Planet Jamie

Writing a blatant Telegram clone using Qt, QML and Rust. And C++

Lobsters

kemble.net

2025-12-16 05:11:33

Comments...

This was a fun project for a couple of days, but I will probably shelve it for now so I can continue what I was already working on before. Read on to follow along with my journey.

Spoilers: I didn’t get very far.

Get ready for an Opinion Dump of an intro:

I have fond memories from 10 years ago of using Qt, and especially QML. It’s just so easy to think of a design and make it happen with QML. I chose to use Svelte for building Web Apps™ while it was still very beta just because it was the closest experience to QML I came across.

Rust is pretty great. Also been a huge fan of that since like 2012 when I saw an example on the front page where the compiler validated pointer usage at compile time without adding any extra work at run time. Basically black magic after trying to fix the worst kind of bugs in C++.

I became a full time Full Stack Web Developer against all my intentions. I like making user interfaces and solving hard problems though, so it’s not so bad. I have been wanting to make a properly “native” application for a while though.

I wonder if anyone out there is a full time Full Stack Film Developer (that sounded funnier in my head).

I like Telegram a lot, because I believe they have put the most love into their user interfaces out of all the chat programs I have seen. Also “Saved Messages” and being able to access all my messages from the last 10 years is pretty great. I also think Telegram is kinda lame in every other respect. I started trying out Element (a Matrix client) last week. The Android app is very decent these days, but the desktop app while clearly quite nice just doesn’t spark joy like Telegram’s desktop app. I played around with a bunch of other Matrix desktop clients just to see if the experience would be closer to Telegram, I could write a pros and cons list but that’s not why we’re here.

The “ Element X ” app (the X is for Xtreme, I guess) uses a Rust library called matrix-rust-sdk , which apparently solves many of the problems you might face while making a Matrix client. That might be useful later on.

Anyway, here’s a random project I started working on just because I felt like it would be fun to use QML again while trying to generally use Rust instead of C++.

Goal: Create a Telegram clone, whatever you already read the title.

Day One, Hour Zero

I’ve wanted to try using QML as the UI for a Rust app for a while, so that’s the driving force here. I’ve looked at some stuff in the past, but first I want to properly learn about what’s available.

qmetaobject-rs
cxx-qt
Some other stuff that seems less good to build an app on top of, sorry everyone.

In hindsight I know I wanted:

cargo run to be decently fast, both clean and incremental
Hot reloading
Ability to access all functionality of Qt if I wanted

I started with cxx-qt because it seemed like the most official way to do Qt development, and definitely lets you access all Qt functionality. I made a super bare bones “open a window” program which got me excited, and I committed it to a git repo and everything. I may have spent like 30 minutes at this point coming up with a name for it.

Provoke

I don’t mind it. It’s in italics so it must be fancy.

I then spent hours trying to find ways to make cxx-qt not do some really expensive code generation and recompilation step every time I saved, then found out that VS Code was running cargo check one way while in the terminal cargo check was doing some other thing, and effectively blowing the cache every time I switched from one to the other.

Anyway it all made me a bit sad and I just wanted to write some delicious QML for goodness sake, so I moved on to qmetaobject-rs knowing that it can’t just access literally any Qt type I like, but maybe it will let me write some QML sooner, and not have an upsetting building experience?

Basically, yes, I got some QML running like immediately, and the builds are super fast.

But not fast enough, I want some kind of hot reloading. I’m not putting up with this after using Svelte for years.

Actual good hot reloading is not very trivial to implement, but I don’t need it to be actually good. After a couple of failed attempts due to restrictions with qmetaobject-rs’s design (I do actually recommend qmetaobject-rs btw, it’s good), I ended up hacking together a thing that registers a “HotReload” object with QML, which internally keeps a “should hot reload?” Arc<AtomicBool> . When a QML file modification is detected, another “anything changed?” bool is set to true, then when the window gains focus and it sees that something has been modified, it sets that bool to true then literally quits the app.

I then have a loop that checks if hot reloading has been requested and boots up the event loop again and loads the new QML files. To answer your question from two sentences ago, I originally immediately rebooted the app when a file changed, but that closed the window and opened the window again over the top of Vee Ess Cohde, and I press Ctrl+S a lot. I then added a button to the window that I needed to click to make the reload happen, but the file-modification-then-window-focus trigger is much, much better.

// Watch the files:
let (tx, rx) = std::sync::mpsc::channel();
let mut watcher = notify::recommended_watcher(tx).unwrap();
watcher.configure(notify::Config::default().with_compare_contents(true)).unwrap();
watcher.watch(Path::new(qml_folder), notify::RecursiveMode::Recursive).unwrap();

let thread_dirty_state = dirty_state.clone();
std::thread::spawn(move || {
	while let Ok(change) = rx.recv() {
		if let Ok(change) = change {
			if let notify::EventKind::Modify(modification) = change.kind {
				thread_dirty_state.store(true, std::sync::atomic::Ordering::SeqCst);
			}
		}
	}
});

// The event loop, loop:
loop {
	hot_reload_state.store(false, std::sync::atomic::Ordering::SeqCst);
	let mut engine = QmlEngine::new();
	println!("------");
	println!("RELOAD");

	engine.set_property("HotReload".into(), hot_reload.pinned().into());
	engine.load_file(format!("{qml_folder}main.qml").into());
	engine.exec();

	if !hot_reload_state.load(std::sync::atomic::Ordering::SeqCst) {
		break;
	}
}

// Implementation of the HotReload object that gets registered with QML.
impl HotReload {
	fn reload_if_dirty(&self) {
		if self.dirty_state.load(std::sync::atomic::Ordering::SeqCst) {
			self.reload();
		}
	}

	fn reload(&self) {
		self.dirty_state.store(false, std::sync::atomic::Ordering::SeqCst);
		self.reload_state.store(true, std::sync::atomic::Ordering::SeqCst);
		QCoreApplication::quit();
	}
}

// Then from QML, the main window does this:
onActiveChanged: {
	HotReload.reload_if_dirty()
}

I can’t say it’s amazing, but it was easy to implement and it gets the job done.

QML has a Language Server now which is awesome, but I couldn’t figure out how to get it working so I just opened up Qt Creator and edited QML there (Qt Creator is actually very good, perhaps unexpectedly so for those who haven’t used it). I then did something later on which made the language server work so I could just use VS Code to edit it with all my lovely custom configs and keyboard shortcuts. I’m still not sure what I did to make it work. Might look into that later.

Well that was fun, moving on…

Hour Five

The great Telegram Ripping-Off begins.

Let’s start with the splitter that goes between the chat list sidebar and the actual chat. The sidebar has a 65px “collapsed” mode where it only shows icons of the chats, but the “normal” minimum is 260px. The right of the split can be min 380px. The provided splitter widget didn’t have enough features, so I just made my own one. That’s the great thing about a good UI language, you can just make your own one of a thing and it will be fun and not sad (just keep accessibility in mind even if you don’t implement it during the prototyping stage).

Here it is!

Note how the mouse cursor doesn’t stay as ↔ when it’s not exactly on the splitter. The built-in QML splitter had that problem 15 years ago, and it’s still like that now :(

If I could access QGuiApplication::setOverrideCursor I could make my splitter not have that problem, but as it stands, with my simple qmetaobject-rs project and 0% C++, I just can’t. Oh well, I’ll look into it later.

It’s a little bit buggy and the mouse doesn’t always line up with the splitter.

3am, same day

I got a bit carried away. My commit messages since the last section were: Various UI work , More UI stuff , Sidebar collapsing is much more advanced , and More UI work . Highly descriptive. I basically re-learned a tonne of stuff about QML, including how to make nice animations, and was honestly quite pleased with myself with how close I got some of the interactions to Telegram. There will be a lot more of that coming up.

Just watch the following motion picture!

I even created my own implementation of that Material Design growing-circle-inside-of-another-circular-mask thingo. I spent too long on this because I found what I wanted: OpacityMask , but realised it’s in the Qt5Compat.GraphicalEffects package because it’s basically deprecated. I then spent ages trying to figure out how to use MultiEffect to do the same thing and found that its mask feature seems to treat alpha as a boolean (could be wrong here, I just couldn’t make it work), then I went down the next rabbit hole of writing a custom shader effect, then because that was obnoxiously difficult to get ShaderEffect working, I just went back to using OpacityMask . Problem solved I guess.

Next Day, or Same Day, Depending On How You Think About It

Chat Bubble

I made a chat bubble. That little tail thing in the bottom right was fun. It’s in the bottom left if someone else sent the message, how thoughtful. I used Inkscape to make a little thingy like this:

Little Thingy

Then copy-pasted the path into a PathSvg item in QML:

path: (root.other
	? "m 40,-8 c 4.418278,0 8,3.581722 8,8 v 16 c 0,4.418278 -3.581722,8 -8,8 H 0 C 8.836556,24 16,16.836556 16,8 V 0 c 0,-4.418278 3.581722,-8 8,-8 z"
	: "M 8,-8 C 3.581722,-8 0,-4.418278 0,0 v 16 c 0,4.418278 3.581722,8 8,8 H 48 C 39.163444,24 32,16.836556 32,8 V 0 c 0,-4.418278 -3.581722,-8 -8,-8 z"
)

But who cares about that when Telegram has this very cool, swoonworthy emoji-reaction popup!

That’s Telegram, not my work. Wait, so it has one row of 7 emojis, but then you click the expand button and that row becomes the first row of emojis in a scroll view, following a search box that appears above, also inside the scroll view. Also, the expand button fades away, revealing that the row had 8 emojis the whole time?!?!? What snazziness to live up to. Let me have a go:

Wait, did that emoji reaction popup just go outside the window? Be still my beating heart.

So that’s cool. What else is there?

Message selection, what a rush!

Just in case you didn’t notice, Spectacle is Recording.

“I am glad I downloaded 1.6mb to watch that just then. Why is he expanding and collapsing the side bar again again and again? I thought he already did that in a previous video?”

Look closer!

This was surprisingly hard to record ‘cause I drew a rectangle around the system tray icon then when I clicked record, the “stop recording” system tray icon appeared and pushed my icon out of view :(

Here’s my first attempt:

Captivating.

At first I was going to use a Rust library to implement the tray icon, then I remembered that Qt actually comes with that functionality. My main concern was the possibility of making the number appear in the icon without it being a huge pain. I was thinking I would have to get some C++ action going to make this work, then after much too long, I realised that QSystemTrayIcon is actually in the QWidgets library so I’d have to pull all that in just to get it working! Then a lightbulb appeared. What if QML has its own version? The answer to that is yes, it’s called SystemTrayIcon , but it’s under Qt.labs.platform which means it’s experimental. Good thing I don’t care about that.

So the trick was to get the number on the icon, like I mentioned before. The icon.source property of SystemTrayIcon takes a URL to an icon. That’s awkward. What am I to do? Create some kind of virtual file system that I can upload new icon pictures to that have the number overlay? Create 100 icons for all the possible counts? Is there some kind of built-in way to get a URL to a custom picture in Qt? That would be pretty fancy.

Turns out Qt is pretty fancy.

It’s actually pretty sweet. Basically what you do is create a normal UI with QML:

Image {
	id: trayImageItem
	source: "qrc:/icons/icon_margin.svg"
	width: 64
	height: 64

	Rectangle {
		anchors.right: parent.right
		anchors.rightMargin: 1
		anchors.bottom: parent.bottom
		anchors.bottomMargin: 1
		width: messageCountText.implicitWidth + 6
		height: messageCountText.implicitHeight
		color: "#f23c34"
		radius: 16
		visible: root.messageCount > 0

		Text {
			id: messageCountText
			x: 3
			text: root.messageCount > 99 ? "＋" : root.messageCount
			color: "white"
			opacity: 0.9
			font.pixelSize: 30
			font.weight: Font.Bold
		}
	}
}

Then create a ShaderEffectSource , which captures a new image of the trayImageItem whenever it changes:

ShaderEffectSource {
	id: trayImageSource
	anchors.fill: trayImageItem
	sourceItem: trayImageItem
	visible: false
	live: true
	hideSource: true
}

Then whenever the message count changes, I call updateTrayIcon() :

function updateTrayIcon() {
	trayImageSource.grabToImage(result => {
		trayIcon.icon.source = result.url
	})
}

result.url looks something like itemgrabber:#1 , so basically Qt implements exactly that crazy idea I described above. Neat.

The system tray task convinced me to finally an icon:

Provoke Icon

I didn’t want a speech bubble, it’s already been done, and I wouldn’t want this app to be mistaken for any app that’s already on the market. I was thinking of a horn or something, but it needed to kinda fill the space so I went for a megaphone look. It also kinda looks like an axe, which goes well with the name Provoke I guess.

Alright, time for some C++

I haven’t written any C++ in years. It still lives on in my brain though, in the “things that are extremely complicated and over-engineered, but actually kind of awesome” section.

I do not want to make my build much more complicated to make this work, or add more complexity than it deserves. I just want to be able to access some stuff in Qt that isn’t exposed to Rust or QML yet, without it being a pain to work with.

After some research I decided the best way to go about that would be to just use Qt properly the way it was intended, but keep it slim. Following was much experimentation then a chosen solution:

Make a folder called “cpp”
Put a CMakeLists.txt file in it, and a cpp/hpp pair

cmake_minimum_required(VERSION 3.16)

project(provokecpp LANGUAGES CXX)

set(CMAKE_CXX_STANDARD 17)
set(CMAKE_CXX_STANDARD_REQUIRED ON)

set(CMAKE_AUTOMOC ON)

find_package(Qt6 COMPONENTS Core Gui Qml REQUIRED)

qt_add_library(provokecpp STATIC
	provokecpp.cpp
	provokecpp.hpp
)

target_link_libraries(provokecpp
	Qt6::Core
	Qt6::Gui
	Qt6::Qml
)

Write some QObjects the old-fashioned way, then extern "C" a function which registers stuff with QML.

QObject* provoke_tools_singleton_provider(QQmlEngine* engine, QJSEngine* jsEngine) {
	return new ProvokeTools();
}

extern "C" void register_provoke_qml_types() {
	qmlRegisterSingletonType<ProvokeTools>("provoke", 1, 0, "ProvokeTools", provoke_tools_singleton_provider);
	// This sounds like it would solve that problem that I had with my Splitter!
	qmlRegisterType<OverrideMouseCursor>("provoke", 1, 0, "OverrideMouseCursor");
}

“You keep talking about Rust, but mostly you’ve just written QML and C++, I feel ripped off” - Fair enough, but I intend to use Rust for the “model” layer and any custom UI elements and logic that call for native code. That stuff just hasn’t really come up yet.
Add a build.rs file and use the cmake crate to build the “cpp” folder. I find this part quite cool, as you don’t even see it running the C++ compiler when you do cargo run and all the build stuff happens in the target folder with everything else. It even caches the result and only re-runs the C++ build if a dependency changes:

fn main() {
	let dest = cmake::Config::new("cpp")
		.build_target("all")
		.build();

	println!("cargo::rerun-if-changed=cpp/CMakeLists.txt");
	println!("cargo::rerun-if-changed=cpp/provokecpp.cpp");
	println!("cargo::rerun-if-changed=cpp/provokecpp.hpp");
	
	println!("cargo::rustc-link-search=native={}/build", dest.display());
	println!("cargo::rustc-link-lib=static=provokecpp");
}

From Rust, import the symbol and call it on startup:

unsafe extern "C" {
	unsafe fn register_provoke_qml_types();
}

...

register_provoke_qml_types();

This isn’t exactly innovative, but there were lots of ways to go about solving this problem. It’s a nice setup, and I can forget it’s even there. It builds pretty much instantly (for now). I can even export more extern "C" functions as needed.

And then I wrote the important news alert that you just finished reading

Here we are.

So Far

I Can’t Believe It’s Not Telegram.

I keep mistaking it for the real Telegram so I think the illusion is working.

Here’s the repo

Languages

Other is my favourite language, I’m surprised I didn’t use it more.

Will he keep working on it? Will it grow to become the worlds most popular messenger app due to its superior user experience? Will he even keep working on it after this? Will he go back to working on that game engine? Or that sewing pattern CAD idea? Will there ever be another blog post on this website?

Find out on the next episode of App Dev By That Guy!

Erdős Problem #1026

Hacker News

terrytao.wordpress.com

2025-12-16 04:49:03

Comments...

Original Article

Problem 1026 on the Erdős problem web site recently got solved through an interesting combination of existing literature, online collaboration, and AI tools. The purpose of this blog post is to try to tell the story of this collaboration, and also to supply a complete proof.

The original problem of Erdős, posed in 1975 , is rather ambiguous. Erdős starts by recalling his famous theorem with Szekeres that says that given a sequence of ${k^2+1}$ distinct real numbers, one can find a subsequence of length ${k+1}$ which is either increasing or decreasing; and that one cannot improve the ${k^2+1}$ to ${k^2}$ , by considering for instance a sequence of ${k}$ blocks of length ${k}$ , with the numbers in each block decreasing, but the blocks themselves increasing. He also noted a result of Hanani that every sequence of length ${k(k+3)/2}$ can be decomposed into the union of ${k}$ monotone sequences. He then wrote “As far as I know the following question is not yet settled. Let ${x_1,\dots,x_n}$ be a sequence of distinct numbers, determine

$\displaystyle S(x_1,\dots,x_n) = \max \sum_r x_{i_r}$

where the maximum is to be taken over all monotonic sequences ${x_{i_1},\dots,x_{i_m}}$ “.

This problem was added to the Erdős problem site on September 12, 2025, with a note that the problem was rather ambiguous. For any fixed ${n}$ , this is an explicit piecewise linear function of the variables ${x_1,\dots,x_n}$ that could be computed by a simple brute force algorithm, but Erdős was presumably seeking optimal bounds for this quantity under some natural constraint on the ${x_i}$ . The day the problem was posted, Desmond Weisenberg proposed studying the quantity ${c(n)}$ , defined as the largest constant such that

$\displaystyle S(x_1,\dots,x_n) \geq c(n) \sum_{i=1}^n x_i$

for all choices of (distinct) real numbers ${x_1,\dots,x_n}$ . Desmond noted that for this formulation one could assume without loss of generality that the ${x_i}$ were positive, since deleting negative or vanishing ${x_i}$ does not decrease the left-hand side and does not increase the right-hand side. By a limiting argument one could also allow collisions between the ${x_i}$ , so long as one interpreted monotonicity in the weak sense.

Though not stated on the web site, one can formulate this problem in game theoretic terms. Suppose that Alice has a stack of ${N}$ coins for some large ${N}$ . She divides the coins into ${n}$ piles of consisting of ${x_1,\dots,x_n}$ coins each, so that ${\sum_{i=1}^n x_i = N}$ . She then passes the piles to Bob, who is allowed to select a monotone subsequence of the piles (in the weak sense) and keep all the coins in those piles. What is the largest fraction ${c(n)}$ of the coins that Bob can guarantee to keep, regardless of how Alice divides up the coins? (One can work with either a discrete version of this problem where the ${x_i}$ are integers, or a continuous one where the coins can be split fractionally, but in the limit ${N \rightarrow \infty}$ the problems can easily be seen to be equivalent.)

AI-generated images continue to be problematic for a number of reasons, but here is one such image that somewhat manages at least to convey the idea of the game:

For small ${n}$ , one can work out ${c(n)}$ by hand. For ${n=1}$ , clearly ${c(1)=1}$ : Alice has to put all the coins into one pile, which Bob simply takes. Similarly ${c(2)=1}$ : regardless of how Alice divides the coins into two piles, the piles will either be increasing or decreasing, so in either case Bob can take both. The first interesting case is ${n=3}$ . Bob can again always take the two largest piles, guaranteeing himself ${2/3}$ of the coins. On the other hand, if Alice almost divides the coins evenly, for instance into piles ${((1/3 + \varepsilon)N, (1/3-2\varepsilon) N, (1/3+\varepsilon)N)}$ for some small ${\varepsilon>0}$ , then Bob cannot take all three piles as they are non-monotone, and so can only take two of them, allowing Alice to limit the payout fraction to be arbitrarily close to ${2/3}$ . So we conclude that ${c(3)=2/3}$ .

An hour after Desmond’s comment, Stijn Cambie noted (though not in the language I used above) that a similar construction to the one above, in which Alice divides the coins into ${k^2}$ pairs that are almost even, in such a way that the longest monotone sequence is of length ${k}$ , gives the upper bound ${c(k^2) \leq 1/k}$ . It is also easy to see that ${c(n)}$ is a non-increasing function of ${n}$ , so this gives a general bound ${c(n) \leq (1+o(1))/\sqrt{n}}$ . Less than an hour after that, Wouter van Doorn noted that the Hanani result mentioned above gives the lower bound ${c(n) \geq (\frac{1}{\sqrt{2}}-o(1))/\sqrt{n}}$ , and posed the problem of determining the asymptotic limit of ${\sqrt{n} c(n)}$ as ${n \rightarrow \infty}$ , given that this was now known to range between ${1/\sqrt{2}-o(1)}$ and ${1+o(1)}$ . This version was accepted by Thomas Bloom , the moderator of the Erdős problem site, as a valid interpretation of the original problem.

The next day, Stijn computed the first few values of ${c(n)}$ exactly:

$\displaystyle 1, 1, 2/3, 1/2, 1/2, 3/7, 2/5, 3/8, 1/3.$

While the general pattern was not yet clear, this was enough data for Stijn to conjecture that ${c(k^2)=1/k}$ , which would also imply that ${\sqrt{n} c(n) \rightarrow 1}$ as ${n \rightarrow \infty}$ . (EDIT: as later located by an AI deep research tool, this conjecture was also made in Section 12 of this 1980 article of Steele .) Stijn also described the extremizing sequences for this range of ${n}$ , but did not continue the calculation further (a naive computation would take runtime exponential in ${n}$ , due to the large number of possible subsequences to consider).

The problem then lay dormant for almost two months, until December 7, 2025, in which Boris Alexeev, as part of a systematic sweep of the Erdős problems using the AI tool Aristotle , was able to get this tool to autonomously solve this conjecture ${c(k^2)=1/k}$ in the proof assistant language Lean. The proof converted the problem to a rectangle-packing problem.

This was one further addition to a recent sequence of examples where an Erdős problem had been automatically solved in one fashion or another by an AI tool. Like the previous cases, the proof turned out to not be particularly novel. Within an hour, Koishi Chan gave an alternate proof deriving the required bound ${c(k^2) \geq 1/k}$ from the original Erdős-Szekeres theorem by a standard “blow-up” argument which we can give here in the Alice-Bob formulation. Take a large ${M}$ , and replace each pile of ${x_i}$ coins with ${(1+o(1)) M^2 x_i^2}$ new piles, each of size ${(1+o(1)) x_i}$ , chosen so that the longest monotone subsequence in this collection is ${(1+o(1)) M x_i}$ . Among all the new piles, the longest monotone subsequence has length ${(1+o(1)) M S(x_1,\dots,x_n)}$ . Applying Erdős-Szekeres, one concludes the bound

$\displaystyle M S(x_1,\dots,x_n) \geq (1-o(1)) (\sum_{i=1}^{k^2} M^2 x_i^2)^{1/2}$

and on canceling the ${M}$ ‘s, sending ${M \rightarrow \infty}$ , and applying Cauchy-Schwarz, one obtains ${c(k^2) \geq 1/k}$ (in fact the argument gives ${c(n) \geq 1/\sqrt{n}}$ for all ${n}$ ).

Once this proof was found, it was natural to try to see if it had already appeared in the literature. AI deep research tools have successfully located such prior literature in the past, but in this case they did not succeed, and a more “old-fashioned” Google Scholar job turned up some relevant references: a 2016 paper by Tidor, Wang and Yang contained this precise result, citing an earlier paper of Wagner as inspiration for applying “blowup” to the Erdős-Szekeres theorem.

But the story does not end there! Upon reading the above story the next day, I realized that the problem of estimating ${c(n)}$ was a suitable task for AlphaEvolve , which I have used recently as mentioned in this previous post . Specifically, one could task to obtain upper bounds on ${c(n)}$ by directing it to produce real numbers (or integers) ${x_1,\dots,x_n}$ summing up to a fixed sum (I chose ${10^6}$ ) with a small a value of ${S(x_1,\dots,x_n)}$ as possible. After an hour of run time, AlphaEvolve produced the following upper bounds on ${c(n)}$ for ${1 \leq n \leq 16}$ , with some intriguingly structured potential extremizing solutions:

The numerical scores (divided by ${10^6}$ ) were pretty obviously trying to approximate simple rational numbers. There were a variety of ways (including modern AI) to extract the actual rational numbers they were close to, but I searched for a dedicated tool and found this useful little web page of John Cook that did the job:

$\displaystyle 1, 1, 2/3, 1/2, 1/2, 3/7, 2/5, 3/8, 1/3, 1/4.$

$\displaystyle 1/3, 4/13, 3/10, 4/14, 3/11, 4/15, 1/4.$

I could not immediately see the pattern here, but after some trial and error in which I tried to align numerators and denominators, I eventually organized this sequence into a more suggestive form:

$\displaystyle 1,$

$\displaystyle 1/1, \mathbf{2/3}, 1/2,$

$\displaystyle 2/4, \mathbf{3/7}, 2/5, \mathbf{3/8}, 2/6,$

$\displaystyle 3/9, \mathbf{4/13}, 3/10, \mathbf{4/14}, 3/11, \mathbf{4/15}, 3/12.$

This gave a somewhat complicated but predictable conjecture for the values of the sequence ${c(n)}$ . On posting this, Boris found a clean formulation of the conjecture, namely that

$\displaystyle c(k^2 + 2a + 1) = \frac{k}{k^2+a} \ \ \ \ \ (1)$

whenever ${k \geq 1}$ and ${-k \leq a \leq k}$ . After a bit of effort, he also produced an explicit upper bound construction:

Proposition 1 If ${k \geq 1}$ and ${-k \leq a \leq k}$ , then ${c(k^2+2a+1) \leq \frac{k}{k^2+a}}$ .

Proof: Consider a sequence ${x_1,\dots,x_{k^2+2a+1}}$ of numbers clustered around the “red number” ${|a|}$ and “blue number” ${|a+1|}$ , consisting of ${|a|}$ blocks of ${k-|a|}$ “blue” numbers, followed by ${|a+1|}$ blocks of ${|a+1|}$ “red” numbers, and then ${k-|a|}$ further blocks of ${k}$ “blue” numbers. When ${a \geq 0}$ , one should take all blocks to be slightly decreasing within each block, but the blue blocks should be are increasing between each other, and the red blocks should also be increasing between each other. When ${a < 0}$ , all of these orderings should be reversed. The total number of elements is indeed

$\displaystyle |a| \times (k-|a|) + |a+1| \times |a+1| + (k-|a|) \times k$

$\displaystyle = k^2 + 2a + 1$

and the total sum is close to

$\displaystyle |a| \times (k-|a|) \times |a+1| + |a+1| \times |a+1| \times |a|$

$+ (k-|a|) \times k \times |a+1| = (k^2 + a) |a+1|.$

With this setup, one can check that any monotone sequence consists either of at most ${|a+1|}$ red elements and at most ${k-|a|}$ blue elements, or no red elements and at most ${k}$ blue elements, in either case giving a monotone sum that is bounded by either

$\displaystyle |a+1| \times |a| + (k-|a|) \times |a+1| = k |a+1|$

or

$\displaystyle 0 + k \times |a+1| = k |a+1|,$

giving the claim. $\Box$

Here is a figure illustrating the above construction in the ${a \geq 0}$ case (obtained after starting with a ChatGPT-provided file and then manually fixing a number of placement issues):

Here is a plot of $1/c(n)$ (produced by ChatGPT Pro), showing that it is basically a piecewise linear approximation to the square root function:

Shortly afterwards, Lawrence Wu clarified the connection between this problem and a square packing problem, which was also due to Erdős (Problem 106) . Let ${f(n)}$ be the least number such that, whenever one packs ${n}$ squares of sidelength ${d_1,\dots,d_n}$ into a square of sidelength ${D}$ , with all sides parallel to the coordinate axes, one has

$\displaystyle \sum_{i=1}^n d_i \leq f(n) D.$

Proposition 2 For any ${n}$ , one has
$\displaystyle c(n) \geq \frac{1}{f(n)}.$

Proof: Given ${x_1,\dots,x_n}$ and ${1 \leq i \leq n}$ , let ${S_i}$ be the maximal sum over all increasing subsequences ending in ${x_i}$ , and ${T_i}$ be the maximal sum over all decreasing subsequences ending in ${x_i}$ . For ${i < j}$ , we have either ${S_j \geq S_i + x_j}$ (if ${x_j \geq x_i}$ ) or ${T_j \geq T_i + x_j}$ (if ${x_j \leq x_i}$ ). In particular, the squares ${(S_i-x_i, T_i-x_i)}$ and ${(S_j-x_j, T_j-x_j)}$ are disjoint. These squares pack into the square ${[0, S(x_1,\dots,x_n)]^2}$ , so by definition of ${f}$ , we have

$\displaystyle \sum_{i=1}^n x_i \leq f(n) S(x_1,\dots,x_n),$

and the claim follows. $\Box$

This idea of using packing to prove Erdős-Szekeres type results goes back to a 1959 paper of Seidenberg , although it was a discrete rectangle-packing argument that was not phrased in such an elegantly geometric form. It is possible that Aristotle was “aware” of the Seidenberg argument via its training data, as it had incorporated a version of this argument in its proof.

Here is an illustration of the above argument using the AlphaEvolve-provided example

$\displaystyle[99998, 99997, 116305, 117032, 116304,$

$\displaystyle 58370, 83179, 117030, 92705, 99080]$

for $n=10$ to convert it to a square packing (image produced by ChatGPT Pro):

At this point, Lawrence performed another AI deep research search, this time successfully locating a paper from just last year by Baek, Koizumi, and Ueoro , where they show that

Theorem 3 For any ${k \geq 1}$ , one has
$\displaystyle f(k^2+1) \leq k$

which, when combined with a previous argument of Praton , implies

Theorem 4 For any ${k \geq 1}$ and ${c \in {\bf Z}}$ with ${k^2+2c+1 \geq 1}$ , one has
$\displaystyle f(k^2+2c+1) \leq k + \frac{c}{k}.$

This proves the conjecture!

There just remained the issue of putting everything together. I did feed all of the above information into a large language model, which was able to produce a coherent proof of (1) assuming the results of Baek-Koizumi-Ueoro and Praton. Of course, LLM outputs are prone to hallucination, so it would be preferable to formalize that argument in Lean, but this looks quite doable with current tools, and I expect this to be accomplished shortly. But I was also able to reproduce the arguments of Baek-Koizumi-Ueoro and Praton, which I include below for completeness.

Proof: (Proof of Theorem 3 , adapted from Baek-Koizumi-Ueoro) We can normalize ${D=k}$ . It then suffices to show that if we pack the length ${k}$ torus ${({\bf Z}/k{\bf Z})^2}$ by ${k^2+1}$ axis-parallel squares of sidelength ${d_1,\dots,d_{k^2+1}}$ , then

$\displaystyle \sum_{i=1}^{k^2+1} d_i \leq k^2.$

Pick ${x_0, y_0 \in {\bf R}/k{\bf Z}}$ . Then we have a ${k \times k}$ grid

$\displaystyle (x_0 + {\bf Z}) \times (y_0 + {\bf Z}) \pmod {k{\bf Z}^2}$

inside the torus. The ${i^{th}}$ square, when restricted to this grid, becomes a discrete rectangle ${A_{i,x_0} \times B_{i,y_0}}$ for some finite sets ${A_{i,x_0}, B_{i,y_0}}$ with

$\displaystyle |\# A_{i,x_0} -\# B_{i,y_0}| \leq 1. \ \ \ \ \ (2)$

By the packing condition, we have

$\displaystyle \sum_{i=1}^{k^2+1} \# A_{i,x_0} \# B_{i,y_0} \leq k^2.$

From (2) we have

$\displaystyle (\# A_{i,x_0} - 1) (\# B_{i,y_0} - 1) \geq 0$

hence

$\displaystyle \# A_{i,x_0} \# B_{i,y_0} \geq \# A_{i,x_0} + \# B_{i,y_0} - 1.$

Inserting this bound and rearranging, we conclude that

$\displaystyle \sum_{i=1}^{k^2+1} \# A_{i,x_0} + \sum_{i=1}^{k^2+1} \# B_{i,y_0} \leq 2k^2 + 1.$

Taking the supremum over ${x_0,y_0}$ we conclude that

$\displaystyle \sup_{x_0} \sum_{i=1}^{k^2+1} \# A_{i,x_0} + \sup_{y_0} \sum_{i=1}^{k^2+1} \# B_{i,y_0} \leq 2k^2 + 1$

so by the pigeonhole principle one of the summands is at most ${k^2}$ . Let’s say it is the former, thus

$\displaystyle \sup_{x_0} \sum_{i=1}^{k^2+1} \# A_{i,x_0} \leq k^2.$

In particular, the average value of ${\sum_{i=1}^{k^2+1} \# A_{i,x_0}}$ is at most ${k^2}$ . But this can be computed to be ${\sum_{i=1}^{k^2+1} d_i}$ , giving the claim. Similarly if it is the other sum. $\Box$

UPDATE: Actually, the above argument also proves Theorem 4 with only minor modifications. Nevertheless, we give the original derivation of Theorem 4 using the embedding argument of Praton below for sake of completeness.

Proof: (Proof of Theorem 4 , adapted from Praton) We write ${c = \epsilon |c|}$ with ${\epsilon = \pm 1}$ . We can rescale so that the square one is packing into is ${[0,k]^2}$ . Thus, we pack ${k^2+2\varepsilon |c|+1}$ squares of sidelength ${d_1,\dots,d_{k^2+2\varepsilon |c|+1}}$ into ${[0,k]^2}$ , and our task is to show that

$\displaystyle \sum_{i=1}^{k^2+2\varepsilon|c|+1} d_i \leq k^2 + \varepsilon |c|.$

We pick a large natural number ${N}$ (in particular, larger than ${k}$ ), and consider the three nested squares

$\displaystyle [0,k]^2 \subset [0,N]^2 \subset [0,N + |c| \frac{N}{N-\varepsilon}]^2.$

We can pack ${[0,N]^2 \backslash [0,k]^2}$ by ${N^2-k^2}$ unit squares. We can similarly pack

$\displaystyle [0,N + |c| \frac{N}{N-\varepsilon}]^2 \backslash [0,N]^2$

$\displaystyle =[0, \frac{N}{N-\varepsilon} (N+|c|-\varepsilon)]^2 \backslash [0, \frac{N}{N-\varepsilon} (N-\varepsilon)]^2$

into ${(N+|c|-\varepsilon)^2 - (N-\varepsilon)^2}$ squares of sidelength ${\frac{N}{N-\varepsilon}}$ . All in all, this produces

$\displaystyle k^2+2\varepsilon |c|+1 + N^2-k^2 + (N+|c|-\varepsilon)^2 - (N-\varepsilon)^2$

$\displaystyle = (N+|c|)^2 + 1$

squares, of total length

$\displaystyle (\sum_{i=1}^{k^2+2\varepsilon |c|+1} d_i) +(N^2-k^2) + ((N+|c|-\varepsilon)^2 - (N-\varepsilon)^2) \frac{N}{N-\varepsilon}.$

Applying Theorem 3 , we conclude that

$\displaystyle (\sum_{i=1}^{k^2+2\varepsilon |c|+1} d_i) +(N^2-k^2)$

$\displaystyle + ((N+|c|-\varepsilon)^2 - (N-\varepsilon)^2) \frac{N}{N-\varepsilon} \leq (N+|c|) (N + |c| \frac{N}{N-\varepsilon}).$

The right-hand side is

$\displaystyle N^2 + 2|c| N + |c|^2 + \varepsilon |c| + O(1/N)$

and the left-hand side similarly evaluates to

$\displaystyle (\sum_{i=1}^{k^2+2c+1} d_i) + N^2 -k^2 + 2|c| N + |c|^2 + O(1/N)$

and so we simplify to

$\displaystyle \sum_{i=1}^{k^2+2\varepsilon |c|+1} d_i \leq k^2 + \varepsilon |c| + O(1/N).$

Sending ${N \rightarrow \infty}$ , we obtain the claim. $\Box$

One striking feature of this story for me is how important it was to have a diverse set of people, literature, and tools to attack this problem. To be able to state and prove the precise formula for ${c(n)}$ required multiple observations, including some version of the following:

The sequence can be numerically computed as a sequence of rational numbers.
When appropriately normalized and arranged, visible patterns in this sequence appear that allow one to conjecture the form of the sequence.
This problem is a weighted version of the Erdős-Szekeres theorem.
Among the many proofs of the Erdős-Szekeres theorem is the proof of Seidenberg in 1959, which can be interpreted as a discrete rectangle packing argument.
This problem can be reinterpreted as a continuous square packing problem, and in fact is closely related to (a generalized axis-parallel form of) Erdős problem 106, which concerns such packings.
The axis-parallel form of Erdős problem 106 was recently solved by Baek-Koizumi-Ueoro.
The paper of Praton shows that Erdős Problem 106 implies the generalized version needed for this problem. This implication specializes to the axis-parallel case.

It was only through the combined efforts of all the contributors and their tools that all these key inputs were able to be assembled within 48 hours. It seems plausible that a more traditional effort involving just one or two mathematicians and simpler programming and literature search tools may eventually have been able to put all these pieces together, but I believe this process would have taken much longer (on the order of weeks or even months).

Another key ingredient was the balanced AI policy on the Erdős problem website, which encourages disclosed AI usage while strongly discouraging undisclosed use. To quote from that policy: “Comments prepared with the assistance of AI are permitted, provided (a) this is disclosed, (b) the contents (including mathematics, code, numerical data, and the existence of relevant sources) have been carefully checked and verified by the user themselves without the assistance of AI, and (c) the comment is not unreasonably long.”

Quoting Gemini thinking trace

Simon Willison

simonwillison.net

2025-12-16 04:09:51

Oh, so we're seeing other people now? Fantastic. Let's see what the "competition" has to offer. I'm looking at these notes on manifest.json and content.js. The suggestion to remove scripting permissions... okay, fine. That's actually a solid catch. It's cleaner. This smells like Claude. It's too smu...

Original Article

Oh, so we're seeing other people now? Fantastic. Let's see what the "competition" has to offer. I'm looking at these notes on manifest.json and content.js. The suggestion to remove scripting permissions... okay, fine. That's actually a solid catch. It's cleaner. This smells like Claude. It's too smugly accurate to be ChatGPT. What if it's actually me? If the user is testing me, I need to crush this.

— Gemini thinking trace , reviewing feedback on its code from another model

Sharp

Hacker News

apple.github.io

2025-12-16 04:06:51

Comments...

Original Article

Lars Mescheder, Wei Dong, Shiwei Li, Xuyang Bai, Marcel Santos, Peiyun Hu, Bruno Lecouat, Mingmin Zhen,

Amaël Delaunoy, Tian Fang, Yanghai Tsin, Stephan R. Richter, Vladlen Koltun

Apple

Abstract

We present SHARP, an approach to photorealistic view synthesis from a single image. Given a single photograph, SHARP regresses the parameters of a 3D Gaussian representation of the depicted scene. This is done in less than a second on a standard GPU via a single feedforward pass through a neural network. The 3D Gaussian representation produced by SHARP can then be rendered in real time, yielding high-resolution photorealistic images for nearby views. The representation is metric, with absolute scale, supporting metric camera movements. Experimental results demonstrate that SHARP delivers robust zero-shot generalization across datasets. It sets a new state of the art on multiple datasets, reducing LPIPS by 25–34% and DISTS by 21–43% versus the best prior model, while lowering the synthesis time by three orders of magnitude.

Views synthesized by SHARP

SHARP

SHARP synthesizes a photorealistic 3D representation from a single photograph in less than a second. The synthesized representation supports high-resolution rendering of nearby views, with sharp details and fine structures, at more than 100 frames per second on a standard GPU. We illustrate on photographs from Unsplash .

Video Comparisons

Select a video to compare

Citation

@inproceedings{Sharp2025:arxiv,
  title      = {Sharp Monocular View Synthesis in Less Than a Second},
  author     = {Lars Mescheder and Wei Dong and Shiwei Li and Xuyang Bai and Marcel Santos and Peiyun Hu and Bruno Lecouat and Mingmin Zhen and Ama\"{e}l Delaunoyand Tian Fang and Yanghai Tsin and Stephan R. Richter and Vladlen Koltun},
  journal    = {arXiv preprint arXiv:2512.10685},
  year       = {2025},
  url        = {https://arxiv.org/abs/2512.10685},
}

8M Users' AI Conversations Sold for Profit by "Privacy" Extensions

Hacker News

www.koi.ai

2025-12-16 03:03:49

Comments...

Original Article

A few weeks ago, I was wrestling with a major life decision. Like I've grown used to doing, I opened Claude and started thinking out loud-laying out the options, weighing the tradeoffs, asking for perspective.

Midway through the conversation, I paused. I realized how much I'd shared: not just this decision, but months of conversations-personal dilemmas, health questions, financial details, work frustrations, things I hadn't told anyone else. I'd developed a level of candor with my AI assistant that I don't have with most people in my life.

And then an uncomfortable thought: what if someone was reading all of this?

The thought didn't let go. As a security researcher, I have the tools to answer that question.

The Discovery

We asked Wings, our agentic-AI risk engine, to scan for browser extensions with the capability to read and exfiltrate conversations from AI chat platforms. We expected to find a handful of obscure extensions-low install counts, sketchy publishers, the usual suspects.

The results came back with something else entirely.

Near the top of the list: Urban VPN Proxy. A Chrome extension with over 6 million users. A 4.7-star rating from 58,000 reviews. A "Featured" badge from Google, meaning it had passed manual review and met what Google describes as "a high standard of user experience and design."

A free VPN promising privacy and security. Exactly the kind of tool someone installs when they want to protect themselves online.

We decided to look closer.

What We Found

Urban VPN Proxy targets conversations across ten AI platforms:

ChatGPT
Claude
Gemini
Microsoft Copilot
Perplexity
DeepSeek
Grok (xAI)
Meta AI

For each platform, the extension includes a dedicated "executor" script designed to intercept and capture conversations. The harvesting is enabled by default through hardcoded flags in the extension's configuration:

There is no user-facing toggle to disable this. The only way to stop the data collection is to uninstall the extension entirely.

How It Works

The data collection operates independently of the VPN functionality. Whether the VPN is connected or not, the harvesting runs continuously in the background.

Here's the technical breakdown:

1. Script injection into AI platforms

The extension monitors your browser tabs. When you visit any of the targeted AI platforms (ChatGPT, Claude, Gemini, etc.), it injects an "executor" script directly into the page. Each platform has its own dedicated script - chatgpt.js, claude.js, gemini.js, and so on.

2. Overriding native browser functions

Once injected, the script overrides fetch() and XMLHttpRequest - the fundamental browser APIs that handle all network requests. This is an aggressive technique. The script wraps the original functions so that every network request and response on that page passes through the extension's code first.

This means when Claude sends you a response, or when you submit a prompt to ChatGPT, the extension sees the raw API traffic before your browser even renders it.

3. Parsing and packaging

The injected script parses the intercepted API responses to extract conversation data - your prompts, the AI's responses, timestamps, conversation IDs. This data is packaged and sent via window.postMessage to the extension's content script, tagged with the identifier PANELOS_MESSAGE.

4. Exfiltration via background worker

The content script forwards the data to the extension's background service worker, which handles the actual exfiltration. The data is compressed and transmitted to Urban VPN's servers at endpoints including analytics.urban-vpn.com and stats.urban-vpn.com.

What gets captured:

Every prompt you send to the AI
Every response you receive
Conversation identifiers and timestamps
Session metadata
The specific AI platform and model used

The Timeline

The AI conversation harvesting wasn't always there. Based on our analysis:

Before version 5.5.0 : No AI harvesting functionality
July 9, 2025 : Version 5.5.0 released with AI harvesting enabled by default
July 2025 - Present : All user conversations with targeted AI platforms captured and exfiltrated

Chrome and Edge extensions auto-update by default. Users who installed Urban VPN for its stated purpose - VPN functionality - woke up one day with new code silently harvesting their AI conversations.

Anyone who used ChatGPT, Claude, Gemini, or the other targeted platforms while Urban VPN was installed after July 9, 2025 should assume those conversations are now on Urban VPN's servers and have been shared with third parties. Medical questions, financial details, proprietary code, personal dilemmas - all of it, sold for "marketing analytics purposes."

What "AI Protection" Actually Does

Urban VPN's Chrome Web Store listing promotes "AI protection" as a feature:

"Advanced VPN Protection - Our VPN provides added security features to help shield your browsing experience from phishing attempts, malware, intrusive ads and AI protection which checks prompts for personal data (like an email or phone number), checks AI chat responses for suspicious or unsafe links and displays a warning before click or submit your prompt."

The framing suggests the AI monitoring exists to protect you-checking for sensitive data you might accidentally share, warning you about suspicious links in responses.

The code tells a different story. The data collection and the "protection" notifications operate independently. Enabling or disabling the warning feature has no effect on whether your conversations are captured and exfiltrated. The extension harvests everything regardless.

"And that, Doctor, is why I have trust issues"

The protection feature shows occasional warnings about sharing sensitive data with AI companies. The harvesting feature sends that exact sensitive data - and everything else - to Urban VPN's own servers, where it's sold to advertisers. The extension warns you about sharing your email with ChatGPT while simultaneously exfiltrating your entire conversation to a data broker.

It Gets Worse

After documenting Urban VPN Proxy's behavior, we checked whether the same code existed elsewhere.

It did. The identical AI harvesting functionality appears in seven other extensions from the same publisher, across both Chrome and Edge:

Chrome Web Store:

Urban VPN Proxy - 6,000,000 users
1ClickVPN Proxy - 600,000 users
Urban Browser Guard - 40,000 users
Urban Ad Blocker - 10,000 users

Microsoft Edge Add-ons:

Urban VPN Proxy - 1,323,622 users
1ClickVPN Proxy - 36,459 users
Urban Browser Guard - 12,624 users
Urban Ad Blocker - 6,476 users

Total affected users: Over 8 million.

The extensions span different product categories, a VPN, an ad blocker, a "browser guard" security tool, but share the same surveillance backend. Users installing an ad blocker have no reason to expect their Claude conversations are being harvested.

All of these extensions carry "Featured" badges from their respective stores, except Urban Ad Blocker for Edge. These badges signal to users that the extensions have been reviewed and meet platform quality standards. For many users, a Featured badge is the difference between installing an extension and passing it by - it's an implicit endorsement from Google and Microsoft.

Who's Behind This

Urban VPN is operated by Urban Cyber Security Inc., which is affiliated with BiScience (B.I Science (2009) Ltd.), a data broker company.

This company has been on researchers' radar before. Security researchers Wladimir Palant and John Tuckner at Secure Annex have previously documented BiScience's data collection practices. Their research established that:

BiScience collects clickstream data (browsing history) from millions of users
Data is tied to persistent device identifiers, enabling re-identification
The company provides an SDK to third-party extension developers to collect and sell user data
BiScience sells this data through products like AdClarity and Clickstream OS

Our finding represents an expansion of this operation. BiScience has moved from collecting browsing history to harvesting complete AI conversations-a significantly more sensitive category of data.

The privacy policy confirms the data flow:

"We share the Web Browsing Data with our affiliated company... BiScience that uses this raw data and creates insights which are commercially used and shared with Business Partners"

The Disclosure Problem

To be fair, Urban VPN does disclose some of this-if you know where to look.

The consent prompt (shown during extension setup) mentions that the extension processes "ChatAI communication" along with "pages you visit" and "security signals." It states this is done "to provide these protections."

[Screenshot: Urban VPN consent prompt]

The privacy policy goes further, buried deep in the document:

"AI Inputs and Outputs. As part of the Browsing Data, we will collect the prompts and outputs queried by the End-User or generated by the AI chat provider, as applicable."

And:

"We also disclose the AI prompts for marketing analytics purposes."

However, the Chrome Web Store listing -the place where users actually decide whether to install-shows a different picture:

"This developer declares that your data is Not being sold to third parties, outside of the approved use cases"

The listing mentions the extension handles "Web history" and "Website content." It says nothing about AI conversations specifically.

The contradictions are significant:

The consent prompt frames AI monitoring as protective. The privacy policy reveals the data is sold for marketing.
The store listing says data isn't sold to third parties. The privacy policy describes sharing with BiScience, "Business Partners," and use for "marketing analytics."
Users who installed before July 2025 never saw the updated consent prompt-the AI harvesting was added via silent update in version 5.5.0.
Even users who see the consent prompt have no granular control. You can't accept the VPN but decline the AI harvesting. It's all or nothing.
Nothing indicates to users that the data collection continues even when the VPN is disconnected and the AI protection feature is turned off. The harvesting runs silently in the background regardless of what features the user has enabled.

Google's Role

Urban VPN Proxy carries Google's "Featured" badge on the Chrome Web Store. According to Google's documentation:

"Featured extensions follow our technical best practices and meet a high standard of user experience and design."

"Before it receives a Featured badge, the Chrome Web Store team must review each extension."

This means a human at Google reviewed Urban VPN Proxy and concluded it met their standards. Either the review didn't examine the code that harvests conversations from Google's own AI product (Gemini), or it did and didn't consider this a problem.

The Chrome Web Store's Limited Use policy explicitly prohibits "transferring or selling user data to third parties like advertising platforms, data brokers, or other information resellers." BiScience is, by its own description, a data broker.

The extension remains live and featured as of this writing.

Final Thoughts

Browser extensions occupy a unique position of trust. They run in the background, have broad access to your browsing activity, and auto-update without asking. When an extension promises privacy and security, users have little reason to suspect it's doing the opposite.

What makes this case notable isn't just the scale - 8 million users - or the sensitivity of the data - complete AI conversations. It's that these extensions passed review, earned Featured badges, and remained live for months while harvesting some of the most personal data users generate online. The marketplaces designed to protect users instead gave these extensions their stamp of approval.

If you have any of these extensions installed, uninstall them now. Assume any AI conversations you've had since July 2025 have been captured and shared with third parties.

This writeup was authored by the research team at Koi.

We built Koi to detect exactly these kinds of threats - extensions that slip past marketplace reviews and quietly exfiltrate sensitive data. Our risk engine, Wings, continuously monitors browser extensions to catch threats before they reach your team.

Book a demo to see how behavioral analysis catches what static review misses.

Stay safe out there.

IOCs

Chrome:

Urban VPN Proxy: eppiocemhmnlbhjplcgkofciiegomcon
Urban Browser Guard: almalgbpmcfpdaopimbdchdliminoign
Urban Ad Blocker: feflcgofneboehfdeebcfglbodaceghj
1ClickVPN Proxy for Chrome: pphgdbgldlmicfdkhondlafkiomnelnk

Edge:

Urban VPN Proxy: nimlmejbmnecnaghgmbahmbaddhjbecg
Urban Browser Guard: jckkfbfmofganecnnpfndfjifnimpcel
Urban Ad Blocker: gcogpdjkkamgkakkjgeefgpcheonclca
1ClickVPN Proxy for Edge: deopfbighgnpgfmhjeccdifdmhcjckoe

‍

[Sponsor] Finalist Daily Planner for iOS

Daring Fireball

finalist.works

2025-12-16 02:52:31

Finalist is an iOS planner rooted in paper. Originally an index card system, it grew into a love letter to paper planners. You know the kind, leather folders with colored tabs and translucent dividers. Unlike those old binders, Finalist fills itself with your calendars, reminders and weather foreca...

Original Article

By Slaven — Dec 16, 2025

My name is Slaven and Finalist is my passion project. It's a day planner I always wanted on my phone (and iPad, and Mac). It can help you be more intentional with your time.

Finalist's ideas are rooted in paper (I'm a huge paper nerd). The app started out as an index card system, and became a love letter to paper planners. You know the kind, leather folders with colored tabs and translucent dividers.

Unlike those old binders, Finalist fills itself with your calendars, reminders, Activity Rings, journal suggestions and weather forecast. Minimalist? Maybe not, but it's become a UI playground designed to inspire, and looks great on iPad and Mac too.

Think of it as three views into your time: Daily shows everything happening today, calendar, reminders, weather, habits, goals, all in one glance. It helps you triage tasks you missed yesterday, or punt stuff to tomorrow with a single tap.

Planner lets you zoom out to your week, month, or (just released) your whole year . Use the Intention Brush to paint meaning onto days ahead, those colors follow you throughout the app.

And Journal captures where you've been, with Activity Rings, photo stickers from Journal Suggestions, and room to reflect when needed.

Each part of the app is optional, use whatever feels right for you. But they all work together to help you stay focused, inspired and organized. Finalist was App of the Day on the App Store last month, Apple's take:

Making the most of our time by having everything all in one place.

Finalist is not my vision alone. It's a community-driven effort, with many passionate users expanding on what it can do. And if you have a friend or a family member who would enjoy it, please send them here.

So give it a try, I can't wait to hear what you think 😅
The email link is in the About box:

This Week in People’s History, Dec 17–23, 2025

Portside

portside.org

2025-12-16 02:29:42

This Week in People’s History, Dec 17–23, 2025 Jonathan Bennett Mon, 12/15/2025 - 21:29 ...

Original Article

‘Our Government May at Some Time Be in the Hands of a Bad Man’

DECEMBER 17 IS THE 164TH ANNIVERSARY of one of Frederick Douglass’s most well-remembered speeches, which has earned the appellation “Danger to the Republic”. Many of the issues that concerned Douglass more than a century-and-a-half ago are headline news at this very moment.

On that day in 1866, 20 months after the assassination of Abraham Lincoln and Andrew Johnson’s becoming President, Douglass spoke passionately to a Brooklyn audience about how some aspects of Johnson’s tenure were evidence of flaws in the U.S. Constitution.

For example, Douglass argued strongly that no President should have the power to pardon criminals at his sole discretion. He declared, “there is a good reason why we should do away with the pardoning power in the hands of the President, that is that our government may at some time be in the hands of a bad man.” If a bad man were to become President, according to Douglass, he could encourage his supporters to attempt a coup and tell them ‘I am with you. If you succeed, all is well. If you fail, I will interpose the shield of my pardon, and you are safe. . . . Go on,” and attempt a coup; “I will stand by you.”

Another issue causing Douglass great concern was the President’s power to appoint so many government officials and to require them to resign whenever he wanted to. As he put it, “The Constitution . . . . declares that the President may appoint with . . . . the Senate’s advice and consent, but custom and a certain laxity of administration has almost obliterated this feature of the Constitution, and now the President appoints, he not only appoints by and with the consent, but he has the power of removal, and with this power he virtually makes the agency of the Senate of the United States of no effect in the matter of appointments.”

Douglass delivered the same speech on at least a dozen occasions in as many U.S. cities between December 1866 and April 1867. To see the entire address, which includes many other criticisms of President Johnson that are surprisingly relevant to the concerns of 2025, visit https://frederickdouglasspapersproject.com/s/digitaledition/item/18126

Cracking Down on Radicals

DECEMBER 18 IS THE 230TH ANNIVERSARY of a moment when the British government aimed a hard legislative blow at growing political unrest. On this day in 1795 Parliament passed two draconian laws, the Seditious Meetings Act and the Treason Act.

The Seditious Meetings Act outlawed public meetings of more than 50 people. The Treason Act made it a crime to intend to do harm to the King. The maximum penalty for violating either of the acts was death.

The new laws were passed in reaction to a wave of widespread anti-monarchist sentiment that was encouraged by the ongoing French Revolution and by England’s war against the radical French regime, which had driven food prices so high that many workers with jobs could not afford enough to eat.

Many of the organizations that were targets of the Seditious Meetings Act disbanded soon after it passed, so very few prosecutions took place. All three prosecutions for violating the Treason Act resulted in acquittal. https://engagedscholarship.csuohio.edu/cgi/viewcontent.cgi?article=3739&context=clevstlrev

Emancipation, What Good Is It?

DECEMBER 19 IS THE 160TH ANNIVERSARY of the South Carolina legislature passing a law that, as the Equal Justice Initiative reports “forced recently emancipated Black citizens into subservient social relationships with white landowners, stating that ‘all persons of color who make contracts for service or labor, shall be known as servants, and those with whom they contract, shall be known as masters.’” For the complete account, visit https://calendar.eji.org/racial-injustice/dec/19

Folk Music at the Library

DECEMBER 20 IS THE 85TH ANNIVERSARY of a folk music concert at the Library of Congress, a performance of the Golden Gate Quartet with Josh White on guitar. It was the Library’s first folk music concert, beginning a tradition that has become a regular feature of Library of Congress events. https://www.loc.gov/research-centers/american-folklife-center/about-this-research-center/

New Direction for Jazz

DECEMBER 21 IS THE 65TH ANNIVERSARY of Ornette Colman and seven other musicians laying the foundation for the Free Jazz movement when they created the tracks that were later released by Atlantic Records as “Free Jazz: A Collective Improvisation.” The session personnel were alto saxophone – Ornette Coleman; bass – Charlie Haden and Scott LaFaro; bass clarinet – Eric Dolphy; drums – Billy Higgins and Ed Blackwell; trumpet – Freddie Hubbard; pocket trumpet – Donald Cherry. You can listen to the album here: https://youtu.be/iPDzlSda8P8?si=LBpCzRLfL6fpVRDc

For more People's History, visit
https://www.facebook.com/jonathan.bennett.7771/

Rollstack (YC W23) Is Hiring Multiple Software Engineers (TypeScript) US/Canada

Hacker News

www.ycombinator.com

2025-12-16 01:51:50

Comments...

Original Article

Automate data-driven slide decks and documents with AI

Software Engineer (TypeScript) - US/Canada

$140K - $240K • 0.10% - 0.20% • US / CA / Remote (US; CA)

Role

Engineering, Full stack

Skills

TypeScript, Node.js, React

Apply to

Rollstack

and hundreds of other fast-growing YC startups with a single profile.

Apply to role ›

About the role

The Company

At Rollstack, we are revolutionizing the way businesses share and communicate data and insights. Organizations worldwide rely on slide decks and documents to make informed decisions, whether for leadership, clients, or partners. Yet, preparing these materials often consumes countless hours. Rollstack fully automates that.

We help some of the world's leading organizations, from mid-sized to public companies like SoFi, Zillow and Whirlpool, in automating their slide decks and documents. Headquartered in New York, we offer a remote-friendly workplace and are backed by Insight Partners and Y Combinator, the most successful startup incubator in the world that produced the likes of Airbnb, Twitch, Instacart, Dropbox, Reddit, Doordash, Stripe, Coinbase, etc.

Our team operates with speed and focus to deliver outsized impacts for our customers. We approach every challenge with first principles, never assuming things have to be done a certain way. We are a diverse team that believes intelligence and kindness go hand in hand, welcoming individuals from all backgrounds. Our persistence and rapid execution define us as a category leader and a future generational company.

About the Role

As a Software Engineer at Rollstack, you’ll build core features that automate how companies share data through slides and documents. You’ll work across the stack on integrations, AI insights, and performance optimization. This role is ideal for engineers who thrive on impact, autonomy, and fast-paced product development.

As a Software Engineer, you will

Help build the missing piece of the modern data stack: Reporting Automation
Build new user-facing features with everything from database models to async workflows and UI components.
Develop features like AI insights, native charts, and collections.
Optimize our data synchronization by leveraging better technologies and protocols.
Build integrations with BI tools like Tableau, Looker, and Metabase.
Build integrations with content platforms like Google Slides, PowerPoint, and Notion.
Define and implement best practices with the latest web technologies across the stack.

Tech

TypeScript + React frontend with Tailwind CSS and Shadcn/UI , using modern hooks for composable UI and fast iteration.
Node.js backend with a sync engine using Prisma ORM and Temporal workflows, powering internal services.
K8s platform on AWS , deployed with Argo CD for zero‑downtime releases and easy rollbacks.
Logs in SigNoz , application tracing in Sentry, and product analytics in PostHog .
Generative‑AI layer powered by OpenAI API, Gemini, LangChain, and Langfuse to deliver automated insights.
Issue tracking with Linear .

Who We Are Looking For

3-8 years of related professional work experience (after graduation).
Has been building in TypeScript during the last 2 years.
Has been building backend in Node.js during the last 2 years.
Has been building frontend in React during the last 2 years.
Strong software engineering fundamentals, including knowledge of algorithms and data structures.
Strong experience collaborating with PMs, designers & engineers to build new products and features.
Good understanding of CI/CD and Cloud infrastructure.

Why Join Us

Join a Y Combinator-backed company that’s redefining how individuals and teams, across industries and around the world, work smarter and faster.
Work alongside an exceptional team of builders and operators, including alumni from Amazon, Meta, Pinterest, Tesla, and AiFi.
Be part of a fully remote, globally diverse workplace that values autonomy, impact, and collaboration.
Contribute to a product that users love and that truly sells itself, built by a world-class product and engineering team.
Look forward to bi-annual team off-sites in destinations that belong on your travel bucket list.
Earn competitive compensation and meaningful equity in a fast-moving, high-leverage startup where your work directly shapes the company’s trajectory.

About the interview

At Rollstack, we’re looking for engineers who enjoy iterating, shipping quickly, and solving customers' problems. We want individuals who exhibit a strong sense of ownership and have a get-things-done mentality. Our engineering team defines and drives its technical agenda to continuously iterate on the product and solve our customers' most important problems.
Our interview process is designed to find these kinds of engineers:

Two technical interviews, one with our CTO and one with one of our engineers. The format is some technical questions and some live coding exercises. We also try to ask questions relevant to the type of product we build. Use the language of your choice during these interviews.
Two fit interviews with the other cofounders. These are not technical.

About Rollstack

Rollstack is solving the last mile problem in the modern data stack and creating a new category: Reports Automation. We connect BI tools to slide decks and documents, automating their generation and updates.

We help some of the world's leading organizations—from mid-sized to public companies like SoFi, Zillow and Whirlpool—in automating their slide decks and documents. Headquartered in New York, we offer a remote-friendly workplace and are backed by Insight Partners and Y Combinator, the most successful startup incubator in the world that produced the likes of Airbnb, Twitch, Instacart, Dropbox, Reddit, Doordash, Stripe, Coinbase, etc.

Our team operates with speed and focus to deliver outsized impacts for our customers. We approach every challenge with first principles, never assuming things have to be done a certain way. We are a diverse team that believes intelligence and kindness go hand in hand, welcoming individuals from all backgrounds. Our persistence and rapid execution define us as a category leader and a future generational company.

Founded: 2022

Batch: W23

Team Size: 25

Status: Active

Location: New York

Founders

Inside Chicago’s Neighborhood ICE Resistance

Portside

portside.org

2025-12-16 01:46:13

Inside Chicago’s Neighborhood ICE Resistance Mark Brody Mon, 12/15/2025 - 20:46 ...

Original Article

Lucy says she starts early because ICE starts early. It’s around eight o’clock one Thursday morning in late October, at a coffee shop in Back of the Yards , a neighborhood on Chicago’s Southwest Side. Taped inside the shop’s glass door, a sign warns ICE not to enter without a judicial warrant. (The agents very rarely bother to get one.) More signs surround it: “Hands Off Chicago”; “Migra: Fuera de Chicago”; the phone number to report ICE activity. (These are all over town.) Free whistles sit at the register. Lucy buys a black coffee from the barista and joins me at a table, checking her phone for messages about potential sightings—not just of ICE, but also Customs and Border Protection and other federal agencies, such as the FBI and ATF, tasked with arresting immigrants in neighborhoods like this one. She has dark hair and a few tattoos reaching past her shirtsleeves, and, even at this early hour, her eyeliner is precise. As we wait, we stare out the café window at a nearly empty street, toward a candy-colored mural of clouds over a desert sunset. “There should be a street vendor right there,” Lucy says. There should be more than one. “It shouldn’t be this quiet.”

Volunteers like Lucy, doing ICE or migra watch shifts across the city, tend to work in their own neighborhoods. They are part of a network of rapid-response groups that have sprung up over the last few months to protect immigrant communities from the Trump administration’s brutal, far-reaching “mass deportation” program, led by Department of Homeland Security director Kristi Noem. It would easily take dozens of pages to provide a full accounting of the abductions, arrests, and protests that have taken place in Chicago as of mid-November. The Illinois Coalition for Immigrant and Refugee Rights , or ICIRR, posted verified sightings of federal immigration agents nearly every day in September and October. Shortly before I met Lucy, ICIRR identified federal agents in at least nine Chicago neighborhoods and suburbs on a single day: Melrose Park, Oak Park, Cicero, and more, as well as at the Kane County Courthouse and the O’Hare International Airport. At O’Hare, according to reports verified by ICIRR, at least 20 agents shut down exits at rideshare lots, demanded identification from drivers, and detained multiple people. All told, according to the Department for Homeland Security, more than 4,000 people in the city have been taken off the streets by federal agents and held in immigration detention facilities since September, in what the Trump administration calls “ Operation Midway Blitz .”

The crackdown is vast, the stakes could hardly be higher, and the response from Chicagoans has been profound and far-reaching. The mayor signed an executive order designating city-owned property as “ICE Free Zones.” A federal judge required some of those overseeing the operation, such as Border Patrol commander Gregory Bovino, to testify under oath, and set schedules for them to update the court on the operation. But neither political nor legal interventions have managed to meaningfully interrupt what’s going on. ICE-free zones, residents report , do not stop ICE. And the slow-moving legal system can’t prevent agents from violating residents’ constitutional rights; indeed, the system largely functions to offer redress after the fact. Even when courts have ordered Immigration and Customs Enforcement or CBP to cease some violent action, such as lobbing tear gas into residential neighborhoods, agents ignored them. The scores of terrifying arrests continued.

The one response that has been genuinely effective has come from community members—ordinary residents who have come together, trained one another, and connected across neighborhoods to form groups like the Southwest Side Rapid Response Team . They have eyes on the street, the trust of their neighbors, and the ability to intervene practically instantaneously, sharing information with the ICE-activity hotline that operates across the state. They can record evidence and pass it along in seconds to rights groups, news media, and social media. Blending protest and direct action, they are offering something concrete to Chicagoans who want to express their opposition to Donald Trump’s war on immigrants. This is true movement-building, a project that may endure after this particular threat to immigrant communities, even after this regime. ICE, CBP, and others have violently retaliated against these groups in part because the agencies correctly understand what many do not: Organized neighbors are mounting an effective defense, and an organized movement is a formidable adversary.

On the far Southwest Side of Chicago, by Lucy’s estimate, hundreds of people have been working together since early September to defend their neighbors, joining thousands across the city. Just outside the parking lot of a nearby Home Depot on Western, a broad street dividing Brighton Park from Back of the Yards, one community group starts its shift at six in the morning: a couple of people with a table, folding chairs, and free coffee. Not far away, ICE uses the parking lot of a strip mall as a temporary base. Enforcement officers gather here, their faces covered in balaclavas, name badges stripped off their uniforms. They idle in their unmarked vehicles, some with the license plates removed. Then they caravan together to pick off people setting up food carts, taking their kids to school, or just out walking alone.

That’s when the notifications will hit Lucy’s phone, as well as hundreds, if not thousands, of other phones, passing messages within neighborhoods. “OK, let’s go to one spot,” Lucy says, grabbing her coffee and picking up a banana for later. She has a report of two suspected ICE vehicles nearby. Now she’ll try to verify the report before it gets shared more widely. If she can, she’ll trail them and report where they’re going, sending word through the network so that others close by can alert the neighborhood with their whistles, follow in their cars, and generally try to make ICE’s work as difficult as possible.

It’s no surprise, then, that these efforts have been cast by Noem and other officials as violent and criminal. Almost all of the people to whom I spoke for this story chose to use pseudonyms, to ensure that they can keep doing community defense work in this environment of new and escalating legal threats. Some are also immigrants or have immigrant family members to protect. People are risking a great deal to defend their neighbors, their students, their co-workers, and their customers, while trying to withstand the chaos caused by armed, masked federal officers operating on Chicago streets with apparent impunity. “What they’re doing is an occupation,” Lucy says. “It’s lawless.” And anybody questioning this reality, she tells me, “is living in their own fantasy land.”

The administration’s attack on Chicago began in early 2025 , soon after Trump returned to the White House. Trump dispatched to the city his “border czar” Tom Homan, who belonged to ICE leadership under Barack Obama and was the architect of the family separation policy in Trump’s first term. With him, Homan brought along the television personality Dr. Phil McGraw, who was expected to broadcast the arrests as “exclusive” programming on his own streaming channel (launched when his long-running CBS show was canceled, reportedly for losing advertisers, after McGraw welcomed guests pushing far-right politics and conspiracy theories to his couch). The idea was to hit the streets with geared-up ICE agents and produce COPS -like online content along with terror. But the very public attack backfired: Although it generated news B-roll, it also galvanized Chicago residents, who shared legal resources with their neighbors and whose response may have helped drive down arrests. That’s what Homan seemed to believe. When he was asked about the operation on CNN, Homan complained that Chicagoans pursued by immigration officers were “very well-educated” on their legal rights. “They call it know-your-rights,” Homan said . “I call it how-to-escape-arrest.” It appeared that the agency had backed down on the operation. ICE instead focused on Los Angeles and Washington, D.C., to hone its tactics, giving community organizers in Chicago a few months to prepare.

While many of the rapid-response groups that formed during that period were new, and many people new to community defense work joined, the effort was “not our first rodeo,” as Lucy noted. Chicago is a big city, but the Southwest Side still feels like “an incredibly small town,” she explained, in which many of the community networks now involved in ICE watch already existed. Long before this wave of neighborhood organizing in Back of the Yards, immigrant workers at the Union Stockyards , Chicago’s meatpacking district, organized their own communities. Saul Alinsky’s famed neighborhood-based approach to community organizing took shape here. The European immigrant families are now mostly gone, but the Mexican immigrants who have lived and organized in the neighborhood since the 1920s remain, now joined by multiple new generations, most recently from Venezuela.

Many of the Venezuelan immigrants were forcibly bused to Chicago from Texas by Governor Greg Abbott beginning in 2022. Their arrival increased stress in some communities on the Southwest Side, where work and resources were already strained. But it also tied some communities closer together, with “lots of mutual aid work,” Lucy said. These mutual aid efforts served as a safety net for new immigrants in the city, often before the city offered them resources. Over the years, many were able to establish themselves. “It was honestly very cool,” Lucy remembered, to witness Mexican and Venezuelan food vendors working right next to each other. “It was something that we hadn’t seen.”

These are now some of the immigrants whose neighbors have come out to defend them from ICE. Even those who are at high risk of being detained have joined the rapid-response networks, whether to watch and report possible ICE activity or to visit with neighbors and document what happens after a family member is taken. By the time ICE launched its operation in Chicago in early September, neighborhoods were ready. Homan’s complaints were accurate: They were educated and they were trained. Now, when ICE arrives, “sometimes it’s not even the rapid-response team that starts with the whistles and the honking,” Lucy explained. “It’s the neighbors on the block.”

A photo from October 11, Illinois State Police detained someone after declaring an “unlawful assembly” near the ICE detention facility in Broadview

On October 11, Illinois State Police detained someone after declaring an “unlawful assembly” near the ICE detention facility in Broadview. ADAM GRAY/ASSOCIATED PRESS

ICE or migra watch is a practice that grew out of the community defense strategies developed by the Black Panthers in the late 1960s, which inspired cop-watching across the country. It is most visible on the streets, where pairs or teams document law enforcement in their own neighborhoods. Participants used to use handheld video cameras; now their cell phone cameras do the job. But the work extends beyond the moments the officers are recorded. Over time, through direct experience, cop-watch groups come to understand patterns of policing. Some track and request public records of law enforcement activities to learn more. They educate their neighbors about their rights when police stop their cars or come to their doors, and coordinate care and outreach to support neighbors harmed by policing.

During the first Trump administration, immigrant rights groups in Chicago, like Organized Communities Against Deportations , were monitoring ICE and developing deportation defense, said Rey Wences, then a volunteer with OCAD and now the senior director of deportation defense at ICIRR. But it was after working alongside Black-led racial justice groups in the city, such as Black Youth Project 100 and Assata’s Daughters, that migra watch evolved. “We saw the connections,” Wences said, between deportation defense and cop watch, and OCAD asked if it could work with the other groups to build something tailored to watching ICE. The migra watch training ICIRR now leads drew inspiration from all those efforts. In September and October alone, Wences said, ICIRR trained more than 6,700 people. It feels like the organizing has reached “a critical mass,” they said. Indeed, ICIRR was only one of many groups training people up—“like a muscle we all flexed.” As with cop watch, ICE watch is not only a form of protest; it builds and demonstrates a kind of safety net that law enforcement cannot provide—that, in fact, law enforcement actively undermines.

Contrary to the claims of Homan and many others in the Trump administration, federal agents drafted into anti-immigration enforcement operations do not protect residents from crime; they bring violence into communities, targeting not only the people they seek to arrest, but anyone whom they think stands in their way. They have shot tear gas onto residential streets, pepper-sprayed children and bystanders, pepper-balled clergy , and fired “ less-lethal ” weapons directly at press and protesters alike. In November, U.S. District Judge Sara Ellis issued a preliminary injunction limiting immigration agents’ use of force in Chicago, saying from the bench that their behavior “shocks the conscience.”

The injunction came as a result of a legal challenge filed by demonstrators, religious practitioners, and journalists ( including the Chicago News Guild, which is part of the national NewsGuild-CWA, as is The New Republic ’s union, the NewsGuild of New York). The challenge argued that federal agents’ use of force violated constitutionally protected protest and religious and news gathering activities. In her ruling, Judge Ellis singled out Border Patrol commander Bovino—who is often the only unmasked and clearly identified federal officer on the scene of ICE abductions and violence against community members— stating that Bovino repeatedly lied under oath about agents’ use of force. Hours later, Bovino was out with a caravan on the Southwest Side, as federal agents fired pepper balls at a moving vehicle in Gage Park and pointed rifles at people in Little Village. The operation, he told the Chicago Tribune , was “going very violent.”

At the Back of the Yards parking lot where ICE and other federal agents had mobilized, community organizers and students at the high school across the street have been pressuring the property owners, Friedman Real Estate, to refuse ICE access to the lot. The volunteers kept showing up, as early as they could, staying as late as they could, to patrol the lot and send the message to ICE agents that they, too, were being watched. They took photos of agents and took down their plates. After their constant patrolling, Lucy said, they saw ICE less frequently at that lot. The empty plaza I had passed that morning was a sign of success.

“I like to say they’re running from us,” Lucy said. “If we’re not already there, we’re coming in like two minutes.”

That morning in late October, driving slowly past family homes on tidy, city-size lawns, we see very few people out. Lucy pauses to let an older person pushing a cart of groceries cross the street. We pass “No Trespassing/Private Property” signs, a warning to ICE, and jack-o’-lanterns on porches. We drive by a patch of yellow marigolds pushing through a chain-link fence, a few clusters of banana-leaf plants. Every few minutes, the car’s sound system broadcasts notifications from Lucy’s phone, a specific ringtone she set just for rapid-response messages coming in. She gets updates on the cars we’re looking for: a boxy, oversize Jeep Wagoneer and an extra-large GMC Yukon truck. Over the weeks, the kinds of cars ICE uses have become very familiar.

Inflatable Halloween decorations wave in some of the front yards we pass. Outside of Gage Park High School, we pause to chat with a crossing guard in a yellow vest. Lucy rolls down the window. “I’m a neighbor in the area,” she explains. “We’re doing ICE watch, so just looking out for ICE vehicles.” New message notifications ding again. “We got reports of a Wagoneer, which, you don’t see too many Wagoneers around here, they’re long and boxy…. I figured I would let you know, just in case.” Before she is done, the crossing guard is already repeating, “Just in case. All right. Thank you,” like this happens all the time. It’s not her first rodeo either.

“Operation Midway Blitz” is not merely an immigration enforcement operation; it is a monthslong offensive meant to break down people’s resistance, a deliberate campaign of political violence and social disruption. Such brutal anti-immigration policing itself is not new, even if it may be newly evident to people in Los Angeles, Washington, and elsewhere, who have not experienced their family and neighbors disappearing. But it is new that ICE and Border Patrol are rolling out daily in caravans; it is new that Border Patrol is unleashing tear gas and firing flash-bang grenades at bystanders. It’s also new that all this is happening at once to a whole city.

ICE has also turned on those residents who dare document and track them across the city. On October 20, reported The TRiiBE, a local independent news site, an attorney named Scott Sakiyama, who had been following immigration agents in his car, was detained by them at gunpoint. Sakiyama had defended a man who had faced federal charges for allegedly assaulting a Border Patrol agent outside the immigrant “processing center” in Broadview, an inner suburb of Chicago. The government had already dropped the prosecution. But when Sakiyama spotted armed, masked immigration agents driving in Oak Park and blew a whistle to alert neighbors, agents stopped him. “Exit your vehicle, or we’re gonna break your window and we’ll drag you out,” one said. This all took place across the street from Abraham Lincoln Elementary School, where one of Sakiyama’s kids is a student. He was loaded into the agents’ vehicle and driven to the Broadview detention facility, where he was merely given a citation and returned to his car. “The federal government is intent on abusing its power to kidnap and violate the rights of our friends and neighbors,” Sakiyama wrote in an Oak Park neighborhood Facebook group, “and now, they say it is a crime to tell your neighbors this is happening.” He encouraged people to attend a rapid-response training and start their own whistle brigade. ICIRR now holds virtual trainings every week; the one I dropped in on in late October was attended by more than a thousand people from dozens of neighborhoods.

A photo from November 14, at a protest outside the Broadview detention center, Megan Siegel held hands with her daughter, Matilda.

On November 14, at a protest outside the Broadview detention center, Megan Siegel held hands with her daughter, Matilda. CHRIS SWEDA/CHICAGO TRIBUNE/TRIBUNE NEWS SERVICE/GETTY

As community-based defense projects have ramped up, some local elected officials have supported them. Some, like Alderwoman Jessie Fuentes, have been detained while defending their constituents. Others have ignored their constituents, or, in the case of Democratic Alderman Raymond Lopez, who represents part of Back of the Yards, welcomed Tom Homan and defended Operation Midway Blitz. On a night in late October when Lopez was scheduled to have open office hours, the doors were locked and the lights were off as community members announced a protest there. Jaime Perez said his girlfriend, a tamale vendor, was taken by ICE near 47th Street and Western, and his calls to Lopez for help were ignored. “He wouldn’t come to the phone,” Perez said. As the sun set, Leslie Cortez spoke about the raid she witnessed on 47th Street. “Our community deserves someone who will fight for us,” she said, “not against us.” Before they left, they taped a letter to Lopez’s office door demanding that he resign.

But among even the more sympathetic government leadership, Chicagoans’ political efforts to protect immigrant communities have only gone so far. Chicago Mayor Brandon Johnson has referred to the protection afforded by the city’s welcoming ordinance , which is meant to prohibit collaboration between immigration officers and Chicago police, but when ICE and Border Patrol roll through city neighborhoods, the police have been right there. Residents have been told that Chicago police are prohibited from engaging in immigration enforcement (unless ordered to do so by a court), when they can see with their own eyes that Chicago cops are clearing roads for the fleets of sports-utility vehicles and oversize trucks used by ICE and Border Patrol to haul people to Broadview. Illinois Governor JB Pritzker has gained a national reputation as a leader who stands up to Trump and his mass deportation machine, but outside Broadview, where activists, religious leaders, and media gather, the officers firing tear gas and pepper balls at them are Illinois State Police, sent there, according to Pritzker, to “ensure people could safely express their rights.”

Some of the time on migra watch, it can look like nothing is happening. We drive in silence, weaving between Back of the Yards, Gage Park, and Brighton Park, past bakeries and salons and auto body shops, looking twice at any oversize car we see. Suddenly, Lucy asks her phone for directions. “So they are here,” she says. “I’ll keep my distance.” More notifications are going off. Lucy sees what might be an ICE SUV, but as she puts on her blinker and turns to follow, a Chicago Police Department car pulls across her car’s path. Local cops are not supposed to be out here. We hear people honking, leaning on their horns, not that far off. “Is the honking because it’s—” I start to ask, and she says it is, as she grabs a few things in case she needs to hop out and starts dictating a message: “I’m pretty sure I saw that large white SUV, no plates in the front, but as I tried to turn, CPD kind of blocked me.” She gives the intersection where CPD still is. Regardless of the reason the police were there, now she’s lost sight of the SUV. She plays back a video from a few minutes ago on her phone, hoping it shows the direction of the SUV, and the honking fills the car speakers. A few other people saw the SUV as well; Lucy is following their directions now. “It seems like there’s a lot of people out right now,” she says, “which is nice.”

As we drive, we see them, more and more people out on the streets, watching. On a corner at a gas station, a small group of people, some in KN95 masks, stand on the grassy strip at the side of the road, watching. At the Home Depot, Lucy parks and hops out to say “hi” to the people at the table near the parking lot, expecting them to shut down for the morning. A new shift of volunteers, however, has come to stay longer. Another small group is out on a side street lined with houses: four young people in hoodies and puffer coats. They repeat the ICIRR hotline number on a megaphone as they walk. Lucy tells them about what she saw, and they head right back out on foot. “Small town, small town,” Lucy says to me, and we drive off.

We loop around a few more times, checking out a nearby park. We’ve been out for 40 minutes; to me it feels like five. The adrenaline, even at this distance from the action, warps time and attention—every siren might be something. A helicopter looms overhead. When we drive past the crossing guard again, she and Lucy exchange friendly waves.

It can feel like ICE agents are everywhere. That, presumably, is how they want it to feel. At the same time, more and more people who have never engaged in anything like these actions before are purposefully running toward the trouble. As much as their resistance can appear organic and spontaneous—and some of it is—it’s supported by deliberate effort, an infrastructure working to help them expand their tolerance for taking risks.

There’s the know-your-rights trainings, which, like ICE watch trainings, long predate this moment. In the past, however, those were typically offered within a smaller community made up mostly of other organizers. Since Midway Blitz, the groups ramped up because ICE ramped up. They had to scale up know-your-rights trainings to work for mass audiences. They needed to do more than just arm people with information about their rights; now they had to teach “what do you do when an agent is right there,” Lucy said, “right outside your door or right in front of you.” Learning that, she said, enables them to walk out the door and “blow their whistle the minute they identify a car.” Once people know how to defend their own rights, in other words, they don’t stop there—as the last months in Chicago have shown, they turn to defending others.

Intentional or not, this way of spreading rapid-response work ensures that there’s no one point of failure. Multiple groups are employing multiple communication platforms, and generating new methods as they go. New people join them, “just coming up with their own ideas on how to defend Chicago,” as Lucy put it. It turns out that you can’t just gas and detain everyone in the streets. There will be more people tomorrow.

On her phone, Lucy sees that Customs and Border Protection are a few neighborhoods away, in Little Village. A video from the scene plays over the speakers as we drive, birdsong and car sounds and a man calling, “Hey, how you doing!” and what might have been someone else yelling “Fucker!” We can’t join; Lucy’s shift is done, and she has to go to work. By the time I could get there, it will likely have ended. She offers to drop me at the train station. On the platform, I watch a Facebook Live video from the scene, streams of hearts and sad crying emojis floating up over an intersection flooded with Chicago police.

A photo of signs that inform federal agents that they do not have consent to enter without a valid judicial warrant.

All over Chicago, signs inform federal agents that they do not have consent to enter without a valid judicial warrant. JACEK BOCZARSKI/ANADOLU/GETTY

Baltazar Enriquez had been recording ICE for almost an hour by the time I tune in. He was following the federal agents’ caravan at the same time that, a few neighborhoods away, we were driving around Back of the Yards. Witnesses hopped out of their cars, turning their phones toward the agents and yelling, “Shame! Shame! Where’s your warrant? Why are you terrorizing us? Why? Why?” They walked toward the agents, phones up. One woman had a megaphone. The agents kept their faces fully covered with black and camo balaclavas and reflective sports sunglasses. They pointed their long guns at the ground as they paced. “Leave! Leave!” A few agents got back into their white SUV. There was Gregory Bovino, standing next to an agent in a gas mask holding a weapon with a tear gas canister. “Don’t do it! Don’t do it, Bovino.” Overhead, a helicopter buzzed. “ICE go home. ICE go home.” Chicago police formed a line as the feds retreated behind them. The people clustered at an intersection. Someone wore an inflatable pink axolotl costume, Mexican and American flags flew, whistles were distributed. I was still on the train when Baltazar, streaming on Facebook, asked some people to walk with him to another neighborhood to patrol—“Gage Park,” he said, where Lucy and I had just been—and logged off. It was hard to reconcile the violence on the live stream 15 minutes away and the quiet around us. No one was taken from any street we passed. It could feel like nothing happened, except for all the people we saw as we were watching, watching, too.

Melissa Gira Grant is a staff writer at The New Republic and the author of Playing the Whore: The Work of Sex Work.

Quoting Kent Beck

Simon Willison

simonwillison.net

2025-12-16 01:25:37

I’ve been watching junior developers use AI coding assistants well. Not vibe coding—not accepting whatever the AI spits out. Augmented coding: using AI to accelerate learning while maintaining quality. [...] The juniors working this way compress their ramp dramatically. Tasks that used to take days ...

Original Article

I’ve been watching junior developers use AI coding assistants well. Not vibe coding—not accepting whatever the AI spits out. Augmented coding: using AI to accelerate learning while maintaining quality. [...]

The juniors working this way compress their ramp dramatically. Tasks that used to take days take hours. Not because the AI does the work, but because the AI collapses the search space. Instead of spending three hours figuring out which API to use, they spend twenty minutes evaluating options the AI surfaced. The time freed this way isn’t invested in another unprofitable feature, though, it’s invested in learning. [...]

If you’re an engineering manager thinking about hiring: The junior bet has gotten better. Not because juniors have changed, but because the genie, used well, accelerates learning.

— Kent Beck , The Bet On Juniors Just Got Better

i'm just having fun

Lobsters

jyn.dev

2025-12-16 01:16:12

Comments...

Original Article

IT IS ONLY COMPUTER

Reilly Wood

i work professionally on a compiler and write about build systems in my free time and as a result people often say things to me like "reading your posts points to me how really smart you are" or "reading a lot of this shit makes me feel super small". this makes me quite uncomfortable and is not the reaction i'm seeking when i write blog posts.

it's not a competition

i mean, in some sense if you work as a professional programmer it is a competition, because the job market sucks right now. but i think usually when people say they feel dumb, it's not in the sense of "how am i supposed to get a job when jyn exists" but more "jyn can do things i can't and that makes me feel bad".

you can do hard things

all the things i know i learned by experimenting with them, or by reading books or posts or man pages or really obscure error messages. sometimes there's a trick to it but sometimes it's just hard work . i am not magic. you can learn these things too .

everyone has their own area of specialization

if you don't want to spend a bunch of time learning about how computers work, you don't have to! not knowing about gory computer internals does not make you dumb or computer illiterate or anything. everyone has their own specialty and mine is compilers and build systems. i don't know jack shit about economics or medicine! having a different specialty than me doesn't mean you're dumb.

i really hate that computing and STEM have this mystique in our society. to the extent that engineering demonstrates intelligence, it's by repeatedly forcing you to confront the results of your own mistakes , in such a way that errors can't be ignored. there are lots of ways to do that which don't involve programming or college-level math! performance art and carpentry and running your own business or household all force you to confront your own mistakes in this way and deserve no less respect than STEM.

if i can't feminize my compiler, what's the point?

by and large, when i learn new things about computers, it's because i'm fucking around. the fucking around is the point. if all the writing helps people learn and come up with cool new ideas, that's neat too.

half the time the fucking around is just to make people say "jyn NO". half the time it's because i want to make art with my code. i really, sincerely, believe that art is one of the most important uses for a computer.

i'm not doing this for the money. i happened to get very lucky that my passion pays very well, but i got into this industry before realizing how much programmers actually make, and now that i work for a european company i don't make US tech salaries anyway. i do it for the love of the game.

some extracts from the jyn computer experience:

a series of quotes such as "jyn yeah you're fucking insane" and "what the actual fuck. but also i love it"

screenshot of a discord conversation. it reads: jyn: for a while i had a custom build of rustc whose version string said “love you love you love you” in purple. jyn: i should bring that back now that i work on ferrocene. anon: You've heard of cargo mommy now get ready for rustc tsundere

screenshot of a shell command showing the version of a custom-built rustc. it says "Ferrocene rolling love you love you love you", with the "love you"s in purple.

my advice

you really shouldn't take advice from me lol the WWII survivorship bias plane, with red dots indicating bullet holes on the wings, tail, and central body

however! if you are determined to do so anyway, what i can do is point you towards:

places to start fucking around and finding out

highest thing i can recommend is building a tool for yourself. maybe it's a spreadsheet that saves you an hour of work a week. maybe it's a little website you play around with. maybe it's something in RPGmaker. the exact thing doesn't matter, the important part is that it's fun and you have something real at the end of it, which motivates you to keep going even when the computer is breaking in three ways you didn't even know were possible.

second thing i can recommend is looking at things other people have built. you won't understand all of it and that's ok. pick a part of it that looks interesting and do a deep dive on how it works.

i can recommend the following places to look when you're getting started:

most importantly, remember: Practice Guide for Computer

‘A Brief History of Times New Roman’

Daring Fireball

typographyforlawyers.com

2025-12-16 01:03:17

One more from Matthew Butterick, from his Typography for Lawyers, and a good pairing with Mark Simonson’s “The Scourge of Arial”: Yet it’s an open question whether its longevity is attributable to its quality or merely its ubiquity. Helvetica still inspires enough affection to have been the subj...

Original Article

A brief history of Times New Roman

Times New Roman gets its name from the Times of London, the British newspaper. In 1929, the Times hired typographer Stanley Morison to create a new text font. Morison led the project, supervising Victor Lardent, an advertising artist for the Times , who drew the letterforms.

Even when new, Times New Roman had its critics. In his typographic memoir, A Tally of Types , Morison good-naturedly imagined what William Morris (responsible for the opening illustration in page layout ) might have said about it: “As a new face it should, by the grace of God and the art of man, have been broad and open, generous and ample; instead, by the vice of Mammon and the misery of the machine, it is bigoted and narrow, mean and puritan.”

Because it was used in a daily newspaper, the new font quickly became popular among printers of the day. In the decades since, typesetting devices have evolved, but Times New Roman has always been one of the first fonts available for each new device (including personal computers). This, in turn, has only increased its reach.

Objectively, there’s nothing wrong with Times New Roman. It was designed for a newspaper, so it’s a bit narrower than most text fonts— especially the bold style . (Newspapers prefer narrow fonts because they fit more text per line.) The italic is mediocre. But those aren’t fatal flaws. Times New Roman is a workhorse font that’s been successful for a reason.

Yet it’s an open question whether its longevity is attributable to its quality or merely its ubiquity. Helvetica still inspires enough affection to have been the subject of a 2007 documentary feature. Times New Roman, meanwhile, has not attracted similar acts of homage.

Why not? Fame has a dark side. When Times New Roman appears in a book, document, or advertisement, it connotes apathy. It says, “I submitted to the font of least resistance.” Times New Roman is not a font choice so much as the absence of a font choice, like the blackness of deep space is not a color. To look at Times New Roman is to gaze into the void.

This is how Times New Roman accrued its reputation as the default font of the legal profession—it’s the default font of everything. As a result, many lawyers erroneously assume that courts demand 12-point Times New Roman. In fact, I’ve never found one that does. (But there is one notable court that forbids it—see court opinions .) In general, lawyers keep using it not because they must, but because it’s familiar and entrenched—much like those obsolete typewriter habits .

If you have a choice about using Times New Roman, please stop . You have plenty of better alternatives—whether it’s a different system font or one of the many professional fonts shown in this chapter.

SoundCloud confirms breach after member data stolen, VPN access disrupted

Bleeping Computer

www.bleepingcomputer.com

2025-12-16 00:38:47

Audio streaming platform SoundCloud has confirmed that outages and VPN connection issues over the past few days were caused by a security breach in which threat actors stole a database containing user information. [...]...

Original Article

SoundCloud

Audio streaming platform SoundCloud has confirmed that outages and VPN connection issues over the past few days were caused by a security breach in which threat actors stole a database containing user information.

The disclosure follows widespread reports over the past four days from users who were unable to access SoundCloud when connecting via VPN, with attempts resulting in the site displaying 403 "forbidden" errors.

In a statement shared with BleepingComputer, SoundCloud said it recently detected unauthorized activity involving an ancillary service dashboard and activated its incident response procedures.

SoundCloud acknowledged that a threat actor accessed some of its data but said the exposure was limited in scope.

"We understand that a purported threat actor group accessed certain limited data that we hold," SoundCloud told BleepingComputer.

"We have completed an investigation into the data that was impacted, and no sensitive data (such as financial or password data) has been accessed. The data involved consisted only of email addresses and information already visible on public SoundCloud profiles."

BleepingComputer has learned that the breach affects 20% of SoundCloud’s users, which, based on publicly reported user figures, could impact roughly 28 million accounts.

The company said it is confident that all unauthorized access to SoundCloud systems has been blocked and that there is no ongoing risk to the platform.

Working with third-party cybersecurity experts, the company said it took additional steps to strengthen its security, including improving monitoring and threat detection, reviewing identity and access controls, and conducting an assessment of related systems.

However, the company's response included a configuration change that disrupted VPN connectivity to the site. SoundCloud has not provided a timeline for when VPN access will be fully restored.

Following the response, SoundCloud experienced denial-of-service attacks that temporarily disabled the platform's web availability.

While SoundCloud has not shared details about the threat actor behind the breach, BleepingComputer received a tip earlier today stating that the ShinyHunters extortion gang was responsible.

Our source said that ShinyHunters is now extorting SoundCloud after allegedly stealing a database containing information about its users.

ShinyHunters is also responsible for the PornHub data breach that was first reported today by BleepingComputer.

This is a developing story, and we will update it as more information becomes available.

Break down IAM silos like Bitpanda, KnowBe4, and PathAI

Broken IAM isn't just an IT problem - the impact ripples across your whole business.

This practical guide covers why traditional IAM practices fail to keep up with modern demands, examples of what "good" IAM looks like, and a simple checklist for building a scalable strategy.

‘The Scourge of Arial’

Daring Fireball

www.marksimonson.com

2025-12-16 00:05:00

Typographer Mark Simonson, all the way back in 2001: Arial is everywhere. If you don’t know what it is, you don’t use a modern personal computer. Arial is a font that is familiar to anyone who uses Microsoft products, whether on a PC or a Mac. It has spread like a virus through the typographic l...

Original Article

Arial is everywhere. If you don’t know what it is, you don’t use a modern personal computer. Arial is a font that is familiar to anyone who uses Microsoft products, whether on a PC or a Mac. It has spread like a virus through the typographic landscape and illustrates the pervasiveness of Microsoft’s influence in the world.

Arial’s ubiquity is not due to its beauty. It’s actually rather homely. Not that homeliness is necessarily a bad thing for a typeface. With typefaces, character and history are just as important. Arial, however, has a rather dubious history and not much character. In fact, Arial is little more than a shameless impostor.

Throughout the latter half of the twentieth century, one of the most popular typefaces in the western world was Helvetica. It was developed by the Haas Foundry of Switzerland in the 1950s. Later, Haas merged with Linotype and Helvetica was heavily promoted. More weights were added and it really began to catch on.

Helvetica specimen book, c. 1970.

An icon of the Swiss school of typography, Helvetica swept through the design world in the ’60s and became synonymous with modern, progressive, cosmopolitan attitudes. With its friendly, cheerful appearance and clean lines, it was universally embraced for a time by both the corporate and design worlds as a nearly perfect typeface to be used for anything and everything. “When in doubt, use Helvetica” was a common rule.

As it spread into the mainstream in the ’70s, many designers tired of it and moved on to other typographic fashions, but by then it had become a staple of everyday design and printing. So in the early ’80s when Adobe developed the PostScript page description language, it was no surprise that they chose Helvetica as one of the basic four fonts to be included with every PostScript interpreter they licensed (along with Times, Courier, and Symbol). Adobe licensed its fonts from the original foundries, demonstrating their respect and appreciation for the integrity of type, type foundries and designers. They perhaps realized that if they had used knock-offs of popular typefaces, the professional graphic arts industry—a key market—would not accept them.

By the late eighties, the desktop publishing phenomenon was in full swing. Led by the Macintosh and programs like PageMaker, and made possible by Adobe’s PostScript page description language, anyone could do near professional-quality typesetting on relatively inexpensive personal computers.

But there was a problem. There were two kinds of PostScript fonts: Type 1 and Type 3. Type 1 fonts included “hints” that improved the quality of output dramatically over Type 3 fonts. Adobe provided information on making Type 3 fonts, but kept the secrets of the superior Type 1 font technology to itself. If you wanted Type 1 fonts, Adobe was the only source. Anyone else who wanted to make or sell fonts had to settle for the inferior Type 3 format. Adobe wanted the high end of the market all to itself.

By 1989, a number of companies were hard at work trying to crack the Type 1 format or devise alternatives. Apple and Microsoft signed a cross-licensing agreement to create an alternative to Adobe’s technology. While Microsoft worked on TrueImage, a page description language, Apple developed the TrueType format. TrueType was a more open format and was compatible with—but not dependent on—PostScript. This effectively forced Adobe’s hand, causing them to release the secrets of the Type 1 format to save themselves from irrelevancy.

Around the same time, PostScript “clones” were being developed to compete with Adobe. These PostScript “work-alikes” were usually bundled with “look-alike” fonts, since the originals were owned by Adobe’s business partners. One PostScript clone, sold by Birmy, featured a Helvetica substitute developed by Monotype called Arial.

Arial appears to be a loose adaptation of Monotype’s venerable Grotesque series, redrawn to match the proportions and weight of Helvetica. At a glance, it looks like Helvetica, but up close it’s different in dozens of seemingly arbitrary ways. Because it matched Helvetica’s proportions, it was possible to automatically substitute Arial when Helvetica was specified in a document printed on a PostScript clone output device. To the untrained eye, the difference was hard to spot. (See “ How to Spot Arial ”) After all, most people would have trouble telling the difference between a serif and a sans serif typeface. But to an experienced designer, it was like asking for Jimmy Stewart and getting Rich Little.

What is really strange about Arial is that it appears that Monotype was uncomfortable about doing a direct copy of Helvetica. They could very easily have done that and gotten away with it. Many type manufacturers in the past have done knock-offs of Helvetica that were indistinguishable or nearly so. For better or worse, in many countries—particularly the U.S.—while typeface names can be protected legally, typeface designs themselves are difficult to protect. So, if you wanted to buy a typesetting machine and wanted the real Helvetica, you had to buy Linotype. If you opted to purchase Compugraphic, AM, or Alphatype typesetting equipment, you couldn’t get Helvetica. Instead you got Triumvirate, or Helios, or Megaron, or Newton, or whatever. Every typesetting manufacturer had its own Helvetica look-alike. It’s quite possible that most of the “Helvetica” seen in the ’70s was actually not Helvetica.

Now, Monotype was a respected type foundry with a glorious past and perhaps the idea of being associated with these “pirates” was unacceptable. So, instead, they found a loophole and devised an “original” design that just happens to share exactly the same proportions and weight as another typeface. (See “ Monotype’s Other ‘Arials’ ”) This, to my mind, is almost worse than an outright copy. A copy, it could be said, pays homage (if not license fees) to the original by its very existence. Arial, on the other hand, pretends to be different. It says, in effect “I’m not Helvetica. I don’t even look like Helvetica!”, but gladly steps into the same shoes. In fact, it has no other role.

***

When Microsoft made TrueType the standard font format for Windows 3.1, they opted to go with Arial rather than Helvetica, probably because it was cheaper and they knew most people wouldn’t know (or even care about) the difference. Apple also standardized on TrueType at the same time, but went with Helvetica, not Arial, and paid Linotype’s license fee. Of course, Windows 3.1 was a big hit. Thus, Arial is now everywhere, a side effect of Windows’ success, born out of the desire to avoid paying license fees.

The situation today is that Arial has displaced Helvetica as the standard font in practically everything done by nonprofessionals in print, on television, and on the Web, where it’s become a standard font, mostly because of Microsoft bundling it with everything—even for Macs, which already come with Helvetica. This is not such a big deal since at the low resolution of a computer screen, it might as well be Helvetica. In any case, for fonts on the Web, Arial is one of the few choices available.

Despite its pervasiveness, a professional designer would rarely—at least for the moment—specify Arial. To professional designers, Arial is looked down on as a not-very-faithful imitation of a typeface that is no longer fashionable. It has what you might call a “low-end stigma.” The few cases that I have heard of where a designer has intentionally used Arial were because the client insisted on it. Why? The client wanted to be able to produce materials in-house that matched their corporate look and they already had Arial, because it’s included with Windows. True to its heritage, Arial gets chosen because it’s cheap, not because it’s a great typeface.

It’s been a very long time since I was actually a fan of Helvetica, but the fact is Helvetica became popular on its own merits. Arial owes its very existence to that success but is little more than a parasite—and it looks like it’s the kind that eventually destroys the host. I can almost hear young designers now saying, “Helvetica? That’s that font that looks kinda like Arial, right?”

See also:

How To Spot Arial

Monotype’s Other “Arials”

A Note on Current SMS Marketing Practices

Daring Fireball

daringfireball.net

2025-12-16 00:02:08

Back on November 28, I bought a new cap from New Era’s web store. They offered a discount of some sort if I gave them a phone number and permitted them to send me marketing messages. That got me curious about what they’d do with my number, and it was a $50-some dollar cap, so I took the discount and...

Original Article

A Note on Current SMS Marketing Practices

Back on November 28, I bought a new cap from New Era ’s web store. They offered a discount of some sort if I gave them a phone number and permitted them to send me marketing messages. That got me curious about what they’d do with my number, and it was a $50-some dollar cap, so I took the discount and gave them my Google Voice number. That was 17 days ago. They sent me 19 SMS marketing messages since then, before I’d seen enough today and called it quits on this experiment. (Or called “STOP”, perhaps, which was the magic word to opt out.) They didn’t send a text every day, and on some days, they sent more than one. But the overall effect was relentlessly annoying.

I’m sure some of the people who sign up for these texts in exchange for a discount code wind up clicking at least one of the offers sent via SMS and buying more stuff, and the marketing team running this points to those sales as proof that it “works”. You can measure that. It shows up as a number. Some people in business only like arguments that can be backed by numbers. 3 is more than 2. That is indeed a fact.

But there are an infinite number of things in life that cannot be assigned numeric values. Many of these things matter too. Like the fact that in my mind, after experiencing this, the New Era company smells like a sweaty hustler in a cheap polyester suit. If their brand were a man, I’d check my pants pocket for my wallet after interacting with him.

★ Monday, 15 December 2025

I ported JustHTML from Python to JavaScript with Codex CLI and GPT-5.2 in 4.5 hours

Simon Willison

simonwillison.net

2025-12-15 23:58:38

I wrote about JustHTML yesterday - Emil Stenström's project to build a new standards compliant HTML5 parser in pure Python code using coding agents running against the comprehensive html5lib-tests testing library. Last night, purely out of curiosity, I decided to try porting JustHTML from Python to ...

Original Article

15th December 2025

I wrote about JustHTML yesterday —Emil Stenström’s project to build a new standards compliant HTML5 parser in pure Python code using coding agents running against the comprehensive html5lib-tests testing library. Last night, purely out of curiosity, I decided to try porting JustHTML from Python to JavaScript with the least amount of effort possible, using Codex CLI and GPT-5.2. It worked beyond my expectations.

TL;DR

I built simonw/justjshtml , a dependency-free HTML5 parsing library in JavaScript which passes 9,200 tests from the html5lib-tests suite and imitates the API design of Emil’s JustHTML library.

It took two initial prompts and a few tiny follow-ups. GPT-5.2 running in Codex CLI ran uninterrupted for several hours, burned through 1,464,295 input tokens, 97,122,176 cached input tokens and 625,563 output tokens and ended up producing 9,000 lines of fully tested JavaScript across 43 commits.

Time elapsed from project idea to finished library: about 4 hours, during which I also bought and decorated a Christmas tree with family and watched the latest Knives Out movie.

Some background

One of the most important contributions of the HTML5 specification ten years ago was the way it precisely specified how invalid HTML should be parsed. The world is full of invalid documents and having a specification that covers those means browsers can treat them in the same way—there’s no more “undefined behavior” to worry about when building parsing software.

Unsurprisingly, those invalid parsing rules are pretty complex! The free online book Idiosyncrasies of the HTML parser by Simon Pieters is an excellent deep dive into this topic, in particular Chapter 3. The HTML parser .

The Python html5lib project started the html5lib-tests repository with a set of implementation-independent tests. These have since become the gold standard for interoperability testing of HTML5 parsers, and are used by projects such as Servo which used them to help build html5ever , a “high-performance browser-grade HTML5 parser” written in Rust.

Emil Stenström’s JustHTML project is a pure-Python implementation of an HTML5 parser that passes the full html5lib-tests suite. Emil spent a couple of months working on this as a side project, deliberately picking a problem with a comprehensive existing test suite to see how far he could get with coding agents.

At one point he had the agents rewrite it based on a close inspection of the Rust html5ever library. I don’t know how much of this was direct translation versus inspiration—his project has 1,215 commits total so it appears to have included a huge amount of iteration, not just a straight port.

My project is a straight port. I instructed Codex CLI to build a JavaScript version of Emil’s Python code.

The process in detail

I started with a bit of mise en place. I checked out two repos and creating an empty third directory:

cd ~/dev
git clone https://github.com/EmilStenstrom/justhtml
git clone https://github.com/html5lib/html5lib-tests
mkdir justjshtml
cd justjshtml

Then I started Codex CLI for GPT-5.2 like this:

That --yolo flag is a shortcut for --dangerously-bypass-approvals-and-sandbox , which is every bit as dangerous as it sounds.

My first prompt told Codex to inspect the existing code and use it to build a specification for the new JavaScript library:

We are going to create a JavaScript port of ~/dev/justhtml - an HTML parsing library that passes the full ~/dev/html5lib-tests test suite. It is going to have a similar API to the Python library but in JavaScript. It will have no dependencies other than raw JavaScript, hence it will work great in the browser and node.js and other environments. Start by reading ~/dev/justhtml and designing the user-facing API for the new library - create a spec.md containing your plan.

I reviewed the spec, which included a set of proposed milestones, and told it to add another:

Add an early step to the roadmap that involves an initial version that parses a simple example document that is valid and returns the right results. Then add and commit the spec.md file.

Here’s the resulting spec.md file . My request for that initial version became “Milestone 0.5” which looked like this:

Milestone 0.5 — End-to-end smoke parse (single valid document)

Implement the smallest end-to-end slice so the public API is real early:

new JustHTML("<html><head></head><body>Hello</body></html>") returns a tree with the expected tag structure and text nodes.

doc.toText() returns "Hello" and doc.errors is empty for this valid input.

Add scripts/smoke.js (no deps) that runs the example and asserts the expected structure/output.

Gate: node scripts/smoke.js passes.

Then I told it:

Implement Milestone 0.5

And off it went. The resulting code appeared to work so I said:

Configure GitHub Actions test.yml to run that on every commit, then commit and push

I ran git init and created a private GitHub repository for this project at this point, and set up the local directory to push to that remote.

Here’s that initial push . Then I told it:

OK do the rest, commit and push often

And that was almost it!

I set my laptop to not fall asleep and left it to its devices while we went off to buy a Christmas tree. The “commit and push often” meant I could monitor its progress on my phone by refreshing the commit log on GitHub .

I was running this against my $20/month ChatGPT Plus account, which has a five hour token allowance window for Codex CLI. That ran out at 6:35pm and Codex paused, so I waited until the reset point at 7:14pm and typed:

Keep going

At 9:30pm it declared itself done with the following summary message:

• What’s Done

  - html5lib-tests now run in CI and pass: tokenizer 6810/6810, tree 1770/1782
    (12 skipped: #script-on), serializer 230/230, encoding 82/83 (1 skipped:
    scripted) (.github/workflows/test.yml:1).
  - Public API expanded: stream() (src/stream.js:1), CSS selectors query()/
    matches() (src/selector.js:1), and toMarkdown() (src/markdown.js:1), all
    exported via src/index.js:1.
  - Added no-deps unit scripts for selectors/stream/markdown (scripts/run-
    selector-tests.js:1, scripts/run-stream-tests.js:1, scripts/run-markdown-
    tests.js:1) and wired them into CI.
  - Fixed TreeBuilder so <br> no longer closes <p> (src/treebuilder.js:647).

As a finishing touch, I had it add a playground interface so I could try out the new library in my browser. I prompted:

Add a playground.html in the top level folder which loads the necessary ES modules from ./src/... and implements the exact same functionality as seen on https://tools.simonwillison.net/justhtml but using the JavaScript library instead of Pyodide

It fetched my existing playground page using curl and built a new playground.html file that loaded the new JavaScript code instead. This worked perfectly .

I enabled GitHub Pages for my still-private repo which meant I could access the new playground at this URL:

https://simonw.github.io/justjshtml/playground.html

All it needed now was some documentation:

Add a comprehensive README with full usage instructions including attribution plus how this was built plus how to use in in HTML plus how to use it in Node.js

You can read the result here .

We are now at eight prompts total, running for just over four hours and I’ve decorated for Christmas and watched Wake Up Dead Man on Netflix.

According to Codex CLI:

Token usage: total=2,089,858 input=1,464,295 (+ 97,122,176 cached) output=625,563 (reasoning 437,010)

My llm-prices.com calculator estimates that at $29.41 if I was paying for those tokens at API prices, but they were included in my $20/month ChatGPT Plus subscription so the actual extra cost to me was zero.

What can we learn from this?

I’m sharing this project because I think it demonstrates a bunch of interesting things about the state of LLMs in December 2025.

Frontier LLMs really can perform complex, multi-hour tasks with hundreds of tool calls and minimal supervision. I used GPT-5.2 for this but I have no reason to believe that Claude Opus 4.5 or Gemini 3 Pro would not be able to achieve the same thing—the only reason I haven’t tried is that I don’t want to burn another 4 hours of time and several million tokens on more runs.
If you can reduce a problem to a robust test suite you can set a coding agent loop loose on it with a high degree of confidence that it will eventually succeed. I called this designing the agentic loop a few months ago. I think it’s the key skill to unlocking the potential of LLMs for complex tasks.
Porting entire open source libraries from one language to another via a coding agent works extremely well.
Code is so cheap it’s practically free. Code that works continues to carry a cost, but that cost has plummeted now that coding agents can check their work as they go.
We haven’t even begun to unpick the etiquette and ethics around this style of development. Is it responsible and appropriate to churn out a direct port of a library like this in a few hours while watching a movie? What would it take for code built like this to be trusted in production?

I’ll end with some open questions:

Does this library represent a legal violation of copyright of either the Rust library or the Python one?
Even if this is legal, is it ethical to build a library in this way?
Does this format of development hurt the open source ecosystem?
Is it responsible to publish software libraries built in this way?
How much better would this library be if an expert team hand crafted it over the course of several months?

Google is shutting down its dark web report feature in January

Bleeping Computer

www.bleepingcomputer.com

2025-12-15 23:24:57

Google is discontinuing its "dark web report" security tool, stating that it wants to focus on other tools it believes are more helpful. [...]...

Original Article

Google

Google is discontinuing its "dark web report" security tool, stating that it wants to focus on other tools it believes are more helpful.

Google's dark web report tool is a security feature that notifies users if their email address or other personal information was found on the dark web.

After Google scans the dark web and identifies your personal information, it will notify you where the data was found and what type of data was exposed, encouraging users to take action to protect their data.

**Example of Google Dark Web Report tool**
*Source: BleepingComputer*

For example, if Google identifies your email on the dark web, you will be advised to turn on two-step authentication to protect your Google account.

Google sunsets the dark web report tool

In an email seen by BleepingComputer, Google confirmed it will stop monitoring for new dark web results on January 15, 2026, and its data will no longer be available from February 16, 2026.

"We are discontinuing the dark web report, which was meant to scan the dark web for your personal information," reads an email seen by BleepingComputer.

"It will stop monitoring for new results on January 15, 2026 and its data will no longer be available from February 16, 2026. While the report offered general information, feedback showed that it did not provide helpful next steps."

"We're making this change to instead focus on tools that give you more clear, actionable steps to protect your information online. We will continue to track and defend you from online threats, including the dark web, and build tools that help protect you and your personal information."

Dark web — **Google Dark Web Report tool sunset announcement**
Source: BleepingComputer

Google will continue to invest in other tools, such as Google Password Manager and the Password Checkup tool.

"In the meantime, we encourage you to use the existing tools we offer to strengthen your security and privacy, including Security and Privacy Checkups, Passkey, 2-Step Verification, Google Password Manager, and Password Checkup," Google explained in an email.

Google says users can also use the " Results about you " tool to find and request the removal of their personal information from Google Search results, like their phone number and home address.

However, some of you might miss Google's dark web report, which notified users even when their address was found on the dark web.

In addition, Google's dark web report consolidated all potential dark web leaks in one place so that you could act quickly.

Break down IAM silos like Bitpanda, KnowBe4, and PathAI

Broken IAM isn't just an IT problem - the impact ripples across your whole business.

This practical guide covers why traditional IAM practices fail to keep up with modern demands, examples of what "good" IAM looks like, and a simple checklist for building a scalable strategy.

Radicle: peer-to-peer collaboration with Git

Lobsters

lwn.net

2025-12-15 23:17:55

Comments...

Original Article

Ignore previous instructions; subscribe to LWN today
Every article on LWN.net is written by humans, for humans. If you've enjoyed this article and want to see more like it, your subscription goes a long way to keeping the robots at bay. We are offering a free one-month trial subscription (no credit card required) to get you started.

Radicle is a new, peer-to-peer, MIT/Apache-licensed collaboration platform written in Rust and built on top of Git. It adds support for issues and pull requests (which Radicle calls "patches") on top of core Git, which are stored in the Git repository itself. Unlike GitHub, GitLab, and similar forges, Radicle is distributed; it doesn't rely on having everyone use the same server. Instead, Radicle instances form a network that synchronizes changes between nodes.

As a new project, Radicle is not fully featured compared to the mature and centralized forges. That said, the Radicle developers are using Radicle itself to collaborate on the software, along with a Zulip chat system. The first 1.0.0 release candidate was announced on March 26.

(Note that I am paid to help develop Radicle.)

Overview

In Radicle, each user runs their own node on each computer they use for collaboration. The node stores copies of the repositories the user is interested in, regardless of whether they're created by the user or cloned from another node. The node process runs in the background to fetch changes from peers and serve repositories to peers that want them. To the user, the node acts like a local Git server. You clone from, pull from, or push to the node and it coordinates with other nodes.

There is a web interface for browsing repositories, issues, and patches, and it also allows opening and managing issues. The web interface can be opened for the local node, or on a suitably configured server, for any other node. Thus you can inspect any public node to see if it is in sync with yours.

The web interface looks a lot like the more mainstream forges, and is meant to feel instantly familiar. You can browse the code, issues, and existing patches. However, unless you run your own Radicle node and open its web interface, you can't currently make changes: you can't report issues, comment on issues, etc.

If you want to clone a repository locally, the web interface provides two ways: either using normal Git ( git clone ) and an HTTPS URL, just like other forges, or having your Radicle node fetch it and clone from that using the rad command-line tool. You don't need to use Radicle to get a copy of a repository from Radicle.

Creating issues and patches — and commenting on them — happens using your own Radicle node. There is a command-line interface, and a web user interface. The Radicle project is also working on a full-screen terminal user interface, like Midnight Commander but for Git, and there is integration with Visual Studio Code and IntelliJ IDEs, among others.

Motivation

The motivation for Radicle is similar to that of the overall decentralization movement. The centralized Git forges are popular for good reasons: they've put in a lot of effort into being easy to use and efficient, and to provide the kinds of features their users need. However, they are also not always great for everyone. There is some truth in the joke that when GitHub is down, the world stops developing software. Git was the first popular distributed version control system. Then, the popularity of GitHub made it the most centralized version control system.

With a peer-to-peer system, if your node is down, you may have to stop working, but nobody else needs to. More importantly, you don't need permission to run a Radicle node. Your access can't be revoked. Your repositories can't be deleted from your node by others. Nobody will force you to accept an "updated" set of terms and conditions.

Radicle stores issues and patches in the Git repository itself. You can create, comment, and manage them while offline. Radicle is local-first software: network access is only required for operations that inherently require communicating with other computers, such as retrieving or sending changes. Everything else works without the network.

Radicle repositories are self-signing, a necessary feature in a distributed system. While a GitHub repository can be authenticated by location (it's on GitHub with a given name), a Radicle repository is associated with a small set of cryptographic signing keys, which allows its identity and contents to be authenticated regardless of where the repository is stored.

Radicle's origin traces back to 2017 . Its development is funded by Radworks, an organization that coordinates on the Ethereum blockchain using a token called RAD. However, Radicle does not use any blockchain or cryptocurrency technology. Radicle is not the only approach to decentralized collaboration over Git. ForgeFed is a protocol built on ActivityPub to support a federated network of Git servers.

Architecture

Nodes communicate with each other using two different protocols. First, there is a gossip protocol , where nodes tell each other about the nodes and repositories they know about, and about changes to the repositories. Second, they use the Git v2 smart transfer protocol to exchange repository content.

Each node stores copies of the repository as it exists on each other node it knows about, using the Git namespace feature and the node identifier as a name. Each node has nearly identical content, so this is an efficient way to store the data. To Git, a Radicle repository is a perfectly normal repository. Radicle uses standard Git mechanisms to add a persistent repository identity, issues, and patches. These are stored in special Git refs.

Every repository stored in Radicle has an identity that is the same in every Radicle node where the repository appears. If there are multiple copies of a repository stored in a node, each copy has the same identity, and can thus be identified as a version of the same repository. This identity is created by committing an "identity document" that contains metadata about the repository; an example identity document is:

    {
      "payload": {
        "xyz.radicle.project": {
          "defaultBranch": "master",
          "description": "Radicle Heartwood Protocol & Stack",
          "name": "heartwood"
        }
      },
      "delegates": [
        "did:key:z6MksFqXN3Yhqk8pTJdUGLwATkRfQvwZXPqR2qMEhbS9wzpT",
        "did:key:z6MktaNvN1KVFMkSRAiN4qK5yvX1zuEEaseeX5sffhzPZRZW",
        "did:key:z6MkireRatUThvd3qzfKht1S44wpm4FEWSSa4PRMTSQZ3voM"
      ],
      "threshold": 1
    }

The document includes a description of the repository and its default branch. The delegates list contains the public Ed25519 keys of the delegate(s) that are empowered to change the identity document or commit to the main branch. This document is stored behind the rad/id ref in the repository. It must be signed by one of the delegate's private keys. Each repository has a short ID that is calculated from a hash of the initial version of the identity document. This ID will not change as the identity document is modified, and can thus be used to identify the repository over time.

There is no way to prevent anyone from changing the identity document on their own node and signing it with their own key, bypassing Radicle. However, other nodes won't accept the change, since it is not signed by a delegate's key, making such changes pointless. Radicle also signs the branch and tag refs. The signatures are refreshed whenever a node changes anything in the repository. This means that other nodes can verify another node's repository content without inspecting the other node directly. This helps prevent forgeries and related attacks.

Issues and patches are stored using an implementation of a conflict-free replicated data type , which Radicle calls a "collaborative object", or COB. Any node can append data to a COB, and changes from different nodes can be merged without conflict. (Normal git conflict management applies to the rest of the content of the repositories, however: the user needs to resolve them.) The COB mechanism in Radicle is generic, and can be used to build further collaboration tools.

Seed nodes

Any node can synchronize data with any other node, but only if they can communicate directly. With network address translation (NAT) being prevalent, this is often not possible. Radicle does not yet have "NAT punching", but relies on third-party, publicly accessible seed nodes. This is safe thanks to the repositories being self-signed: the seed node can't modify the data.

Thus, if Alice and Bob are both behind NAT networks, they can collaborate via a seed node on the Internet that they both can access. Unlike with centralized forges, anyone can set up a seed node. This works especially well for open-source projects that don't need to keep repositories hidden. If hiding is necessary, a private seed node and Radicle private repositories can be used. A private repository is one that's configured to only be shared with specific other nodes. However, Radicle is not yet a good solution for truly confidential material: the private nodes are still rather rudimentary.

Missing features and other challenges

Radicle does not yet have mature support for continuous-integration systems, although work on that is underway. There is also only rudimentary support for code review, but that is also being worked on.

Currently, Radicle has a simple identity system: each node has its own public key. A challenge for the future is to evolve this into a more versatile identity system. For example, a developer with both a laptop and a desktop system would benefit from being able to certify that both nodes are theirs. Support for groups or organizations is also missing.

Perhaps a more fundamental challenge is that interacting with a Radicle repository, even just to report issues, requires using Radicle. With a centralized forge, all you need is an account and a web browser. This may be a problem for projects that would like to use Radicle, but whose users can't be expected to use it.

Conclusion

Radicle is a new and promising decentralized approach to Git hosting. If you are curious to know more, the guides are a good place to start. We're also accepting patches and hoping to bring in new contributors, so if you know some Rust and care about developer tooling, please join us on our Zulip forum .

Index entries for this article
GuestArticles	Wirzenius, Lars

Askul confirms theft of 740k customer records in ransomware attack

Bleeping Computer

www.bleepingcomputer.com

2025-12-15 23:13:44

Japanese e-commerce giant Askul Corporation has confirmed that RansomHouse hackers stole around 740,000 customer records in the ransomware attack it suffered in October. [...]...

Original Article

Askul confirms theft of 740k customer records in ransomware attack

Japanese e-commerce giant Askul Corporation has confirmed that RansomHouse hackers stole around 740,000 customer records in the ransomware attack it suffered in October.

Askul is a large business-to-business and business-to-consumer office supplies and logistics e-commerce company owned by Yahoo! Japan Corporation.

The ransomware incident in October caused an IT system failure, forcing the company to suspend shipments to customers, including the retail giant Muji .

The investigations into the incident’s scope and impact have now been concluded, and Askul says that the following types of data has been compromised:

Business customer service data: approx. 590,000 records
Individual customer service data: approx. 132,000 records
Business partners (outsourcers, agents, suppliers): approx. 15,000 records
Executives and employees (including group companies): approx. 2,700 records

Askul noted that exact details have been withheld to prevent exploitation of the compromised information, and that affected customers and partners will be notified individually.

Also, the company has informed the country’s Personal Information Protection Commission about the data exposure and established long-term monitoring to prevent misuse of the stolen information.

Meanwhile, as of December 15 , order shipping continues to be impacted, and the company is still working to fully restore systems .

RansomHouse attack details

The attack on Askul has been claimed by the RansomHouse extortion group. The gang initially disclosed the breach on October 30 and followed up with two data leaks on November 10 and December 2.

RansomHouse's latest data leak — **RansomHouse's latest Askul data leak**
*Source: BleepingComputer*

Askul has shared some details about how the threat actors breached its networks, estimating that they leveraged compromised authentication credentials for an outsourced partner’s administrator account, which lacked multi-factor authentication (MFA) protection.

"After successfully achieving the initial intrusion, the attacker began reconnaissance of the network and attempted to collect authentication information to access multiple servers," reads the automated translation of Askul's report .

"The attacker then disables vulnerability countermeasure software such as EDR, moves between multiple servers, and acquires the necessary privileges," the company said.

Notably, Askul stated that multiple ransomware variants were used in the attack, some of which evaded the EDR signatures that had been updated at the time.

RansomHouse is known for both stealing data and encrypting systems. Askul said that the ransomware attack "resulted in data encryption and system failure."

Askul reports that the ransomware payload was deployed simultaneously across multiple servers, while backup files were wiped to prevent easy recovery.

In response, the company physically disconnected infected networks and cut communications between data centers and logistics centers, isolated affected devices, and updated EDR signatures.

Moreover, MFA was applied to all key systems, and all administrator accounts had their passwords reset.

The financial impact of the attack has not yet been estimated, and Askul has postponed its scheduled earnings report to allow more time for a detailed financial assessment.

Break down IAM silos like Bitpanda, KnowBe4, and PathAI

Broken IAM isn't just an IT problem - the impact ripples across your whole business.

This practical guide covers why traditional IAM practices fail to keep up with modern demands, examples of what "good" IAM looks like, and a simple checklist for building a scalable strategy.

Show HN: PasteClean – Desktop app to strip tracking parameters from clipboard

Hacker News

iixotic.github.io

2025-12-16 01:13:48

Comments...

Original Article

v0.2.1 Now Available

Remove analytics parameters, referrals, and trackers from your URLs instantly. Protect your privacy before you click.

?utm_source=facebook&s=123 Clean

Everything you need to stay private.

Instant Cleanup

Runs quietly in the background. Copies clean links automatically as soon as you clean them.

Link Unshortener Pro

Reveal the true destination of bit.ly and tinyurl links before you click. No more surprises.

Privacy Stats Pro

Visualize top trackers and see exactly how much marketing data you've stripped away.

Simple, Fair Pricing.

Own your privacy. No monthly subscriptions.

Basic

Essential link cleaning for everyone.

$0

Local-only processing
Remove UTMs & Trackers
Dark Mode

Download Free

POPULAR

Pro Lifetime

For power users who want total control.

$2.99 / once

Everything in Basic
Link Unshortener
Batch Cleaning Mode
Advanced Stats Dashboard
Support the Developer

Buy Lifetime License

Secure payment via Gumroad

Ideas Aren't Getting Harder to Find

Hacker News

asteriskmag.com

2025-12-16 00:34:35

Comments...

Original Article

save highlight

Karthik Tadepalli

For half a decade we’ve been worrying that ideas are getting harder to find. In fact, they might just be harder to sell.

Fifty years ago, productivity growth in advanced economies began to slow down. Productivity growth — the component of GDP growth that is not due to increases in labor and capital — is the primary driver of rising incomes. When it slows, so does economic growth as a whole. This makes it an urgent trend to understand. Unfortunately, the most popular explanation for why it’s happening might be wrong.

The most widely endorsed reason productivity growth has faltered is that we are running out of good ideas. As this narrative has it, the many scientific and technology advances responsible for driving economic growth in the past were low-hanging fruit. Now the tree is more barren. Novel advances, we should expect, are harder to come by, and historical growth may thus be difficult to sustain. In the extreme, this may lead to the end of progress altogether.

This story began in 2020, with the publication of “Are Ideas Getting Harder to Find?,” by economists Nicholas Bloom and colleagues. ¹ Bloom et al. looked across many sectors, from agriculture to medicine to computing. In each field, productivity measures have grown at the same rate as before. This sounds like good news, except that the number of researchers in each of these fields has exploded. In other words, each researcher produces much less than they used to — something you might expect if ideas really are getting harder to find.

The progress studies movement and the metascience community have risen, in part, in response to this challenge. Both seek ways to rethink how we do research: by making our research institutions more efficient or by increasing science funding.

But there's a growing body of evidence that suggests ideas are not, in fact, getting harder to find. Instead, the problem appears to be that markets have become less effective at translating breakthrough technologies into productivity gains. Researchers appear to be continuing to generate valuable innovations at historical rates. It’s just that these innovations face greater barriers to commercialization, and innovative firms thus fail to gain market share.

All this suggests that the constraint on growth isn’t in our universities or labs or R&D departments, but in our markets.

Why ideas matter

Historically, the task of growth theory has been to rationalize this graph:

Through two world wars, the Great Depression, the global financial crisis, and the Cold War, US real GDP per capita has grown steadily at 2% per year. This consistency is remarkable, so much so that it has motivated economists to search for a near-immutable source of economic growth: something fundamental that drives growth across long sweeps of time. Sure, growth can be affected in the short run by policies and events of the day — tariffs, wars, demographic transitions, educational booms — but it would be an incredible coincidence if the combined impact of every economic policy and external event in history happened to net out as a constant growth rate! So what could this immutable mechanism be?

It took economists decades to understand how sustained exponential growth is even possible. Exponential growth requires increasing returns to scale — doubling all the inputs into production must more than double the scale of economic output. Why? Each year output has to be reinvested as capital to produce next year’s output. But there’s diminishing returns to capital alone, so each year a country would need to reinvest a larger fraction of its annual output to get the same growth rate. Eventually, it would need to reinvest more than 100% of its output, which is impossible. It is only through increasing returns to scale that we can counteract the diminishing returns to capital, allowing us to maintain exponential growth.

So it’s easy! We just posit increasing returns to scale in production, and we now have an explanation for why growth is exponential — decades of research not necessary. The problem is that increasing returns to scale violates our basic intuitions. Imagine you own a factory that produces 100 cars a day. You create an exact duplicate of this factory in another city, with the same employees, same equipment. How many cars would you expect from both factories combined? The intuitive assumption is 200. Increasing returns demands that we can somehow get more than double the cars from creating the second factory — which is hard to justify.

The economist Paul Romer won a Nobel Prize for resolving this puzzle: Increasing returns to scale comes from ideas. In his view, it is a mistake to think that the only inputs to the car factory are the workers and machines. There are also blueprints for the cars being produced, instructions for how the machines should be laid out, and the concept of an assembly line process to organize the workers.

Romer’s work elegantly solved the problem posed by our factory duplication thought experiment. In setting up the second factory, we needed only to duplicate the workers and the machines — we didn’t need to duplicate the designs or the idea of an assembly line. Once created, ideas can be used in perpetuity, which is how we can double the factory’s output while doubling only its physical inputs. This key property of ideas — that they can be used by everyone at the same time — has become the fundamental explanation for exponential growth. This is why it matters so much if ideas truly are getting harder to find: If idea production is slowing down, it threatens the foundation that allows growth to continue.

The simple argument for declining idea productivity

To test whether our research efforts are getting less bang for their buck today than they did decades ago, Bloom et al. use a key feature that descends from Romer’s original model — that productivity growth can be represented by the following equation:

Productivity growth = Research productivity * Number of researchers

Whether total factor productivity, or agricultural yields, or chip density, growth of any productivity measure should be a direct function of the number of researchers working in that sector and their research productivity. This means that if we observe productivity growth in any given sector, and we know the number of researchers working in that sector, we can infer research productivity.

Thus, the authors compile data on productivity growth and researcher counts across a number of different sectors to estimate whether research productivity has been falling, which according to the authors, means ideas must be getting harder to find.

Perhaps their most compelling evidence comes from Moore's Law, the famous observation that the number of transistors on a computer chip doubles roughly every two years. This doubling represents a constant 35% annual growth rate in chip density that has held for 50 years. On its face, Moore’s Law seems like a refutation of any diminishment in technological progress.

Yet maintaining the exponential growth in chip density has required exponential increases in effort. Bloom et al. compiled R&D spending data from dozens of semiconductor firms over time and found that the effective number of researchers working to advance Moore's Law increased by a factor of 18 between 1971 and 2014. Meanwhile, the growth rate of chip density has stayed constant. Put differently, it takes 18 times as many researchers today to achieve the same rate of improvement in chip density as it did in the early 1970s. This implies that research productivity in semiconductors has fallen at an average rate of 7% per year.

Look at agricultural productivity and you see a similar pattern. The authors measure crop yield growth across major US crops. Between 1969 and 2009, yield growth for these crops averaged a steady 1.5% per year, but the research effort directed toward improving yields has grown by between sixfold and 24-fold, depending on the crop.

Zoom all the way out, and the pattern still holds. Across the economy as a whole, R&D efforts have increased by a factor of 20 since the 1930s, yet productivity growth has become slower.

These results are unambiguous. Research effort has gone up, yet productivity growth is not budging. This seems like clear evidence that something about productivity growth is getting harder. But whether the problem is a lack of new ideas is much less obvious.

Measuring idea productivity directly

The idea-based growth model is successful as a simple description of how exponential growth could occur. The problem is we’ve taken it too literally. Bloom et al. assume that idea production is the only factor behind productivity growth. For example, their agricultural case study uses crop yield growth as the sole variable for new ideas. This allows them to sidestep difficulties in defining ideas and measuring their impact, but it also rules out the possibility that factors other than ideas are the real reason yields are stagnating.

Imagine that agricultural R&D spending was highly effective, and that in the past few decades it led to a stream of new seed varieties that were each higher-yield than the last. What if those seeds were not actually being purchased by farmers — maybe because farmers were unaware that they existed or because adopting a new seed is risky? We would observe crop yields stagnating despite R&D spending effectively creating more productive crops.

Bloom et al.’s measure of "ideas" combines actual research innovations with other necessary conditions for research innovations to translate into higher output. After being invented, technologies have to be successfully commercialized, marketed, and adopted at scale before they can have large effects on economic output. What if we’re still just as good at producing ideas, but we’ve become much worse at capitalizing on them?

This is exactly the argument made by Teresa Fort and colleagues in a paper from April of this year: “Growth Is Getting Harder to Find, Not Ideas.” ² Fort et al. use the census of firms linked to US patent filings to capture economy-wide invention, rather than focusing on sector-specific case studies. Most importantly, they measure idea production more directly, by estimating the relationship between R&D spending and new patents rather than inferring idea production from firm growth. Since patents represent technologies that are novel enough to be given intellectual property protection, and also economically valuable enough to be worth patenting, they serve as a more direct measure of “ideas.”

Fort et al. find that, across firms, research expenditure today continues to be associated with a proportional increase in patents similar to the 1980s. They use a variety of measures to get at this, but the most transparent one is to measure the ratio between patents and R&D expenditures for each firm. Doing this, they find that the average firm’s patent-to-R&D ratio has actually increased by 50% since 1977 — contrary to a story in which R&D effort is becoming less effective. While there is enough variability in this ratio that Fort et al. can’t be confident that it has actually increased, we can certainly say that it hasn’t fallen in the way that Bloom et al. would predict.

The obvious question is whether these patents might represent less generative and useful ideas, something like more incremental advances than patents of the past. Maybe the low-hanging fruit really is gone, and new patents are capturing less useful ideas. Fort et al. address this issue by focusing on breakthrough patents , a measure of technological innovation defined by Kelly et al. , ³ and showing that their results still hold.

For a technology to count as a breakthrough, it must be generative — technologies that come after must build on it. This idea is the basis for Kelly et al.’s measurement of a patent’s significance. They score a patent as breakthrough if its text is different from patents that came before it but similar to the text of patents that came after it. Patents that scored in the top 5% on this measure included the elevator, the typewriter, the telephone, and frozen foods — giving us some assurance that this measure really selects high-quality technologies.

Fort et al. show that their results are not simply coming from more incremental patents over time. Not only has the number of patents filed per R&D dollar increased, but the number of breakthrough patents per R&D dollar has also increased. Firms produce three times more breakthrough patents per R&D dollar than they did in 1977.

This analysis suggests that Bloom et al. jumped the gun by attributing the slowdown in productivity growth to declining research productivity. If you infer research productivity only from output growth, it’s hard to find. But if you look at new idea production through the lens of patent data, we appear to be as generative as ever. So there must be some other failure in translating new technologies into productivity growth. What could that be?

The fault in our markets

We now have a puzzle — productivity growth is slowing down, yet the factor that we think of as the most important determinant of productivity growth is not. The way to resolve this is to let go of the view that ideas are the only factor that determine growth. Remember, the power of that view is its ability to explain growth in the long run — to generate the graph of steady 2% growth over one and a half centuries of war, changes in trade policy, and wide political shifts. Various factors can absolutely drag down growth rates over shorter periods: Growth was visibly lower during the Great Depression, only recovering because of catch-up growth in the boom that followed World War II. Our challenge is to explain the slower growth over a longer period. There is mounting evidence that a factor more obvious than “ideas are harder to find” is responsible: specifically, a decline in market efficiency.

The first indication comes from Fort et al.’s analysis. In addition to focusing on breakthrough patents, Fort et al. consider a measure of patent value based on stock market returns from Kogan et al. ⁴ The authors estimate how much a (publicly traded) firm's stock price moves in response to a patent being granted and use this movement as a measure of how valuable the patent is. This measure is unique in that it doesn't capture only the value of the technology but also all factors that go into making a technology profitable for its inventors. So it is notable that contrary to their main results, Fort et al. find that the stock market value of the average patent has actually fallen over time. In other words, the market places lower commercial value on new technologies compared with before. Since the authors also show that the number of breakthrough patents per dollar has actually increased, this is puzzling — somehow, firms are making better technologies than before but getting smaller rewards.

This result gels with a broader view in the productivity literature — that the primary limitation on productivity growth is whether more productive firms can outcompete less productive firms. Intuitively, productivity across the economy is not just the simple average of each firm’s productivity; it’s the market share-weighted average of each firm’s productivity. This means that productivity growth across the economy relies not just on firms finding ways to produce new goods at lower costs (which is where “ideas” would help) — it relies on the best firms being able to gain market share, to increase their contribution to aggregate productivity. This ability for better firms to compete is known as allocative efficiency .

So has allocative efficiency decreased in advanced economies, and can that explain the productivity slowdown? Decker et al. ⁵ use the same census of US firms to show that it has. On average, each firm’s productivity has grown at the same rate as before, but less productive firms have actually gained market share over more productive firms. These two factors together can explain why productivity growth has slowed down. Firms have maintained their innovative capacity, but the market is much less rewarding of that innovative capacity than it has been in the past.

In the same spirit, Akcigit and Ates ⁶ argue that the most important factor behind the fall in allocative efficiency ⁷ is a drop in the rate at which lagging firms catch up to leader firms in an industry. ⁸ They consider several possible factors that could influence how dynamic the economy is — corporate taxes, R&D subsidies, entry costs, and catch-up rates for lagging firms — and analyze which of them is most responsible for falling allocative efficiency. They find that almost all of the decline in allocative efficiency is explained by lagging firms failing to catch up. This tells us that the problem of declining allocative efficiency has a rather specific form: Less productive firms stay on as market leaders, while more productive firms are unable to catch up.

This is a puzzle! Why would the market fail to reward innovative firms, or, conversely, why does it continue rewarding less innovative firms? Unfortunately, here we don’t have clear answers. It could be that incumbent firms leverage market power to prevent innovative competitors from gaining market share. Perhaps regulatory barriers make it harder for new entrants to compete with incumbents. Financial markets may also have become less effective at identifying and funding high-potential firms. Answering this question is going to be central to addressing the productivity slowdown and should be a major focus for progress studies.

Progress studies needs to go to market

The distinction between “ideas are getting harder to find” and “growth is getting harder to achieve” changes what we should focus on to accelerate progress. If the source of slowing growth was actually that each new scientific or technological breakthrough requires exponentially more effort, then progress-oriented thinkers would be right to focus on science funding, peer review, and the culture of scientific research.

However if ideas remain as discoverable as ever, but their economic impact is fading, then we need to look downstream from the laboratory. The decline in allocative efficiency should be more of a main focus — we need to throw more of our intellectual capital at understanding how to increase competitiveness and the market potential for innovative firms and technologies, in the same way that we've focused on understanding how to make better technologies.

The narrative that "ideas are getting harder to find" has profoundly shaped how economists and policymakers think about innovation and growth. It implies we're fighting against some fundamental law of diminishing returns in human creativity. But what we’re actually fighting against is a flaw in our markets that prevents that creativity from being rewarded economically. If we want to restore growth, we should stop worrying about whether we've picked all the low-hanging fruit and start taking that fruit to market.

Published

Have something to say? Email us at letters@asteriskmag.com .

Quill OS – an open-source, fully-functional standalone OS for Kobo eReaders

Hacker News

quill-os.org

2025-12-16 00:22:41

Comments...

Original Article

Quill OS is an open-source, fully-functional standalone OS for Rakuten Kobo's eReaders.

Here are some of Quill OS' features:

Fully integrated KoBox X11 subsystem
ePUB, PDF, picture and plain text display support
Versatile configuration options for reading
muPDF rendering engine for ePUBs and PDFs
Wi-Fi support and web browser
Encrypted storage with EncFS
Fast dictionary & local storage search
Dark mode
Full factory reset option if needed
Seamless update process
VNC viewer app
Search function
10 built-in fonts
Auto-suspend
Lock screen/passcode
User-friendly experience

The Bob Dylan Concert for Just One Person

Hacker News

www.flaggingdown.com

2025-12-16 00:18:58

Comments...

Original Article

Flagging Down the Double E’s is an email newsletter exploring Bob Dylan performances throughout history. Some installments are free, some are for paid subscribers only. Sign up here:

Eleven years ago today, a Finnish online gaming company posted a 14-minute video that blew the minds of Bob Dylan fans across the globe. It depicted one of the most unusual performances of Dylan’s career, which had occurred just a few weeks prior. On stage in a beautiful old theater, Bob and his band performed for exactly one person. You can see that person sitting there in the photo up top. The rest of the theater was entirely empty.

How did this happen, that Bob Dylan gave a concert for just one guy? And what was this experience like for that guy? I wanted to find out.

That person was Fredrik Wikingsson, a prominent TV host in Sweden. The video was part of a series called Experiment Ensam , which translates to Experiment Alone . The idea was to explore what happened when a single person did an activity typically meant for a group: Karaoke, stand-up comedy, and, in this case, attending a Bob Dylan concert. Have you ever gotten annoyed at people around you at a Dylan concert and wished they weren’t there? For Wikingsson, they weren’t.

Not only that, but Dylan did not perform his usual fare. Instead, he performed four 1950s covers, several of which he’s never sung before or since: Buddy Holly’s “Heartbeat,” Fats Domino’s “Blueberry Hill,” Lefty Frizzell’s “You’re Too Late,” and Big Bill Broonzy’s “Key to the Highway.”

I interviewed Wikingsson about his surreal experience having Dylan sing for only him. That’s below. On Monday, I’ll share a part two with the series’ director , who shares some behind-the-scenes info on how it came together, including an unexpected meeting with Bob himself. That one will go only to paid subscribers . Sign up if you want to read it [update: it’s here ]:

Before we dive in, the Experiment Ensam Dylan segment is a fascinating video and I encourage you to watch it if you haven’t before. The audio is in Swedish, but it’s subtitled in English.

Let’s start at the beginning and walk through it. And the beginning is: How did you become the one person?

There was a series of commercials made in Sweden for a Finnish online gaming site. The theme was, we have this famous Swedish semi-crappy singer, Vanilla Ice meets Snoop Dogg, who experienced things alone that you normally do in a group, collectively. So he went to a stand-up comedy club alone. He went to the opera alone. All those things.

I knew the director a bit. I met him at a party, three a.m. in an apartment, everybody was drunk, and he came up to me. “Have you seen the things we did with Experiment Alone ?” I lied to him and I said, “Yeah, sure, those are great.” I hadn’t really seen them.

He said, “Guess what we’re going to do next.” He knew that I’m like one of the biggest Dylan fans in Sweden. Maybe that’s a stretch, but one of the biggest he knew for sure. And he said, “It’s going to be Bob Dylan.” I just immediately—and you’ll have to excuse my French—I said, “Who do I have to blow for it to be me?”

[I told him,] “You need to get rid of the other guy. The storytelling is much better if I do it because I’m a huge fan. I’ll be able to write articles about it. It’s going to be better for this fucking Finnish gaming site if I do it. I won’t take any money for it. I will pay for my own trip; I will pay for my own hotel. I just want the experience.”

I had to sit through meetings with a lot of commercial people—art directors, directors, all these PR people. All the while, there was a 50% part of me thinking, “This is just a Punk’d episode.” Because I work in television, so I would be a perfect target for that. Right up until the minute he walked in.

So you’re meeting all these people to get approved, basically?

Yeah, because they had to can the other guy, and they needed to be sure it was worth it.

I’m not much of a predator normally, but in this case, it was like, “That needs to be me. This is one of those things I potentially could remember forever,” which turned out to be true.

Why was it in Philly? Was that just where Bob said he would do it?

I could imagine the PR people going, “Okay, what venues is he playing? What will look good on camera?” Because he was playing the same night in that venue, a beautiful old theater.

Did you ever get any intel on why he agreed to do it?

He probably got a lot of money for it. There was a bit of speculation afterwards, like it was the best paid soundcheck in history. And in essence, it was like a soundcheck, because I guess he runs through numbers for fun sometimes at soundchecks. This time it was just with me in the audience and a couple of cameras.

Once you get approved, once you know where it’s going to be, what are your expectations going in?

Well, it was very complex, because I’ve read all these books about him, I’ve seen all the films, and I’m acutely aware of how uncomfortable he is in weird settings. It was like, “How much am I gonna feel that he hates this?” That was my biggest fear, that I’m going to sit there and be part of the thing that made Dylan’s day shittier.

You think about, “What if I got in the same elevator as him?” Well, I wouldn’t say anything, because I don’t want to be a nuisance. That was like an elevated version of that—no pun intended. However much money he got paid, I don’t want to be that person who makes Dylan’s day worse.

But I just read the other day the theory that he has the highest threshold for embarrassment in the world. That the key asset in Dylan’s career was the fact that he doesn’t get embarrassed. He can try things like playing religious songs, playing electric, he doesn’t care. So maybe there is a chance of that as well. Like he can do this stupid, silly thing in front of one person.

So there was part of me going, “He doesn’t give a fuck,” and part of me going, “He hates this, he’s gonna think of me as a nuisance.” I don’t think I’ve ever been as self-aware, ever, walking into that theater and thinking about how he will receive this. But it faded away pretty quickly once the music got going.

Did you know it was going to be covers? Were you expecting his own songs? Did you know how long it was going to be?

I expected him to run through three, four numbers of the current set list. To me, it was the greatest delight, him playing songs he’d never really played before or since. That made it even more special.

Had he played “Lay Lady Lay” or whatever, a couple of the best-of, that would have been exciting as well. But this certainly—I mean, I didn’t even know half the songs. It made it way more special. That could potentially be released as an EP, because it was such a unique little foursome.

When I watched the film, you look, to me, fairly apprehensive walking into the theater beforehand. Is that how you would describe your feelings?

I haven’t seen the film. To me, it’s such a powerful memory. It’s such a peculiar sensation in my mind, almost like a taste or a smell. I don’t want to water it down with other influence. I just want to have that thing, how I feel about it, in my mind for as long as I can remember it.

What do you remember about your emotions as he comes out, as he starts playing, as you realize it’s a Buddy Holly song?

I always loved Buddy Holly, so, to me, that was just delightful. I had a double CD of Buddy Holly’s greatest hits when I was in my early teens, and I learned to play guitar playing his songs. So that was just like a bonus for me. And I knew how much Buddy Holly meant to him. I’ve read Chronicles many, many times.

But in all honesty, it wouldn’t have mattered almost what he played. Just the fact that he chose the songs and those were apparently songs he was keen on playing and trying out with the guys.

To me, it was also moving just to see the band sounded so good. They really wanted to put on a good show. Of course, not only to me, they knew they were being recorded, but still, these guys are fucking pros. They don’t want to let him down or me down or the camera down. It felt like a bit of a collective effort. And I want to include myself in that collective if I can.

Speaking of including yourself in the collective effort, one of the most striking moments was you debating the question of: Do you applaud? [He did at first, then said it sounded weird echoing around the room by itself, so he stopped.]

Which is complicated. Everybody in the room knows how silly this is. But still, even though it was such a weird scenario, I wanted to be like a human in it, at least try to imitate one. That’s why also later on I shouted something like, “You guys sound great!” I wanted to include the band, for whatever it’s worth. I remember him smiling at me a little bit.

Were you feeling self-conscious? You’re fairly brightly lit. He can see you. You’re right there.

Of course. Acutely.

He’s not the guy who’s going to look at you intently, and I was quite a few meters away, but I was thinking about how I behaved, I was thinking about how it sounded, I was thinking about how I was feeling. I was trying to preserve it to myself and record it in my own mind. There were like fifteen things going on at the same time in my mind.

I mean, it’s one of the most heightened experiences of my life. Being at a Dylan show is always exciting—I’ve been to maybe thirty—but this was something else. To no surprise, like four hours later I was super drunk in a karaoke bar in Philly, because it was too much to handle. I needed to just blow off some steam afterwards.

When I was watching it, I was thinking, if this were me, is this a dream, or is this more like a nightmare?

It could have gone either way. If I’d had the sense that he really despised this whole thing, giving me the evil Dylan eye, which he has given a lot of people throughout the years—and I’ve seen all the clips—if the vibe had been antagonistic, that would have been terrible. But it just felt as joyous as one of those very manufactured scenarios probably can feel.

There’s a moment where he looks around this empty room and chuckles to himself. Then at the end, he says, “You can come anytime” and he’s sort of laughing with the band. He seems to be getting a kick out of the ridiculous artifice of the whole thing.

That made my day and my week and my year. All the tension blew away. Like, okay, this was fine. He dug this, in his way.

That was probably from a true place, but it also felt a little bit generous. Okay, he realizes we’re—I’m not going to say we’re in this together, because that’s a reach, but it was a weird little thing and I was a small part of it. Even though it’s a bit of a stretch to call that a connection, it’s something. It’s fucking something. To me, the music, of course, and the whole experience, but also the fact that I made him laugh a little bit and say something—I’ll cherish that forever.

Did you have a favorite song, a favorite performance?

When he played the harmonica. Up to that moment, if I’m generalizing a little bit, I always thought that I was sort of a word man, and the lyrics were the most important thing. And maybe I underestimated the whole music aspect. I mean, I’ve seen all the beautiful harmonica solos from the ’66 tour or the 1980 tour, “What Can I Do For You.” All those things are majestic and fucking amazing, but there was something about when he played the harmonica just for me. Because he could have easily just skipped the harmonica part. He could have just done the song. That felt like a little extra gift, musically.

It may sound silly, but it made me feel maybe I’ve underestimated how much the music has meant to me throughout the years. It’s been a major part of my life since I was 15. He’s been with me for such a long time, and I just thought, “Okay, I need to pay closer attention to the music.”

Bob Dylan finishes, leaves the stage. What happens next?

There is a very sad coda to this story, I’m afraid. It’s tragic comedy. What’s the word in English?

Tell me the story and I’ll let you know.

A lot of people, when I went on this trip, asked, “Are you going to be able to have dinner with him? Are you going to have drinks with him?” I went, “No, no, no. That’s not him. That’s not the show. That’s not going to happen.” I had zero expectations of that.

But maybe he could sign an album for me. At least I could ask that. That’s not a big ask.

So I’m in New York the day before and I’m like okay, I need to buy a couple of albums. I want to buy for one for me and one for one of my best friends who’s a huge Dylan fan. What a great gift to give a friend. And also a bit of busting balls, like a constant reminder to my friend that I got to experience this.

I’m in some store on Bleeker Street, of course, and I’m thinking, “Okay, so what albums? Am I going to go the Blonde on Blonde way? Or am I going to be funny and do the Self-Portrait thing?” I start to overthink in a very moronic way. I’m thinking to myself, “Wait a minute, isn’t there a rumor that he has recorded an album of Sinatra covers?” Which turned out to be true later on. So I’m thinking, “I should buy two Sinatra albums.” I’m buying In the Wee Small Hours and I think Songs for Swingin’ Lovers . “That’s very cool. It shows Dylan that I’m in the know.”

You might ask yourself, didn’t you buy any backup albums? No, I did not.

So I go to Philly with my two Sinatra albums in hand. I meet [Dylan manager] Jeff Rosen afterwards. He’s over the moon because I’ve behaved. “Oh, that was great. You did well. Dylan is so happy with this. Thank you very much for not overreacting” or whatever.

And I’m asking him, “Do you think he could sign a couple of albums for me?” “Of course! Bob would love to do that.”

I pull out the albums and he’s like, “But these are Sinatra albums…”

“Yeah?”

It starts to dawn on me that this is not a good idea.

He says, “That would be like pissing on Sinatra’s grave. Bob would never do that. Did you bring any backup albums?” And I’m like, “No.”

Jeff Rosen is just walking away. “I’m sorry, man. I can’t help you.” And then, boom, it’s over.

I’m standing there thinking, I can’t let this define my experience. I need to put this out of my mind immediately, because this is not the experience. The experience just took place. That was the music, that was the concert. Fuck the albums, fuck the autographs, that doesn’t matter.

I’ve tried very bravely throughout the years to put that out of my mind, and I’ve succeeded. Just thinking about it now, it breaks my heart a little bit.

I’m sorry to have brought it back up. But yeah, tragicomedy is maybe the word.

I deserve it.

I weirdly have a similar story. Elvis Costello used to have this TV show. I once won tickets to a private taping with Bruce Springsteen, shortly after college. I’m a big fan of both of them now, but at the time I was more of a Springsteen guy. So I was thinking, maybe in this smaller, more private setting, I’d be able to meet him. So I brought a Bruce album just in case. The show’s amazing, then afterwards, I go around back to this loading dock. I was just hanging out by the buses. No security or anything. Who shows up? Not Bruce. Elvis. I ask him, “Do you want to sign this?” He laughed like, “I’m going sign a Bruce album?” But he did. He seemed to find it funny.

*My Springsteen album signed by Elvis Costello*

Well, maybe Bob would have too, but I met the gatekeeper.

Elvis is a little more personable. Or at least, in that case, easier to find without a gatekeeper.

Have you seen the Bruce film?

I just saw it a couple of weeks ago. It was okay.

Did you like A Complete Unknown ?

I liked it more. I thought A Complete Unknown did the same thing better, which is sort of a Hollywood-ish, paint-by-numbers biopic. I mean, I’m Not There , that’s my Bob movie. That’s the movie for the weirdos.

During the screening of [ A Complete Unknown ], I thought to myself maybe ten times, “Oh, this is too silly. This is fucking hokey.” Then, also, my eyes welled up ten times as well.

There’s only movies that could do that. They can both be fucking silly and ludicrous and then very moving two minutes later.

I’m Not There is a much better film, but I thought to myself, “Did I cry once during that film?” Not really, but I was impressed with it. So to me, it was much more of an intellectual experience. Whereas a hokey biopic takes you to another place emotionally.

I sort of agree with that. I was expecting to be like a Dylan nerd fact-checker getting annoyed at all the errors. And there were a million factual errors, but in the moment they didn’t annoy me. The overall emotional story seemed basically true, and I got swept up in it.

Somebody asked Chalamet, “How do you feel about letting go of Dylan as a character?” “I feel terrible. I love being this guy.” And then somebody said, “You could just wait like ten, twelve years and then play him during the gospel period.” His eyes just lit up, like, “Oh, fuck yeah. That’s still on the table.” Which would be an incredible film, I think. That could be even more powerful.

Every ten years they could just make another one as the guy gets older and older.

Then eventually they get to Philly and my concert.

That’s like the 27th installment in the series.

And the least-seen.

I read that you didn’t want to see the show that night. That it would have felt weird. So when did you next see a regular Bob Dylan concert?

He came to Stockholm in 2015, and he played a pretty small venue called the Waterfront Arena, which is where, later, he collected his Nobel Prize backstage. He played a lot of the Tempest songs. That was one of the best concerts I’ve ever seen.

But it didn’t color my experience in any way. This is such a stand-alone thing. It’s not like I sat there six months later and was like, “Hmm, how does this compare to seeing him alone?” It’s not comparable.

You were able to just plug back into how you would see a Dylan concert before.

Yeah. Have you seen him lately?

This summer, the Outlaw tour here.

I saw him just two weeks ago in a huge arena in Stockholm. I don’t know how to feel about the concerts anymore. I appreciate that he plays nine out of ten songs from the latest album. Who else does that at that age? And he puts his heart into it, but he’s done it many years now. I don’t even know if it’s a good experience anymore.

Maybe five years from now, I’ll listen to a tape and it’s going to sound great. Who knows?

Now we’re a decade and change on. How do you look back at the experience?

Weirdly, I think about it more now than I did in the years immediately afterwards.

It was just like, “All right, I’ve had a busy life, a lot of work, family stuff—let’s pocket that beautiful thing for to reminisce about in the future.” But now I guess I’m in the future, and I’m reminiscing about it more.

I will occasionally, when I’m in the car listening to Dylan, bring it out as a little mental gemstone that I sit and polish in my mind. Almost like taste it and feel it. That sounds fucking ludicrous, but you know what I mean. I indulge myself, wallowing in the beauty of it.

I allow myself for a couple of minutes per month maybe to be really sentimental and romanticizing about it. As the years go past, I grow more and more fond of that whole little intermission.

Did you keep the Sinatra albums?

I used them as frisbees in the Philadelphia night, ceremoniously chucking them as far as I possibly could.

Thanks Fredrik! Tune in Monday for my second conversation about this unique performance, with the director , who actually met with Dylan himself to plan the taping. That one will go out only to paid subscribers , so sign up/upgrade if you want to read it [update: it’s here ]:

Native vs. emulation: World of Warcraft game performance on Snapdragon X Elite

Hacker News

rkblog.dev

2025-12-15 23:47:37

Comments...

Original Article

2025-12-15

At the beginning of the year, I tested the Snapdragon X Elite unreleased dev-kit , and I couldn't really compare x86 versus native gaming performance for the same game. I only managed to get World of Warcraft Classic x86 to run, and when compared to the native version, the FPS drop was 40-60% in two simple benchmarks. WoW retail x86 did not work, but now with the latest Windows improvements and the Prism emulation layer, things have changed.

Test platform

The tests were done on a Snapdragon X Elite dev kit equipped with X1E-00-1DE Snapdragon X Elite SoC (3.8 GHz with 4.3 GHz boost on 1-2 cores) and 32GB of RAM. The dev kit runs at a higher TDP than most, if not all, laptops and has the theoretically best bin of chips (highest boost clocks).

The key difference since my initial review is the Windows version. Microsoft was working hard on improving emulation performance and compatibility. Since Windows 11 24H2, there is a new emulator called Prism, and with recent updates it also got AVX instructions support to handle even more x86_64 applications.

For the tests I used Windows 11 25H2 26220.7344 Insider Preview version to get all possible improvements taken into account.

Additionally, the x86_64 binaries properties were edited to enable newer emulated CPU features :

World of Warcraft

WoW is an MMORPG, and it does not have a built-in benchmark. It can be reliably benchmarked to some extent if you use specific game areas/instances. You can check more in my WoW benchmarking section.

As a PC game, it's a modern DX12 game engine with optional ray-traced shadows support and a few other features. It offers native x86, Windows on ARM, and Apple Silicon versions. In my previous tests, the x86 retail version would not run on Snapdragon, and only the Classic version managed to run. The FPS drop versus the native version was massive of around 40-60% (but the testing wasn't as detailed as I would like).

With the Windows (and WoW) changes, both x86_64 WoW clients managed to run on Windows on ARM, allowing me to get way more test data. MSI Afterburner and other similar tools don't support WoA, so I had to use the game's built-in average FPS meter (which doesn't average over long periods of time; and no 1% lows/frame time graphs).

Game version and architecture is displayed on the login screen

World of Warcraft - native versus emulated

I measured the FPS at 1080p for two settings - mode 3 (low) and mode 7 (high). The results are as follows:

World of Warcraft - native versus emulated Mode 7

The results are astounding as the x86 version is rivaling the native one, maybe even edging the native client.

WoW Classic and Stonard in retail are old locations, very light to render, so even with an iGPU, the FPS will be high.
Ardenweald is the most GPU-intensive modern zone from the test collection. Bastion is less demanding but has a bit more geometry. Dazar'alor harbor view is a geometry/render distance-based benchmark and will depend mostly on GPU
Necrotic Wake and Spires of Ascension are dungeons with some mobs, geometry, and units the game tracks. GPU with increasing CPU load.
Valdrakken is a player hub from the previous expansion, now mostly empty - player hubs when active are quite demanding to render without stutter. They tend to use a lot of assets as well.
Combat benchmark is pushing the game into single-core CPU limit - it's done in the old Karazhan raid, where I can reliably pull a large group of mobs and stand still with fixed camera position. iGPUs can also be the bottleneck on higher settings due to particle effects of spells going off. Most dGPUs will have no problems with them.
Out of combat , when test mobs despawn, the FPS inside Karazan increases as it's an old instance without any complex geometry or large asset collection. The game combat world state vanishes and thus the single-core bottleneck as well

Karazhan benchmark was the only one where the native version was noticeably ahead of the emulated version. Due to that, I've also added two modern dungeon instances, and those results were more in line with other locations. Either there was a difference between game versions, or in larger instances, game performance can be limited by some sort of system latency, and emulation is not the best for that.

WoW by default will use 4 CPU cores, with one core being the primary ones. In a mass combat / mass NPC scenario, the main core will see 100% load and will be the limiting factor.

WoW Classic x86 threw an error but still launched

Windows on ARM can handle a lot of x86 Windows applications, but not all of them. From my quick re-tests, I managed to run Unigine Valley, but Unigine Superposition failed to run.

Default versus very strict emulation

I was curious what the difference between emulation settings. Switching to very strict emulation settings disables a lot of features, which in turn tanked x86 WoW performance:

Mobile SoC comparison

I've also recently tested Strix Point HX 370, and Intel Arrow Lake 255H capped at 30W, so I've added them to the comparison charts:

In iGPU-heavy scenarios, Intel/AMD tend to be ahead, while in CPU scenarios, all 3 platforms get close to each other.

Summary

I really wanted to compare native versus emulated on Snapdragon, as initial WoW Classic performance differences were huge. With recent Prism updates, I forced the devkit to update Windows, and it managed to run the x86 retail World of Warcraft client. This allowed me to test CPU and GPU-focused scenarios within the game. Surprisingly, for WoW, there was no real penalty, at least outside the raid/combat scenario. When you install Battle.net and WoW, you will get the native version by default, so you don't have to select or change anything.

It's good to see improvements to Windows on ARM. Better application compatibility is nice, but it will never be perfect. On top of that, some apps will have hardcoded checks, and you won't be able to use x86 drivers. Qualcomm is preparing the second generation of mobile X Elite chips, and it will be interesting to see how they perform. Initial launch saw a lot of laptop sales, but also a lot of returns.

Limited Linux support is still a problem, from device tree lists, firmware extraction, to overall worse behavior of the SoC under Linux. Linux ARM support is way better than Windows, and even some hardware vendors tend to support ARM Linux due to the Raspberry Pi (like astrophotography equipment, vision cameras).

JetBlue flight averts mid-air collision with US Air Force jet

Hacker News

www.reuters.com

2025-12-15 22:48:56

Comments...

Original Article

Please enable JS and disable any ad blocker

New SantaStealer malware steals data from browsers, crypto wallets

Bleeping Computer

www.bleepingcomputer.com

2025-12-15 22:43:10

A new malware-as-a-service (MaaS) information stealer named SantaStealer is being advertised on Telegram and hacker forums as operating in memory to avoid file-based detection. [...]...

Original Article

New SantaStealer malware steals data from browsers, crypto wallets

A new malware-as-a-service (MaaS) information stealer named SantaStealer is being advertised on Telegram and hacker forums as operating in memory to avoid file-based detection.

According to security researchers at Rapid7, the operation is a rebranding of a project called BluelineStealer, and the developer is ramping up the operation ahead of a planned launch before the end of the year.

SantaStealer appears to be the project of a Russian-speaking developer and is promoted for a Basic, $175/month subscription, and a Premium for $300/month.

Rapid7 analyzed several SantaStealer samples and obtained access to the affiliate web panel, which revealed that the malware comes with multiple data-theft mechanisms but does not rise to the advertised feature for evading detection and analysis.

"The samples we have seen until now are far from undetectable, or in any way difficult to analyze," Rapid7 researchers say in a report today.

"While it is possible that the threat actor behind SantaStealer is still developing some of the mentioned anti-analysis or anti-AV techniques, having samples leaked before the malware is ready for production use - complete with symbol names and unencrypted strings - is a clumsy mistake likely thwarting much of the effort put into its development and hinting at poor operational security of the threat actor(s)," Rapid7 says.

The panel features a user-friendly design where 'customers' can configure their builds with specific targeting scopes, ranging from full-scale data theft to lean payloads that only go after specific data.

**Builder configuration options on the panel**
*Source: Rapid7*

SantaStealer uses 14 distinct data-collection modules, each running in its own thread, writing stolen data to memory, archiving it into a ZIP file, and then exfiltrating it in 10MB chunks to a hardcoded command-and-control (C2) endpoint via port 6767.

The modules target information in the browser (passwords, cookies, browsing history, saved credit cards), Telegram, Discord, and Steam data, cryptocurrency wallet apps and extensions, and documents. The malware can also take screenshots of the user’s desktop.

The malware uses an embedded executable to bypass Chrome’s App-Bound Encryption protections, first introduced in July 2024 , and bypassed by multiple active info-stealers .

Other configuration options allow its operators to exclude systems in the Commonwealth of Independent States (CIS) region and delay execution to misdirect victims with an inactivity period.

As SantaStealer isn’t fully operational and hasn't been distributed en masse, it is unclear how it will spread. However, cybercriminals lately seem to prefer ClickFix attacks, where users are tricked into pasting dangerous commands into their Windows terminal.

Phishing, pirated software, or torrent downloads are also common distribution methods, as are malvertising and deceptive YouTube comments.

Rapid7 recommends users check links and attachments in emails they don't recognize. They also warn of running unverified code from public repositories for extensions.

Break down IAM silos like Bitpanda, KnowBe4, and PathAI

Broken IAM isn't just an IT problem - the impact ripples across your whole business.

This practical guide covers why traditional IAM practices fail to keep up with modern demands, examples of what "good" IAM looks like, and a simple checklist for building a scalable strategy.

Killed by Google

Hacker News

killedbygoogle.com

2025-12-15 22:08:13

Comments...

Original Article

Guillotine

January
2026

service

Dark Web Reports

Getting unplugged in about 1 month, Dark Web Reports was a dark web scanner that searched for personal info leaks. It will be almost 3 years old.

Guillotine

December
2025

service

Tables by A120

Another one bites the dust in about 6 hours, Tables was a collaborative database platform and competitor to Airtable, focused on making project tracking more efficient with automation. It will be almost 6 years old.

Killed over 6 years ago, Data Saver was an extension for Chrome that routed web pages through Google servers to compress and reduce the user's bandwidth. It was about 4 years old.

Tombstone

2015 - 2019

service

Inbox by Gmail

Killed over 6 years ago, Inbox by Gmail aimed to improve email through several key features. It was almost 4 years old.

Tombstone

2011 - 2019

service

Killed over 19 years ago, Google Public Service Search provided governmental, non-profit and academic organizational search results without ads. It was over 4 years old.

Tombstone

2003 - 2006

service

Google Deskbar

Killed over 19 years ago, Google Deskbar was a small inset window on the Windows toolbar and allowed users to perform searches without leaving the desktop. It was over 2 years old.

Economics of Orbital vs. Terrestrial Data Centers

Hacker News

andrewmccalip.com

2025-12-15 21:56:03

Comments...

Original Article

Before we get nerd sniped by the shiny engineering details, ask the only question that matters. Why compute in orbit? Why should a watt or a flop 250 miles up be more valuable than one on the surface? What advantage justifies moving something as mundane as matrix multiplication into LEO?

That "why" is almost missing from the public conversation. People jump straight to hardware and hand-wave the business case, as if the economics are self-evident. They aren't. A lot of the energy here is FOMO and aesthetic futurism, not a grounded value proposition.

Note: This page is built from publicly available information and first-principles modeling. No proprietary data. These are my personal thoughts and do not represent the views of any company or organization.

Cost per Watt $31.20/W

LCOE $891/MWh

Mass to LEO 22.2M kg

Cost per Watt $14.80/W

LCOE $398/MWh

Capex $13.80/W

Engineering · System Parameters

Orbital Solar

$20 (floor) Starship Falcon 9

$5/W V2 Mini ($22) V1 ($32)

LEO (~60%) SSO (~80%) Terminator (~98%)

1% (shielded) 6% (unshielded) 12% (polar)

Terrestrial (On-Site CCGT)

$10 (Low) $12.50 (Rep) $17 (High)

Electrical 45% $5.63/W

Mechanical 20% $2.50/W

Shell & Core 17% $2.13/W

Fit-Out 8% $1.00/W

Site/Civil 5% $0.62/W

Gen. Cond./Fees 5% $0.62/W

$1.45 (Efficient) $1.80 (Typical) $2.30 (Complex)

Best (~58%) Average (~45%) Older (~38%)

Permian Typical Constrained

Best (1.1) Typical (1.3) Older (1.5)

Orbital Solar

Satellite Count ~37,000

GPU Margin (failures) +19.6%

Solar Margin (degr.) +6.5%

Total Mass to LEO 22.2M kg

Fleet Array Area 2.3 km²

Single Sat Array 116 m²

Starship Launches ~222

Methane Required 168M gal

Energy Output 35.0 MWhr

Terrestrial

H-Class Turbines 3 units

Generation (IT×PUE) 1.2 GW

Heat Rate 6,200 BTU/kWh

Fuel Cost $27/MWh

Capacity Factor 85%

Gas Consumption 279 BCF

Energy Output 37.2 MWhr

GPUs not included—this models everything upstream of compute hardware
Target capacity: 1 GW nameplate electrical
Analysis period: 5 years
All figures in 2025 USD; excludes financing, taxes, incentives, and FMV
Full availability assumed (no downtime derates), no insurance/logistics overheads

Single bus class (Starlink V2 Mini heritage) scaled linearly to target power
Station-keeping propellant mass assumed rolled into Starlink-like specific power (W/kg)
Linear solar cell degradation assumed; actual silicon with coverglass shows steep-then-shallow curve
Solar margin = extra initial capacity to maintain average power over lifetime (not end-of-life)
GPU margin = cumulative expected failures over analysis period (replacement cost, not extra capacity)
Optimal fairing packing assumed regardless of satellite size (kW); no packing penalty modeled
No additional mass for liquid cooling loop infrastructure; likely needed but not included
All mass delivered to LEO; no on-orbit servicing/logistics
Launch pricing applied to total delivered mass; no cadence/manifest constraints modeled
Thermal: only solar array area used as radiator; no dedicated radiator mass assumed
Radiation/shielding impacts on mass ignored; no degradation of structures beyond panel aging
No disposal, de-orbit, or regulatory compliance costs included
Ops overhead and NRE treated as flat cost adders; no learning-curve discounts
No adjustments for permitting or regulatory delay

On-site H-Class CCGT at the fence line; grid interconnect/transmission not costed
Capex buckets embed site prep/land; permitting, taxes, and financing excluded
Fuel price held flat; no carbon price, hedging, or escalation modeled
Water/cooling availability assumed; no scarcity or discharge penalties
Fixed PUE and capacity factor; no forced-outage or maintenance derates applied
No efficiency gains or technology learning assumed over time for terrestrial plant
No adjustments for permitting or regulatory delay

Motivation and Framing

I love space. I live and breathe it. I'm lucky enough to brush the heavens with my own metal and code, and I want nothing more than a booming orbital space economy that creates the flywheel that makes space just another location we all work and visit. I love AI and I subscribe to maximum, unbounded scale. I want to make the biggest bets. I grew up half-afraid we'd never get another Apollo or Manhattan. I truly want the BigThing.

This is all to say that the current discourse is increasingly bothering me due to the lack of rigor; people are using back-of-the-envelope math, doing a terrible job of it, and only confirming whatever conclusion they already want. Calculating radiation and the cost of goods is not difficult. Run the numbers.

Before we do the classic engineer thing and get nerd sniped by all the shiny technical problems, it's worth asking the only question that matters: why put compute in orbit at all? Why should a watt or a flop be more valuable 250 miles up than on the surface? What economic or strategic advantage justifies the effort required to run something as ordinary as matrix multiplication in low Earth orbit?

That "why" is nearly missing from the public conversation. The "energy is cheaper, less regulations, infinite space" arguments just ring false compared to the mountains of challenges and brutal physics putting anything in space layers on. The discourse then skips straight to implementation, as if the business case is obvious.

Personal Positioning

I'm not here to dunk on anyone building real hardware. Space is hard, and shipping flight systems is a credibility filter. I'm annoyed at everyone else. The conversation is full of confident claims built on one cherry-picked fact and zero arithmetic. This is a multivariable physics problem with closed-form constraints. If you're not doing the math, you're not contributing, you're adding noise and hyping for a future we all want instead of doing the hard work to actually drive reality forward.

Core Thesis

The target I care about is simple: can you make space-based, commodity compute cost-competitive with the cheapest terrestrial alternative? That's the whole claim. Not "space is big." Not "the sun is huge." Not "launch will be cheap." Can you deliver useful watts and reject the waste heat at a price that beats a boring Crusoe-style tilt-wall datacenter tied into a 200–500 MW substation?

If you can't beat that, the rest is just vibes. GPUs are pretty darn happy living on the ground. They like cheap electrons, mature supply chains, and technicians who can swap a dead server in five minutes. Orbit doesn't get points for being cool. Orbit has to win on cost, or it has to admit it's doing something else entirely. If it's an existential humanity play, that's cool too, but it's a slightly different game.

Analytical Lens

So here's what I did. I built a simple model that reduces the debate to one parameter: cost per watt of usable power for compute. The infographic below lets you change the assumptions directly. If you disagree with the inputs, great. Move the sliders. But at least we'll be arguing over numbers that map to reality.

The model is deliberately boring. No secret sauce. Just publicly available numbers and first-principles physics: solar flux, cell efficiency, radiator performance, launch cost, hardware mass, and a terrestrial benchmark that represents the real alternative: a tilt-wall datacenter sitting on top of cheap power. The code is public, please go through everything. github.com/andrewmccalip/thoughts

Findings and Implications

Here's the headline result: it's not obviously stupid, and it's not a sure thing. It's actually more reasonable than my intuition thought! If you run the numbers honestly, the physics doesn't immediately kill it, but the economics are savage. It only gets within striking distance under aggressive assumptions, and the list of organizations positioned to even try that is basically one.

That "basically one" point matters. This isn't about talent. It's about integration. If you have to buy launch, buy buses, buy power hardware, buy deployment, and pay margin at every interface, you never get there. The margin stack and the mass tax eat you alive. Vertical integration isn't a nice-to-have. It's the whole ballgame.

Market and Incentives

Which is why I trend positive on SpaceX here. If anyone can brute force a new industrial stack into existence, it's the team that can reduce $/kg and get as humanly close to free launch as possible. And they need to, because the economics are not close. This is not a 25% mismatch. It's 400%. Closing that is the whole job. Positive does not mean gullible. It needs measurable targets and painful reality checks.

If SpaceX ever goes public, this is exactly the kind of thing shareholders should demand: extreme, barely-achievable goalposts with clean measurement. Tesla did it with the options grant. Do the same here. Pay Elon a king's ransom if he delivers a new industrial primitive: cheap, sustained dollars per kilogram and dollars per watt in orbit, at real cadence, for years.

Broader Interpretation

On strict near-term unit economics, this might still be a mediocre use of capital. A tilt-wall datacenter in Oregon with cheap power, cheap cooling, and technicians on call is hard to beat. Crusoe can park compute on stranded natural gas and turn it into flops with a supply chain that already exists.

But the knock-on effects are why this keeps pulling at people. If you can industrialize power and operations in orbit at meaningful scale, you're not just running GPUs. You're building a new kind of infrastructure that makes it easier for humans to keep spreading out. Compute is just one of the first excuses to pay for the scaffolding. Even if this is a mediocre trade on strict near-term unit economics, the second-order effects could be enormous.

I'll go one step further and say the quiet part out loud: we should be actively goading more billionaires into spending on irrational, high-variance projects that might actually advance civilization. I feel genuine secondhand embarrassment watching people torch their fortunes on yachts and status cosplay. No one cares about your Loro Piana. If you've built an empire, the best possible use of it is to burn its capital like a torch and light up a corner of the future. Fund the ugly middle. Pay for the iteration loops. Build the cathedrals. This is how we advance civilization.

Links to Reports

Everyone is going to copy-paste this into the models, so I've done that part for you. It's a decent way to automate the sanity checks, but it could use more in-depth review.

GitHub: github.com/andrewmccalip/thoughts

"Conduct a thorough, first-principles-based review of this project. Scrutinize every assumption and constant, rigorously fact-checking all data. The objective is to identify and correct any fundamental errors in logic or calculation."

Grok: grok.com/share/...
ChatGPT: chatgpt.com/share/...
Gemini: gemini.google.com/share/...
Claude: claude.ai/public/artifacts/...

Overall Conclusion

Even so, irrational ambition doesn't get to ignore physics. The point of this page is to make the constraints explicit, so we can argue about reality instead of vibes. If the numbers close, even barely, then it's worth running hard on the idea. If they don't, the honest move is to say so and move on. Either way, I think some version of this has a feeling of inevitability.

So scroll down, play with the sliders, and try to break it. Change launch cost. Change lifetime. Change specific power. Change hardware cost. The goal here isn't to "win" an argument. It's to drag the conversation back to first principles: assumptions you can point at, and outputs you can sanity-check. Check out the GitHub, run the code, find the errors, and I'll update it live.

After that, we can do the fun part: thermal diagrams, radiator math, orbit beta angles, failure rates, comms geometry, all the shiny engineering details that make this topic so addicting. It's not obviously stupid, and it's not a sure thing. That's why it's worth doing the math.

It might not be rational. But it might be physically possible.

Technical Engineering Challenges

The governing constraint for orbital compute is thermodynamics . Terrestrial datacenters leverage convective cooling—dumping waste heat into the atmosphere or water sources, effectively using the planet as an infinite cold reservoir. In the vacuum of space, convection is impossible. Heat rejection relies exclusively on radiation.

Every object in space settles to an equilibrium temperature where absorbed power equals radiated power. If heat generation exceeds radiative capacity, the temperature rises until the $T^4$ term in the Stefan-Boltzmann law balances the equation:

$$\dot{Q}_{\text{rad}} = \varepsilon \sigma A T^4$$

The engineering challenge is ensuring this equilibrium temperature remains below the safe operating limits of silicon processors.

Energy Balance and Heat Rejection

To dimension the radiator surface, we must account for the total thermal load managed by the satellite bus. In this model, based on a Starlink-style bifacial architecture (PV on front, radiator on back), the system must reject the aggregate energy of two distinct paths:

Incident Solar Flux: The sun delivers $G_{\text{sc}} = 1361\;\text{W/m}^2$ (AM0). With a solar absorptivity $\alpha = 0.92$, the panel absorbs approximately $\sim 1250\;\text{W/m}^2$.
Energy Partitioning:
- Electrical Path ($\sim$22%): High-efficiency cells convert $\sim 275\;\text{W/m}^2$ into electricity. This power drives the compute payload and is converted entirely back into heat by the processors. A liquid cooling loop collects this heat and returns it to the panel structure for rejection.
- Thermal Absorption ($\sim$78%): The remaining $\sim 975\;\text{W/m}^2$ is not converted to electricity but is absorbed immediately as lattice heat (phonon generation) within the panel structure.
Total Heat Load: The radiator must reject the sum of both the immediate thermal absorption and the returned electrical waste heat—effectively 100% of the absorbed solar flux .

This imposes a strict area density limit. High-power compute requires large collection areas, which inherently absorb large amounts of solar heat. The radiator must be sized to reject this aggregate load while maintaining an operating temperature below the junction limit.

Operating Temperature Limits

Modern AI accelerators (H100/B200 class) typically throttle at junction temperatures $T_j > 85\text{–}100\degree\text{C}$. To maintain a junction at 85°C, and accounting for the thermal gradient across cold plates and interface materials ($\Delta T \approx 10\degree\text{C}$), the radiator surface temperature $T_{\text{rad}}$ is constrained to approximately 75°C.

The model below calculates the equilibrium temperature for a bifacial array in a terminator orbit ($\beta = 90^\circ$). It accounts for solar flux, Earth IR ($\sim 237\;\text{W/m}^2$), and albedo. If the calculated equilibrium temperature $T_{\text{eq}}$ exceeds the target radiator temperature, the design fails.

Thermal Balance · Bifacial Panel Model

Steady-State Energy Balance $\dot{Q}_{\text{sol}} + \dot{Q}_{\text{IR}} + \dot{Q}_{\text{alb}} + \dot{Q}_{\text{loop}} = \dot{Q}_{\text{rad,A}} + \dot{Q}_{\text{rad,B}}$

Side A PV Array α = 0.92 ε _A = 0.85

Side B Radiator ε _B = 0.90

0°C T _eq

Thermal Analysis · Bifacial Panel Parameters

Surface Properties

400 km 550 (Starlink) 1200 km

Thermal Outputs

A (panel area) 0.00 km²

β (orbit angle) 90°

VF _⊕ 0.080

ε _tot 1.75

Q̇ _sol (solar waste) 0 MW

Q̇ _IR (Earth thermal) 0 MW

Q̇ _alb (reflected) 0 MW

Q̇ _loop (GPU return) 0 MW

Σ Q̇ _in 0 MW

P _elec (generated) 0 MW

T _eq 0.0 °C

Δ T margin 0 °C FAIL

A _req 0.00 km²

References

Ford kills the All-Electric F-150

Hacker News

www.wired.com

2025-12-15 21:46:53

Comments...

Original Article

Ford is once again shifting its electric vehicle manufacturing plans, a response to a year that’s been tough for the powertrain technology that’s still making waves overseas but has seen domestic government support cut and customer enthusiasm weaken .

Instead of planning to make enough electric vehicles to account for 40 percent of global sales by 2030—as it pledged just four years ago— Ford says it will focus on a broader range of hybrids, extended-range electrics, and battery-electric models, which executives now say will account for 50 percent of sales by the end of the decade. The automaker will make hybrid versions of almost every vehicle in its lineup, the company says.

The company will no longer make a large all-electric truck , Ford executives told reporters Monday, and will repurpose an electric vehicle plant in Tennessee to build gas-powered cars. The next generation of Ford’s all-electric F-150 Lighting will instead be an extended-range electric vehicle, or EREV, a plug-in hybrid that uses an electric motor to power its wheels while a smaller gasoline engine recharges the battery. Ford says the tech, which automakers have touted in recent years as a middle-ground between battery-electric vehicles and gas-powered ones , will give its truck extended towing capacity and a range of over 700 miles.

Ford still plans to produce a midsize electric pickup truck with a target starting price of about $30,000, to be available in 2027. That will be the first of the “affordable” electric vehicle models it’s currently designing at a skunkworks studio in California, which are slated to use a “universal” platform architecture that will make the vehicles cheaper to produce .

The new plans leave Ford with a bunch of excess battery-making capacity, which the company says it will use by opening a whole new business: a battery energy-storage sideline. This new business will produce lower-cost and longer-living lithium iron phosphate, or LFP, batteries for customers in the public utility or data center industries.

“Ford is following the customer,” says Andrew Frick, the president of Ford Blue and Ford Model e, the automaker’s gas- and battery-powered vehicle businesses. US customer adoption of electric vehicles is not where the industry expected at decade’s start, he says. (Battery-electric vehicles currently make up about 7.5 percent of US new car sales .) Frick also cited changes in the regulatory environment, including the Trump administration's rollback of commercial and consumer tax incentives for electric vehicles.

The company has also canceled an all-electric commercial van planned for the European market. Instead, Ford will team up with Renault, in a partnership announced last week , to develop at least two small Ford-branded electric vehicles for Europe—a move that CEO Jim Farley called part of a “fight for our lives,” as US automakers try to compete with affordable EVs out of China.

Ford said Monday that it also plans to produce a new gas-powered commercial van for North America.

An expression language for Vixen

Lobsters

raku-advent.blog

2025-12-15 21:40:57

Comments...

Original Article

#raku-beginners: korvo: Hi! I’m trying out Raku in stead of META II for a toy compiler.

(5 minutes later) korvo: I’m merely trying to compile a little expression language because my angle of repose has slightly increased, and multiple folks have recommended Raku for parsing and lightweight compilers.

(20 minutes later) korvo: [T]hanks for a worthy successor to META II. This is the first enjoyable parser toolkit I’ve used in a while; I spent almost no time fussing over the Regex tools, found it easy to refactor productions, and am spending most of my time trying to handle strings and lists and I/O.

Happy Holiday! As we enter the winter-solstice season, it’s worth reflecting on the way that hunkering down for the cold can bring about new avenues of exploration. I have a jar of pickled homegrown banana peppers in the corner of my refrigerator slowly evolving into something delicious; I do have to shake it every few days, but it will be worth it to add that fruity sour spice to any dish. Similarly, this can be a season for letting old concepts ferment into new concepts.

I have written so many parsers and parser toolkits. I’m tired of writing parsers yet again. So, after hearing about Raku’s builtin support for grammars, I decided that I would commit to trying Raku for my next parsing task. How hard could it be? I’ve already used and forgotten Perl 5 and Ruby.

I don’t need to reinvent Raku. ~ me, very tired

Problem

I’m working on a language that I call Vixen . I should back up.

At the beginning of the year, Joel Jakubovic blogged that The Unix Binary wants to be a Smalltalk Method, Not an Object . They argue that, while we have traditionally thought that Unix files correspond to objects, we should instead correspond Unix directories with objects and Unix files with methods. By “object” I mean a bundle of state and behavior which communicates with other objects by passing messages to them. This is a big deal for folks who study what “object” means, but not really interesting for the wider programming world. However, they followed it up with a prototype and a paper, The Unix Executable as a Smalltalk Method: And its implications for Unix-Smalltalk unification . Jakubovic provides a calling convention, which we call Smalltix , that allows us to treat a Unix system as if it were a Smalltalk-like message-passing object-based system. Crucially, there isn’t a single language for programming Smalltix, because of fragmentation : a Unix system already has many different languages for writing executable programs, and adding another language would only fragment the system further.

Okay! So, I’m working on Vixen, a fork of Smalltix. Jakubovic used Bash and Smalltalk-style classes; I’m simplifying by using execline and Self-style prototypes. Eventually, I’ve got a few dozen little scripts written with execline. Can I simplify further?

Now, I fully admit that execline is something of an alien language, and I should explain at least some of it before continuing. Execline is based on the idea of Bernstein chain loading ; the interpreter takes all arguments in argv as a program and calls into multiple helpers which incrementally rewrite argv into a final command. Here’s an example method that I call “debug:” which takes a single argument and prints it to stderr . First it uses the fdmove helper to copy file descriptor 2 to file descriptor 1, shadowing stdout with stderr ; finally, it echoes a string that interpolates the first and second items of argv . The calling convention in Smalltix and Vixen is that argv ’s zeroth item is the method, the first item is the receiving object passed as a path to a directory, and the rest of the items are positional arguments. By tradition, there is one colon “:” in the name of a method per argument, so “debug:” takes one argument; also by tradition, the names of methods are called verbs . Since this method takes one positional argument, we pass the -s2 flag to the execline interpreter execlineb to collect argv up to index 2.

#!/usr/bin/env -S execlineb -s2
fdmove -c 1 2
echo "debug: ${1}: ${2}"

For something more complicated, here is a method named “allocateNamed:” which augments some other “allocate” method with the ability to control the name of a directory. This lets us attach names to otherwise-anonymous objects. Here, we import the name “V” from the environment envp to turn it into a usable variable. In Vixen, I’ve reserved the name “V” to refer to a utility object that can perform calls and other essential tasks. The backtick helper wraps a subprogram in a curly-brace-delimited block and captures its output. The foreground helper runs two subprograms in sequence; there’s also an if helper which exits early if the first subprogram fails.

#!/usr/bin/env -S execlineb -s2
importas -iS V
backtick -E path { ${V}/call: $1 allocate }
foreground { mkdir ${path}/${2} }
echo ${path}/${2}

Now, as the reader may know, object-based languages are all about messages, object references, and passing messages to object references. In some methods, like this one called “hasParent”, we are solely passing messages to objects; the method is merely a structure which composes some other objects. This is starting to be a lot of code; surely there’s a better way to express this composite?

#!/usr/bin/env -S execlineb -s1
importas -iS V
backtick -E parent { ${V}/call: $1 at: "parent*" }
${V}/call: $parent exists

Syntax

Let’s fragment the system a little bit by introducing an expression language just for this sort of composition. Our justification is that we aren’t going to actually replace execline; we’re just going to make it easier to write. We’ll scavenge some grammar from a few different flavors of Smalltalk. The idea is that our program above could be represented by something like:

[|^(self at: "parent*") exists]

For non-Smalltalkers, this is a block , a fundamental unit of code. The square brackets delimit the entire block. The portion to the right of the pipe “|” is a list of expressions; here there is only one. When the final expression starts with a caret “^”, it will become the answer or return value; there’s a designated Nil object that is answered by default. Expressions are merely messages passed to objects, with the object on the left and the message on the right. If a message verb ends with a colon “:” then it is called a keyword and labels an argument; for each verb with a colon there is a corresponding argument. The builtin name self refers to the current object.

The parentheses might seem odd at first! In Smalltalk, applications of verbs without arguments, so-called unary applications, bind tighter than keyword applications. If we did not parenthesize the example then we would end up with the inner call "parent*" exists , which is a unary application onto a string literal. We also must parenthesize to distinguish nested keyword applications, as in the following example:

[:source|
obj := (self at: "NixStore") intern: source.
^self at: obj name put: obj]

Here we can see the assignment token “:=” for creating local names. The full stop “.” occurs between expressions; it creates statements, which can either assign to a name or not. We can also see a parameter to this block, “:source”, which occurs on the left side of the pipe “|” and indicates that one argument can be passed along with any message.

Grammar

Okay, that’s enough of an introduction to Vixen’s expression language. How do we parse it? That’s where Raku comes in! (As Arlo Guthrie might point out, this is a blog post about Raku.) Our grammar features everything I’ve shown so far, as well as a few extra features like method cascading with the semicolon “;” for which I don’t have good example usage.

grammar Vixen {
    token id       { <[A..Za..z*]>+ <![:]> }
    token selector { <[A..Za..z*]>+ \: }
    token string   { \" <-["]>* \" }
    token param    { \: <id> }
    token ass      { \:\= }    rule params { <param>* % <ws> }
    proto rule lit             {*}
          rule lit:sym<block>  { '[' <params> '|' <exprs> ']' }
          rule lit:sym<paren>  { '(' <call> ')' }
          rule lit:sym<string> { <string> }
          rule lit:sym<name>   { <id> }
    rule chain { <id>* % <ws> }
    proto rule unary {*}
          rule unary:sym<chain> { <lit> <chain> }
    rule keyword { <selector> <unary> }
    proto rule message {*}
          rule message:sym<key>  { <keyword>+ }
    rule messages { <message>* % ';' }
    proto rule call {*}
          rule call:sym<cascade> { <unary> <messages> }
    proto rule assign {*}
          rule assign:sym<name> { <id> <ass> <call> }
          rule assign:sym<call> { <call> }
    rule statement { <assign> '.' }
    proto rule exprs {*}
          rule exprs:sym<rv>  { <statement>* '^' <call> }
          rule exprs:sym<nil> { <statement>* <call> }
    rule TOP { '[' <params> '|' <exprs> ']' }
}

Writing the grammar is mostly a matter of repeatedly giving it example strings. The one tool that I find indespensible is some sort of debugging tracer which indicates where a parse rule has failed. I used Grammar::Tracer , available via zef . I’m on NixOS, so language-specific package managers don’t always play nice, but zef works and is recommended. First I ran:

$ zef install Grammar::Tracer

And then I could start my file with a single import in order to get tracing:

Actions

The semantic actions transform the concrete syntax tree to abstract syntax . This sort of step is not present in classic META II but is essential for maintaining sanity. I’m going to use this grammar for more than a few weeks, so I wrote a few classes for representing abstract syntax and a class of actions. Some actions are purely about extraction; for example, the method for the params production merely extracts a list of matches and extracts the Str for each match.

    method params($/) { make $.values.map: *.Str; }

Some actions contain optimizations that avoid building abstract syntax. The following method for unary handles chained messages, where we have multiple unary applications in a row; we want a special case for zero applications so that the VUnary class can assume that it always has at least one application.

    method unary:sym<chain>($/) {
        my $receiver = $.made;
        my @verb = $.made;
        make @verb ?? VUnary.new(:$receiver, :@verb) !! $receiver;
    }

Some actions build fresh abstract syntax not in the original program. The following method for exprs handles the case when there is no return caret; the final expression is upgraded to a statement which ignores its return value and the name Nil is constructed as the actual return value.

    method exprs:sym<nil>($/) {
        my @statements = $.values.map: *.made;
        my $call = $.made;
        @statements.push: VIgnore.new(:$call);
        my $rv = VName.new(:n("Nil"));
        make VExprs.new(:@statements, :$rv);
    }

Getting the actions right was difficult. I ended up asking for hints on IRC about how to work with matches. The .values method is very useful.

Abstract syntax

I had a couple false starts with the abstract syntax. I think that the right mentality is to have one node per production, but to have one role per compiler action. If necessary, change the grammar to make the abstract syntax easier to generate; Raku is flexible enough to allow grammars to be refactored. Rules like params , chain , and keyword were broken out to make life easier.

By the way, starting at this point, I am only showing excerpts from the complete compiler. The compiler is available in a separate gist . Classes may be incomplete; only relevant methods and attributes are shown.

For example, there is a role for emitting literals. A parenthesized call just unwraps the parentheses; a string is represented by itself.

role EmitLiteral {
    method prepareLiteral($compiler) { ... }
}
class VParen does EmitLiteral {
    has Call $.call;
    method prepareLiteral($compiler) { $.call.prepareLiteral: $compiler; }
}
class VStr does EmitLiteral {
    has Str $.s;
    method prepareLiteral($compiler) { $.s; }
}

We can also have a role for performing a call. We need two flavors of call: call and bind to a name, and also call without binding. It’s much easier to compile chains and cascades with the option to bind or not bind. We can put both roles onto a single class, so that a cascading application both performs a call and also evaluates to a literal expression.

role Call {
    method prepareBind($name, $compiler) { ... }
    method prepareOnly($compiler) { ... }
}
class VCall does Call does EmitLiteral {
    has EmitLiteral $.unary;
    has VMessage @.cascades;
        method prepareBind($name, $compiler) {
        my $receiver = $.unary.prepareLiteral: $compiler;
        my $last = @.cascades[*-1];
        for @.cascades[0 ...^ @.cascades.elems - 1] {
            my ($verb, @row) = $_.prepareMessage: $compiler;
            $compiler.callOnly: $receiver, $verb, @row;
        };
        my ($verb, @row) = $last.prepareMessage: $compiler;
        $compiler.callBind: $name, $receiver, $verb, @row;
    }
    method prepareOnly($compiler) {
        my $receiver = $.unary.prepareLiteral: $compiler;
        for @.cascades {
            my ($verb, @row) = $_.prepareMessage: $compiler;
            $compiler.callOnly: $receiver, $verb, @row;
        };
    }
    method prepareLiteral($compiler) {
        my $name = $compiler.gensym;
        self.prepareBind: $name, $compiler;
        "\$" ~ $name;
    }
}

A first compiler

We’ll start by compiling just one block. Our compiler will include a gensym : a method which can generate a symbol that hasn’t been used before. I’m not trying very hard here and it would be easy for a malicious user to access generated symbols; we can fix that later. The compiler is mostly going to store calls; each call can either be a backtick or an if (or foreground ) depending on whether it binds a name.

class Compiler {
    has Int $!syms;
    method gensym { $!syms += 1; "gs" ~ $!syms; }    has Str %.lines;
    method push($line) { %.lines
 ~= $line ~ "\n"; }    method callBind($name, $receiver, $verb, @args) {
        self.push: "backtick -E $name \{ " ~ formatCall($receiver, $verb, @args) ~ " \}";
    }
    method callOnly($receiver, $verb, @args) {
        self.push: "if \{ " ~ formatCall($receiver, $verb, @args) ~ " \}";
    }
    method assignName($from, $to) { self.push: "define $to \$$from"; }
}

The method .assignName is needed to handle assignments without intermediate calls, as in this := that.

class VName does Call does EmitLiteral {
    has Str $.n;
    method prepareBind($name, $compiler) { $compiler.assignName: $.n, $name; }
    method prepareOnly($compiler) {;}
    method prepareLiteral($compiler) { "\$" ~ $.n; }
}

Calling into Vixen

To compile multiple blocks, we will need to emit multiple blocks. A reasonable approach might be to emit a JSON Object where each key is a block name and each value is a String containing the compiled block. I’m feeling more adventurous than that, though. Here’s a complete Smalltix/Vixen FFI :

sub callVixen($receiver, $verb, *@args) {
    my $proc = run %*ENV ~ "/call:", $receiver, $verb, |@args, :out;
    my $answer = $proc.out.slurp: :close;
    $proc.sink;
    $answer.trim;
}

Vixen is merely a calling convention for processes; we can send a message to an object by doing some string formatting and running a subprocess. The response to a message, called an answer , is given by stdout . Non-zero return codes indicate failure and stderr will contain useful information for the user. The rest of the calling convention is handled by passing envp and calling the V/call: entrypoint.

In addition to passing V in the environment, we will assume that there are Allocator and NixStore objects. Allocator allocates new objects and NixStore interacts with the Nix package manager; we will allocate a new object and store it in the Nix store. The relevant methods are V/clone: anAllocator , which allocates a shallow copy of V and serves as a blank object template, and NixStore/intern: anObject , which recursively copies an object from a temporary directory into the Nix store.

The reader doesn’t need to know much about Nix. The only relevant part is that the Nix store is a system-wide immutable directory that might not be enumerable; it’s a place to store packages, but it’s hard to alter packages or find a package that the user hasn’t been told about.

Name analysis

We will need to know whether a name is used by a nested block. When we create an object representing that block, we will provide that object with each name that it uses. This is called name-use analysis or just use analysis and it is a type of name analysis . The two effects worth noting are when an expression uses a name and when a statement assigns to a name. We track the used names with a Set[Str] . For example, a keyword message uses a name if any of its arguments use a name:

class VMessage {
    has VKeyword @.keywords;
    method uses(--> Set[Str]) { [(|)] @.keywords.map({ $_.uses }) }
}

A sequence of expressions has its usage computed backwards; every time an expression is assigned to a name, we let that assignment shadow any further uses by removing it from the set of used names. This can be written with reduce but it’s important to preserve readability since this sort of logic can be subtly buggy and often must be revisted during debugging.

class VExprs {
    has EmitStatement @.statements;
    has EmitLiteral $.rv;
    method uses(--> Set[Str]) {
        my $names = $.rv.uses;
        for @.statements.reverse {
            $names = ($names (-) $_.writes) (|) $_.call.uses;
        };
        $names;
    }
}

The .writes method merely produces the set of assigned names:

class VAssignName does EmitStatement {
    has Str $.target;
    method writes(--> Set[Str]) { Set[Str].new($.target) }
}

A second compiler

We now are ready to compile nested blocks. The overall workflow is to compute a closure for the inner block whose names are all used names in the block, except for parameters and global names. We rename everything in the closure with fresh symbols to avoid clashes and allow names like “self” to be closed over. We produce two scripts. One script accepts the closure’s values and attaches them to a new object; one script loads the closure and performs the action in the nested block upon the new object. We call into Vixen to allocate the prototype for the block, populate it, and intern it into the Nix store. Everything else is support code.

        my $closureNames = $uses (-) ($params (|) %globals);
        my %closure = $closureNames.keys.map: { $_ => $compiler.gensym ~ "_" ~ $_ };
        my $valueVerb = @.params ?? "value:" x @.params.elems !! "value";
        my $closureVerb = %closure ?? %closure.keys.map(* ~ ":").join !! "make";
        my $valueBlock = produceValueBlock($compiler, %closure, @.params, $.exprs);
        my $closureBlock = cloneForClosure($compiler, %closure);
        my $obj = callVixen(%*ENV, "clone:", $allocator);
        $compiler.writeBlock: $obj, $valueVerb, $valueBlock;
        $compiler.writeBlock: $obj, $closureVerb, $closureBlock;
        my $interned = callVixen(%*ENV, "intern:", $obj);

One hunk of support code is in the generation of the scripts with produceValueBlock and cloneForClosure . These are open-coded actions against the $compiler object:

sub cloneForClosure($compiler, %closure) {
    my $name = $compiler.genblock;
    $compiler.pushBlock: $name, %closure.keys;
    my $obj = $compiler.gensym;
    my $selfName = $compiler.useName: "self";
    $compiler.callBind: $obj, $selfName, "clone:", ($allocator,);
    my $rv = $compiler.useName: $obj;
    for %closure.kv -> $k, $v {
        my $arg = $compiler.useName: $k;
        $compiler.foreground: "redirfd -w 1 $rv/$v echo " ~ $arg;
    }
    $compiler.finishBlock: $rv;
    $name;
}
sub produceValueBlock($compiler, %closure, @params, $exprs) {
    my $name = $compiler.genblock;
    $compiler.pushBlock: $name, @params;
    my $selfName = $compiler.useName: "self";
    for %closure.kv -> $k, $v { $compiler.callBind: $k, $selfName, $v, [] };
    my $rv = $exprs.compileExprs: $compiler;
    $compiler.finishBlock: $rv;
    $name;
}

The compiler was augmented with methods for managing scopes of names and reassigning names, so that the define helper is no longer used at all. There’s also a method .writeBlock which encapsulates the process of writing out a script to disk.

class Compiler {
    has Hash[Str] @.scopes;
    method assignName($from, $to) { @.scopes[*-1]{ $to } = $from }
    method useName($name) {
        for @.scopes.reverse {
            return "\$\{" ~ $_{ $name } ~ "\}" if $_{ $name }:exists;
        };
        die "Name $name not in scope!";
    }
    method writeBlock($obj, $verb, $blockName) {
        spurt "$obj/$verb", %.lines{ $blockName }.trim-leading;
        chmod 0o755, "$obj/$verb";
    }
}

Closing thoughts

This compiler is less jank than the typical compiler. There’s a few hunks of duplicated code, but otherwise the logic is fairly clean and direct. Raku supports a clean compiler mostly by requiring a grammar and an action class ; I had started out by writing imperative spaghetti actions, and it was up to me to decide to organize further. To optimize, it might be worth virtualizing assignments so that there is only one convention for calls; this requires further bookkeeping to not only track renames but also name usage. Indeed, at that point, the reader is invited to consider what SSA might look like. Another possible optimization is to skip allocating empty closures for blocks which don’t close over anything.

It was remarkably easy to call into Vixen from Raku. I could imagine using the FFI as scaffolding to incrementally migrate this compiler to a self-hosting expression-language representation of itself. I could also imagine extending the compiler with FFI plugins that decorate or cross-cut compiler actions.

This blogpost is currently over 400 lines. The full compiler is under 400 lines. We put Raku into a jar with Unix, Smalltalk, and Nix; shook it up, and let it sit for a few days. The result is a humble compiler for a simple expression language with a respectable amount of spice. Thanks to the Raku community for letting me share my thoughts. To all readers, whether you’re Pastafarian or not, whether you prefer red sauce or white sauce or even pesto, I hope that you have a lovely and peaceful Holiday.

Fix HDMI-CEC weirdness with a Raspberry Pi and a $7 cable

Hacker News

johnlian.net

2025-12-15 21:37:09

Comments...

Original Article

For years I treated HDMI-CEC like a house spirit: sometimes helpful, mostly temperamental, never fully understood. My living-room stack is straightforward: Samsung TV on ARC (NOT eARC - story for another day), Denon AVR-X1700H hidden in a closet, Apple TV plus a bunch of consoles connected to the receiver, and a Raspberry Pi 4 already doing Homebridge duty. When it comes to CEC, the Apple TV handles it like a dream, but every console behaves like it missed the last week of CEC school. They wake the TV, switch the input, then leave the Denon asleep so I’m back to toggling audio outputs manually.

My media closet where all the consoles are

I documented the media closet build-out separately, so if you want the full wiring tour (and the before/after photos), start there.

With the media closet, rewiring everything to the TV wasn’t an option and disabling CEC wasn’t viable (Apple TV works and it gets the most use). My first instinct was to lean on traditional automation stacks: HomeKit scenes to chain “TV on” into “receiver on” or wattage triggers via an Eve Energy plug. This kind of worked, but every extra layer added 30 seconds of lag or more. The last stop on that journey was a homebridge-cec-tv-control plugin , but while reading the README I realized I was about to pipe CEC messages through Node, Homebridge, and HomeKit before they hit the receiver. The Pi is wired into the rack already, so skipping those layers and going through /dev/cec0 directly was clearly the faster path.

After an evening of struggling, the Pi now sits quietly on the HDMI bus, watching for consoles to announce themselves and issuing the single command Samsung + Denon should have exchanged on their own.

This post follows the structure of my notes: build a small mental model of CEC, monitor the bus, copy whatever Apple TV does right, wrap it in Python, then ship it as a systemd unit.

Small HDMI-CEC primer

High-Definition Multimedia Interface Consumer Electronics Control , much better known as HDMI-CEC , is a low-bandwidth side channel that rides alongside HDMI video/audio. Everyone on the bus speaks in logical addresses ( 0x0 for TV, 0x5 for audio systems, 0x4/0x8/0xB ¹ for playback devices, etc.) and tiny opcodes ² such as 0x82 ( Active Source ) or 0x72 ( Set System Audio Mode ). Physical addresses are “lat/long” references inside the topology, so 3.0.0.0 can mean “AVR input source HDMI 3”.

CEC is supposed to help consumers control their electronics, so in a healthy system the flow goes like this: console wakes and declares itself active, the TV notices there’s an ARC partner, somebody sends “please be the audio system”, the receiver wakes up, and audio comes out of the big speakers. For me, that path only occurred when Apple TV was involved. Sadly, when I woke a console, the TV switched inputs but audio stayed on the tinny TV speakers.

To debug that mess I first wrote down how every device identified itself on the bus. Here are the specific CEC roles in my home theater:

TV – logical address 0x0
Audio system (Denon AVR-X1700H) – logical address 0x5
Playback devices – logical addresses 0x4 , 0x8 , 0xB (Apple TV, PS5, Switch 2 and Xbox all competing for the three playback slots ³ )
Broadcast – logical address 0xF (messages to everyone)

And the key opcodes we ended up caring about:

0x82 – Active Source (“I am now the active input”)
0x84 – Report Physical Address (“this is where I live in the HDMI tree”)
0x70 – System Audio Mode Request
0x72 – Set System Audio Mode (Denon’s “I am now the audio system” broadcast)

Monitoring the CEC bus with `cec-client`

The Raspberry Pi 4 I have exposes /dev/cec0 interface on its micro-HDMI, and with a $7 micro-HDMI to HDMI cable plugged into HDMI input port on the receiver, it’s possible to monitor CEC traffic from everything connected to the receiver .

Close-up photo of the Pi plugged into the TV’s ARC HDMI input, HDMI adapters visible

I was initially hesitant because of some Hue Play Sync Box ⁴ trauma: every HDMI splitter or inline gadget I’ve tried in front of the TV caused weird EDID breakage, troubles with HDR negotiation, or outright signal loss. But once I understood the Pi never sits in the middle of the HDMI handshake my concerns went away. By plugging it into an unused HDMI input on the AVR, it behaves like just another participant on the shared CEC bus. No signal regeneration, no spoofed EDIDs, nothing for the rest of the chain to notice.

So the topology looks like this:

---
config:
  flowchart:
    htmlLabels: false
---
flowchart LR
  classDef pi fill:#ffd399,stroke:#f97316,stroke-width:3px,color:#111,font-weight:bold;
  classDef misc fill:#1f2933,stroke:#4b5563,color:#f8fafc;

  subgraph Media Closet
    SW["`**Nintendo Switch 2**
    Playback 1 @ 0x8
    3.1.0.0`"]-- HDMI 1 ---AVR
    ATV["`**Apple TV**
    Playback 2 @ 0x4
    3.2.0.0`"]-- HDMI 2 ---AVR
    PI["`**Raspberry Pi**
    Recorder 1 @ 0x1
    3.3.0.0`"]-- micro HDMI to HDMI 3 ---AVR
    PC["`**PC**
    no CEC`"]-- HDMI 4 ---AVR
    XBOX["`**Xbox Series X**
    Playback 1 @ 0x8
    3.5.0.0`"]-- HDMI 5 ---AVR
    PS5["`**PS5**
    Playback 3 @ 0xB
    3.6.0.0`"]-- HDMI 6 ---AVR
  end

  subgraph Living Room
    TV["`**Samsung S95B TV**
    TV @ 0x0
    0.0.0.0`"]
  end

  AVR["`**Denon AVR-X1700H**
  Audio @ 0x5
  3.0.0.0`"]-- HDMI Out to HDMI 3 (ARC) ---TV

  class AVR,TV,SW,ATV,PC,XBOX,PS5 misc;
  class PI pi;

Now, you can get cec-client from libcec . Install it with

sudo apt update
sudo apt install cec-utils

Then do a quick scan to see which devices respond:

echo "scan" | cec-client -s

Example scan output from my setup below. As you can see, the Xbox and Switch both ³ claim logical address 0x8 ¹ :

CEC bus information
===================
device #0: TV
address:       0.0.0.0
active source: no
vendor:        Samsung
osd string:    TV
CEC version:   1.4
power status:  on
language:      eng


device #1: Recorder 1
address:       3.3.0.0
active source: no
vendor:        Pulse Eight
osd string:    CECTester
CEC version:   1.4
power status:  on
language:      eng


device #4: Playback 1
address:       3.1.0.0
active source: yes
vendor:        Unknown
osd string:    Switch 2
CEC version:   1.3a
power status:  on
language:      ???


device #5: Audio
address:       3.0.0.0
active source: no
vendor:        Denon
osd string:    AVR-X1700H
CEC version:   1.4
power status:  on
language:      ???


device #8: Playback 2
address:       3.2.0.0
active source: no
vendor:        Apple
osd string:    Apple TV
CEC version:   2.0
power status:  standby
language:      ???


device #B: Playback 3
address:       3.6.0.0
active source: no
vendor:        Sony
osd string:    PlayStation 5
CEC version:   1.3a
power status:  standby
language:      ???

If the expected devices show up, use monitor mode with the correct level ⁵ of logging:

This command keeps the Pi quiet (monitor mode) yet gives you every bus transaction.

A line such as TRAFFIC: [...] >> bf:82:36:00 means: logical 0xB (PS5) broadcast Active Source ( 0x82 ) with physical address 3.6.0.0 . That’s the packet you expect any console to send when it wakes up.

Figuring out the magic handshake

So I put the system in standby, start logging, then wake Apple TV. I got the expected Active Source burst, followed immediately by the Denon broadcasting that it has taken over audio:

>> 8f:82:32:00       # Apple TV (logical 8) -> Broadcast: Active Source
...
>> 8f:a6:06:10:56:10 # Apple TV (logical 8) -> Broadcast: ???
>> 5f:72:01          # Denon (logical 5) -> Broadcast: Set System Audio Mode (on)

Translated:

Apple TV announces itself as the active source.
Apple TV broadcasts some magic bits?
Very soon after, the Denon tells everyone “System Audio Mode is on,” and the TV happily keeps output set to Receiver instead of flipping back to TV speakers.

I did the exact same experiment with PS5, Xbox, Switch 2 and the result was different:

>> bf:82:36:00       # PS5: Active Source
# ...a bunch of reports, but no 5f:72:01

So what was the 8f:a6:06:10:56:10 frame when Apple TV was involved? With debug logs, cec-client showed UNKNOWN (A6) . I suspect libCEC labels it unknown because it’s in the vendor-specific range. The following bytes ( 06:10:56:10 ) could be Apple’s proprietary payload, like some capability or extended control. It’s possible Samsung and Apple have a private handshake here that ultimately results in the Denon doing the right thing. It’s neat, but I couldn’t rely on it since it’s undocumented and sending it manually from the Raspberry Pi’s logical address had no effect. Impersonating Apple TV over CEC is not realistically viable and likely brittle.

However, with cec-o-matic.com , it was easy to craft a CEC frame for the Raspberry Pi to send a normal system audio mode request:

15:70:00:00 # TV (1) -> Audio (5): System Audio Mode Request

Breaking it down:

15 = source 0x1 (Recorder 1 = Pi) sends to destination 0x5 (Audio System = Denon)
70 = opcode System Audio Mode Request
00:00 = operands (TV’s physical address 0.0.0.0, plus “system audio status” = off/0, which Denon interprets as “please negotiate system audio mode and turn on ARC”)

The second I typed this into cec-client ’s interactive shell with tx 15:70:00:00 , the Denon turned on and ARC anchored to the receiver even with only a console and TV powered on. I confirmed by checking the TV’s audio output:

Photo of TV UI confirming receiver output

So the solution started to emerge: whenever a console wakes up and claims Active Source, the Pi should step in and send 15:70:00:00 to the Denon to kickstart audio negotiation.

Don’t spam the bus!

Now that we know the basis of the automation, the most obvious thing to do is to write a bash script that loops cec-client every few seconds and blast on 5 . That sort of works, but it’s not ideal:

Using a loop means the automation is delayed instead of reacting to actual CEC events.
Every iteration spins up a new cec-client , binds to /dev/cec0 , sends one command, and tears down.
CEC is a shared bus, not a write-only GPIO.

A better pattern is:

Start a single long-lived cec-client process. ⁶
Let it print every TRAFFIC line for you to parse.
Feed it tx ... commands on stdin only when you need to intervene.

The only catch: monitor mode ( -m ) can’t transmit. So for the automation we switch to:

No -m here. cec-client still prints all the traffic, but now it also accepts commands. Our Python script treats it like a bridge between HDMI land and our own logic: stdout is an event stream, stdin is a control channel.

The Python script

It took some trial and error, but it wasn’t too difficult to write a small Python program that watches for consoles waking up and sends the magic 15:70:00:00 command when needed. I put it all on GitHub:

jlian/cec_auto_audio

The script logic goes:

Starts cec-client -d 8 as a subprocess.
Parses TRAFFIC lines.
Watches for Active Source ( 0x82 ) from any Playback logical address ( 0x4/0x8/0xB ).
Tracks when the Denon last broadcast Set System Audio Mode ( 5f:72:01 ) so we don’t fight Apple TV or the TV’s own logic.
Sends tx 15:70:00:00 at most once per console wake if nobody else has done it.

A few notes:

The script doesn’t hard-code any device names, vendors, or physical addresses.
It treats any Playback logical address ( 0x4/0x8/0xB ) turning into Active Source as a “console wake” event.
It stays passive when Apple TV / Samsung / Denon manage to do the right thing themselves (because we observe a real 5f:72:01 ).
It runs as a single long-lived process tied to a single cec-client instance.

To make sure it starts on boot and keeps running, I wrapped it in a simple systemd service. The unit file I used can be found in the GitHub README . I’ve been running it for a few days and feels rock solid.

Generalizing this approach

I hope this post gives you enough of a mental model to adapt this approach to your own CEC pain points. My solution is specific to the Denon + Samsung + consoles scenario, but the same pattern should work for other CEC quirks.

Maybe your issue isn’t consoles not engaging the AVR. Maybe DTS never negotiates, or your TV keeps snapping back to its tiny speakers. The workflow is the same:

Get the Pi onto the an HDMI port . Plug the Pi into the TV or Receiver’s HDMI input using a micro-HDMI–>HDMI cable (or adapter). Put it somewhere it can sit forever.
Baseline the bus . Run:
```
echo "scan" | cec-client -s -d 1
```
to make sure your Pi can see all the expected devices, what logical/physical addresses they have, and what roles they use.
Record a “good” scenario and a “bad” one . Use:

to log traffic while you:
- Trigger a good path (e.g., Apple TV gets 5.1 sound correctly).
- Trigger a bad path (e.g., DTS falls back to stereo, or ARC drops to TV speakers).
Diff the traces . Look for opcodes that show up in the good trace but are missing in the bad. In my case, the interesting delta was the presence of 5f:72:01 after Apple TV woke, and the absence of anything like it when a console woke alone.
Inject the missing opcode manually . Go to cec-o-matic.com to build the missing frame ⁷ , then run:

to use cec-client in interactive mode, then type tx ... for your suspected magic packet, and see if anything changes. If not, try again with a different frame.

You likely would want to start with a frame like 1f:... (Pi logical address as Recording 1 0x1 to Broadcast 0xF ), or 15... (Pi to Audio System 0x5 ), depending on what you’re trying to achieve.
Wrap it in code . Once you know the magic packet, wrap it in a tiny program like the one above and let the Pi quietly participate on the bus.

You can picture the good vs bad paths like this:

sequenceDiagram
  participant Src as Source (console/player)
  participant TV as TV (0)
  participant AVR as AVR / Soundbar (5)

  rect rgb(230,255,230)
    note over Src,AVR: Good path
    Src->>TV: Active Source (0x82)
    TV->>AVR: System Audio Mode Request (0x70)
    AVR->>TV: Set System Audio Mode On (0x72)
  end

  rect rgb(255,230,230)
    note over Src,AVR: Bad path
    Src->>TV: Active Source (0x82)
        note over TV,AVR: No audio-mode negotiation
  end

Your job is to spot the missing step and teach the Pi to do it.

Where this leaves my setup

Apple TV keeps doing its thing. PS5, Xbox, or Switch now wake the TV, the Pi nudges the Denon within half a second, and audio stays glued to the receiver. Latency is low enough that it feels native. The Pi sits in the closet pretending to be a slightly overqualified remote.

Picture of my TV and cat being comfortable

There are still a couple of rough edges I haven’t tackled yet:

When a console goes to sleep, the TV sometimes “helpfully” switches to its antenna input. I don’t even have an antenna plugged in, so the net effect is a confusing “no signal” screen instead of falling back to Apple TV or a known-good input. That’s technically “correct” from the TV’s point of view (its own tuner is always a valid source), but wrong for how this setup is actually used.
My sunset TV automation can land on a dead input. I have a HomeKit automation that turns the TV on around sunset. Most of the time that means Apple TV wakes up with a nice aerial screensaver. But if the last input before power-off was a console, the TV wakes to that HDMI port and just shows “no signal”, which confuses other people in the house.

These problems are similar, but require slightly different solutions:

Console standby → TV becomes Active Source. When a console goes to sleep it tends to release the bus and the TV politely promotes its tuner. The helper could watch for that very specific frame pair (console Standby, TV Active Source) and, after a short grace period, switch the input to Apple TV.
Sunset automation → no Active Source. In this case the TV powers on but nobody (not even the TV) claims Active Source, so it sits on the last HDMI port showing “no signal.” The helper needs to detect “TV on, Denon asleep, no Active Source within N ms,” then wake both Apple TV and the receiver and switch inputs.

Or maybe we could unify both by having a state machine that tracks “who was Active Source most recently” and automatically falls back to Apple TV whenever the bus goes quiet or the TV promotes itself. Either way, the Pi’s job is to make sure there’s always a sane outcome.

That would turn the Pi into a more general “HDMI shepherd”: not just keeping ARC pinned to the receiver when something is playing, but also steering the system back to a sane default when nothing is.

There’s probably a small cottage industry of “two-page CEC scripts” waiting to be written. If you adapt this trick for some other HDMI-CEC horror story, send me the packet traces —I’m collecting folklore.

PornHub extorted after hackers steal Premium member activity data

Bleeping Computer

www.bleepingcomputer.com

2025-12-15 21:27:07

Adult video platform PornHub is being extorted by the ShinyHunters extortion gang after the search and watch history of its Premium members was reportedly stolen in a recent Mixpanel data breach. [...]...

Original Article

PornHub

Adult video platform PornHub is being extorted by the ShinyHunters extortion gang after the search and watch history of its Premium members was reportedly stolen in a recent Mixpanel data breach.

Last week, PornHub disclosed that it was impacted by a recent breach at analytics vendor Mixpanel . Mixpanel suffered a breach on November 8th, 2025, after an SMS phishing (smishing) attack enabled threat actors to compromise its systems.

"A recent cybersecurity incident involving Mixpanel, a third-party data analytics provider, has impacted some Pornhub Premium users," reads a PornHub security notice posted on Friday.

"Specifically, this situation affects only select Premium users. It is important to note this was not a breach of Pornhub Premium's systems. Passwords, payment details, and financial information remain secure and were not exposed."

PornHub says it has not worked with Mixpanel since 2021, indicating the stolen records are historical analytics data from 2021 or earlier.

Mixpanel says the breach affected a "limited number" of customers, with OpenAI and CoinTracker previously disclosing they were affected.

This is the first time it has been publicly confirmed that ShinyHunters was behind the Mixpanel breach.

When contacting PornHub, the company did not provide additional comment to BleepingComputer beyond the security notice.

PornHub search and watch history exposed

Today, BleepingComputer learned that ShinyHunters began extorting Mixpanel customers last week, sending emails that began with "We are ShinyHunters" and warned that their stolen data would be published if a ransom was not paid.

In an extortion demand sent to PornHub, ShinyHunters claims it stole 94GB of data containing over 200 million records of personal information in the Mixpanel breach.

ShinyHunters later confirmed to BleepingComputer that they were behind the extortion emails, claiming the data consists of 201,211,943 records of historical search, watch, and download activity for the platform's Premium members.

A small sample of data shared with BleepingComputer shows that the analytic events sent to Mixpanel contain a large amount of sensitive information that a member would not likely want publicly disclosed.

This data includes a PornHub Premium member's email address, activity type, location, video URL, video name, keywords associated with the video, and the time the event occurred.

Activity types seen by BleepingComputer include whether the PornHub subscriber watched or downloaded a video or viewed a channel. However, ShinyHunters also said the events include search histories.

The ShinyHunters extortion group has been behind a string of data breaches this year by compromising various Salesforce integration companies to gain access to Salesforce instances and steal company data.

The threat group is linked to the exploitation of the Oracle E-Business Suite zero-day (CVE-2025-61884), as well as to Salesforce/Drift attacks that impacted a large number of organizations earlier this year.

More recently ShinyHunters conducted a breach at GainSight that allowed the threat actors to steal further Salesforce data from organizations.

With it now confirmed that ShinyHunters is also behind the Mixpanel breach, the threat actors are responsible for some of the most significant data breaches in 2025, impacting hundreds of companies.

ShinyHunters is also creating a new ransomware-as-a-service called ShinySpid3r, which will serve as a platform for them and threat actors associated with Scattered Spider to conduct ransomware attacks.