterday

What I'm Changing After A Year Of Blogging

Writing for the world is something which has ebbed and flowed for me over time. I’ve always liked sharing my thoughts, starting with websites all the way back when I was a kid. In times when I sustained it, I had various “blog”-like things for technical projects which would often veer into sharing personal beliefs as well. It’s been a year since my latest attempt at what I expect to be a lifelong endeavor. So I’ve been reflecting on how it’s gone, and that’s led me to make some decisions on how I want to rework things going forward. I have two goals with my writing: Although it might not seem like it, these goals are somewhat in conflict with each other. Sometimes I’ll write up TILs or low-effort posts which may not be that interesting to most people, and I don’t want these mixed up with my best work in the eyes of readers encountering me for the first time. I’m by no means unique in this; lots of internet writers have the same dilemma and take different approaches to dealing with it. Two options I considered are: I don’t like option 1 because I don’t particularly like social media. I was off it completely for years and have begrudgingly come back because it’s useful for sharing things with people, but it’s not something I enjoy. More importantly, I want everything I write to live on my own site, under my control, rather than scattered across platforms I don’t own. Instead I’ve taken option 2: I’ve decided to more strongly separate articles and notes from each other. The main way I’m doing this: I’m no longer going to be sending out notes over email on Substack . I initially conceived of Substack as a “newsletter” of sorts, rounding up everything new on the blog since the last edition. But over time I’ve come to dislike the effect this has: I don’t feel like sending out a newsletter until a high-effort article is ready to go with it. If nothing is ready, I end up just waiting, sometimes for more than a month. Why? Because I don’t want a newsletter edition which doesn’t put my best self forward. This might all be a me thing: I don’t know how many of my newsletter readers mind if I send them low-effort things. But I feel bad about it, and I think that’s enough for me to not do it. So instead I plan on reworking it from a newsletter into an articles-only feed. When an article is ready, I’ll publish it on the blog and send it out over email on the same day. I’m going to try to do this on Saturdays, though I can’t promise I’ll always manage it. At the bottom of each email, I’ll also leave a short “since I last sent you an article, I published thoughts on X, Y and Z”. But it’ll be a one line footnote, not the full content as I do today. If folks do want to subscribe to everything, my suggestion (see the subscribe page ) is to use RSS or an RSS-to-email service. Setting one up on my side would require either managing emails myself (which I think would be painful), manually copying posts to Substack (the tedium disincentivizes me from writing the short posts), or paying for a second email service alongside Substack (which I don’t want to do unless someone will actually use it). If you want everything from me in your inbox, reach out as it will help me decide if I should change my mind. This also knocks on to the homepage. In my previous redesign post I discussed how I switched to a two-pane dashboard feel and categorized what I wrote into three things: essays, write-ups and notes. While this was certainly cool and I liked it, I also constantly fell into the trap of having content which could debatably fall into either essays or write-ups. So I’ve erased that distinction: both are now simply articles, reflecting the effort and thought I’ve put into them. Notes remain much the same as before. I also went back to a single chronological feed, because readers gave me the feedback that they liked seeing at a glance if something was new, rather than scanning across three distinct sections to try to work it out. Articles are still clearly differentiated from notes though: they’re bigger, bolder and have explicit labels. Unrelatedly, I also spent a bunch of time improving RSS. After dogfooding my own feeds, I realized I had made some real mistakes in the way the feed was generated: content was losing all its links and being shortened. Now full articles are published properly to the feed (though things like sidenotes still won’t look the same as on the website). All in all, I feel a lot happier after figuring out how I wanted to handle high- vs low-effort content and deciding on making the Substack articles-only. My best work now gets presented in the way I want, and that makes me feel a lot freer to publish the imperfect stuff too. I want the freedom to write what I want and put as much or as little effort into it as I like. I care a lot about presenting the work I think is good in the best way possible to readers. High-effort content on the blog, low-effort content on social media. Separating content on the blog into high-effort (articles, essays) and low-effort (notes, snippets, TILs, etc.).

0 views
Maurycy Yesterday

Regressive JPEGs:

One of the cool features of JPEG files is that there's the option to save low frequency components first. This means that a partially downloaded image will be displayed at low resolution instead of being cut off. In the file, this works by breaking up the compressed data into multiple "scans", each prefixed with a header. Here's the first scan of a representive image: ... this one includes the lowest (DC) Fourier bin for all three color channels. The three color channels are YCbCr instead of the usual RGB. The luminance (Y) seperated because it must be high quality, but the color can be fudged quite a bit while looking fine. Very roughly: Y = G, Cb = B - G, Cr = R - G After it, the file contains eight more scans to fill in the rest of the data: Scan number Channels DCT bin range Precision 0 Y Cb Cr 0 - 0 Half (-1 bit) 1 Y 1 - 5 Quarter (-2 bits) 2 Cb 1 - 63 Half 3 Cr 1 - 63 Half 4 Y 6 - 63 Quarter 5 Y 1 - 63 Half 6 Y Cr Cb 0 - 0 Full 7 Cr 1 - 63 Full 8 Cb 1 - 63 Full 9 Y 1 - 63 Full Scan #0 contains a very low resolution preview of the image. Scan #1 adds some details to the luminance. Scans number two through five contain full low precision data. Scan 4 has an unusual spectral range because it's filling in the gap left by #1. That way, number 5 has full quarter precision data to build on. Scans six through nine add the final missing bit to bring the image to full quality. Given what I said about color being less important, it might seem weird that my example has the color data first: This works because the the chrominance is saved at half resolution (quarter pixel count). As a result, full chrominance data (Cr + Cb) only weighs half as much as luminance. Since each scan explicitly sets its spectral range , it should be possible to construct a JPEG file where future scans overwrite already rendered image data. Actually, it's very easy to do this: Concatenate multiple images with the same resolution and filter out the start-of-image, start-of-frame and end-of-image markers. This can be done in a hex editor, but I used a quick and dirty C program. When served over a slow network , this concatenated file will switch between multiple images: Click to open in new tab But, most decoders will give up after some number of scans : I think this is done to avoid a zip bomb style problem... but it prevents this from working on more than 9 frames, which is not enough for a proper animation. To do that, I'd have to minimize the number of scans in each frame. The simplest idea is to start with baseline JPEGs that only have a single scan. ... but it doesn't work: In progressive mode, a scan can't contain both AC (bins above 0) and DC (bin 0) data at the same time. This limitation doesn't exist for baseline mode, but the baseline decoder stops after the first scan. Since AC data must follow DC data, the smallest possible "progressive" JPEG contains a single DC-only scan. Because the DCT runs on 16x16 blocks, such an image won't a solid color: it'll be 1/16th of the original resolution. Scan number Channels DCT bins Precision 0 Y Cb Cr 0 - 0 Full Doing this, I can get Chrome to render around 90 frames before giving up. Other browsers like Firefox have more patience, but a 90 scan image seems to work almost everywhere. As a bonus, this avoids the ghosting of the naive attempt: that happened because AC scans are supposed to refine old data. Normally, this allows images to include multiple precision levels without inflating file size... but doesn't play nicely with my tricks. If the file only includes DC scans with no actual progression, this isn't a problem. Since a "DC-only" frame is a standards-compliant images , creating them doesn't require anything special: Using these, it's possible to pack a whole video inside a single image: Click to open in new tab Besides unconventional rickrolls and other trolling, this has no practical applications: there's no way to add timing information, so playback is entirely dependent on network delay. ... although there is a lot of fun to be had using partial rendering: This is a pure HTML video using <dialog> tags: badapple.rose.systems Of course, there's no rule that the data must be hardcoded: here's a interactive single-page application with no CSS or JavaScript. (seems slighty broken, I'll investigate later) Related : /projects/bad_jpeg/merge.c : The code used to generate these images /projects/bad_jpeg/merge.c : The code used to generate these images

0 views

Kimi K3, and what we can still learn from the pelican benchmark

Chinese AI lab Moonshot AI announced Kimi K3 this morning, describing it as their "most capable model to date, with 2.8 trillion parameters". It's currently available via their website and API, but an open weight release is promised "by July 27, 2026". Moonshot are calling this the first "open 3T-class model" (I guess they're rounding 2.8 trillion up to 3 trillion), taking the crown from DeepSeek's 1.6T v4 Pro . Their self-reported benchmarks have K3 mostly beating Claude Opus 4.8 max and GPT-5.5 high, while losing out to Claude Fable 5 and GPT-5.6 Sol. A few highlights from the Artificial Analysis report on the model: The model is also now the leading model on Arena.ai's Frontend Code arena , surpassing even Claude Fable 5. The new model is notable for the pricing: $3/million input tokens and $15/million output tokens, putting it at the same level as Anthropic's Claude Sonnet series and making it the most expensive model released by a Chinese AI lab to date. This is a significant increase on their earlier models such as Kimi K2.6 at $0.95/$4. 2.8 trillion parameters is also more than twice the size of that 1T model. I used OpenRouter (to avoid signing up for a Moonshot API key) with the llm-openrouter plugin to generate an SVG of a pelican riding a bicycle: Here's the transcript . It looks like this: That pelican took 95 input tokens and 16,658 output tokens (13,241 were reasoning tokens), for a total cost of 25 cents ! Since K3 accepts image input I ran it against that rendered SVG above (with my alt text prompt ) and got back (for 0.6 cents ): Cartoon illustration of a white pelican wearing a red scarf, riding a red bicycle along a gray road with white dashed lines; the pelican has a large orange beak and webbed orange feet pedaling, with white motion lines behind it; the background shows a light blue sky with white clouds, a yellow sun, two small black birds in flight, and green grass with tiny white flowers in the foreground My Generate an SVG of a pelican riding a bicycle test is 21 months old now. It was never a particularly great benchmark. It started out as a joke on how absurdly difficult it is to compare these models, but then for the first year it turned out to have a surprising correlation to how good the models actually were. That connection has been mostly severed now. The GPT-5.6 and Claude Fable 5 pelicans are outclassed by GLM-5.2 , and much as I love GLM I don't think that's a Fable-class model. (I'm still not convinced that labs are training for the benchmark - if they were, I'd expect much better results. There's a chance that Gemini has optimized for any combination of an animal on a vehicle though!) The biggest limitation of the pelican is that it doesn't touch at all on the thing that matters most for today's model: agentic tool calling and the ability to operate tools reliably as conversations grow in length. So don't go using pelicans to compare models! All of that said, I still get a decent amount of value out of running the benchmark myself. Firstly, it's a forcing function for actually trying the model. If I show you a pelican, that means I've managed to run a prompt through it. If the model has an official API I'll use that, if it's open weight (and small enough to fit a 128GB M5 MacBook Pro) I'll try running it on my own machine, usually via llama.cpp or LM Studio or Ollama . I'll frequently use OpenRouter since that usually provides a proxy to an official API without me needing a new API key. Most of my pelicans are generated using my LLM CLI tool , which helps encourage me to ensure the latest models are supported by that (via one of its plugins). More importantly though, even the act of a single prompt to "Generate an SVG of a pelican riding a bicycle" can reveal interesting model characteristics. Consider the result for Kimi K3 today. Running those simple prompts helped emphasize several points about the model. K3 currently only has one thinking effort level, but I've been deriving quite a bit of value recently from running the same pelican prompt through different effort levels to get a quick idea for what impact those have. Here's my matrix for the GPT-5.6 model family , for example. Really though the main things I gain from the pelican test are: You are only seeing the long-form articles from my blog. Subscribe to /atom/everything/ to get all of my posts, or take a look at my other subscription options . "On our private long-horizon knowledge work evaluation, Kimi K3 reaches an overall Elo of 1547, +732 points from Kimi K2.6 and behind only Claude Fable 5." "Cost per task ($0.94) is similar to GPT-5.6 Sol ($1.04), ~1/2 the price of Opus 4.8 ($1.80) and higher than open weights peers" "Kimi K3’s token usage on the Artificial Analysis Intelligence Index decreased significantly, using 21% fewer output tokens than K2.6." It only has one reasoning effort right now, "max" - and it shows. The model consumed 13,241 reasoning tokens to output 3,417 tokens of response. This is expensive - the pelican cost 25 cents! How does the prompt "Generate an SVG of a pelican riding a bicycle" add up to 95 input tokens? OpenAI's tokenizer counts 10, Anthropic's counts 10 for Opus 4.6, 30 for Opus 4.7 and 25 for Sonnet 5/Fable 5. Prompting "hi" to Kimi K3 counted 86 tokens, suggesting there may be an 85 token hidden system prompt. It refused to leak it though. Vision works well: the alt text it generated is very good. It's a "hello world" exercise for prompting a model A rough cost and reasoning estimate for a simple task Confirmation that the model can output valid SVG and has a basic idea of geometry and spatial awareness. This is a much bigger deal for the smaller models that run on my laptop. It's still interesting to compare pelicans between releases in the same model family. K3's pelican is a notable improvement from Kimi 2.5 . It's something I can share that demonstrates I've tried it. Plus a comment with a pelican in it is kind of a tradition on Hacker News at this point, any time I'm late I get comments asking where it is!

0 views

Workshop Basel day three

See also: day one, day two . There is only one thing that is better than two days of HTTP workshop, and that is of course three days of HTTP workshop. The final day of this edition of the series started out with us again shuffling around where we parked ourselves around the big table. Except Mr captain of course who once again got to herd us forward through another day from the same seat. MOQ ( Media over QUIC transport ) is not HTTP, but it uses QUIC so it is at least tangentially interesting and it involves a lot of the same people so this status update still felt welcome and suitable. Compared to existing HTTP based solutions, MOQ is supposed to offer less complexity and lower latency. The moon landing was broadcasted with less latency than current live-streamed TV and maybe MOQ can make us come close to those numbers again. In MOQ clients subscribe to a track that then contains a lot of objects that are delivered. It’s not the request + response approach of HTTP. The fact that this is not HTTP of course brings a lot of questions and well, doubts, and we lingered on various aspects of this topic for quite a while. My prize for the best slides of the HTTP workshop 2026 goes to [redacted] for the excellent use of potato images in their presentation. PTTH is HTTP spelled backwards, commonly pronounced as PoTaToH. A client sets up the connection but the actual HTTP request is sent from the server to the client. One of the intended use cases for this, is to allow an origin server to connect to the CDN proxy and then be able to deliver traffic to the world, rather than to have the CDN connect to the origin the way they usually do. Apparently most CDNs already have custom and proprietary solutions for exactly this kind of feature, so maybe doing it in a standard way instead makes sense? The draft explains the new proposed way to continue a previously interrupted upload over HTTP. The upload request gets a Location: header back for the resource being uploaded, and if it gets stopped prematurely, a client can then HEAD that resource, figure out the size and then do a second upload (using the PATCH method) request that tells the server that this transfer should start at offset X. Exactly how this should be supported in browser’ upload forms seemed a little bit uncertain . For my own sake I can see a challenge to implement this nicely for curl in particular when the upload is using formpost upload (curl’s -F flag) which after all still is a very common way to do uploads on the current web. I’ll return to this topic at a later time when I written an implementation to test… io_uring is a Linux asynchronous I/O framework that avoids the overhead of traditional system calls. It uses two shared ring buffers between user space and the kernel, allowing applications to batch I/O operations with zero-copy efficiency. The feature is disabled by Google in ChromeOS, Android and in production Google servers which certainly holds back some use of it. io_uring can be helpful to speed up things, but might be complicated to use in existing software architectures and the presentation went into some details on why this is so. A walk-through of some of the recent developments and improvements in Firefox’s UDP networking stack . Going from single datagrams to the modern ways to ship large chunks of data offloaded to the kernel to speed things up. Upload throughput in Firefox is up 60-90% over the last 11 releases. Lots of fun graphs and metrics were shown. This work is based on the quinn-udp stack. Happy Eyeballs v3 is coming and Firefox is implementing it . It now takes into account many more data sources than before, including alt-svc and HTTPS-RR and races connections against each other to use the one that connects first. There are some recommended timers in the specification and parts of the discussion was around how maybe the timers could instead be tightened a bit, and maybe the delay between the subsequent attempts could then use an exponential backoff instead sticking to a fixed interval? (I know I’ll discuss some of these details with my curl hacker friends and see what we should adjust… curl already supports most of the Happy Eyeballs v3 specification.) As we approached the end of the day a few shorter topics were ventilated to give us a little more to consider before going home: With this, the seventh HTTP workshop had ended. Again a very fine event. This time graciously sponsored and arranged by Adobe. Thank you everyone! The general idea is to continue with these events roughly every second year and I support this. The HTTP workshops are definitely one of my favorite events. The top image on this post was used in the final presentation and the author told me he is aware of the AI errors in there, “of which there are at least two”. Why is there no UTF8 in URIs? “If we would do it again, we would have allowed UTF8 in there” was said by someone who was there in the mid 1990s… Optimistic DNS is a draft. Use stale DNS cache data while getting the new. Connection remains alive for 120 seconds while DNS data is often not cached for even 30 seconds. No one in the room seemed to hate it. Let’s do this! The journey to QUERY. One of the primary authors of the RFC took us through what it took to make it happen. It was sixteen years since the most previous registered HTTP method and maybe this was the last one ever?

0 views
DHH 2 days ago

Three sacred cows that must die so Europe can live

The decline of Europe is not inevitable, despite how much Americans love to joke/proclaim that the continent is doomed to become an open-air museum. Sure, it's possible that things have to get worse before they get better, but believing that "it's over" is just loser talk. It's never over, but the old world also won't recover by itself. So here's my pithy prescription for how Europe can find its way back to The Good Times. #1 End mass migration No single issue has cost Europe more than mass immigration when you add up the political, social, and economic consequences. You can't save the continent's declining birth rate, growing retiree burden, or even economy as a whole by importing millions of people from a culturally incompatible third world. I can forgive the original architects of this disaster with the goodwill you should always allow those who dare dream about the future. If you were nurtured on the delusion of blank-slatism, it wasn't much of a stretch to believe the theory that integration and assimilation would correct all immigration ills in a generation or two. But now that it hasn't, and the evidence is overwhelming that it won't, it's imperative that we collectively update our priors. To some of Europe's credit, this is already happening in places like Sweden, which has been on a fast track to copy many of the restrictive Danish ideas on immigration. But it's far, far from enough. Because the sacred cow here is not just that mass migration must stop going forward. It's also that millions who are already in Europe must go. Remigration has gone from a fringe concept to the mainstream discourse in record time on account of that realization. The Overton window is swinging wide open, but the cow is still there. #2 Drop climate austerity This year has given us yet another installment of the old air-conditioning diaries. Tens of thousands of people die needlessly in Europe every year from something as simple as summer (more than the number of Americans who are killed by guns every year!). The climate catastrophizers have somehow married themselves to the moral argument that air conditioning in itself is a sin (because it uses ENERGY!), and the death of the old and the poor is a simple sacrifice they're willing to make. It's as callous as it is retarded. But the fight over air conditioning is downstream from the larger delusion about Europe's role in climate change. Setting aside how much of global warming is due to man-made causes, the reality is that Europe is irrelevant to the equation either way. Just 6% of global emissions originate there. So even if the nirvana of net zero could be achieved, it would change nothing, yet cost the continent everything. Behind this climate hysteria is an even deeper delusion, though: that degrowth will deliver us all from the sins of modernity. That energy use in and of itself is suspect. That salvation will be delivered through abstinence. It's all nonsense. Europe can't be a competitive part of the global economy if its energy costs are several times those of its commercial counterparts. And if you combine uncompetitive industries with a naive free-trade posture toward the likes of China, you'll not only get a dirtier planet, but also a hollowed-out economic bloc. #3 Stop fighting success The best part of the American ethos is the belief that we can build our way out of anything. Behind China on chips and fabs? Let's build. Challenged by BYD? Let's build. Catch a glimpse of a future massively accelerated by AI? LET'S BUILD. Europe needs to shamelessly copy this aspect of the American ethos. It might not be able to match those crazy dreamers across the Atlantic, but it can give them a much, much better run for their money than it does today. This is the part that the European establishment already acknowledged with the Draghi report. This is what the seeds of promise from the Europe Inc initiative need to grow. But we need much more, much faster. And a big part of that is making peace with success. I know, this is perhaps the hardest ask of all. A generational skepticism of capitalism and the institutional inertia that supports it means we probably need a deeper crisis before the ship can be turned around. But Germany is on a fast track to deliver a sequel to the economic dismantling of Britain, so perhaps that example can provide the ignition. Now do it all at once This pithy prescription is not meant to be applied sequentially. First we fix this, then we fix that. No, we have to fix all of it at once: remigration, energization, and entrepreneurialism. It's all interconnected, but that actually makes the whole endeavor easier to pull off, not harder. Momentum in one area will feed momentum in the others. Europeans can rediscover their roots, their ancestry, their ingenuity, and choose to channel all those healthy national feelings toward a grand revival. But first, we need to sacrifice these holy cows and prepare the feast. How is next Thursday for you?

0 views
Kev Quirk 2 days ago

📝 2026-07-16 17:05: Anyone using Pop!OS with Cosmic? I tried it when it was first released, but I...

Anyone using Pop!_OS with Cosmic? I tried it when it was first released, but I looks like they've done a lot of dev work to it and it's improving all the time. Considering installing it again... Thanks for reading this post via RSS. RSS is ace, and so are you. ❤️ You can reply to this post by email , or leave a comment .

0 views
David Bushell 2 days ago

Choose your own dark mode

Hello RSS reader! This post contains an interactive feature. Please visit the canonical web page for an optimal viewing experience :) When I redesigned my website earlier this year I removed dark mode . I never liked the colours, and the light switch toggle was so 2010’s . Personally I prefer reading with a dark theme for long-form content. Dark is not my brand though and I don’t believe every website needs to support colour scheme preference automatically. A good browser has reader mode, I use that all the time. But what if I let my readers decide on a dark colour scheme? Below is a colour picker doohickey that should let you experience dark mode (on this page only). I’m testing in production (for reasons) so if it’s broken come back in an hour, or update your browser. It uses the native colour input which sucks in every browser. ⚠️ Warning: expect a sudden and dramatic colour shift. Try not to flashbang yourself. This is just an experiment so your colour choice will not persist. If you want to keep it, like and subscribe and @ me on the socials. Use your preferred hex code as a hashtag. Here’s how my homepage looks with a dark blue scheme. I reckon the duotone effect works much better than trying to invert my brand colours. Thanks for reading! Follow me on Mastodon and Bluesky . Subscribe to my Blog and Notes or Combined feeds.

0 views
Martin Fowler 2 days ago

The Archaeologist’s Copilot

When people think of legacy modernization, most folks aren't imagining the target environment will be Java 8. But this was the challenge facing Nik Malykhin when he needed to run a Java 1.5 codebase on today's hardware. His early use of LLMs gave plausible answers that did not hold up in the codebase. Progress came when he grounded the process in evidence, using AI to support analysis, validation in a stable Docker environment, and gradual refactoring protected by tests. The main takeaway is practical: AI was most useful when constrained by evidence, clear roles, and a step-by-step modernization strategy.

0 views
Kev Quirk 2 days ago

📝 2026-07-16 11:47: A few of us were talking to one of the summer interns at work about...

A few of us were talking to one of the summer interns at work about age: Someone: How old do you think Kev is? Intern: [with all the confidence in the world] 50? I turn 42 in August. FML. 🤣 Thanks for reading this post via RSS. RSS is ace, and so are you. ❤️ You can reply to this post by email , or leave a comment .

0 views
iDiallo 2 days ago

Deleting Systems You Don't Understand

When I was a kid, my father bought a family home computer and placed it in the living room for all to see. When guests came to our house, they would stop by the computer and admire its marvel without even turning it on. While everyone else was careful with the computer, treating it like an important investment, I quickly started inserting discs and installing games. One thing we take for granted today is how cheap and abundant storage is. Our family computer had a single hard drive with a whopping 2 gigabytes. That's 2 GB for Windows 95, Office 95 (Word, Excel, PowerPoint), Encarta 95, all my father's work documents, and the million games I had installed. I borrowed a disc from a friend that had a few dozen games on it. I installed them all. Before I knew it, I ran out of space. The computer became extremely slow, and I couldn't install any more games. I figured I needed to delete some games, but I was ten years old. I was not going to delete my games. I couldn't delete my father's stuff either, so I decided to explore the hard drive. I noticed that in the Program Files folders, every application came with a bunch of text files. Some of them were large, and they didn't look that important to me, especially the ones ending in . So I went from one folder to the next, deleting those files. There's satisfaction in gathering all those files in the recycle bin, emptying it, then watching your storage space increase. I deleted so many files that I was able to install an additional game on the computer. It was one of my most satisfying accomplishments. I had a problem, I explored the computer, and I found a solution. I played the new game until I got tired of it. In the 90s, when you were done using the computer, you clicked Start → Shut Down → Confirm Shutdown. The computer would think for about two minutes, then display in big orange letters: And I shut it down. You can imagine what happened next. The computer wouldn't boot again. Those files seemed unimportant to a child, but they are configuration files used by several applications, including the operating system. While the Windows Registry did exist in Windows 95, files were still commonly used. When I deleted them, any application or process that relied on them failed to load and simply crashed. Anyone who had anything of importance on that computer lost it. Everyone except my father, who carefully kept copies of his documents on floppy disks. He knew I was up to no good. Throughout my career, I've seen many people make this same mistake. When something doesn't look important to them, they delete it. Whether it's a programmer deleting a function that "looks stupid," or a DBA dropping a table or a single field they assume no one will miss. It's all the result of the same mindset: "I don't think this is important." It makes me think of DOGE, the real yet fictional Department of Government Efficiency. The team supposedly tasked with combing through government programs to find waste never looked deeper than the surface. Just like ten-year-old me, they looked at a department they didn't understand and decided it wasn't important. They uprooted how the entire country works just to save money, the same way I destroyed the family computer just to save storage space. Whether DOGE actually saved us any money is still hotly debated, especially when weighed against the pain and suffering it caused. Anyone with half a brain could have seen their failure coming from a mile away. The same way anyone who understood how computers work could have told me those configuration files were important. At least, all we lost in our household was time and some saved games. The American people can't say the same.

0 views
ENOSUCHBLOG 2 days ago

README, not

(Thanks to Facundo Tuesca for the name inspiration). If you’re like me, you spend a lot of your working day (and a good chunk of your personal time) reading code online. Increasingly, that means accidentally reading a lot of “slop” 1 . Personally, slop isn’t annoying per se 2 : it’s okay for personal software 3 , for example, to be slop. What makes slop annoying is the feeling of being bait-and-switched: much like the written word, I want to be informed 4 before I spend my human attention on machine outputs. I’m a big believer in giving people a way to express honest intentions. For example, I do sometimes want to drop some slop on the Internet (to save for myself later, or for others to reuse without reading), but I don’t want to mislead people about the intent or effort behind it. So: what if we gave people a way to express their honest intentions with slop? We use files to tell users where to start when reading a project; I think we should have a 5 file that users (or their agents) can add to their projects when they’re slopping it up. The presence of that file would serve as an unambigous warning that the code within the project is unsuitable for unwitting human comprehension 6 . A could contain anything, but it seems to me like a good default would be a short human-friendly explanation of why the project shouldn’t be read. For example: What is or isn’t “slop” in the context of programming is currently a matter of energetic (and sometimes emotionally charged) debate. I personally draw the line with either of two sufficient qualities: to me, a codebase is slop if it either (1) is developed primarily without human supervision, or (2) reflects a fundamental lack of operator understanding. These are qualities sometimes occur at the same time, but either suffices. It’s also worth noting that LLMs are getting better; 2026’s slop is not 2025’s slop. That makes it hard to grant “slop” as a static qualifier; this post reflects reality in July 2026.  ↩ I personally think about slop like generated code: it’s not annoying for generated code to exist , but it is annoying to find yourself reading it because it lacks the appropriate (or whatever) marker.  ↩ Meaning software that solves a personal problem, is bespoke, is single-use or “disposable,” &c.  ↩ I often choose to read machine-generated things. Being able to make an informed decision to do so is what matters to me.  ↩ I don’t really care what this file is named, or that it’s a file at all: any kind of consistent marker would suffice. But calling it is funny, so that’s what we’re going with for this post.  ↩ There are lots of good reasons to still read slop as a human, not least of which is performing security research. The idea behind not to tell you to never read a codebase, only to inform you about you what might expect to see if you do decide to read it.  ↩ What is or isn’t “slop” in the context of programming is currently a matter of energetic (and sometimes emotionally charged) debate. I personally draw the line with either of two sufficient qualities: to me, a codebase is slop if it either (1) is developed primarily without human supervision, or (2) reflects a fundamental lack of operator understanding. These are qualities sometimes occur at the same time, but either suffices. It’s also worth noting that LLMs are getting better; 2026’s slop is not 2025’s slop. That makes it hard to grant “slop” as a static qualifier; this post reflects reality in July 2026.  ↩ I personally think about slop like generated code: it’s not annoying for generated code to exist , but it is annoying to find yourself reading it because it lacks the appropriate (or whatever) marker.  ↩ Meaning software that solves a personal problem, is bespoke, is single-use or “disposable,” &c.  ↩ I often choose to read machine-generated things. Being able to make an informed decision to do so is what matters to me.  ↩ I don’t really care what this file is named, or that it’s a file at all: any kind of consistent marker would suffice. But calling it is funny, so that’s what we’re going with for this post.  ↩ There are lots of good reasons to still read slop as a human, not least of which is performing security research. The idea behind not to tell you to never read a codebase, only to inform you about you what might expect to see if you do decide to read it.  ↩

0 views
Corrode 2 days ago

The Rust Foundation

Most Rust developers use the language, compiler, package registry, and tooling every day without thinking too much about the organization that helps keep parts of that ecosystem funded and sustainable. This episode is a re-introduction to the Rust Foundation: what it does, what it does not do, how it relates to the Rust Project, and why that distinction matters for teams using Rust professionally. My guests are Rebecca Rumbul, Executive Director and CEO of the Rust Foundation, Lori Lorusso, Director of Outreach at the Rust Foundation, and David Wood, Principal Software Engineer at Arm, Compiler Team Co-Lead in the Rust Project, and a Rust Foundation board member. Together we talk about the practical side of ecosystem stewardship: infrastructure, security, interop, maintainer support, governance, corporate membership, open-source funding, and the pressure new technologies like AI put on language ecosystems. CodeCrafters helps you become proficient in Rust by building real-world, production-grade projects. Learn hands-on by creating your own shell, HTTP server, Redis, Kafka, Git, SQLite, or DNS service from scratch. Start for free today and enjoy 40% off any paid plan by using this link . The Rust Foundation is an independent non-profit organization supporting the success, sustainability, and positive impact of the Rust programming language. Its work includes funding and supporting ecosystem infrastructure, security and interoperability initiatives, maintainer support, project administration, community programs, events, and collaboration with member companies and donors. The Foundation is separate from the Rust Project. The Rust Project governs the language, compiler, standard library, and technical direction through its own teams and decision-making processes. The Foundation provides organizational, financial, legal, and operational support around that work, without owning Rust’s technical roadmap. Rebecca Rumbul is the Executive Director and CEO of the Rust Foundation. She leads the Foundation’s work on organizational strategy, member engagement, sustainability, and support for the broader Rust ecosystem. Lori Lorusso is Director of Outreach at the Rust Foundation. Her work connects the Foundation with the Rust community, member organizations, trainers, contributors, and companies adopting Rust in production. David Wood is a Principal Software Engineer at Arm, CE-SW Rust Team Lead, Compiler Team Co-Lead in the Rust Programming Language Project, and a board member of the Rust Foundation. In this episode, David adds the perspective of someone involved in Rust’s technical work as well as Foundation governance. Mozilla - The first home of the Rust language Python Steering Council - The governing body of the Python Project How to Write a C++ Language Extension Proposal - Bjarne Stroustrup, the inventor of C++, on why C++ needed a standards committee SCRC - The Safety-Critical Rust Consortium FLS - The Ferrocene Language Specification, a specification of the Rust language that is required for certain steps in the certification of Rust for safety-critical applications Foundation Membership Tiers - The different quantifiable benefits from Diamond to Silver and Associate Memberships Rust Commercial Network - A group of organisations that use Rust in production working together with the Rust Project Rust-C++ Interoperability Initiative - An initiative of the Rust Foundation to improve interoperability between Rust and C++ Rust Embedded Working Group - An official working group of the Rust language to improve usability of the language in hardware-constrained environments An AI Security Engineer in Residence for the Rust Ecosystem - Describing the position of the security engineer made possible by funding from Alpha-Omega Rust Foundation Maintainers Fund - The Foundation’s fund to support Rust maintainers Rust Foundation Trusted Training - The Foundation’s accreditation program for Rust training providers Rust Foundation Website Rust Foundation Media Room Rust Foundation on GitHub Rust Foundation on LinkedIn David Wood’s website

0 views
daniel.haxx.se 2 days ago

Workshop Basel day two

If you missed it. I already described day one . Caffeinated and ready, we all gathered in the same spacious room as yesterday, but seated in new places as “suggested” by our captain. Some of us even remembered to move over the name tags we wrote yesterday to our new seats. No time was wasted on introductions today. We dove straight in at the deep end. Is the future of software that we check-in the AI prompts in the git repository and trust it to generate the correct code? Are specifications the new level o f abstraction for source code? These questions triggered long discussions with a huge mix of opinions and experiences getting shared about how AI is used, should be used and could be used now and in the future. The Common Crawl spidering upgraded to using HTTP/2 for their scan and as an end result, I believe 61% of the responses used HTTP/2 and the entire round ended a few percent faster than before, which when you traverse a few billion URLs really makes a difference. They apparently use a locally patched version of Apache Nutch for this. The HTTP probe project runs a lot of tests on HTTP/1 servers and compares how they behave in a lot of different aspects and then generates these awesome tables. Looks like something for every server implementer team to have a look at and decide what of these red boxes that should rather be converted into green alternatives. HTTP Zoll is a new test suite for intermediaries that tests intermediaries (what we often call proxies) for a large amount of request and response smuggling issues. Some real world problems found were discussed and as this project aims at going Open Source words were expressed on what kind of precautions and checks that maybe should be done first. I hope we get to hear more about this project soon. The HTTP Arena is another project that does performance and measurements. They test HTTP server frameworks and present the results in various ways on their site. In this presentation , we were presented with different HTTP/3 deployment numbers from different sources and the associated reasoning around why they differ but then more importantly. what can and should be done to increase HTTP/3 usage.  Anti-virus interceptions, enterprise blocks and server-side performance not yet on par with TCP were mentioned as reasons for holding back the numbers. Reasons for using HTTP/3 include use cases that encourage QUIC adoption: WebTransport, Media over QUIC and MASQUE (HTTP/3 proxies and HTTP/3 proxies over older HTTP proxies).  Using HTTPS-RR for upgrade was promoted , as every alt-svc response that is returned with an ALPN using h3 should perhaps also offer h3 over DNS. Why doesn’t your server announce its h3 support over HTTPS-RR? QUIC v2 is deployed on an amazing 0.003% of all QUIC v1 domains and there was a discussion why this is so and the common sentiment in the room seemed to be that very few saw a reason for deploying v2 and several expressed a concern that doing so might in fact introduce issues. Someone (you can probably guess who) in the room increased that number a lot by quietly mentioning that haxproxy.org certainly supports it. QUIC multiplexing over bi-directional streams is a proposal on how to do QUIC-style multiplexing over TLS (or anything else really). It has been adopted by the IETF QUIC working group and there was a somewhat extended discussion about what the HTTPbis group should or should not do with it. The biggest interest might be for data center use, but is that then something IETF should bother about? This is not the first time I blog about this, and even if there did not seem to be a strong demand or need for this, it also did not seem to be completely dead. I bet we will hear more about this later. Doing a TLS terminating MITM proxy has its challenges and we were given some insights and experiences on the challenges of doing HTTP/2 and HTTP/3 to the server. The browsers refuse to do HTTP/3 when they detect custom CA certs installed, which apparently is mostly because of lots of past bad experiences with anti-virus software that in particular seems to break QUIC and for users it is not obvious where the blame should go. This then makes browsers not do HTTP/3 over any MITM proxy. Some time was spent on how allowing different clients to the proxy uses a shared h2 connection to the target server is complicated and not used, even though in theory it should be possible. An argument was made that it could even lead to worse performance than when using HTTP/1 but I could not quite follow that reasoning. I’m sure I missed some subtle detail in that explanation. When the afternoon is running late and we have been promised beer and snacks after the final talk, what is better than a hard core technical presentation with lots of graphs and numbers showing how QUIC performance can be improved by tweaking the congestion control algorithm and send more data in the startup phase of a new QUIC connections? This new approach is called Rapid Start and it looks like a promising and yet simple improvement. According to experiments done on real world traffic, the time to last byte was reduced by 14.7% on average. Not bad at all. Our meeting sponsor Adobe graciously sponsored drinks and food so we got to linger around for a few extra hours and talk even more HTTP and networking until the personal firmly insistent they needed us to leave the room and we instead continued solving world problems elsewhere. Topics around the table included the famous HTTP/2 spec coin flip, the QUIC spin bit, the SCONE situation for QUIC, the timeline behind the QUERY method and many more great stories. Thanks for the beer! Now we can’t wait for day three.

0 views