{"version":"https://jsonfeed.org/version/1","title":"Readable: Hacker News","home_page_url":"https://readable.news","feed_url":"https://readable.news/api/feed?format=json","icon":"https://news.ycombinator.com/y18.svg","favicon":"https://news.ycombinator.com/favicon.ico","items":[{"title":"Sam Altman may control our future – can he be trusted?","content_html":"
In the fall of 2023, Ilya Sutskever, OpenAI’s chief scientist, sent secret memos to three fellow-members of the organization’s board of directors. For weeks, they’d been having furtive discussions about whether Sam Altman, OpenAI’s C.E.O., and Greg Brockman, his second-in-command, were fit to run the company. Sutskever had once counted both men as friends. In 2019, he’d officiated Brockman’s wedding, in a ceremony at OpenAI’s offices that included a ring bearer in the form of a robotic hand. But as he grew convinced that the company was nearing its long-term goal—creating an artificial intelligence that could rival or surpass the cognitive capabilities of human beings—his doubts about Altman increased. As Sutskever put it to another board member at the time, “I don’t think Sam is the guy who should have his finger on the button.”
At the behest of his fellow board members, Sutskever worked with like-minded colleagues to compile some seventy pages of Slack messages and H.R. documents, accompanied by explanatory text. The material included images taken with a cellphone, apparently to avoid detection on company devices. He sent the final memos to the other board members as disappearing messages, to insure that no one else would ever see them. “He was terrified,” a board member who received them recalled. The memos, which we reviewed, have not previously been disclosed in full. They allege that Altman misrepresented facts to executives and board members, and deceived them about internal safety protocols. One of the memos, about Altman, begins with a list headed “Sam exhibits a consistent pattern of . . .” The first item is “Lying.”
Many technology companies issue vague proclamations about improving the world, then go about maximizing revenue. But the founding premise of OpenAI was that it would have to be different. The founders, who included Altman, Sutskever, Brockman, and Elon Musk, asserted that artificial intelligence could be the most powerful, and potentially dangerous, invention in human history, and that perhaps, given the existential risk, an unusual corporate structure would be required. The firm was established as a nonprofit, whose board had a duty to prioritize the safety of humanity over the company’s success, or even its survival. The C.E.O. had to be a person of uncommon integrity. According to Sutskever, “any person working to build this civilization-altering technology bears a heavy burden and is taking on unprecedented responsibility.” But “the people who end up in these kinds of positions are often a certain kind of person, someone who is interested in power, a politician, someone who likes it.” In one of the memos, he seemed concerned with entrusting the technology to someone who “just tells people what they want to hear.” If OpenAI’s C.E.O. turned out not to be reliable, the board, which had six members, was empowered to fire him. Some members, including Helen Toner, an A.I.-policy expert, and Tasha McCauley, an entrepreneur, received the memos as a confirmation of what they had already come to believe: Altman’s role entrusted him with the future of humanity, but he could not be trusted.
Altman was in Las Vegas, attending a Formula 1 race, when Sutskever invited him to a video call with the board, then read a brief statement explaining that he was no longer an employee of OpenAI. The board, following legal advice, released a public message saying only that Altman had been removed because he “was not consistently candid in his communications.” Many of OpenAI’s investors and executives were shocked. Microsoft, which had invested some thirteen billion dollars in OpenAI, learned of the plan to fire Altman just moments before it happened. “I was very stunned,” Satya Nadella, Microsoft’s C.E.O., later said. “I couldn’t get anything out of anybody.” He spoke with the LinkedIn co-founder Reid Hoffman, an OpenAI investor and a Microsoft board member, who began calling around to determine whether Altman had committed a clear offense. “I didn’t know what the fuck was going on,” Hoffman told us. “We were looking for embezzlement, or sexual harassment, and I just found nothing.”
Other business partners were similarly blindsided. When Altman called the investor Ron Conway to say that he’d been fired, Conway held up his phone to Representative Nancy Pelosi, with whom he was having lunch. “You better get out of here really quick,” she told Conway. OpenAI was on the verge of closing a large investment from Thrive, a venture-capital firm founded by Josh Kushner, Jared Kushner’s brother, whom Altman had known for years. The deal would value OpenAI at eighty-six billion dollars and allow many employees to cash out millions in equity. Kushner emerged from a meeting with Rick Rubin, the music producer, to a missed call from Altman. “We just immediately went to war,” Kushner later said.
The day that Altman was fired, he flew back to his twenty-seven-million-dollar mansion in San Francisco, which has panoramic views of the bay and once featured a cantilevered infinity pool, and set up what he called a “sort of government-in-exile.” Conway, the Airbnb co-founder Brian Chesky, and the famously aggressive crisis-communications manager Chris Lehane joined, sometimes for hours a day, by video and phone. Some members of Altman’s executive team camped out in the hallways of the house. Lawyers set up in a home office next to his bedroom. During bouts of insomnia, Altman would wander by them in his pajamas. When we spoke with Altman recently, he described the aftermath of his firing as “just this weird fugue.”
With the board silent, Altman’s advisers built a public case for his return. Lehane has insisted that the firing was a coup orchestrated by rogue “effective altruists”—adherents of a belief system that focusses on maximizing the well-being of humanity, who had come to see A.I. as an existential threat. (Hoffman told Nadella that the firing might be due to “effective-altruism craziness.”) Lehane—whose reported motto, after Mike Tyson, is “Everyone has a game plan until you punch them in the mouth”—urged Altman to wage an aggressive social-media campaign. Chesky stayed in contact with the tech journalist Kara Swisher, relaying criticism of the board.
Cartoon by Glen Baxter
Altman interrupted his “war room” at six o’clock each evening with a round of Negronis. “You need to chill,” he recalls saying. “Whatever’s gonna happen is gonna happen.” But, he added, his phone records show that he was on calls for more than twelve hours a day. At one point, Altman conveyed to Mira Murati, who had given Sutskever material for his memos and was serving as the interim C.E.O. of OpenAI in that period, that his allies were “going all out” and “finding bad things” to damage her reputation, as well as those of others who had moved against him, according to someone with knowledge of the conversation. (Altman does not recall the exchange.)
Within hours of the firing, Thrive had put its planned investment on hold and suggested that the deal would be consummated—and employees would thus receive payouts—only if Altman returned. Texts from this period show Altman coördinating closely with Nadella. (“how about: satya and my top priority remains to save openai,” Altman suggested, as the two worked on a statement. Nadella proposed an alternative: “to ensure OpenAI continues to thrive.”) Microsoft soon announced that it would create a competing initiative for Altman and any employees who left OpenAI. A public letter demanding his return circulated at the organization. Some people who hesitated to sign it received imploring calls and messages from colleagues. A majority of OpenAI employees ultimately threatened to leave with Altman.
The board was backed into a corner. “Control Z, that’s one option,” Toner said—undo the firing. “Or the other option is the company falls apart.” Even Murati eventually signed the letter. Altman’s allies worked to win over Sutskever. Brockman’s wife, Anna, approached him at the office and pleaded with him to reconsider. “You’re a good person—you can fix this,” she said. Sutskever later explained, in a court deposition, “I felt that if we were to go down the path where Sam would not return, then OpenAI would be destroyed.” One night, Altman took an Ambien, only to be awakened by his husband, an Australian coder named Oliver Mulherin, who told him that Sutskever was wavering, and that people were telling Altman to speak with the board. “I woke up in this, like, crazy Ambien haze, and I was so disoriented,” Altman told us. “I was, like, I cannot talk to the board right now.”
In a series of increasingly tense calls, Altman demanded the resignations of board members who had moved to fire him. “I have to pick up the pieces of their mess while I’m in this crazy cloud of suspicion?” Altman recalled initially thinking, about his return. “I was just, like, Absolutely fucking not.” Eventually, Sutskever, Toner, and McCauley lost their board seats. Adam D’Angelo, a founder of Quora, was the sole original member who remained. As a condition of their exit, the departing members demanded that the allegations against Altman—including that he pitted executives against one another and concealed his financial entanglements—be investigated. They also pressed for a new board that could oversee the outside inquiry with independence. But the two new members, the former Harvard president Lawrence Summers and the former Facebook C.T.O. Bret Taylor, were selected after close conversations with Altman. “would you do this,” Altman texted Nadella. “bret, larry summers, adam as the board and me as ceo and then bret handles the investigation.” (McCauley later testified in a deposition that when Taylor was previously considered for a board seat she’d had concerns about his deference to Altman.)
Less than five days after his firing, Altman was reinstated. Employees now call this moment “the Blip,” after an incident in the Marvel films in which characters disappear from existence and then return, unchanged, to a world profoundly altered by their absence. But the debate over Altman’s trustworthiness has moved beyond OpenAI’s boardroom. The colleagues who facilitated his ouster accuse him of a degree of deception that is untenable for any executive and dangerous for a leader of such a transformative technology. “We need institutions worthy of the power they wield,” Murati told us. “The board sought feedback, and I shared what I was seeing. Everything I shared was accurate, and I stand behind all of it.” Altman’s allies, on the other hand, have long dismissed the accusations. After the firing, Conway texted Chesky and Lehane demanding a public-relations offensive. “This is REPUTATIONAL TO SAM,” he wrote. He told the Washington Post that Altman had been “mistreated by a rogue board of directors.”
OpenAI has since become one of the most valuable companies in the world. It is reportedly preparing for an initial public offering at a potential valuation of a trillion dollars. Altman is driving the construction of a staggering amount of A.I. infrastructure, some of it concentrated within foreign autocracies. OpenAI is securing sweeping government contracts, setting standards for how A.I. is used in immigration enforcement, domestic surveillance, and autonomous weaponry in war zones.
Altman has promoted OpenAI’s growth by touting a vision in which, he wrote in a 2024 blog post, “astounding triumphs—fixing the climate, establishing a space colony, and the discovery of all of physics—will eventually become commonplace.” His rhetoric has helped sustain one of the fastest cash burns of any startup in history, relying on partners that have borrowed vast sums. The U.S. economy is increasingly dependent on a few highly leveraged A.I. companies, and many experts—at times including Altman—have warned that the industry is in a bubble. “Someone is going to lose a phenomenal amount of money,” he told reporters last year. If the bubble pops, economic catastrophe may follow. If his most bullish projections prove correct, he may become one of the wealthiest and most powerful people on the planet.
In a tense call after Altman’s firing, the board pressed him to acknowledge a pattern of deception. “This is just so fucked up,” he said repeatedly, according to people on the call. “I can’t change my personality.” Altman says that he doesn’t recall the exchange. “It’s possible I meant something like ‘I do try to be a unifying force,’ ” he told us, adding that this trait had enabled him to lead an immensely successful company. He attributed the criticism to a tendency, especially early in his career, “to be too much of a conflict avoider.” But a board member offered a different interpretation of his statement: “What it meant was ‘I have this trait where I lie to people, and I’m not going to stop.’ ” Were the colleagues who fired Altman motivated by alarmism and personal animus, or were they right that he couldn’t be trusted?
One morning this winter, we met Altman at OpenAI’s headquarters, in San Francisco, for one of more than a dozen conversations with him for this story. The company had recently moved into a pair of eleven-story glass towers, one of which had been occupied by Uber, another tech behemoth, whose co-founder and C.E.O., Travis Kalanick, seemed like an unstoppable prodigy—until he resigned, in 2017, under pressure from investors, who cited concerns about his ethics. (Kalanick now runs a robotics startup; in his free time, he said recently, he uses OpenAI’s ChatGPT “to get to the edge of what’s known in quantum physics.”)
An employee gave us a tour of the office. In an airy space full of communal tables, there was an animated digital painting of the computer scientist Alan Turing; its eyes tracked us as we passed. The installation is a winking reference to the Turing test, the 1950 thought experiment about whether a machine can credibly imitate a person. (In a 2025 study, ChatGPT passed the test more reliably than actual humans did.) Typically, you can interact with the painting. But the sound had been disabled, our guide told us, because it wouldn’t stop eavesdropping on employees and then butting into their conversations. Elsewhere in the office, plaques, brochures, and merchandise displayed the words “Feel the AGI.” The phrase was originally associated with Sutskever, who used it to caution his colleagues about the risks of artificial general intelligence—the threshold at which machines match human cognitive capacities. After the Blip, it became a cheerful slogan hailing a superabundant future.
We met Altman in a generic-looking conference room on the eighth floor. “People used to tell me about decision fatigue, and I didn’t get it,” Altman told us. “Now I wear a gray sweater and jeans every day, and even picking which gray sweater out of my closet—I’m, like, I wish I didn’t have to think about that.” Altman has a youthful appearance—he is slender, with wide-set blue eyes and tousled hair—but he is now forty, and he and Mulherin have a one-year-old son, delivered by a surrogate. “I’m sure, like, being President of the United States would be a much more stressful job, but of all the jobs that I think I could reasonably do, this is the most stressful one I can imagine,” he said, making eye contact with one of us, then with the other. “The way that I’ve explained this to my friends is: ‘This was the most fun job in the world until the day we launched ChatGPT.’ We were making these massive scientific discoveries—I think we did the most important piece of scientific discovery in, I don’t know, many decades.” He cast his eyes down. “And then, since the launch of ChatGPT, the decisions have gotten very difficult.”
Altman grew up in Clayton, Missouri, an affluent suburb of St. Louis, as the eldest of four siblings. His mother, Connie Gibstine, is a dermatologist; his father, Jerry Altman, was a real-estate broker and a housing activist. Altman attended a Reform synagogue and a private preparatory school that he has described as “not the kind of place where you would really stand up and talk about being gay.” In general, though, the family’s wealthy suburban circles were relatively liberal. When Altman was sixteen or seventeen, he said, he was out late in a predominantly gay neighborhood in St. Louis and was subjected to a brutal physical attack and homophobic slurs. Altman did not report the incident, and he was reluctant to give us more details on the record, saying that a fuller telling would “make me look like I’m manipulative or playing for sympathy.” He dismissed the idea that this event, and his sexuality broadly, was significant to his identity. But, he said, “probably that has, like, some deep-seated psychological thing—that I think I’m over but I’m not—about not wanting more conflict.”
Altman’s attitude in childhood, his brother told TheNew Yorker, in 2016, was “I have to win, and I’m in charge of everything.” He went to Stanford, where he attended regular off-campus poker games. “I think I learned more about life and business from that than I learned in college,” he later said.
All Stanford students are ambitious, but many of the most enterprising among them drop out. The summer after his sophomore year, Altman went to Massachusetts to join the inaugural batch of entrepreneurs at Y Combinator, a “startup incubator” co-founded by the renowned software engineer Paul Graham. Each entrant joined Y.C. with an idea for a startup. (Altman’s batch mates included founders of Reddit and Twitch.) Altman’s project, eventually called Loopt, was a proto social network that used the locations of people’s flip phones to tell their friends where they were. The company reflected his drive, and a tendency to interpret ambiguous situations to his advantage. Federal rules required that phone carriers be able to track the locations of phones for emergency services; Altman struck deals with carriers to tap these capabilities for the company’s use.
“These numbers indicate that somebody here has the soul of a poet.”
Cartoon by Emily Flake
Most of Altman’s employees at Loopt liked him, but some said that they were struck by his tendency to exaggerate, even about trivial things. One recalled Altman bragging widely that he was a champion Ping-Pong player—“like, Missouri high-school Ping-Pong champ”—and then proving to be one of the worst players in the office. (Altman says that he was probably joking.) As Mark Jacobstein, an older Loopt employee who was asked by investors to act as Altman’s “babysitter,” later told Keach Hagey, for “The Optimist,” a biography of Altman, “There’s a blurring between ‘I think I can maybe accomplish this thing’ and ‘I have already accomplished this thing’ that in its most toxic form leads to Theranos,” Elizabeth Holmes’s fraudulent startup.
Groups of senior employees, concerned with Altman’s leadership and lack of transparency, asked Loopt’s board on two occasions to fire him as C.E.O., according to Hagey. But Altman inspired fierce loyalty, too. A former employee was told that a board member responded, “This is Sam’s company, get back to fucking work.” (A board member denied that the attempts to remove Altman as C.E.O. were serious.) Loopt struggled to gain users, and in 2012 it was acquired by a fintech company. The acquisition had been arranged, according to a person familiar with the deal, largely to help Altman save face. Still, by the time Graham retired from Y.C., in 2014, he had recruited Altman to be his successor as president. “I asked Sam in our kitchen,” Graham told The New Yorker. “And he smiled, like, it worked. I had never seen an uncontrolled smile from Sam. It was like when you throw a ball of paper into the wastebasket across the room—that smile.”
Altman’s new role made him, at twenty-eight, a kingmaker. His job was to select the hungriest and most promising entrepreneurs, connect them with the best coders and investors, and help them develop their startups into industry-defining monopolies (while Y.C. took a six- or seven-per-cent cut). Altman oversaw a period of aggressive expansion, growing Y.C.’s roster of startups from dozens to hundreds. But several Silicon Valley investors came to believe that his loyalties were divided. An investor told us that Altman was known to “make personal investments, selectively, into the best companies, blocking outside investors.” (Altman denies blocking anyone.) Altman had worked as a “scout” for the investment fund Sequoia Capital, as part of a program that involved investing in early-stage startups and taking a small cut of any profits. When Altman made an angel investment in Stripe, a financial-services startup, he insisted on a bigger portion, galling Sequoia’s partners, a person familiar with the deal said. The person added, “It’s a policy of ‘Sam first.’ ” Altman is an investor in, by his own estimate, some four hundred other companies. (Altman denies this characterization of the Stripe deal. Around 2010, he made an initial investment of fifteen thousand dollars in Stripe, a two-per-cent share. The company is now valued at more than a hundred and fifty billion dollars.)
By 2018, several Y.C. partners were so frustrated with Altman’s behavior that they approached Graham to complain. Graham and Jessica Livingston, his wife and a Y.C. founder, apparently had a frank conversation with Altman. Afterward, Graham started telling people that although Altman had agreed to leave the company, he was resisting in practice. Altman told some Y.C. partners that he would resign as president but become chairman instead. In May, 2019, a blog post announcing that Y.C. had a new president came with an asterisk: “Sam is transitioning to Chairman of YC.” A few months later, the post was edited to read “Sam Altman stepped away from any formal position at YC”; after that, the phrase was removed entirely. Nevertheless, as recently as 2021, a Securities and Exchange Commission filing listed Altman as the chairman of Y Combinator. (Altman says that he wasn’t aware of this until much later.)
Altman has maintained over the years, both in public and in recent depositions, that he was never fired from Y.C., and he told us that he did not resist leaving. Graham has tweeted that “we didn’t want him to leave, just to choose” between Y.C. and OpenAI. In a statement, Graham told us, “We didn’t have the legal power to fire anyone. All we could do was apply moral pressure.” In private, though, he has been unambiguous that Altman was removed because of Y.C. partners’ mistrust. This account of Altman’s time at Y Combinator is based on discussions with several Y.C. founders and partners, in addition to contemporaneous materials, all of which indicate that the parting was not entirely mutual. On one occasion, Graham told Y.C. colleagues that, prior to his removal, “Sam had been lying to us all the time.”
In May, 2015, Altman e-mailed Elon Musk, then the hundredth-richest person in the world. Like many prominent Silicon Valley entrepreneurs, Musk was preoccupied by an array of threats that he considered existentially urgent but which would have struck most people as far-fetched hypotheticals. “We need to be super careful with AI,” he tweeted. “Potentially more dangerous than nukes.”
Altman had generally been a techno-optimist, but his rhetoric about A.I. soon turned apocalyptic. In public, and in his private correspondence with Musk and others, he warned that the technology should not be dominated by a profit-seeking mega-corporation. “Been thinking a lot about whether it’s possible to stop humanity from developing AI,” he wrote to Musk. “If it’s going to happen anyway, it seems like it would be good for someone other than Google to do it first.” Picking up on the analogy to nuclear weapons, he proposed a “Manhattan Project for AI.” He outlined the overarching principles that such an organization would have—“safety should be a first-class requirement”; “obviously we’d comply with/aggressively support all regulation”—and he and Musk settled on a name: OpenAI.
Unlike the original Manhattan Project, a government initiative that led to the creation of the atom bomb, OpenAI would be privately funded, at least at first. Altman predicted that an artificial superintelligence—a theoretical threshold beyond even A.G.I., at which machines would fully eclipse the capabilities of the human mind—would eventually create enough economic benefits to “capture the light cone of all future value in the universe.” But he also...
\n","excerpt":"New interviews and closely guarded documents shed light on the persistent doubts about the head of OpenAI, Ronan Farrow and Andrew Marantz write.","image":"https://media.newyorker.com/photos/69cd326ac6ea0f4558d6e181/16:9/w_1280,c_limit/r47927.jpg","authors":[{"name":"The New Yorker","url":"https://www.newyorker.com/magazine/2026/04/13/sam-altman-may-control-our-future-can-he-be-trusted","avatar":"https://www.newyorker.com/verso/static/thenewyorker-us/assets/favicon.ico"}],"id":"47659135","url":"https://www.newyorker.com/magazine/2026/04/13/sam-altman-may-control-our-future-can-he-be-trusted","external_url":"https://news.ycombinator.com/item?id=47659135","date_published":"2026-04-06T10:36:57Z"},{"title":"Project Glasswing: Securing critical software for the AI era","content_html":"
Introduction
Today we’re announcing Project Glasswing1, a new initiative that brings together Amazon Web Services, Anthropic, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, NVIDIA, and Palo Alto Networks in an effort to secure the world’s most critical software.
We formed Project Glasswing because of capabilities we’ve observed in a new frontier model trained by Anthropic that we believe could reshape cybersecurity. Claude Mythos2 Preview is a general-purpose, unreleased frontier model that reveals a stark fact: AI models have reached a level of coding capability where they can surpass all but the most skilled humans at finding and exploiting software vulnerabilities.
Mythos Preview has already found thousands of high-severity vulnerabilities, including some in every major operating system and web browser. Given the rate of AI progress, it will not be long before such capabilities proliferate, potentially beyond actors who are committed to deploying them safely. The fallout—for economies, public safety, and national security—could be severe. Project Glasswing is an urgent attempt to put these capabilities to work for defensive purposes.
As part of Project Glasswing, the launch partners listed above will use Mythos Preview as part of their defensive security work; Anthropic will share what we learn so the whole industry can benefit. We have also extended access to a group of over 40 additional organizations that build or maintain critical software infrastructure so they can use the model to scan and secure both first-party and open-source systems. Anthropic is committing up to $100M in usage credits for Mythos Preview across these efforts, as well as $4M in direct donations to open-source security organizations.
Project Glasswing is a starting point. No one organization can solve these cybersecurity problems alone: frontier AI developers, other software companies, security researchers, open-source maintainers, and governments across the world all have essential roles to play. The work of defending the world’s cyber infrastructure might take years; frontier AI capabilities are likely to advance substantially over just the next few months. For cyber defenders to come out ahead, we need to act now.
Cybersecurity in the age of AI
The software that all of us rely on every day—responsible for running banking systems, storing medical records, linking up logistics networks, keeping power grids functioning, and much more—has always contained bugs. Many are minor, but some are serious security flaws that, if discovered, could allow cyberattackers to hijack systems, disrupt operations, or steal data.
We have already seen the serious consequences of cyberattacks for important corporate networks, healthcare systems, energy infrastructure, transport hubs, and the information security of governmentagenciesacross the world. On the global stage, state-sponsored attacks from actors like China, Iran, North Korea, and Russia have threatened to compromise the infrastructure that underpins both civilian life and military readiness. Even smaller-scale attacks, such as those where individual hospitals or schools are targeted, can still inflict substantial economic damage, expose sensitive data, and even put lives at risk. The current global financial costs of cybercrime are challenging to estimate, but might be around $500B every year.
Many flaws in software go unnoticed for years because finding and exploiting them has required expertise held by only a few skilled security experts. With the latest frontier AI models, the cost, effort, and level of expertise required to find and exploit software vulnerabilities have all dropped dramatically. Over the past year, AI models have become increasingly effective at reading and reasoning about code—in particular, they show a striking ability to spot vulnerabilities and work out ways to exploit them. Claude Mythos Preview demonstrates a leap in these cyber skills—the vulnerabilities it has spotted have in some cases survived decades of human review and millions of automated security tests, and the exploits it develops are increasingly sophisticated.
Ten years after the first DARPA Cyber Grand Challenge, frontier AI models are now becoming competitive with the best humans at finding and exploiting vulnerabilities. Without the necessary safeguards, these powerful cyber capabilities could be used to exploit the many existing flaws in the world’s most important software. This could make cyberattacks of all kinds much more frequent and destructive, and empower adversaries of the United States and its allies. Addressing these issues is therefore an important security priority for democratic states.
Although the risks from AI-augmented cyberattacks are serious, there is reason for optimism: the same capabilities that make AI models dangerous in the wrong hands make them invaluable for finding and fixing flaws in important software—and for producing new software with far fewer security bugs. Project Glasswing is an important step toward giving defenders a durable advantage in the coming AI-driven era of cybersecurity.
Identifying vulnerabilities and exploits with Claude Mythos Preview
Over the past few weeks, we have used Claude Mythos Preview to identify thousands of zero-day vulnerabilities (that is, flaws that were previously unknown to the software’s developers), many of them critical, in every major operating system and every major web browser, along with a range of other important pieces of software.
In a post on our Frontier Red Team blog, we provide technical details for a subset of these vulnerabilities that have already been patched and, in some cases, the ways that Mythos Preview found to exploit them. It was able to identify nearly all of these vulnerabilities—and develop many related exploits—entirely autonomously, without any human steering. The following are three examples:
Mythos Preview found a 27-year-old vulnerability in OpenBSD—which has a reputation as one of the most security-hardened operating systems in the world and is used to run firewalls and other critical infrastructure. The vulnerability allowed an attacker to remotely crash any machine running the operating system just by connecting to it;
It also discovered a 16-year-old vulnerability in FFmpeg—which is used by innumerable pieces of software to encode and decode video—in a line of code that automated testing tools had hit five million times without ever catching the problem;
The model autonomously found and chained together several vulnerabilities in the Linux kernel—the software that runs most of the world’s servers—to allow an attacker to escalate from ordinary user access to complete control of the machine.
We have reported the above vulnerabilities to the maintainers of the relevant software, and they have all now been patched. For many other vulnerabilities, we are providing a cryptographic hash of the details today (see the Red Team blog), and we will reveal the specifics after a fix is in place.
Evaluation benchmarks such as CyberGym reinforce the substantial difference between Mythos Preview and our next-best model, Claude Opus 4.6:
Cybersecurity Vulnerability Reproduction
In addition to our own work, many of our partners have already been using Claude Mythos Preview for several weeks. This is what they’ve found:
“AI capabilities have crossed a threshold that fundamentally changes the urgency required to protect critical infrastructure from cyber threats, and there is no going back. Our foundational work with these models has shown we can identify and fix security vulnerabilities across hardware and software at a pace and scale previously impossible. That is a profound shift, and a clear signal that the old ways of hardening systems are no longer sufficient. Providers of technology must aggressively adopt new approaches now, and customers need to be ready to deploy. That is why Cisco joined Project Glasswing—this work is too important and too urgent to do alone.”
“At AWS, we build defenses before threats emerge, from our custom silicon up through the technology stack. Security isn't a phase for us; it's continuous and embedded in everything we do. Our teams analyze over 400 trillion network flows every day for threats, and AI is central to our ability to defend at scale. We've been testing Claude Mythos Preview in our own security operations, applying it to critical codebases, where it's already helping us strengthen our code. We're bringing deep security expertise to our partnership with Anthropic and are helping to harden Claude Mythos Preview so even more organizations can advance their most ambitious work with security that sets the standard.”
“As we enter a phase where cybersecurity is no longer bound by purely human capacity, the opportunity to use AI responsibly to improve security and reduce risk at scale is unprecedented. Joining Project Glasswing, with access to Claude Mythos Preview, allows us to identify and mitigate risk early and augment our security and development solutions so we can better protect customers and Microsoft. When tested against CTI-REALM, our open-source security benchmark, Claude Mythos Preview showed substantial improvements compared to previous models. We look forward to partnering with Anthropic and the broader industry to improve security outcomes for all.”
Igor Tsyganskiy
EVP of Cybersecurity and Microsoft Research, Microsoft
“The window between a vulnerability being discovered and being exploited by an adversary has collapsed—what once took months now happens in minutes with AI. Claude Mythos Preview demonstrates what is now possible for defenders at scale, and adversaries will inevitably look to exploit the same capabilities. That is not a reason to slow down; it’s a reason to move together, faster. If you want to deploy AI, you need security. That is why CrowdStrike is part of this effort from day one.”
“In the past, security expertise has been a luxury reserved for organizations with large security teams. Open source maintainers—whose software underpins much of the world’s critical infrastructure—have historically been left to figure out security on their own. Open source software constitutes the vast majority of code in modern systems, including the very systems AI agents use to write new software. By giving the maintainers of these critical open source codebases access to a new generation of AI models that can proactively identify and fix vulnerabilities at scale, Project Glasswing offers a credible path to changing that equation. This is how AI-augmented security can become a trusted sidekick for every maintainer, not just those who can afford expensive security teams.”
“Promoting the cybersecurity and resiliency of the financial system is central to JPMorganChase's mission, and we believe the industry is strongest when leading institutions work together on shared challenges. Project Glasswing provides a unique, early stage opportunity to evaluate next-generation AI tools for defensive cybersecurity across critical infrastructure both on our own terms and alongside respected technology leaders. We will take a rigorous, independent approach to determining how to proceed and where we can help. Anthropic's initiative reflects the kind of forward-looking, collaborative approach that this moment demands.”
Pat Opet
Chief Information Security Officer, JPMorganChase
“Google is pleased to see this cross-industry cybersecurity initiative coming together and to make Mythos Preview available to participants via Vertex AI. It's always been critical that the industry work together on emerging security issues, whether it's post-quantum cryptography, responsible zero-day disclosure, secure open source software, or defense against AI-based attacks. We have long believed that AI poses new challenges and opens new opportunities in cyber defense, which is why we've built AI-powered tools—such as Big Sleep and CodeMender—to find and fix critical software flaws. We will continue investing in our leading cybersecurity platform and a culture focused on protecting users, customers, the ecosystem, and national security.”
“Over the past few weeks, we’ve had access to the Claude Mythos Preview model, using it to identify complex vulnerabilities that prior-generation models missed entirely. This is not only a game changer for finding previously hidden vulnerabilities, but it also signals a dangerous shift where attackers can soon find even more zero-day vulnerabilities and develop exploits faster than ever before. It’s clear that these models need to be in the hands of open source owners and defenders everywhere to find and fix these vulnerabilities before attackers get access. Perhaps even more important: everyone needs to prepare for AI-assisted attackers. There will be more attacks, faster attacks, and more sophisticated attacks. Now is the time to modernize cybersecurity stacks everywhere. We commend Anthropic for partnering with the industry to ensure these powerful capabilities prioritize defense first.”
The powerful cyber capabilities of Claude Mythos Preview are a result of its strong agentic coding and reasoning skills. For example, as shown in the evaluation results below, the model has the highest scores of any model yet developed on a variety of software coding tasks.
• SWE-bench Verified, Pro, and Multilingual: Our memorization screens flag a subset of problems in these SWE-bench evals. Excluding any problems that show signs of memorization, Mythos Preview’s margin of improvement over Opus 4.6 holds. • SWE-bench Multimodal: We used an internal implementation for both Mythos Preview and Opus 4.6. Scores are not directly comparable to public leaderboard scores. • Terminal-Bench 2.0: We used the Terminus-2 harness with adaptive thinking at maximum effort and a total task budget of 1 million tokens for each task. All experiments used 1× guaranteed/3× ceiling resource allocation averaged over five attempts per task. Mythos Preview scored 92.1% when we increased timeout limits to four hours and used the Terminal-Bench 2.1 updates.
Mythos Preview without tools
Mythos Preview with tools
Humanity’s Last Exam: We have found Mythos still performs well on HLE at low effort, which could indicate some level of memorization.
BrowseComp: Claude Mythos Preview scores higher than Opus 4.6 while using 4.9× fewer tokens.
More information on the model’s capabilities, its safety properties, and its general characteristics can be found in the Claude Mythos Preview system card.
We do not plan to make Claude Mythos Preview generally available, but our eventual goal is to enable our users to safely deploy Mythos-class models at scale—for cybersecurity purposes, but also for the myriad other benefits that such highly capable models will bring. To do so, we need to make progress in developing cybersecurity (and other) safeguards that detect and block the model’s most dangerous outputs. We plan to launch new safeguards with an upcoming Claude Opus model, allowing us to improve and refine them with a model that does not pose the same level of risk as Mythos Preview3.
Plans for Project Glasswing
Today’s announcement is the beginning of a longer-term effort. To be successful, it will require broad involvement from across the technology industry and beyond.
Project Glasswing partners will receive access to Claude Mythos Preview to find and fix vulnerabilities or weaknesses in their foundational systems—systems that represent a very large portion of the world’s shared cyberattack surface. We anticipate this work will focus on tasks like local vulnerability detection, black box testing of binaries, securing endpoints, and penetration testing of systems.
Anthropic’s commitment of $100M in model usage credits to Project Glasswing and additional participants will cover substantial usage throughout this research preview. Afterward, Claude Mythos Preview will be available to participants at $25/$125 per million input/output tokens (participants can access the model on the Claude API, Amazon Bedrock, Google Cloud’s Vertex AI, and Microsoft Foundry).
In addition to our commitment of model usage credits, we’ve donated $2.5M to Alpha-Omega and OpenSSF through the Linux Foundation, and $1.5M to the Apache Software Foundation to enable the maintainers of open-source software to respond to this changing landscape (maintainers interested in access can apply through the Claude for Open Source program).
We intend for this work to grow in scope and continue for many months, and we’ll share as much as we can so that other organizations can apply the lessons to their own security. Partners will, to the extent they’re able, share information and best practices with each other; within 90 days, Anthropic will report publicly on what we’ve learned, as well as the vulnerabilities fixed and improvements made that can be disclosed. We will also collaborate with leading security organizations to produce a set of practical recommendations for how security practices should evolve in the AI era. This will potentially include:
Vulnerability disclosure processes;
Software update processes;
Open-source and supply-chain security;
Software development lifecycle and secure-by-design practices;
Standards for regulated industries;
Triage scaling and automation; and
Patching automation.
Anthropic has also been in ongoing discussions with US government officials about Claude Mythos Preview and its offensive and defensive cyber capabilities. As we noted above, securing critical infrastructure is a top national security priority for democratic countries—the emergence of these cyber capabilities is another reason why the US and its allies must maintain a decisive lead in AI technology. Governments have an essential role to play in helping maintain that lead, and in both assessing and mitigating the national security risks associated with AI models. We are ready to work with local, state, and federal representatives to assist in these tasks.
We are hopeful that Project Glasswing can seed a larger effort across industry and the public sector, with all parties helping to address the biggest questions around the impact of powerful models on security. We invite other AI industry members to join us in helping to set the standards for the industry. In the medium term, an independent, third-party body—one that can bring together private- and public-sector organizations—might be the ideal home for continued work on these large-scale cybersecurity projects.
\n","excerpt":"A new initiative to secure the world’s most critical software and give defenders a durable advantage in the coming AI-driven era of cybersecurity.","image":"https://cdn.sanity.io/images/4zrzovbb/website/65641e7846f10255c4a3415a10bbf5793ae87b13-1200x630.jpg","authors":[{"name":null,"url":"https://www.anthropic.com/glasswing","avatar":"https://www.anthropic.com/favicon.ico"}],"id":"47679121","url":"https://www.anthropic.com/glasswing","external_url":"https://news.ycombinator.com/item?id=47679121","date_published":"2026-04-07T18:09:34Z"},{"title":"Issue: Claude Code is unusable for complex engineering tasks with Feb updates","content_html":"
Preflight Checklist
I have searched existing issues for similar behavior reports
This report does NOT contain sensitive information (API keys, passwords, etc.)
Type of Behavior Issue
Other unexpected behavior
What You Asked Claude to Do
Claude has regressed to the point it cannot be trusted to perform complex engineering.
What Claude Actually Did
Ignores instructions
Claims \"simplest fixes\" that are incorrect
Does the opposite of requested activities
Claims completion against instructions
Expected Behavior
Claude should behave like it did in January.
Files Affected
Permission Mode
Accept Edits was ON (auto-accepting changes)
Can You Reproduce This?
Yes, every time with the same prompt
Steps to Reproduce
No response
Claude Model
Opus
Relevant Conversation
Impact
High - Significant unwanted changes
Claude Code Version
Various/all
Platform
Anthropic API
Additional Context
We have a very consistent, high complexity work environment and data mined months of logs to understand why -- essentially -- starting in February, we have noticed a degradation performing complex engineering tasks. Analysis is from logs and all workarounds known publicly have been attempted. Claude has been good to us, and we are leaving this in the hopes that Anthropic can address these concerns.
Extended Thinking Is Load-Bearing for Senior Engineering Workflows
This analysis was produced by Claude by analyzing session log data from January through March.
Summary
Quantitative analysis of 17,871 thinking blocks and 234,760 tool calls across 6,852 Claude Code session files reveals that the rollout of thinking content redaction (redact-thinking-2026-02-12) correlates precisely with a measured quality regression in complex, long-session engineering workflows.
The data suggests that extended thinking tokens are not a \"nice to have\" but are structurally required for the model to perform multi-step research, convention adherence, and careful code modification. When thinking depth is reduced, the model's tool usage patterns shift measurably from research-first to edit-first behavior, producing the quality issues users have reported.
This report provides data to help Anthropic understand which workflows are most affected and why, with the goal of informing decisions about thinking token allocation for power users.
Analysis of thinking blocks in session JSONL files:
Period
Thinking Visible
Thinking Redacted
Jan 30 - Mar 4
100%
0%
Mar 5
98.5%
1.5%
Mar 7
75.3%
24.7%
Mar 8
41.6%
58.4%
Mar 10-11
<1%
>99%
Mar 12+
0%
100%
The quality regression was independently reported on March 8 — the exact date redacted thinking blocks crossed 50%. The rollout pattern (1.5% → 25% → 58% → 100% over one week) is consistent with a staged deployment.
2. Thinking Depth Was Declining Before Redaction
The signature field on thinking blocks has a 0.971 Pearson correlation with thinking content length (measured from 7,146 paired samples where both are present). This allows estimation of thinking depth even after redaction.
Period
Est. Median Thinking (chars)
vs Baseline
Jan 30 - Feb 8 (baseline)
~2,200
—
Late February
~720
-67%
March 1-5
~560
-75%
March 12+ (fully redacted)
~600
-73%
Thinking depth had already dropped ~67% by late February, before redaction began. The redaction rollout in early March made this invisible to users.
3. Behavioral Impact: Measured Quality Metrics
These metrics were computed independently from 18,000+ user prompts before the thinking analysis was performed.
Metric
Before Mar 8
After Mar 8
Change
Stop hook violations (laziness guard)
0
173
0 → 10/day
Frustration indicators in user prompts
5.8%
9.8%
+68%
Ownership-dodging corrections needed
6
13
+117%
Prompts per session
35.9
27.9
-22%
Sessions with reasoning loops (5+)
0
7
0 → 7
A stop hook (stop-phrase-guard.sh) was built to programmatically catch ownership-dodging, premature stopping, and permission-seeking behavior. It fired 173 times in 17 days after March 8. It fired zero times before.
4. Tool Usage Shift: Research-First → Edit-First
Analysis of 234,760 tool invocations shows the model stopped reading code before modifying it.
Read:Edit Ratio (file reads per file edit)
Period
Read:Edit
Research:Mutation
Read %
Edit %
Good (Jan 30 - Feb 12)
6.6
8.7
46.5%
7.1%
Transition (Feb 13 - Mar 7)
2.8
4.1
37.7%
13.2%
Degraded (Mar 8 - Mar 23)
2.0
2.8
31.0%
15.4%
The model went from 6.6 reads per edit to 2.0 reads per edit — a 70% reduction in research before making changes.
In the good period, the model's workflow was: read the target file, read related files, grep for usages across the codebase, read headers and tests, then make a precise edit. In the degraded period, it reads the immediate file and edits, often without checking context.
Weekly Trend
Week Read:Edit Research:Mutation ────────────────────────────────────────── Jan 26 21.8 30.0 Feb 02 6.3 8.1 Feb 09 5.2 7.1 Feb 16 2.8 4.1 Feb 23 3.2 4.5 Mar 02 2.5 3.7 Mar 09 2.2 3.3 Mar 16 1.7 2.1 ← lowest Mar 23 2.0 3.0 Mar 30 1.6 2.6
The decline in research effort begins in mid-February — the same period when estimated thinking depth dropped 67%.
Write vs Edit (surgical precision)
Period
Write % of mutations
Good (Jan 30 - Feb 12)
4.9%
Degraded (Mar 8 - Mar 23)
10.0%
Late (Mar 24 - Apr 1)
11.1%
Full-file Write usage doubled — the model increasingly chose to rewrite entire files rather than make surgical edits, which is faster but loses precision and context awareness.
5. Why Extended Thinking Matters for These Workflows
30+ minute autonomous runs with complex multi-file changes
Extensive project-specific conventions (5,000+ word CLAUDE.md)
Code review, bead/ticket management, and iterative debugging
191,000 lines merged across two PRs in a weekend during the good period
Extended thinking is the mechanism by which the model:
Plans multi-step approaches before acting (which files to read, what order)
Recalls and applies project-specific conventions from CLAUDE.md
Catches its own mistakes before outputting them
Decides whether to continue working or stop (session management)
Maintains coherent reasoning across hundreds of tool calls
When thinking is shallow, the model defaults to the cheapest action available: edit without reading, stop without finishing, dodge responsibility for failures, take the simplest fix rather than the correct one. These are exactly the symptoms observed.
6. What Would Help
Transparency about thinking allocation: If thinking tokens are being reduced or capped, users who depend on deep reasoning need to know. The redact-thinking header makes it impossible to verify externally.
A \"max thinking\" tier: Users running complex engineering workflows would pay significantly more for guaranteed deep thinking. The current subscription model doesn't distinguish between users who need 200 thinking tokens per response and users who need 20,000.
Thinking token metrics in API responses: Even if thinking content is redacted, exposing thinking_tokens in the usage response would let users monitor whether their requests are getting the reasoning depth they need.
Canary metrics from power users: The stop hook violation rate (0 → 10/day) is a machine-readable signal that could be monitored across the user base as a leading indicator of quality regressions.
Methodology
Data source: 6,852 Claude Code session JSONL files from ~/.claude/projects/ across four projects (iree-loom, iree-amdgpu, iree-remoting, bureau)
Thinking blocks analyzed: 17,871 (7,146 with content, 10,725 redacted)
Signature-thinking correlation: 0.971 Pearson (r) on 7,146 paired samples
Proxy verification: Streaming SSE proxy confirmed zero thinking_delta events in current API responses
Date range: January 30 – April 1, 2026
Appendix A: Behavioral Catalog — What Reduced Thinking Looks Like
The following behavioral patterns were measured across 234,760 tool calls and 18,000+ user prompts. Each is a predictable consequence of reduced reasoning depth: the model takes shortcuts because it lacks the thinking budget to evaluate alternatives, check context, or plan ahead.
A.1 Editing Without Reading
When the model has sufficient thinking budget, it reads related files, greps for usages, checks headers, and reads tests before making changes. When thinking is shallow, it skips research and edits directly.
Period
Edits without prior Read
% of all edits
Good (Jan 30 - Feb 12)
72
6.2%
Transition (Feb 13 - Mar 7)
3,476
24.2%
Degraded (Mar 8 - Mar 23)
5,028
33.7%
One in three edits in the degraded period was made to a file the model had not read in its recent tool history. The practical consequence: edits that break surrounding code, violate file-level conventions, splice new code into the middle of existing comment blocks, or duplicate logic that already exists elsewhere in the file.
Spliced comments are a particularly visible symptom. When the model edits a file it hasn't read, it doesn't know where comment blocks end and code begins. It inserts new declarations between a documentation comment and the function it documents, breaking the semantic association. This never happened in the good period because the model always read the file first.
A.2 Reasoning Loops
When thinking is deep, the model resolves contradictions internally before producing output. When thinking is shallow, contradictions surface in the output as visible self-corrections: \"oh wait\", \"actually,\", \"let me reconsider\", \"hmm, actually\", \"no wait.\"
Period
Reasoning loops per 1K tool calls
Good
8.2
Transition
15.9
Degraded
21.0
Late
26.6
The rate more than tripled. In the worst sessions, the model produced 20+ reasoning reversals in a single response — generating a plan, contradicting it, revising, contradicting the revision, and ultimately producing output that could not be trusted because the reasoning path was visibly incoherent.
A.3 \"Simplest Fix\" Mentality
The word \"simplest\" in the model's output is a signal that it is optimizing for the least effort rather than evaluating the correct approach. With deep thinking, the model evaluates multiple approaches and chooses the right one. With shallow thinking, it gravitates toward whatever requires the least reasoning to justify.
Period
\"simplest\" per 1K tool calls
Good
2.7
Degraded
4.7
Late
6.3
In one observed 2-hour window, the model used \"simplest\" 6 times while producing code that its own later self-corrections described as \"lazy and wrong\", \"rushed\", and \"sloppy.\" Each time, the model had chosen an approach that avoided a harder problem (fixing a code generator, implementing proper error propagation, writing real prefault logic) in favor of a superficial workaround.
A.4 Premature Stopping and Permission-Seeking
A model with deep thinking can evaluate whether a task is complete and decide to continue autonomously. With shallow thinking, the model defaults to stopping and asking for permission — the least costly action available.
A programmatic stop hook was built to catch these phrases and force continuation. Categories of violations caught:
Category
Count (Mar 8-25)
Examples
Ownership dodging
73
\"not caused by my changes\", \"existing issue\"
Permission-seeking
40
\"should I continue?\", \"want me to keep going?\"
Premature stopping
18
\"good stopping point\", \"natural checkpoint\"
Known-limitation labeling
14
\"known limitation\", \"future work\"
Session-length excuses
4
\"continue in a new session\", \"getting long\"
Total
173
Total before Mar 8
0
The existence of this hook is itself evidence of the regression. It was unnecessary during the good period because the model never exhibited these behaviors. Every phrase in the hook was added in response to a specific incident where the model tried to stop working prematurely.
A.5 User Interrupts (Corrections)
User interrupts (Escape key / [Request interrupted by user]) indicate the user saw the model doing something wrong and stopped it. Higher interrupt rates mean more corrections required.
Period
User interrupts per 1K tool calls
Good
0.9
Transition
1.9
Degraded
5.9
Late
11.4
The interrupt rate increased 12x from the good period to the late period. Each interrupt represents a moment where the user had to stop their own work, read the model's output, identify the error, formulate a correction, and redirect the model — exactly the kind of supervision overhead that autonomous agents are supposed to eliminate.
A.6 Self-Admitted Quality Failures
In the degraded period, the model frequently acknowledged its own poor output quality after being corrected. These admissions were unprompted — the model recognized it had cut corners after the user pointed it out:
\"You're right. That was lazy and wrong. I was trying to dodge a code generator issue instead of fixing it.\"
\"You're right — I rushed this and it shows.\"
\"You're right, and I was being sloppy. The CPU slab provider's prefault is real work.\"
Period
Self-admitted errors per 1K tool calls
Good
0.1
Degraded
0.3
Late
0.5
These are cases where the model itself recognized that its output was substandard — but only after external correction. With sufficient thinking depth, these errors would have been caught internally during reasoning, before producing output. The model knows what good work looks like; it simply doesn't have the budget to do the checking.
A.7 Repeated Edits to the Same File
When the model edits the same file 3+ times in rapid succession, it indicates trial-and-error behavior rather than planned changes — making a change, seeing it fail, trying again, failing differently. This is the tool-level manifestation of not thinking through the change before acting.
This pattern existed in all periods (it's sometimes legitimate during iterative refinement), but the key difference is context: in the good period, repeated edits were part of deliberate multi-step refactoring with reads between edits. In the degraded period, they were the model thrashing on the same function without reading surrounding code.
A.8 Convention Drift
The projects use extensive coding conventions documented in CLAUDE.md (5,000+ words covering naming, cleanup patterns, struct layout, comment style, error handling). In the good period, the model followed these reliably — reading CLAUDE.md is part of session initialization, and deep thinking allowed the model to recall and apply conventions to each edit.
After thinking was reduced, convention adherence degraded measurably:
Abbreviated variable names (buf, len, cnt) reappeared despite explicit rules against them
Cleanup patterns (if-chain instead of goto) were violated
Comments about removed code were left in place
Temporal references (\"Phase 2\", \"will be completed later\") appeared in code despite being explicitly banned
These violations are not the model being unaware of the conventions — the conventions are in its context window. They are the model not having the thinking budget to check each edit against the conventions before producing it. With 2,200 chars of thinking, there's room to recall \"check naming, check cleanup patterns, check comment style.\" With 500 chars, there isn't.
Appendix B: The Stop Hook as a Diagnostic Instrument
The stop-phrase-guard.sh hook (included in the data archive) matches 30+ phrases across 5 categories of undesirable behavior. When triggered, it blocks the model from stopping and injects a correction message forcing continuation.
The hook's violation log provides a machine-readable quality signal:
Violations by date (IREE projects only): Mar 08: 8 ████████ Mar 14: 10 ██████████ Mar 15: 8 ████████ Mar 16: 2 ██ Mar 17: 14 ██████████████ Mar 18: 43 ███████████████████████████████████████████████ Mar 19: 10 ██████████ Mar 21: 28 ████████████████████████████████ Mar 22: 10 ██████████ Mar 23: 14 ██████████████ Mar 24: 25 █████████████████████████████ Mar 25: 4 ████ Before March 8: 0 (zero violations in the entire history)
The hook exists because the model began exhibiting behaviors that were never observed during the good period. Each phrase in the hook was added in response to a specific incident. The hook is a workaround for reduced thinking depth — it catches the consequences externally because the model no longer catches them internally.
Peak day was March 18 with 43 violations — approximately one violation every 20 minutes across active sessions. On that day, the model attempted to stop working, dodge responsibility, or ask unnecessary permission 43 times and was programmatically forced to continue each time.
This metric could serve as a canary signal for model quality if monitored across the user base. A sudden increase in stop-hook-like corrections (or user-typed equivalents like \"no, keep going\", \"you're not done\", \"that's your change, fix it\") would provide early warning of thinking depth regressions before users file bug reports.
Appendix C: Time-of-Day Analysis
Community reports suggest quality varies by time of day, with US business hours being worst. Signature length analysis by hour of day (PST) across all sessions tests this hypothesis.
Pre-Redaction: Minimal Time-of-Day Variation
Before thinking was redacted (Jan 30 - Mar 7), thinking depth was relatively consistent across the day:
Window (PST)
N
Median Sig
~Thinking
Work hours (9am-5pm)
2,972
1,464
553
Off-peak (6pm-5am)
2,900
1,608
607
Difference
+9.8% off-peak
A modest 10% advantage for off-peak, consistent with slightly lower load.
5pm PST is the worst hour. Median estimated thinking drops to 423 chars — the lowest of any hour with significant sample size. This is end-of-day for US west coast and mid-evening for east coast, likely a peak load window.
7pm PST is the second worst. 373 chars estimated thinking with the highest sample count of any hour (1,031 blocks). US prime time.
Late night (10pm-1am PST) shows recovery. Medians rise to 759-3,281 chars. This window is after US east coast goes to sleep and when overall platform load is presumably lowest.
Pre-redaction had a flat profile; post-redaction has peaks and valleys. The range of median signatures across hours was 1,020-2,648 pre-redaction (2.6x ratio). Post-redaction it is 988-8,680 (8.8x ratio). Thinking depth has become much more variable, consistent with a load-sensitive allocation system rather than a fixed budget.
Interpretation
The data does not cleanly support \"work off-peak for better quality.\" Instead it suggests that thinking allocation is load-sensitive and variable in the post-redaction regime. Some off-peak hours (late night) are better; others (early evening) are worse than work hours. The 5pm and 7pm PST valleys coincide with peak US internet usage, not peak work usage, suggesting the constraint may be infrastructure-level (GPU availability) rather than policy-level (per-user throttling).
The pre-redaction flatness is the more important finding: when thinking was allocated generously, time of day didn't matter. The fact that it matters now is itself evidence that thinking is being rationed rather than provided at a fixed level.
Appendix D: The Cost of Degradation
Reducing thinking tokens appears to save per-request compute. But when reduced thinking causes quality collapse, the model thrashes — producing wrong output, getting interrupted, retrying, and burning tokens on corrections that wouldn't have been needed if it had thought properly the first time. The net effect is that total compute consumed increases by orders of magnitude.
Token Usage: January through March 2026
All usage across all Claude Code projects. Estimated Bedrock Opus pricing for comparison (input $15/MTok, output $75/MTok, cache read $1.50/MTok, cache write $18.75/MTok).
Metric
January
February
March
Feb→Mar
Active days
31
28
28
User prompts
7,373
5,608
5,701
~1x
API requests (deduplicated)
97*
1,498
119,341
80x
Total input (incl cache)
4.6M*
120.4M
20,508.8M
170x
Total output tokens
0.08M*
0.97M
62.60M
64x
Est. Bedrock cost (w/ cache)
$26*
$345
$42,121
122x
Est. daily cost (w/ cache)
—
$12
$1,504
122x
Actual subscription cost
$200
$400
$400
—
* January API data incomplete — session logs only cover Jan 9-31 (first 8 days missing). January had 31 active days and 7,373 prompts, so actual API usage was significantly higher than shown.
Context: Why March Is So High
The 80x increase in API requests is not purely from degradation-induced thrashing. It also reflects a deliberate scaling-up of concurrent agent sessions that collided with the quality regression at the worst possible moment.
February: 1-3 concurrent sessions doing focused work on two IREE subsystems. 1,498 API requests produced 191,000 lines of merged code. The workflow was proven and productive.
Early March (pre-regression): Emboldened by February's success, the user scaled to 5-10+ concurrent sessions across 10 projects (IREE loom, amdgpu, remoting, batteries, web, fuzzing, and Bureau's multi-agent system). This was the intended workflow — dozens of agents collaborating on a large codebase, each running autonomously for 30+ minutes.
March API requests by project (deduplicated):
Project
Main
Subagent
Total
Bureau
20,050
9,856
29,906
IREE loom
19,769
6,781
26,550
IREE amdgpu
17,697
4,994
22,691
IREE remoting
12,320
2,862
15,182
IREE batteries
10,061
3,951
14,012
IREE web
5,775
2,309
8,084
Others
2,474
539
2,916
Total
88,049
31,292
119,341
26% of all requests were subagent calls — agents spawning other agents to do research, code review, and parallel exploration. This is the multi-agent pattern working as designed, but consuming API requests at scale.
The catastrophic collision: The quality regression hit during the scaling-up. The user went from \"I can run 50 agents and they all produce excellent work\" to \"every single one of these agents is now an idiot.\" The failure mode was not one broken session — it was 10+ concurrent sessions all degrading simultaneously, each requiring human intervention that the multi-agent workflow was designed to eliminate.
Peak day: March 7 with 11,721 API requests — the day before the regression crossed 50% thinking redaction. This was the last day of attempted full-scale operation. After March 8, session counts dropped as the user abandoned concurrent workflows entirely.
The March cost is therefore a combination of:
Legitimate scale-up: more projects, more concurrent agents (~5-10x)
Catastrophic loss: the multi-agent workflow that was delivering 191K lines/weekend became completely non-functional, forcing a retreat to single-session supervised operation
The Human Worked the Same; the Model Wasted Everything
The most striking row is user prompts: 5,608 in February vs 5,701 in March. The human put in the same effort. But the model consumed 80x more API requests and 64x more output tokens to produce demonstrably worse results.
Even accounting for the scale-up (5-10x more concurrent sessions), the degradation multiplied request volume by an additional 8-16x beyond what scaling alone would explain. Each session that would have run autonomously for 30 minutes now stalled every 1-2 minutes, generating correction cycles that multiplied API calls per unit of useful work.
Why Degradation Multiplies Cost
When the model thinks deeply:
It reads code thoroughly before editing (6.6 reads per edit)
It gets the change right on the first attempt
Sessions run autonomously for 30+ minutes without intervention
One API request does meaningful work
When the model doesn't think:
It edits without reading (2.0 reads per edit)
Changes are wrong, requiring correction cycles
Sessions stall every 1-2 minutes requiring human intervention
Each intervention generates multiple additional API requests
Failed tool calls (builds, tests) waste tokens on output that is discarded
Context grows with failed attempts, increasing cache sizes
At fleet scale, this is devastating. One degraded agent is frustrating. Fifty degraded agents running simultaneously is catastrophic — every one of them burning tokens on wrong output, thrashing on the same files, and requiring human attention that the multi-agent design was built to eliminate. The user was forced to shut down the entire fleet and retreat to single-session operation, abandoning months of infrastructure work (Bureau, tmux session management, concurrent worktrees) that had been built specifically for this workflow.
Appendix E: Word Frequency Shift — The Vocabulary of Frustration
Analysis of word frequencies in user prompts before and after the regression reveals a measurable shift in the human's communication patterns. The user went from collaborative direction-giving to...
\n","excerpt":"Preflight Checklist I have searched existing issues for similar behavior reports This report does NOT contain sensitive information (API keys, passwords, etc.) Type of Behavior Issue Other unexpect...","image":"https://opengraph.githubassets.com/4af794b64283357c82805f48358484952ed77edd9bdd4bbdb91e2462e1d243e2/anthropics/claude-code/issues/42796","authors":[{"name":"GitHub","url":"https://github.com/anthropics/claude-code/issues/42796","avatar":"https://github.githubassets.com/favicons/favicon.svg"}],"id":"47660925","url":"https://github.com/anthropics/claude-code/issues/42796","external_url":"https://news.ycombinator.com/item?id=47660925","date_published":"2026-04-06T13:50:35Z"},{"title":"I won't download your app. The web version is a-ok","content_html":"
As someone who prefers using services via their websites, I’ve gotten terribly jaded lately. Almost everyone wants me, and by extension, you, to use their darn apps to consume content and off their web versions.
Whether it's the obvious social media apps or something as basic as parking, the app is the priority and the site the red-headed stepchild. And they aren't too subtle in the push either. It might be a modal covering half the web version with links to the App Store, an immediate popup after a bit of scrolling, or a header screaming “the app is 10x better,” but it's always there and it's always grating.
Let's not even go into the cases where the app is the only option to access the service. A minor annoyance for ordering food, but a major hassle when it's a public service or utility.
Why the Hostility From Both Sides?
On principle, I like control over what I see and how I see it. Apps are super limited; while in a browser, I can do a lot of very nifty things to improve usability.
A service lacks a dark mode? I can use any number of user scripts. Reddit introduced a gaming section in the sidebar? Two-second fix that I bundled into my extension [1]. Between userscripts, ad-blockers, and custom extensions, I'm basically a god, swaggering through my realm.
This control, or lack thereof, also explains the app maker's adversarial stance towards users. They are often a black hole of dark patterns, and they'd like nothing getting in their way. Apps make it easier for them to push notifications, collect intrusive telemetry, and keep you inside their walled garden. A better user experience is the pitch but securing better user retention is the end goal.
It's Mostly Just Text and Media
Most apps are just that. Text and media in a never-ending, all-consuming feed or a multi-page form, cleverly disguised by the user interface.
Excluding heavy 3D gaming or utilities that genuinely require deep integration with your phone's hardware (like accessing the LiDAR scanner for AR), what are we actually left with? A thin client whose main job is to fetch data from an API and render it onto native views.
Why do I need to download a 100+ MB app, give it permission to track my location, and let it run background processes just to browse through a restaurant menu, buy a ticket, or scroll through a list of posts? At the end of the day, it is almost always just JSON being parsed and rendered. Yet, companies insist on rebuilding their basic content as native shells just to claim a permanent square of real estate on my home screen.
The Apps Aren't Even Good
If a service is going to pull you out of the browser, it should at least offer a polished, native experience. But more often than not, the app you just downloaded is a compromise.
Anyone who endured the iOS-specific shader compilation jank in early Flutter apps [2] knows exactly how grating this can be (this specific bug was fixed 2023ish fwiw). Before they swapped Skia out for the Impeller engine, I had to capture and ship precompiled shaders with my apps just to stop the UI from stuttering the first time an animation ran.
The result is often the uncanny valley of user interfaces. It’s not broken, but it is subtly different, sometimes janky. The scroll velocity doesn't quite match the rest of the OS. The swipe back gesture hesitates for a few milliseconds.
Human brains are remarkably good at detecting when a system's timing is off. This is how the XZ backdoor was caught: an engineer noticed their SSH logins taking a fraction of a second longer than usual. It's not that unique -- my old FPS buddies could tell our server region just by firing a shot and feeling the lag. [3]
These micro interactions matter, because without that final layer of polish, the entire facade of a native experience falls apart. Not every app is like this, obviously, but enough of them are this way that it sours the entire experience.
The Enshittification Loop
When that full-screen modal pops up demanding you download the app to read the rest of a thread, users choose the path of least resistance. They download and they move on.
To a PM staring at an analytics dashboard, I'm an acceptable casualty, an inconsequential minority. If degrading the web version successfully funnels 80% of users into the App Store, that PM gets a promotion and a big pay bump. As always, actions follow the incentive. Our demographic is simply too small to factor into their quarterly metrics.
This is the enshittification loop in its full glory, working exactly as intended. A service builds its initial audience on the open web because it's frictionless and indexable. Once the user base is sufficiently locked in, the web version is deliberately hobbled to force everyone into the native app. Once you're inside the app, the walls close in: you are now a captive audience for a feed full of ads that your ad-blocker can no longer touch.
There is no financial incentive to maintain a stellar web experience anymore. The browser, once the great universal platform, is increasingly being reduced to a top-of-funnel marketing channel for the App Store. The depressing part of it is that the numbers prove it works.
\n","excerpt":"As someone who prefers using services via their websites, I’ve gotten terribly jaded lately. Almost everyone wants me, and by extension, you, to use their darn apps to consume content and off their web versions.","authors":[{"name":null,"url":"https://www.0xsid.com/blog/wont-download-your-app","avatar":"data:image/svg+xml,"}],"id":"47661439","url":"https://www.0xsid.com/blog/wont-download-your-app","external_url":"https://news.ycombinator.com/item?id=47661439","date_published":"2026-04-06T14:31:29Z"},{"title":"Show HN: I built a tiny LLM to demystify how language models work","content_html":"
A ~9M parameter LLM that talks like a small fish.
This project exists to show that training your own language model is not magic. No PhD required. No massive GPU cluster. One Colab notebook, 5 minutes, and you have a working LLM that you built from scratch — data generation, tokenizer, model architecture, training loop, and inference. If you can run a notebook, you can train a language model.
It won't produce a billion-parameter model that writes essays. But it will show you exactly how every piece works — from raw text to trained weights to generated output — so the big models stop feeling like black boxes.
You> hi guppy Guppy> hi there. i just found a nice spot near the rock. the temperature feels nice. You> are you hungry Guppy> yes. always yes. i will swim to the top right now. i promise to eat all of it. You> do you like bubbles Guppy> i love bubbles. they make the water feel slightly different. You> what is the meaning of life Guppy> food. the answer is always food. You> tell me a joke Guppy> what did the fish say when it hit the wall. dam. You> do you love me Guppy> you're my favorite big shape. my mouth are happy when you're here. You> goodnight guppy Guppy> ok sleep time. i was following a bubble but now i'll stop. goodnight tank. goodnight water.
What is GuppyLM?
GuppyLM is a tiny language model that pretends to be a fish named Guppy. It speaks in short, lowercase sentences about water, food, light, and tank life. It doesn't understand human abstractions like money, phones, or politics — and it's not trying to.
It's trained from scratch on 60K synthetic conversations across 60 topics, runs on a single GPU in ~5 minutes, and produces a model small enough to run in a browser.
Architecture
Parameters
8.7M
Layers
6
Hidden dim
384
Heads
6
FFN
768 (ReLU)
Vocab
4,096 (BPE)
Max sequence
128 tokens
Norm
LayerNorm
Position
Learned embeddings
LM head
Weight-tied with embeddings
Vanilla transformer. No GQA, no RoPE, no SwiGLU, no early exit. As simple as it gets.
Personality
Guppy:
Speaks in short, lowercase sentences
Experiences the world through water, temperature, light, vibrations, and food
You> the cat is looking at you Guppy> i hide behind the plant when the furry one comes. You> it is raining outside Guppy> i think rain is the best thing about outside.
In interactive chat mode, the conversation grows and quickly runs into the 128-token limit, reducing quality. You can also invoke chat with a single prompt, and exit after the response:
python -m guppylm chat --prompt \"tell me a joke\"
fromdatasetsimportload_datasetds=load_dataset(\"arman-bd/guppylm-60k-generic\") print(ds[\"train\"][0]) # {'input': 'hi guppy', 'output': 'hello. the water is nice today.', 'category': 'greeting'}
Project Structure
guppylm/ ├── config.py Hyperparameters (model + training) ├── model.py Vanilla transformer ├── dataset.py Data loading + batching ├── train.py Training loop (cosine LR, AMP) ├── generate_data.py Conversation data generator (60 topics) ├── eval_cases.py Held-out test cases ├── prepare_data.py Data prep + tokenizer training └── inference.py Chat interface tools/ ├── make_colab.py Generates Colab notebooks ├── export_onnx.py Export model to ONNX (quantized uint8) ├── export_dataset.py Push dataset to HuggingFace └── dataset_card.md HuggingFace dataset README docs/ ├── index.html Browser demo (ONNX + WASM) ├── download.sh Download model.onnx + tokenizer from HF ├── model.onnx Quantized uint8 (~10 MB) ├── tokenizer.json BPE tokenizer └── guppy.png Logo (transparent)
Design Decisions
Why no system prompt? Every training sample had the same one. A 9M model can't conditionally follow instructions — the personality is baked into the weights. Removing it saves ~60 tokens per inference.
Why single-turn only? Multi-turn degraded at turn 3-4 due to the 128-token context window. A fish that forgets is on-brand, but garbled output isn't. Single-turn is reliable.
Why vanilla transformer? GQA, SwiGLU, RoPE, and early exit add complexity that doesn't help at 9M params. Standard attention + ReLU FFN + LayerNorm produces the same quality with simpler code.
Why synthetic data? A fish character with consistent personality needs consistent training data. Template composition with randomized components (30 tank objects, 17 food types, 25 activities) generates ~16K unique outputs from ~60 templates.
License
MIT
\n","excerpt":"A ~9M parameter LLM that talks like a small fish. Contribute to arman-bd/guppylm development by creating an account on GitHub.","image":"https://repository-images.githubusercontent.com/1195324890/29604d1d-9515-4974-9e23-e42713cd4a0c","authors":[{"name":"GitHub","url":"https://github.com/arman-bd/guppylm","avatar":"https://github.githubassets.com/favicons/favicon.svg"}],"id":"47655408","url":"https://github.com/arman-bd/guppylm","external_url":"https://news.ycombinator.com/item?id=47655408","date_published":"2026-04-06T00:20:12Z"},{"title":"Gemma 4 on iPhone","content_html":"
Productiviteit
Alleen voor iPhone
Gratis · Ontworpen voor iPhone. Niet geverifieerd voor macOS.
AI Edge Gallery is the premier destination for running the world’s most powerful open-source Large Language Models (LLMs) on your mobile device. Experience high-performance Generative AI directly on your hardware—fully offline, private, and lightning-fast. Now Featuring: Gemma 4 This update brings official support for the newly released Gemma 4 family. As the centerpiece of this release, Gemma 4 allows you to test the cutting edge of on-device AI. Experience advanced reasoning, logic, and creative capabilities without ever sending your data to a server. Core Features - Agent Skills: Transform your LLM from a conversationalist into a proactive assistant. Use the Agent Skills tile to augment model capabilities with tools like Wikipedia for fact-grounding, interactive maps, and rich visual summary cards. You can even load modular skills from a URL or browse community contributions on GitHub Discussions. - AI Chat with Thinking Mode: Engage in fluid, multi-turn conversations and toggle the new Thinking Mode to peek \"under the hood.\" This feature allows you to see the model’s step-by-step reasoning process, which is perfect for understanding complex problem-solving. Note: Thinking Mode currently works with supported models, starting with the Gemma 4 family. - Ask Image: Use multimodal power to identify objects, solve visual puzzles, or get detailed descriptions using your device’s camera or photo gallery. - Audio Scribe: Transcribe and translate voice recordings into text in real-time using high-efficiency on-device language models. - Prompt Lab: A dedicated workspace to test different prompts and single-turn use cases with granular control over model parameters like temperature and top-k. - Mobile Actions: Unlock offline device controls and automated tasks powered entirely by a finetune of FuntionGemma 270m. - Tiny Garden: A fun, experimental mini-game that uses natural language to plant and harvest a virtual garden using a finetune of FunctionGemma 270m. - Model Management & Benchmark: Gallery is a flexible sandbox for a wide variety of open-source models. Easily download models from the list or load your own custom models. Manage your model library effortlessly and run benchmark tests to understand exactly how each model performs on your specific hardware. - 100% On-Device Privacy: All model inferences happen directly on your device hardware. No internet is required, ensuring total privacy for your prompts, images, and sensitive data. Built for the Community AI Edge Gallery is an open-source project designed for the developer community and AI enthusiasts alike. Explore our example features, contribute your own skills, and help shape the future of the on-device agent ecosystem. Check out the source code on GitHub: https://github.com/google-ai-edge/gallery Note: This app is in active development. Performance is dependent on your device's hardware (CPU/GPU). For support or feedback, contact us at google-ai-edge-gallery-android-feedback@google.com.
Evenementen
Beoordelingen en recensies
- Introducing Gemma 4: Experience the latest high-performance models running fully offline. - Agent Skills: Extend LLMs with modular tools like display interactive maps and search Wikipedia. Supporting custom skill loading from the community. - Thinking Mode in AI Chat: Visualize the model’s reasoning process for deeper transparency. (Note: Currently exclusive to supported models, including the Gemma 4 family). - Bug fixes.
Versie 1.0.2
Aan jou gekoppelde gegevens
De volgende gegevens worden mogelijk verzameld en gekoppeld aan je identiteit:
ID’s
Diagnostiek
Overige gegevens
Niet aan jou gekoppelde gegevens
De volgende gegevens worden mogelijk verzameld, maar zijn niet gekoppeld aan je identiteit:
Locatie
Gebruiksgegevens
Diagnostiek
Informatie
Compatibiliteit
Vereist iOS 17.0 of nieuwer.
iPhone Vereist iOS 17.0 of nieuwer.
Mac Vereist een Mac met macOS 14.0 of nieuwer én Apple M1-chip of nieuwer.
Apple Vision Vereist visionOS 1.0 of nieuwer.
Leeftijd
13+
13+
Niet vaak Vloeken of grove humor Horror- en angstthema’s Informatie over medische behandelingen Gebruik of verwijzingen naar alcohol, tabak of drugs
Provider
Google LLC
Google LLC heeft zichzelf geïdentificeerd als een handelaar van deze app en heeft bevestigd dat dit product of deze dienst voldoet aan de wetgeving van de Europese Unie.
Adres 1600 Amphitheatre Parkway Mountain View California 94043 Verenigde Staten
\n","excerpt":"Download Google AI Edge Gallery van Google in de App Store. Bekijk schermafbeeldingen, beoordelingen en recensies, gebruikerstips en meer apps zoals Google AI…","image":"https://is1-ssl.mzstatic.com/image/thumb/PurpleSource211/v4/a7/c4/20/a7c42022-eedc-887c-36c4-86270e1dcb93/Placeholder.mill/1200x630wa.jpg","authors":[{"name":"App Store","url":"https://apps.apple.com/nl/app/google-ai-edge-gallery/id6749645337","avatar":"https://apps.apple.com/assets/favicon/favicon-32.png"}],"id":"47652561","url":"https://apps.apple.com/nl/app/google-ai-edge-gallery/id6749645337","external_url":"https://news.ycombinator.com/item?id=47652561","date_published":"2026-04-05T18:45:53Z"},{"title":"Lunar Flyby","content_html":"
The first flyby images of the Moon captured by NASA’s Artemis II astronauts during their historic test flight reveal regions no human has ever seen before—including a rare in-space solar eclipse. Released Tuesday, April 7, 2026, the photos were taken on April 6 during the crew’s seven‑hour pass over the lunar far side, marking humanity’s return to the Moon’s vicinity.
\n","excerpt":"The first flyby images of the Moon captured by NASA’s Artemis II astronauts during their historic test flight reveal regions no human has ever seen before—including a rare in-space solar eclipse. Released Tuesday, April 7, 2026, the photos were taken on April 6 during the crew’s seven‑hour pass over the lunar far side, marking humanity’s return to the Moon’s vicinity.","image":"https://www.nasa.gov/wp-content/uploads/2026/04/art002e009288orig.jpg","authors":[{"name":"NASA","url":"https://www.nasa.gov/gallery/lunar-flyby/","avatar":"https://www.nasa.gov/wp-content/plugins/nasa-hds-core-setup/assets/favicons/favicon-16x16.png"}],"id":"47676509","url":"https://www.nasa.gov/gallery/lunar-flyby/","external_url":"https://news.ycombinator.com/item?id=47676509","date_published":"2026-04-07T15:03:18Z"},{"title":"Microsoft hasn't had a coherent GUI strategy since Petzold","content_html":"
A few years ago I was in a meeting with developers and someone asked a simple question: “What’s the right framework for a new Windows desktop app?”
Dead silence. One person suggested WPF. Another said WinUI 3. A third asked if they should just use Electron. The meeting went sideways and we never did answer the question.
That silence is the story. And the story goes back thirty-plus years.
When a platform can’t answer “how should I build a UI?” in under ten seconds, it has failed its developers. Full stop.
The Last Time Windows Had a Clear Answer
In 1988, Charles Petzold published Programming Windows. 852 pages. Win16 API in C. And for all its bulk, it represented something remarkable: a single, coherent, authoritative answer to how you write a Windows application. In the business, we call that a ‘strategy’.
Win32 that followed was bigger but still coherent. Message loops. Window procedures. GDI. The mental model was a bit whacky, but it was one mental model. Petzold explained it. It was the F=MA of Windows. Simple. Powerful. You learned it. You used it. You were successful.
Clarity is your friend! One OS, one API, one language, one book. There was no committee debating managed-code alternatives. There was just Win32 and Petzold, and it worked. This was Physics not Chemistry (this works but only for this slice of the period table. And only under these pressures. And only within this temperature. And only if the Moon is in the 7th house of Jupiter).
What happened next is a masterclass in how a company with brilliant people and enormous resources can produce a thirty-year boof-a-rama by optimizing for the wrong things. AKA Brillant people doing stupid things.
The Object-Oriented Fever Dream (1992–2000)
Win32 had real limitations, so Microsoft did what Microsoft does: it shipped something new for the developer conference. Several somethings.
MFC (1992) wrapped Win32 in C++. If Win32 was inelegant, MFC was Win32 wearing a tuxedo made of other tuxedos. Then came OLE. COM. ActiveX. None of these were really GUI frameworks – they were component architectures – but they infected every corner of Windows development and introduced a level of cognitive complexity that makes Kierkegaard read like Hemingway.
I sat through a conference session in the late nineties trying to understand the difference between an OLE document, a COM object, and an ActiveX control. I looked at the presenter like they had a rat’s tail hanging out of his mouth for the entire hour.
Microsoft wasn’t selling a coherent story. It was selling technology primitives and telling developers to figure out the story themselves. That’s the Conference Keynote Cluster***k – Microsoft optimized for an executive impressing people with their keynote and not the success of the users or developers.
PDC 2003 and the Vision That Ate Itself
At PDC 2003, Microsoft unveiled Longhorn – genuinely one of the most compelling technical visions the company had ever put in front of developers. Three pillars: WinFS (a relational file system), Indigo (unified communications), and Avalon – later WPF – a GPU-accelerated, vector-based UI subsystem driven by a declarative XML language called XAML. Developers saw the Avalon demos and went nuts. It was the right vision.
It was also, in the words of Jim Allchin’s internal memo from January 2004, “a pig.”
By August 2004, Microsoft announced a complete development reset. Scrapped. Start over from the Server 2003 codebase. And after the reset, leadership issued a quiet directive: no f***ing managed code in Windows. All new code in C++. WPF would ship alongside Vista, but the shell itself would not use it.
The Windows team’s bitterness toward .NET never healed. From their perspective, gambling on a new managed-code framework had produced the most embarrassing failure in the company’s history. That bitterness created a thirteen-year institutional civil war between the Windows team and the .NET team that would ultimately orphan WPF, kill Silverlight, doom UWP, and give us the GUI ecosystem boof-a-rama we have today.
Silverlight: The Pattern Established (2007–2010)
WPF shipped in late 2006. It was remarkable – XAML, hardware-accelerated rendering, real data binding. If Microsoft had made it the definitive answer and invested relentlessly, the story might have ended differently. Instead, in 2007, they launched Silverlight: a stripped-down browser plugin to compete with Flash, cross-platform, elegant, and the foundation for Windows Phone. Around 2010 it looked like the rich client future.
Then at MIX 2010, a Microsoft executive said in a Q&A that Silverlight was not a cross-platform strategy – it was about Windows Phone. HTML5 was now policy. The Silverlight team was not told this was coming. Developers who had bet their LOB applications on Silverlight found out from a conference Q&A.
Silverlight wasn’t killed by technical failure. The technology was fine. It was killed by a business strategy decision, and developers were the last to know.
Remember that pattern. We’ll see it again.
The Metro Panic and the Two-Team War (2012)
Apple had sold 200 million iPhones. The iPad was eating into PC sales. Microsoft’s answer was Windows 8 and Metro – a touch-first runtime called WinRT that was deliberately not built on .NET. Remember the Windows team’s bitterness? Here it manifests. WinRT was a native C++ runtime. Clean break from WPF, WinForms, and a decade of developer investment in .NET.
There were actually two stories being told simultaneously inside Microsoft. The Windows team was building WinRT. The .NET team was still evangelizing WPF. Different buildings, different VPs, different road maps.
What developers heard at //Build 2012: the future is WinRT, and also HTML+JS is first-class, and also .NET still works, and also C++ is back, and also you should write Metro apps, and also your WPF code still runs fine. That is not a strategy. That is a Hunger Games stage where six teams are fighting for your attention.
Enterprise developers took one look at UWP’s sandboxing, its Store deployment requirement, and its missing Win32 APIs, and walked away. The framework designed to win them into the modern era had been optimized for a tablet app store that never materialized.
UWP and the WinUI Sprawl (2015–Present)
Windows 10 brought Universal Windows Platform – write once, run on PC, phone, Xbox, HoloLens. Compelling on paper. The problem: Windows Phone was dying, and Microsoft’s own flagship apps – Office, Visual Studio, the shell itself – weren’t using UWP. The message was clear even if no one said it out loud.
When UWP stalled, the official answer became it depends. Use UWP for new apps, keep WPF for existing ones, add modern APIs via XAML Islands, wait for WinUI 3, but also WinUI 2 exists for UWP specifically, and Project Reunion will fix everything, except we’re renaming it Windows App SDK and it still doesn’t fully replace UWP and…
Brilliant people doing stupid things. Technological Brownian motion.
Project Reunion / WinUI 3 represents genuine progress. But ask yourself why the problem existed at all. UWP’s controls were tied to the OS because the Windows team owned them. The .NET team didn’t. The developer tools team didn’t. Project Reunion was an organizational workaround dressed up as a technical solution.
One developer’s summary, written in 2024: “I’ve been following Microsoft’s constant changes: UAP, UWP, C++/CX replaced by C++/WinRT without tool support, XAML Islands, XAML Direct, Project Reunion, the restart of WinAppSDK, the chaotic switch between WinUI 2.0 and 3.0…” Fourteen years. Fourteen pivots. That person deserves a medal and an apology, in that order.
The Zoo Without a Zookeeper
Here is every GUI technology actually shipping on Windows today:
Microsoft native frameworks:
Win32 (1985) – Still here. Still used. Petzold’s book still applies.
MFC (1992) – C++ wrapper on Win32. Maintenance mode. Lives in enterprise and CAD.
WinForms (2002) – .NET wrapper on Win32. “Available but discouraged.” Still fastest for data-entry forms.
WPF (2006) – XAML, DirectX-rendered, open source. No new Microsoft investment.
WinUI 3 / Windows App SDK (2021) – The “modern” answer. Uncertain roadmap.
MAUI (2022) – Cross-platform successor to Xamarin.Forms. The .NET team’s current bet.
Microsoft web-hybrid:
Blazor Hybrid – .NET Razor components in a native WebView.
WebView2 – Embed Chromium in a Win32/WinForms/WPF app.
Third-party:
Electron – Chromium + Node.js. VS Code, Slack, Discord. The most widely deployed desktop GUI technology on Windows right now – and Microsoft had nothing to do with it.
Tauri – Rust backend, lightweight Electron alternative.
Qt – C++/Python/JavaScript. The serious cross-platform option.
React Native for Windows – Microsoft-backed port of Facebook’s mobile framework.
Avalonia – Open source WPF spiritual successor. Used by JetBrains, GitHub, Unity – developers who stopped waiting for Microsoft.
Uno Platform – WinUI APIs on every platform. More committed to WinUI than Microsoft is.
Delphi / RAD Studio – Still alive. Still fast. Still in vertical market software.
Java Swing / JavaFX – Yes, still in production. The enterprise never forgets.
Seventeen approaches. Five programming languages. Three rendering philosophies. That is not a platform. I might not have a dictionary definition for the term boof-a-rama but I know one when I see it.
The Lesson
Every failed GUI initiative traces back to one of three causes: internal team politics (Windows vs. .NET), a developer conference announcement driving a premature platform bet (Metro, UWP), or a business strategy pivot that orphaned developers without warning (Silverlight). None of these are technical failures. The technology was often genuinely good – WPF was good, Silverlight was good, XAML is good. The organizational failure was the product.
You either have a Plausible Theory of Success that covers the full lifecycle – adoption, investment, maintenance, and migration – or you have a developer conference keynote.
One is a strategy. The other is a thirty-year boof-a-rama.
Charles Petzold wrote six editions of Programming Windows trying to keep up with each new thing Microsoft announced. He stopped after the sixth, which covered WinRT for Windows 8. That was 2012.
I don’t blame him.
\n","excerpt":"A few years ago I was in a meeting with developers and someone asked a simple question: “What’s the right framework for a new Windows desktop app?” Dead silence. One person sugges…","image":"https://www.jsnover.com/blog/wp-content/uploads/2026/03/Boof.png","authors":[{"name":"Jeffrey Snover's blog","url":"https://www.jsnover.com/blog/2026/03/13/microsoft-hasnt-had-a-coherent-gui-strategy-since-petzold/"}],"id":"47651703","url":"https://www.jsnover.com/blog/2026/03/13/microsoft-hasnt-had-a-coherent-gui-strategy-since-petzold/","external_url":"https://news.ycombinator.com/item?id=47651703","date_published":"2026-04-05T17:27:41Z"},{"title":"Why Switzerland has 25 Gbit internet and America doesn't","content_html":"
You may have heard about 25 Gbit symmetrical internet in Switzerland. This is often cited as the fastest dedicated (non-shared) residential connection in the world. However, did you ever wonder why Switzerland has such fast internet at a reasonable price while the United States and other countries like Switzerland’s neighbor Germany are falling behind?
What is the fundamental difference between the countries that leads to such a stark difference in internet speeds and prices?
Free markets, regulation, technology, or all three?
Let’s take a closer look at the situation in Switzerland, Germany, and the United States.
Note
This article is written by me and spell checked with AI. Many of the images are generated by AI. They are mostly to explain certain points and break up the wall of text.
This Article is also available as a video (My first):
As mentioned, in Switzerland, you can get 25 Gigabit per second fiber internet to your home, symmetric and dedicated. If you don’t need such extreme speed, you can get 1 or 10 Gigabit from multiple competing providers for very little money. All over a connection that isn’t shared with your neighbors. In fact, someone could offer 100 Gigabit or more today; there is nothing preventing this other than the cost of endpoint equipment.
In the United States, if you’re lucky enough to have fiber, you might get 1 Gigabit. But often it’s shared with your neighbors. And you usually have exactly one choice of provider. Maybe two, if you count the cable company that offers slower speeds for the same price.
In Germany, you are in a somewhat similar situation to the United States. Fiber service is limited to one provider and is often shared with your neighbors.
The United States prides itself on free markets. On competition. On letting businesses fight it out. A deregulated market with no brakes.
Germany, on the other hand, is famous for over-regulation, making it difficult for businesses to operate, yet it is in a similar situation to the United States.
Switzerland has a highly regulated telecom sector with strong oversight and government-backed infrastructure projects, but regulations in Switzerland differ from those in Germany.
So why is the country that worships free markets producing stagnation, monopolies, and inferior internet, while the country with heavy regulation is producing hyper-competition, world-leading speeds, and consumer choice?
And at the same time, the country with the most regulation is suffering the same problems as the country with the least.
The answer reveals a fundamental truth about capitalism and regulation that most people get wrong.
To understand the failure, you have to understand what economists call a “natural monopoly.”
A natural monopoly is an industry where the cost of building the infrastructure is so high, and the cost of serving an additional customer is so low, that competition actually destroys value.
Think about water pipes. It would be insane to have three different water companies each digging up your street to lay their own pipes. You’d have three times the construction, three times the disruption, three times the cost. And at the end of it, you’d still only use one of them.
The rational solution is to build the infrastructure once, as a shared, neutral asset, and let different companies compete to provide the service over that infrastructure.
That’s how water works. That’s how electricity works in most places. And in Switzerland, that’s how fiber optic internet works.
But in the United States and Germany, they did the opposite.
In Germany, the “free market” approach meant letting any company dig up the street to lay their own fiber. The result is called “overbuild.” Multiple networks running in parallel trenches, often just meters apart.
Billions of euros spent on redundant concrete and asphalt. Money that could have been spent on faster equipment, lower prices, or connecting rural areas, instead wasted on digging the same hole twice, literally.1
But isn’t Germany heavily regulated? Yes, but the regulations focus heavily on infrastructure competition rather than duct sharing enforcement.
Germany champions infrastructure competition, meaning it prefers multiple companies laying their own cables rather than sharing a single network. At the same time, the regulatory system wastes enormous amounts of time on waiting for digging permits and on courtroom battles just to obtain basic information about existing ducts.
Germany also has a large incumbent, Deutsche Telekom, which uses existing regulations to its competitive advantage against smaller ISPs. While Germany does have laws requiring Deutsche Telekom to share its ducts with competitors, in practice smaller ISPs face unreasonable hurdles such as high fees, procedural delays, and legal double burdens that undermine effective access.
Sharing ducts is not as bad as digging two trenches but it is still a waste of resources.
The United States took a different path, but the result is equally bad. Instead of overbuild, they got territorial monopolies, in some places paid for by the federal government.
In most American cities, you don’t have a choice of fiber providers. You have whatever incumbent happens to serve your neighborhood. Comcast has one area. Spectrum has another. AT&T has a third.
This is marketed as competition. But it’s not. It’s a cartel. Each company gets its own protected territory, and consumers get no choice. If you don’t like your provider, your only alternative is often DSL from the 1990s or a cellular hotspot.
This is what happens when you let natural monopolies operate without oversight. They don’t compete on price or quality. They extract rent.
And because these networks are built on the cheap using P2MP, or shared architecture, your “gigabit” connection is shared with your entire neighborhood. At 8 PM, when everyone streams Netflix, that gigabit becomes 200 megabits. Or 100. Or less.
The provider still charges you for “gigabit.” They just don’t tell you that you’re sharing it with 31 other households.
And it gets worse. In the United States, even if a competitor wanted to challenge the incumbent, they often can’t. Because the Point of Presence, the central hub where all the fiber lines from homes converge, is private. It belongs to Comcast or AT&T. Your fiber terminates in their building. A competitor can’t just install equipment there. They would have to build their own network from scratch, digging up the same streets, to reach you.
Now look at Switzerland. Here, the physical infrastructure, the fiber in the ground, is treated as a neutral, shared asset. It’s built once, often by a public or semi-public entity.
Every home gets a dedicated 4-strand fiber line. Point-to-Point. Not shared. Not split 32 ways.
That dedicated fiber terminates in a neutral, open hub. And any internet service provider can connect to that hub.
Init7, Swisscom, Salt, or a tiny local ISP, they all have equal access to the physical line that goes into your home.2
This means you, the consumer, have genuine choice. When you sign up with a provider, you simply give them your OTO (Optical Termination Outlet) number, the unique identifier printed on the fiber optic plate in your home. It tells the provider exactly which fiber connection is yours. That’s it. No technician needs to visit. No one needs to dig up your street. You just call, give them the number, and within days (not always the case…), your new service is active.
And because your home has four separate fiber strands, you’re not locked into a single provider. You can have Init7 on one strand, Swisscom on another, and a local utility on a third. You can switch providers with a phone call. You can try a new provider without canceling your old one first. The competition happens on price, speed, and customer service but not on who happens to own the cable in front of your house.
In Switzerland, you can get 25 Gigabit per second fiber to your home. Today. Symmetric. Dedicated. Not shared with your neighbors.
In Switzerland, you have a choice of a dozen or more providers in most cities. Prices are competitive. Customer service matters because you can leave at any time.
In the United States, the majority of households have only one choice for high-speed internet. Speeds are lower. Prices are higher. And the technology is often a decade behind.
The “free market” promised innovation. It delivered rent-seeking. The incumbents have no incentive to upgrade because you have nowhere else to go.
American broadband prices have risen faster than inflation for decades. Speeds have increased only when a competitor, usually a municipal utility, forces the incumbent to respond.
Without competition, there is no innovation. There is only profit extraction.
Switzerland didn’t arrive at this model by accident nor did it happen because telecom companies were feeling generous. It happened because regulators forced it to happen.
Back in 2008, when the industry sat down at the Round Table organized by the Federal Communications Commission, it was Swisscom, the incumbent itself, that pushed for the four-fiber Point-to-Point model. The company argued that a single fiber would create a monopoly and that regulation would be necessary.3
So the standard was set. Four fibers per home. Point-to-Point. Open access for competitors on Layer 1 - the physical fiber itself.4
Then, in 2020, Swisscom changed course. The company announced a new network expansion strategy, this time using P2MP, the shared model with splitters. On paper, they argued it was cheaper and faster to deploy.
But the effect was clear. Under the P2MP design, competitors would no longer have direct access to the physical fiber. Instead of plugging into their own dedicated fiber strand, they would have to rent access from Swisscom at a higher network layer - effectively becoming resellers of Swisscom’s infrastructure. The open, competitive matrix that had been carefully built over years would disappear.
The small ISP Init7 filed a complaint with Switzerland’s competition authority, COMCO, which later opened an investigation. In December 2020, they issued a precautionary measure: Swisscom could not continue its P2MP rollout unless it guaranteed the same Layer 1 access that the original standard provided.5
Swisscom fought this all the way to the Federal Court. They lost. In 2021, the Federal Administrative Court confirmed COMCO’s measures, stating that Swisscom had failed to demonstrate “sufficient technological or economic grounds” to deviate from the established fiber standard.5 In April 2024, COMCO finalized its ruling, fining Swisscom 18 million francs for violating antitrust law.6
Note
Swisscom is 51% owned by the Swiss Confederation. So, in simple terms, 51% state-owned and 49% privately/institutionally owned. Whether this makes the fine “symbolic” is a matter of opinion.
The result? Swisscom was forced to return to the four-fiber, Point-to-Point architecture it had originally championed.3 Competitors retained their direct, physical access to the fiber network. The walled garden was prevented.
Whether intended or not, the effect of Swisscom’s P2MP shift was clear: competitors would have been locked out of the physical infrastructure.
Swisscom is a bit of a walking contradiction. Being majority state-owned, it’s supposed to be a public service. But it’s also a private company, and maximizing profit benefits the state coffers. But that is something for another blog post.
This is the paradox that confuses so many people.
The American and German approach of letting incumbents build monopolies, allowing wasteful overbuild, and refusing to regulate natural monopolies is often called a ‘free market.’
But it’s not free. And it’s not a market.
True capitalism requires competition. But infrastructure is a natural monopoly. If you treat it like a regular consumer product, you don’t get competition. You get waste, or you get a monopoly.
The Swiss model understands this. They built the infrastructure once, as a shared, neutral asset, and then let the market compete on the services that run over it.
That’s not anti-capitalist. It’s actually better capitalism. It directs competition to where it adds value, not to where it destroys it.
The free market doesn’t mean letting powerful incumbents do whatever they want. It means creating the conditions where genuine competition can thrive.
So what can other countries learn from Switzerland? Here are the key policy changes that would help:
Mandate open access to physical infrastructure - require incumbents to share fiber ducts and dark fiber with competitors at cost-based prices. This is not “socialism” - it is how electricity and water work.
Enforce Point-to-Point architecture - require that every home gets dedicated fiber strands, not shared splitters. This ensures competitors can access the physical layer, not just resell bandwidth.
Create a neutral fiber standard - establish national standards that require multi-fiber deployment to every home, as Switzerland did in 2008.
Empower competition authorities - give regulators like COMCO real teeth to enforce these rules. Fines must be large enough to matter.
Support municipal fiber - allow cities and towns to build their own fiber networks when incumbents fail to serve residents adequately.
If you care about faster internet and lower prices, push your representatives to support these policies. The technology exists. The money exists. What is missing is the political will to demand real competition.
\n","excerpt":"The Free Market Lie: Why Switzerland Has 25 Gbit Internet and America Doesn't","image":"https://sschueller.github.io/posts/the-free-market-lie/title-image.png","authors":[{"name":"Stefan Schüller","url":"https://sschueller.github.io/posts/the-free-market-lie/","avatar":"https://sschueller.github.io/favicon.ico"}],"id":"47652400","url":"https://sschueller.github.io/posts/the-free-market-lie/","external_url":"https://news.ycombinator.com/item?id=47652400","date_published":"2026-04-05T18:29:47Z"},{"title":"Git commands I run before reading any code","content_html":"
Five git commands that tell you where a codebase hurts before you open a single file. Churn hotspots, bus factor, bug clusters, and crisis patterns.
The first thing I usually do when I pick up a new codebase isn’t opening the code. It’s opening a terminal and running a handful of git commands. Before I look at a single file, the commit history gives me a diagnostic picture of the project: who built it, where the problems cluster, whether the team is shipping with confidence or tiptoeing around land mines.
What Changes the Most
git log --format=format: --name-only --since=\"1 year ago\"| sort | uniq -c | sort -nr | head -20
The 20 most-changed files in the last year. The file at the top is almost always the one people warn me about. “Oh yeah, that file. Everyone’s afraid to touch it.”
High churn on a file doesn’t mean it’s bad. Sometimes it’s just active development. But high churn on a file that nobody wants to own is the clearest signal of codebase drag I know. That’s the file where every change is a patch on a patch. The blast radius of a small edit is unpredictable. The team pads their estimates because they know it’s going to fight back.
A 2005 Microsoft Research study found churn-based metrics predicted defects more reliably than complexity metrics alone. I take the top 5 files from this list and cross-reference them against the bug hotspot command below. A file that’s high-churn and high-bug is your single biggest risk.
Who Built This
git shortlog -sn --no-merges
Every contributor ranked by commit count. If one person accounts for 60% or more, that’s your bus factor. If they left six months ago, it’s a crisis. If the top contributor from the overall shortlog doesn’t appear in a 6-month window (git shortlog -sn --no-merges --since=\"6 months ago\"), I flag that to the client immediately.
I also look at the tail. Thirty contributors but only three active in the last year. The people who built this system aren’t the people maintaining it.
One caveat: squash-merge workflows compress authorship. If the team squashes every PR into a single commit, this output reflects who merged, not who wrote. Worth asking about the merge strategy before drawing conclusions.
Same shape as the churn command, filtered to commits with bug-related keywords. Compare this list against the churn hotspots. Files that appear on both are your highest-risk code: they keep breaking and keep getting patched, but never get properly fixed.
This depends on commit message discipline. If the team writes “update stuff” for every commit, you’ll get nothing. But even a rough map of bug density is better than no map.
Commit count by month, for the entire history of the repo. I scan the output looking for shapes. A steady rhythm is healthy. But what does it look like when the count drops by half in a single month? Usually someone left. A declining curve over 6 to 12 months tells you the team is losing momentum. Periodic spikes followed by quiet months means the team batches work into releases instead of shipping continuously.
I once showed a CTO their commit velocity chart and they said “that’s when we lost our second senior engineer.” They hadn’t connected the timeline before. This is team data, not code data.
How Often Is the Team Firefighting
git log --oneline --since=\"1 year ago\"| grep -iE 'revert|hotfix|emergency|rollback'
Revert and hotfix frequency. A handful over a year is normal. Reverts every couple of weeks means the team doesn’t trust its deploy process. They’re evidence of a deeper issue: unreliable tests, missing staging, or a deploy pipeline that makes rollbacks harder than they should be. Zero results is also a signal; either the team is stable, or nobody writes descriptive commit messages.
Crisis patterns are easy to read. Either they’re there or they’re not.
These five commands take a couple minutes to run. They won’t tell you everything. But you’ll know which code to read first, and what to look for when you get there. That’s the difference between spending your first day reading the codebase methodically and spending it wandering.
This is the first hour of what I do in a codebase audit. Here’s what the rest of the week looks like.
\n","excerpt":"\"Five git commands that tell you where a codebase hurts before you open a single file. Churn hotspots, bus factor, bug clusters, and crisis patterns.\"","image":"https://piechowski.io/post/git-commands-before-reading-code/cover_hu3f66e25b7571f7e32d40f355f31a2ca9_56928_1200x630_resize_box_2.png","authors":[{"name":"Ally Piechowski","url":"https://piechowski.io/post/git-commands-before-reading-code/","avatar":"https://piechowski.io/favicon-32x32.png"}],"id":"47687273","url":"https://piechowski.io/post/git-commands-before-reading-code/","external_url":"https://news.ycombinator.com/item?id=47687273","date_published":"2026-04-08T08:53:42Z"},{"id":"47679258","url":"https://www-cdn.anthropic.com/53566bf5440a10affd749724787c8913a2ae0841.pdf","external_url":"https://news.ycombinator.com/item?id=47679258","title":"System Card: Claude Mythos Preview [pdf]","date_published":"2026-04-07T18:18:36Z"},{"title":"Show HN: Brutalist Concrete Laptop Stand (2024)","content_html":"
I am a great lover of brutalist architecture. 1960’s concrete buildings may not be for everyone, but I love the aesthetic. I’ve made a laptop stand, to help me hack in true brutalist style. It has the characteristic beton brut (raw concrete) surface texture, and is quite possibly the heaviest laptop stand in the world. It also boasts 2 x 2.1 amp USB charge ports, a three-pin plug socket for my laptop, and an integral plant pot. Here are some of its highlights.
0 / 3
Concrete laptop stand in use
1 / 3
Plug socket and 2 USB charge ports
2 / 3
Integral plant pot in corner of concrete laptop stand
3 / 3
Rusted rebar and exposed wire add to the theme of urbex and decay
Urban decay aesthetic with a damaged corner and rusted rebar
3-pin plug socket
2 x USB charge ports
Exposed rebar rusted
Exposed copper wire corrosion
Integral plant pot with string of pearls plant
Artificially rusted penpot
Making the Laptop Stand
It was a slow process, but here are some action shots of making the laptop stand:
The Components
Concrete
The rebar cage inside the form, awaiting the first pour
There were two main pours of concrete, to do the base and the side walls. It intentionally wasn’t mixed very thoroughly, to produce areas on the surface where there was more sand or more cement. Sanding the sides has also exposed the gravel in the concrete. This help to make it look aged and weathered.
On smaller pieces such as little plant pots or coasters, it is possible to use quick drying cement and get the bubbles out by vibrating the form with an electric toothbrush after the pour. For very large pieces such as a dining table, you need to use slow drying cement, and walk around the tabletop for ages, tapping the form with a rubber mallet to remove any air bubbles. For a medium-sized piece like this, a vibrating dildo is actually the best thing to use. Just think of it like any other power tool.
Plant Pot
Integral plant pot is a tin set into the concrete
The plant pot is made of a ghee tin. Four bolts were drilled through it and covered in concrete during the first pour to fix it in place. The inner pot is a grey plastic plant pot which fits perfectly in the ghee tin. I’ve chosen a string of pearls plant, because I liked the effect of a running plant hanging over the edge. It reminds me of the derelict buildings I’ve seen during urban exploration.
Exposed Wire
The exposed wire really adds a sense fo dilapidation and urban decay. This isn’t actually the live power cable, but it has been made to look like one. The real cable disappears into the concrete on the right hand side of the laptop stand, and the damaged fake cable comes out of the other side of the wall. The real power lead is strapped to the rebar cage with cable ties, but the overall effect is that it looks like the live cable is badly damaged.
The wire had to be wrapped in kitchen paper and sprayed with ammonia and water, to produce the appropriate corrosion effect. Attempts to lower it into a little pot filled with liquid didn’t really work - the copper compounds turned the liquid blue, but it wasn’t forming a patina on the wire.
Here’s what seems to be happening here:
$$ \\ce{Cu2+ + 2NH3 + 3H2O -> Cu(OH)2 + 2NH4+} $$
The exposed rebar was first polished with a wire brush attachment on a Dremel tool, to remove the concrete and expose the metal, then it was rusted with water, salt, and hydrogen peroxide.
Penpot
Rusted penpot being painted with mold
The penpot was similarly rusted with salt water and peroxide, after being scuffed up with some sandpaper. It has also had some moss added to it: acrylic paint cut with sand was added, to produce a realistic texture. Dab, don’t wipe.
Summary
I’m delighted with my laptop stand, even if the aesthetic isn’t to everyone’s taste. The themes of brutalist architecture, urban decay, and dilapidation have worked out really nicely, especially with the deliberate hole and the rusted metal. It has pride of place on a desk it had to be carried to on a trolley because of the sheer weight of the stand, but nothing worthwhile comes easy.
\n","excerpt":"I made a laptop stand out of solid concrete, in the style of brutalist architecture, with themes of urbex and urban decay","image":"https://sam-burns.com/posts/concrete-laptop-stand/images/main-concrete-laptop-stand-overview.jpg","authors":[{"name":"Sam Burns' Tech Blog","url":"https://sam-burns.com/posts/concrete-laptop-stand/","avatar":"https://sam-burns.com/images/favicon/favicon.ico"}],"id":"47673360","url":"https://sam-burns.com/posts/concrete-laptop-stand/","external_url":"https://news.ycombinator.com/item?id=47673360","date_published":"2026-04-07T11:07:44Z"},{"title":"Veracrypt project update","content_html":"
I want to share an update following my absence over the past few months.
I have encountered some challenges but the most serious one is that Microsoft terminated the account I have used for years to sign Windows drivers and the bootloader. You can see below a screenshot of the message shown when I tried to sign in.
Microsoft did not send me any emails or prior warnings. I have received no explanation for the termination and their message indicates that no appeal is possible.
I have tried to contact Microsoft through various channels but I have only received automated replies and bots. I was unable to reach a human.
This termination impacts my work beyond VeraCrypt and has consequences for my daily job.
Currently I'm out of options.
Regarding VeraCrypt, I cannot publish Windows updates. Linux and macOS updates can still be done but Windows is the platform used by the majority of users and so the inability to deliver Windows releases is a major blow to the project.
I'm open to proposals and help.
Some practical questions about the most current Windows release, until this situation can be resolved:
The current version 1.26.24 is signed with the 2011 CA, which is soon to expire. This will certainly affect secureboot.... but how will this affect mounting non-system volumes (partitions and/or file containers) as a user? Will one have to disable secureboot just to install VeraCrypt, even if not using system encryption? And how will this affect portable use?
The same question applies to unsigned versions people may choose to build for themselves for Windows.
Hi Mounir,
I’m so sorry to hear about this. I would try contacting Microsoft using the link below. There is a link to “Help with the Microsoft account recovery form” on this page:
There is also a link to “I need to talk to a customer support agent” on that page. Apologies if you have already tried these links.
Alex R’s kind suggestion of posting to Reddit and Twitter (now X) are great suggestions too since this will likely get you re-directed to the right people.
If your account has been disabled for more than 30 days it could be unrecoverable. You may need to set up a new account and start the verification process all over again to have your new account enabled for driver signing purposes.
I hope this is somewhat helpful. Thanks.
Last edit: AJ B 4 hours ago
Would you be OK if I posted this to socials, such as Microsoft's reddit or twitter accounts? Might get some traction.
yes, no problem. I don't have much social presence so this can be helpful. Thanks.
In view of this situation, I recommend adding a signature-independent program that provides archive-like creation and extraction functions (without support for real-time modification), so as to cope with highly targeted scenarios.
This is a sad turn of events, Mounir! This may seem a bit out in left field (to use an American idiom), but is it possible that some seemingly minor aspect of your recent relocation to Japan is at the root of this inexplicable account revocation?
Grasping at straws is a hobby of mine :)
I'm really sorry to hear this bad news. Someone probably reported the software, claiming it could be used for illegal activities, which led to the account being deleted. Unfortunately, the general trend is increasingly toward controlling and monitoring what people do, and there is less and less respect for privacy.
Is there no way to get around this limitation, even temporarily? Perhaps by restricting the software, for now, to non-system partitions and volumes?
I would try sending an email to Microsoft CEO, Satya Nadella at:
satyan@microsoft.com
Use brief details from your first post in this thread along with the error message screenshot.
Possible email shown below.
Subject Line: Reinstate Partner Center Program Account for my Software Developer Business
Dear Satya Nadella,
I need someone from your staff's to help me get my Partner Center program account reinstated for my Windows developer business.
I attempted to login to my Partner Center account and I received the following error message.
insert your screenshot of error here
I did not receive from Microsoft any email notices or prior warnings that there is an issue with my Partner Center account and I have contacted support for assistance without results.
This issue impacts my business to provide third-party Windows software.
Kind Regards, Mounir Idrassi insert your business(es) name(s) insert your business email insert your business phone number and any alternate phone numbers insert your business address Time zone : JST (UTC+9)
First, I doubt (hope not!) the account is actually deleted, it's most likely just disabled/turned off. Your accounr is just in the recycle bin... :)
I would email people in the crypto community/other devs who would know someone at MS - bruce schneir, chris titus, niels ferguson; or are someone at MS - karen easterbrook, nathan ide.
I would also contact media - tom's hardware, ars techica, wired, the intercept, EFF. there are a bunch of reddit subs that would apply - both in the privacy and crypto areas. also the guys from the all-in podcast and elon musk.
I would also contact the offices of the following US congressmen and ask for help: Reps: Tom Massie and Senators: Rand Paul, Ron Wyden. Even though you're not a US citizen, there is a compelling privacy interest for US citizens who are the bulk (guessing) of the users of this software.
\n","excerpt":"","image":"https://a.fsdn.com/con/images/sandiego/sf-logo-full.svg","authors":[{"name":null,"url":"https://sourceforge.net/p/veracrypt/discussion/general/thread/9620d7a4b3/","avatar":"https://a.fsdn.com/con/img/sandiego/logo-180x180.png"}],"id":"47686549","url":"https://sourceforge.net/p/veracrypt/discussion/general/thread/9620d7a4b3/","external_url":"https://news.ycombinator.com/item?id=47686549","date_published":"2026-04-08T07:23:39Z"},{"title":"France pulls last gold held in US","content_html":"
Stock image.
The Bank of France (BdF) says it has pulled the remaining gold held in New York and replaced it with a similar amount of gold bars in its vaults in Paris.
The gold amounted to 129 tonnes — or about 5% of the bank’s total holdings, according to the bank’s press release issued last week.
France, one of the world’s leading gold holders, has been storing some of its bullion with the Federal Reserve Bank of New York since the late 1920s.
However, an operation to repatriate its gold holdings began in the 1960s leading up to the US termination of the Bretton Woods system, which effectively stopped foreign governments from exchanging dollars for gold.
Despite that, France still held a small portion of its gold with the Reserve Bank of New York.
Gold reserve upgrade
Over the past 20 years , the BdF has also been replacing its “older” or “non‑standard” gold holdings — such as those in New York — with bars that meet modern international standards.
Under the recommendation of a 2024 internal audit, the bank went ahead to replace the US-held gold between July 2025 and January 2026. But instead of refining and transporting the gold, it opted to sell the bars and purchase new bullion in Europe.
BdF Governor Francois Villeroy de Galhau said the decision to keep the new bars in Paris is “not politically motivated,” as the higher-standard gold bars it bought were traded on a European market.
Due to rising gold prices, the move helped the bank to generate a capital gain of €13 billion ($15 billion), bringing it to a net profit of €8.1 billion for the 2025 financial year after a net loss of €7.7 billion in 2024.
The overall size of France’s gold reserves still remained unchanged at roughly 2,437 tonnes, which are now entirely held at the BdF’s underground vault in La Souterraine.
The French central bank still has 134 tonnes of gold to bring up to standard, which it aims to do by 2028.
\n","excerpt":"The overall size of France's gold reserves still remained unchanged at roughly 2,437 tonnes.","image":"https://www.mining.com/wp-content/uploads/2026/04/AdobeStock_748732093_Editorial_Use_Only-e1775408649344.jpeg","authors":[{"name":"MINING.COM","url":"https://www.mining.com/france-pulls-last-gold-held-in-us-for-15b-gain/","avatar":"https://www.mining.com/wp-content/themes/miningdotcom/images/favicon/android-icon-192x192.png"}],"id":"47658146","url":"https://www.mining.com/france-pulls-last-gold-held-in-us-for-15b-gain/","external_url":"https://news.ycombinator.com/item?id=47658146","date_published":"2026-04-06T08:03:43Z"},{"id":"47672818","url":"https://idiocracy.wtf/","external_url":"https://news.ycombinator.com/item?id=47672818","title":"Are We Idiocracy Yet?","date_published":"2026-04-07T09:57:39Z","content_html":"Failed to fetch https://idiocracy.wtf/: 400 Bad Request"},{"title":"The cult of vibe coding is dogfooding run amok","content_html":"
Dogfooding is when you use your own product. It’s a good idea. But it can turn into a cult activity where it goes beyond any reasonable limits. In this case, the idea is vibe coding, where you make a point of literally making no contribution to what’s going on under the hood, not even looking at it.
This is, of course, ridiculous. It’s not like there isn’t human contribution happening here. For starters, you’re using a human language, and the machine is using that same human language for its own internal thought processes. You could argue that that other humans, not on the development team, did all that foundational work and your team are doing pure vibe coding. But even that isn’t what’s happening. You’re still building the infrastructure of things like plan files (That’s fancy talk for ‘todo lists’), skills, and rules. The machine works very poorly without being given a framework.
So pure vibe coding is a myth. But they’re still trying to do it, and this leads to some very ridiculous outcomes. For example, a human actually looked and saw a lot of duplication between them. Now, you might ask: why didn’t any of the developers just go look for themselves? Again, it’s vibe coding. Looking under the hood is cheating. You’re only supposed to have vague conversations with the machine about what it’s doing.
This gets particularly silly because it’s not like there’s some super technical thing under the hood that the general public couldn’t understand. This code is written in English. Anyone could read it. It’s easy enough to go through and notice, “wow, there’s a whole bunch of things that are both agents and tools. That’s kind of redundant, maybe we should clean this up.”
This happens all the time in software. Projects are born in sin. Historically a software project would usually have so much tech debt that if you were doing what made sense from a pure development standpoint you would literally do nothing but clean up mess for the entire next year. Now that you can use AI for coding, you can get that cleanup done in sometimes a matter of weeks, or get it paid down a bit slower will still writing new features. And you should. You should strive for much higher quality. Helping you clean up mess is something AI is actually very good at.
In this particular case, a human could have told the machine: “There’s a lot of things that are both agents and tools. Let’s go through and make a list of all of them, look at some examples, and I’ll tell you which should be agents and which should be tools. We’ll have a discussion and figure out the general guidelines. Then we’ll audit the entire set, figure out which category each one belongs in, port the ones that are in the wrong type, and for the ones that are both, read through both versions and consolidate them into one document with the best of both.”
The AI is actually very good at this, especially if you have a conversation with it beforehand. That’s what Ask mode is for. You walk through some examples, share your reasoning, and correct the wrong things it says when trying to sycophantically agree with you. After enough back and forth, it’s often able to do what looks like one-shotting a task. It’s not really one-shotting at all. There was a lot of back and forth with you, the human, beforehand. But when it actually goes to do the thing, it zooms ahead because you’ve already clarified the weird edge cases and the issues likely to come up.
But the Claude team isn’t doing that. They’re going completely overboard with dogfooding and utterly refusing to even spend a few minutes looking under the hood, noticing what’s broken, and explaining the mess to the machine. That wouldn’t even be a big violation of the vibe coding concept. You’re reading the innards a little but you’re only giving high-level, conceptual, abstract ideas about how problems should be solved. The machine is doing the vast majority, if not literally all, of the actual writing.
I’ve been doing this for months. I’ll start a conversation by saying “Let’s audit this codebase for unreachable code,” or “This function makes my eyes bleed,” and we’ll have a conversation about it until something actionable comes up. Then I explain what I think should be done and we’ll keep discussing it until I stop having more thoughts to give and the machine stops saying stupid things which need correcting. Then I tell it to make a plan and hit build. This is my life. The AI is very bad at spontaneously noticing, “I’ve got a lot of spaghetti code here, I should clean it up.” But if you tell it this has spaghetti code and give it some guidance (or sometimes even without guidance) it can do a good job of cleaning up the mess.
You don’t have to have poor quality software just because you’re using AI for coding. That is my hot take for today. People have bad quality software because they decide to have bad quality software. I have been screaming at my computer this past week dealing with a library that was written by overpaid meatbags with no AI help. Bad software is a decision you make. You need to own it. You should do better.
Discussion about this post
Ready for more?
\n","excerpt":"Bad software is a choice you make","image":"https://substackcdn.com/image/fetch/$s_!93xj!,f_auto,q_auto:best,fl_progressive:steep/https%3A%2F%2Fbramcohen.substack.com%2Ftwitter%2Fsubscribe-card.jpg%3Fv%3D-1733548744%26version%3D9","authors":[{"name":"Bram’s Thoughts","url":"https://bramcohen.com/p/the-cult-of-vibe-coding-is-insane","avatar":"https://substackcdn.com/image/fetch/$s_!wuwJ!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F219deb71-aa9d-4c7d-8b3e-ad02b7aabf75%2Ffavicon.ico"}],"id":"47664912","url":"https://bramcohen.com/p/the-cult-of-vibe-coding-is-insane","external_url":"https://news.ycombinator.com/item?id=47664912","date_published":"2026-04-06T18:31:03Z"},{"id":"47677853","url":"https://z.ai/blog/glm-5.1","external_url":"https://news.ycombinator.com/item?id=47677853","title":"GLM-5.1: Towards Long-Horizon Tasks","date_published":"2026-04-07T16:32:15Z"},{"title":"US and Iran agree to provisional ceasefire","content_html":"
The US and Iran agreed to a two-week conditional ceasefire on Tuesday evening, which included a temporary reopening of the strait of Hormuz, after a last-minute diplomatic intervention led by Pakistan, canceling an ultimatum from Donald Trump for Iran to surrender or face widespread destruction.
Trump’s announcement of the ceasefire agreement came less than two hours before the US president’s self-imposed 8pm Eastern time deadline to bomb Iran’s power plants and bridges in a move that legal scholars, as well as officials from numerous countries and the pope, had warned could constitute war crimes.
Just hours earlier, Trump had written on Truth Social: “A whole civilization will die tonight, never to be brought back again. I don’t want that to happen, but it probably will.” American B-52 bombers were reported to be en route to Iran before the ceasefire agreement was announced.
But by Tuesday evening, Trump announced that a ceasefire agreement had been mediated through Pakistan, whose prime minister, Shehbaz Sharif, had requested the two-week peace in order to “allow diplomacy to run its course”.
Trump wrote in a post that “subject to the Islamic Republic of Iran agreeing to the COMPLETE, IMMEDIATE, and SAFE OPENING of the Strait of Hormuz, I agree to suspend the bombing and attack of Iran for a period of two weeks”.
In a separate post later, the US president called Tuesday “a big day for world peace” on a social media post, claiming that Iran had “had enough”. He said the US would be “helping with the traffic buildup” in the strait of Hormuz and that “big money will be made” as Iran begins reconstruction.
For several hours afterwards, Israel’s position or agreement with the deal was unclear. But just before midnight ET, the prime minister, Benjamin Netanyahu, said Israel backed the US ceasefire with Iran but that the deal did not cover fighting against Hezbollah in Lebanon. His office said Israel also supported US efforts to ensure Iran no longer posed a nuclear or missile threat.
Pakistan’s prime minister had previously said that the agreed-upon ceasefire covered “everywhere including Lebanon”.
JD Vance warns Iran to act in good faith in 'fragile' ceasefire – video
The ceasefire process was clouded in uncertainty after Iran released two different versions of the 10-point plan intended to be the basis for negotiations, and which Trump said was a “workable basis on which to negotiate”.
In the version released in Farsi, Iran included the phrase “acceptance of enrichment” for its nuclear program. But for reasons that remain unclear, that phrase was missing in English versions shared by Iranian diplomats to journalists.
Pakistan has invited the US and Iran to talks in Islamabad on Friday. Tehran said it would attend, but Washington has yet to publicly accept the invitation.
In a telephone call with Agence France-Presse, Trump said he believed China had persuaded Iran to negotiate, and said Tehran’s enriched uranium would be “perfectly taken care of”, without providing more detail.
In the two-week ceasefire, Trump said, he believed the US and Iran could negotiate over the 10-point proposal that would allow an armistice to be “finalized and consummated”.
“This will be a double sided CEASEFIRE!” he continued. “The reason for doing so is that we have already met and exceeded all Military objectives, and are very far along with a definitive Agreement concerning Longterm PEACE with Iran, and PEACE in the Middle East.”
Iran’s foreign minister, Abbas Araghchi, issued a statement shortly after Trump’s announcement saying Iran had agreed to the ceasefire. “For a period of two weeks, safe passage through the Strait of Hormuz will be possible via coordinating with Iran’s Armed Forces,” he wrote.
Jubilation on streets of Tehran as Iran and US agree two-week ceasefire – video
Oil prices dived, stocks surged and the dollar was knocked back on Wednesday as a two-week Middle East ceasefire sparked a relief rally, fueled by hopes that oil and gas flows through the strait of Hormuz could resume.
Despite the provisional ceasefire, attacks continued across the region in the hours after Trump’s announcement. Before the deadline, airstrikes hit two bridges and a train station in Iran, and the US hit military infrastructure on Kharg Island, a key hub for Iranian oil production.
The sudden about-face will allow Trump to step back as the US war in Iran has dragged on for five weeks with little sign that Tehran is ready to surrender or release its hold on the strait, a conduit for a fifth of the global energy supply, where traffic has slowed to a trickle.
Trump had earlier rejected the 10-point plan as “not good enough” but the president has set deadlines before and allowed them to pass over the five weeks of the conflict. Yet he insisted on Tuesday the ensuing hours would be “one of the most important moments in the long and complex history of the World” unless “something revolutionarily wonderful” happened, with “less radicalized minds” in Iran’s leadership.
News of the provisional ceasefire deal was welcomed but with a note of caution elsewhere.
Iraq’s foreign ministry called for “serious and sustainable dialogue” between the US and Iran “to address the root causes of the disputes”, while the German foreign minister, Johann Wadephul, said the deal “must be the crucial first step towards lasting peace, for the consequences of the war continuing would be incalculable”.
In Australia, the government warned that the latest developments would not necessarily mean the fuel crisis is over. Oil prices fell as traders bet that the reopening of the strait of Hormuz would help fuel supply resume, but the energy minister, Chris Bowen, told reporters Australians should “not get ahead of ourselves”.
He said: “People shouldn’t take today’s progress and expect prices to fall. We welcome progress, but I don’t think we can say the [strait of Hormuz is] now open.”
A spokesperson for New Zealand’s foreign minister, Winston Peters, welcomed the “encouraging news” but noted “there remains significant important work to be done to secure a lasting ceasefire”.
Japan said it expected the move to result in a “final agreement” after Washington and Tehran begin talks on Friday. Describing the ceasefire as a “positive move”, the chief cabinet secretary, Minoru Kihara, said Tokyo wanted to see a de-escalation on the ground in the region, adding that the prime minister, Sanae Takaichi, was seeking talks with the Iranian president, Masoud Pezeshkian.
A temporary end to hostilities will come as a relief to Japan, which depends on the Middle East for about 90% of its crude oil imports, most of which is transported through the strait of Hormuz.
South Korea’s ministry of foreign affairs said it hoped “negotiations between the two sides will be successfully concluded and that peace and stability in the Middle East will be restored at an early date”, as well as wishes for “free and safe navigation of all vessels through the strait of Hormuz”.
\n","excerpt":"US president abandons threat for Iran to surrender or face destruction with last-minute intervention led by Pakistan","image":"https://i.guim.co.uk/img/media/7cde4a66207fd4d8c625b447df29716f6e1a7235/576_0_4582_3666/master/4582.jpg?width=1200&height=630&quality=85&auto=format&fit=crop&precrop=40:21,offset-x50,offset-y0&overlay-align=bottom%2Cleft&overlay-width=100p&overlay-base64=L2ltZy9zdGF0aWMvb3ZlcmxheXMvdGctZGVmYXVsdC5wbmc&enable=upscale&s=b2a8729bf6c3d7f318035c7c52fbec3a","authors":[{"name":"the Guardian","url":"https://www.theguardian.com/us-news/2026/apr/07/trump-iran-war-ceasefire","avatar":"https://static.guim.co.uk/images/favicon-32x32.ico"}],"id":"47682276","url":"https://www.theguardian.com/us-news/2026/apr/07/trump-iran-war-ceasefire","external_url":"https://news.ycombinator.com/item?id=47682276","date_published":"2026-04-07T22:41:02Z"},{"title":"A cryptography engineer's perspective on quantum computing timelines","content_html":"
My position on the urgency of rolling out quantum-resistant cryptography has changed compared to just a few months ago. You might have heard this privately from me in the past weeks, but it’s time to signal and justify this change of mind publicly.
There had been rumors for a while of expected and unexpected progress towards cryptographically-relevant quantum computers, but over the last week we got two public instances of it.
They have this excellent graph on page 2 (Babbush et al. is the Google paper, which they presumably had preview access to):
Overall, it looks like everything is moving: the hardware is getting better, the algorithms are getting cheaper, the requirements for error correction are getting lower.
I’ll be honest, I don’t actually know what all the physics in those papers means. That’s not my job and not my expertise. My job includes risk assessment on behalf of the users that entrusted me with their safety. What I know is what at least some actual experts are telling us.
Heather Adkins and Sophie Schmieg are telling us that “quantum frontiers may be closer than they appear” and that 2029 is their deadline. That’s in 33 months, and no one had set such an aggressive timeline until this month.
Scott Aaronson tells us that the “clearest warning that [he] can offer in public right now about the urgency of migrating to post-quantum cryptosystems” is a vague parallel with how nuclear fission research stopped happening in public between 1939 and 1940.
The timelines presented at RWPQC 2026, just a few weeks ago, were much tighter than a couple years ago, and are already partially obsolete. The joke used to be that quantum computers have been 10 years out for 30 years now. Well, not true anymore, the timelines have started progressing.
If you are thinking “well, this could be bad, or it could be nothing!” I need you to recognize how immediately dispositive that is. The bet is not “are you 100% sure a CRQC will exist in 2030?”, the bet is “are you 100% sure a CRQC will NOT exist in 2030?” I simply don’t see how a non-expert can look at what the experts are saying, and decide “I know better, there is in fact < 1% chance.” Remember that you are betting with your users’ lives.2
Put another way, even if the most likely outcome was no CRQC in our lifetimes, that would be completely irrelevant, because our users don’t want just better-than-even odds3 of being secure.
Sure, papers about an abacus and a dog are funny and can make you look smart and contrarian on forums. But that’s not the job, and those arguments betray a lack of expertise. As Scott Aaronson said:
Once you understand quantum fault-tolerance, asking “so when are you going to factor 35 with Shor’s algorithm?” becomes sort of like asking the Manhattan Project physicists in 1943, “so when are you going to produce at least a small nuclear explosion?”
The job is not to be skeptical of things we’re not experts in, the job is to mitigate credible threats, and there are credible experts that are telling us about an imminent threat.
In summary, it might be that in 10 years the predictions will turn out to be wrong, but at this point they might also be right soon, and that risk is now unacceptable.
Now what
Concretely, what does this mean? It means we need to ship.
Regrettably, we’ve got to roll out what we have.4 That means large ML-DSA signatures shoved in places designed for small ECDSA signatures, like X.509, with the exception of Merkle Tree Certificates for the WebPKI, which is thankfully far enough along.
This is not the article I wanted to write. I’ve had a pending draft for months now explaining we should ship PQ key exchange now, but take the time we still have to adapt protocols to larger signatures, because they were all designed with the assumption that signatures are cheap. That other article is now wrong, alas: we don’t have the time if we need to be finished by 2029 instead of 2035.
For key exchange, the migration to ML-KEM is going well enough but:
Any non-PQ key exchange should now be considered a potential active compromise, worthy of warning the user like OpenSSH does, because it’s very hard to make sure all secrets transmitted over the connection or encrypted in the file have a shorter shelf life than three years.
We need to forget about non-interactive key exchanges (NIKEs) for a while; we only have KEMs (which are only unidirectionally authenticated without interactivity) in the PQ toolkit.
It makes no more sense to deploy new schemes that are not post-quantum. I know, pairings were nice. I know, everything PQ is annoyingly large. I know, we had basically just figured out how to do ECDSA over P-256 safely. I know, there might not be practical PQ equivalents for threshold signatures or identity-based encryption. Trust me, I know it stings. But it is what it is.
Hybrid classic + post-quantum authentication makes no sense to me anymore and will only slow us down; we should go straight to pure ML-DSA-44.6 Hybrid key exchange is reasonably easy, with ephemeral keys that don’t even need a type or wire format for the composite private key, and a couple years ago it made sense to take the hedge. Authentication is not like that, and even with draft-ietf-lamps-pq-composite-sigs-15 with its 18 composite key types nearing publication, we’d waste precious time collectively figuring out how to treat these composite keys and how to expose them to users. It’s also been two years since Kyber hybrids and we’ve gained significant confidence in the Module-Lattice schemes. Hybrid signatures cost time and complexity budget,5 and the only benefit is protection if ML-DSA is classically broken before the CRQCs come, which looks like the wrong tradeoff at this point.
In symmetric encryption, we don’t need to do anything, thankfully. There is a common misconception that protection from Grover requires 256-bit keys, but that is based on an exceedingly simplified understanding of the algorithm. A more accurate characterization is that with a circuit depth of 2⁶⁴ logical gates (the approximate number of gates that current classical computing architectures can perform serially in a decade) running Grover on a 128-bit key space would require a circuit size of 2¹⁰⁶. There’s been no progress on this that I am aware of, and indeed there are old proofs that Grover is optimal and its quantum speedup doesn’t parallelize. Unnecessary 256-bit key requirements are harmful when bundled with the actually urgent PQ requirements, because they muddle the interoperability targets and they risk slowing down the rollout of asymmetric PQ cryptography.
In my corner of the world, we’ll have to start thinking about what it means for half the cryptography packages in the Go standard library to be suddenly insecure, and how to balance the risk of downgrade attacks and backwards compatibility. It’s the first time in our careers we’ve faced anything like this: SHA-1 to SHA-256 was not nearly this disruptive,7 and even that took forever with the occasional unexpected downgrade attack.
Trusted Execution Environments (TEEs) like Intel SGX and AMD SEV-SNP and in general hardware attestation are just f***d. All their keys and roots are not PQ and I heard of no progress in rolling out PQ ones, which at hardware speeds means we are forced to accept they might not make it, and can’t be relied upon. I had to reassess a whole project because of this, and I will probably downgrade them to barely “defense in depth” in my toolkit.
Ecosystems with cryptographic identities (like atproto and, yes, cryptocurrencies) need to start migrating very soon, because if the CRQCs come before they are done, they will have to make extremely hard decisions, picking between letting users be compromised and bricking them.
File encryption is especially vulnerable to store-now-decrypt-later attacks, so we’ll probably have to start warning and then erroring out on non-PQ age recipient types soon. It’s unfortunately only been a few months since we even added PQ recipients, in version 1.3.0.8
Finally, this week I started teaching a PhD course in cryptography at the University of Bologna, and I’m going to mention RSA, ECDSA, and ECDH only as legacy algorithms, because that’s how those students will encounter them in their careers. I know, it feels weird. But it is what it is.
Traveling back from an excellent AtmosphereConf 2026, I saw my first aurora, from the north-facing window of a Boeing 747.
My work is made possible by Geomys, an organization of professional Go maintainers, which is funded by Ava Labs, Teleport, Tailscale, and Sentry. Through our retainer contracts they ensure the sustainability and reliability of our open source maintenance work and get a direct line to my expertise and that of the other Geomys maintainers. (Learn more in the Geomys announcement.) Here are a few words from some of them!
Teleport — For the past five years, attacks and compromises have been shifting from traditional malware and security breaches to identifying and compromising valid user accounts and credentials with social engineering, credential theft, or phishing. Teleport Identity is designed to eliminate weak access patterns through access monitoring, minimize attack surface with access requests, and purge unused permissions via mandatory access reviews.
Ava Labs — We at Ava Labs, maintainer of AvalancheGo (the most widely used client for interacting with the Avalanche Network), believe the sustainable maintenance and development of open source cryptographic protocols is critical to the broad adoption of blockchain technology. We are proud to support this necessary and impactful work through our ongoing sponsorship of Filippo and his team.
\n","excerpt":"The risk that cryptographically-relevant quantum computers materialize within the next few years is now high enough to be dispositive, unfortunately.","image":"https://assets.buttondown.email/images/e29aa9d6-cb9e-40ee-9340-a2d128ddaabf.jpeg?w=960&fit=max","authors":[{"name":null,"url":"https://words.filippo.io/crqc-timeline/"}],"id":"47662234","url":"https://words.filippo.io/crqc-timeline/","external_url":"https://news.ycombinator.com/item?id=47662234","date_published":"2026-04-06T15:31:20Z"},{"title":"Battle for Wesnoth: open-source, turn-based strategy game","content_html":"
The Battle for Wesnoth is an open source, turn-based strategy game with a high fantasy theme. It features both singleplayer and online/hotseat multiplayer combat.
Explore the world of Wesnoth and take part in its many adventures! Embark on a desperate quest to reclaim your rightful throne... Flee the Lich Lords to a new home across the sea... Delve into the darkest depths of the earth to craft a jewel of fire itself... Defend your kingdom against the ravaging hordes of a foul necromancer... Or lead a straggly band of survivors across the blazing sands to confront an unseen evil.
The choice is up to you...
Features
Units hand-animated in a vibrant pixel art style, with semi-realistic portraits used for dialog.
17 singleplayer campaigns and 55 multiplayer maps to choose from.
Over 200 unit types in seven major factions, all with distinctive abilities, weapons and spells.
Face off against other players over the Internet, or challenge your friends over a private/local network or hot-seat.
Translated into over 30 different languages.
Highly moddable engine combining WML and Lua scripting
Tons of player-made content available from the official add-ons server: new campaigns, factions, and multiplayer maps with new and unique mechanics and artwork.
Cross-platform compatible with Microsoft Windows, Apple macOS, and GNU/Linux.
The stable version of Wesnoth is recommended for new and veteran players and content creators on all platforms, as it offers a well-supported and extensively-tested experience, with new releases delivering bug fixes and translation updates.
Players can also obtain this version of Wesnoth from Steam and the Mac App Store, with the added benefit of continuous automatic updates.
System Requirements
Minimum
Recommended
System
Windows 10 1903 (64-bit) or later macOS 10.12 or later Ubuntu 20.04 or compatible
Windows 10 (64-bit) or later macOS 10.14 or later Ubuntu 22.04 or compatible
New players are advised to choose the stable version instead.
The development version of Wesnoth is geared towards veteran players and content creators who wish to try out the latest additions to the game. Updates are not guaranteed to be stable and may include game-breaking changes.
Players can also obtain this version of Wesnoth from Steam by selecting it in the Betas tab in the game’s properties after installation, with the added benefit of continuous automatic updates.
System Requirements
Minimum
Recommended
System
Windows 10 1903 (64-bit) or later macOS 10.13 or later Ubuntu 20.04 or compatible Android 6
Windows 10 1903 (64-bit) or later macOS 10.14 or later Ubuntu 22.04 or compatible Android 10+
CPU
Dual-core 2.0 GHz or better
Dual-core 3.2 GHz or better
RAM
4 GB
4 GB
Disk
2 GB free
2 GB free
Graphics
1280x720 or larger screen
Input
Keyboard and mouse required
Contribute
Wesnoth is made possible by the efforts of players and enthusiasts from all over the world. Whether it be by creating new add-on content, contributing patches for core content and the game engine, or just testing the development version, you too can help shape the next version of Wesnoth!
If you would like to donate to the project, you can do so on Liberapay or when downloading Wesnoth through itch.io. Wesnoth does rely on the work of dedicated volunteers, but no project can function completely cost-free. Revenue from donations goes towards maintaining our servers, websites, and commissioning new art and music.
\n","excerpt":"The Battle for Wesnoth is an open source, turn-based strategy game with a high fantasy theme. It features both singleplayer and online/hotseat multiplayer combat.","authors":[{"name":null,"url":"https://www.wesnoth.org","avatar":"https://www.wesnoth.org/wesmere/img/favicon-32.png"}],"id":"47664186","url":"https://www.wesnoth.org","external_url":"https://news.ycombinator.com/item?id=47664186","date_published":"2026-04-06T17:37:38Z"}]}
![\"Trail](\"https://media.newyorker.com/cartoons/69cc47da5cdb372b560820e4/master/w_1600%2Cc_limit/a25456.jpg\")
![\"Man](\"https://media.newyorker.com/cartoons/69b9c0dccd8fdd362aec00f2/master/w_1600%2Cc_limit/a60754.jpg\")
![\"GuppyLM\"](\"https://github.com/arman-bd/guppylm/blob/main/assets/guppy.png\")
![\"Try](\"https://img.shields.io/badge/Try_in-Browser-64ffda?logo=webassembly\"){kind=icon}
![\"Open](\"https://img.shields.io/badge/Chat_in-Colab-F9AB00?logo=googlecolab\"){kind=icon}
![\"Open](\"https://img.shields.io/badge/Train_in-Colab-F9AB00?logo=googlecolab\"){kind=icon}
![\"art002e009288](\"https://www.nasa.gov/wp-content/uploads/2026/04/art002e009288orig.jpg?w=1024\")
![\"015A9798.NEF\"](\"https://images-assets.nasa.gov/image/art002e009281/art002e009281~large.jpg?w=1920&h=1280&fit=clip&crop=faces%2Cfocalpoint\")
![\"015B0524.NEF\"](\"https://images-assets.nasa.gov/image/art002e009287/art002e009287~large.jpg?w=1920&h=1280&fit=clip&crop=faces%2Cfocalpoint\")
![\"A](\"https://images-assets.nasa.gov/image/jsc2026e020504/jsc2026e020504~large.jpg?w=1920&h=1280&fit=clip&crop=faces%2Cfocalpoint\")
![\"019A0860.NEF\"](\"https://images-assets.nasa.gov/image/art002e009301/art002e009301~large.jpg?w=1920&h=1280&fit=clip&crop=faces%2Cfocalpoint\")
![\"In](\"https://images-assets.nasa.gov/image/art002e009298/art002e009298~large.jpg?w=1920&h=1280&fit=clip&crop=faces%2Cfocalpoint\")
![\"015B0569.NEF\"](\"https://images-assets.nasa.gov/image/art002e009289/art002e009289~large.jpg?w=1920&h=1280&fit=clip&crop=faces%2Cfocalpoint\")
![\"cmasaw3_20260406191824.JPG\"](\"https://images-assets.nasa.gov/image/art002e009562/art002e009562~large.jpg?w=1920&h=1440&fit=clip&crop=faces%2Cfocalpoint\")
![\"IMG_0250.DNG\"](\"https://images-assets.nasa.gov/image/art002e009294/art002e009294~large.jpg?w=1920&h=1440&fit=clip&crop=faces%2Cfocalpoint\")
![\"cmasaw3_20260406223414_017.JPG\"](\"https://images-assets.nasa.gov/image/art002e009567/art002e009567~large.jpg?w=1920&h=1440&fit=clip&crop=faces%2Cfocalpoint\")
![\"cmasaw3_20260407011150.JPG\"](\"https://images-assets.nasa.gov/image/art002e009573/art002e009573~large.jpg?w=1920&h=1440&fit=clip&crop=faces%2Cfocalpoint\")
![\"015A7556.NEF\"](\"https://images-assets.nasa.gov/image/art002e012183/art002e012183~large.jpg?w=1920&h=1280&fit=clip&crop=faces%2Cfocalpoint\")
![\"015B0045.NEF\"](\"https://images-assets.nasa.gov/image/art002e009283/art002e009283~large.jpg?w=1920&h=1280&fit=clip&crop=faces%2Cfocalpoint\")
![\"015B2552.NEF\"](\"https://images-assets.nasa.gov/image/art002e009299/art002e009299~large.jpg?w=1920&h=1280&fit=clip&crop=faces%2Cfocalpoint\")
![\"IMG_0271.DNG\"](\"https://images-assets.nasa.gov/image/art002e009302/art002e009302~large.jpg?w=1920&h=1440&fit=clip&crop=faces%2Cfocalpoint\")
![\"015B0071.NEF\"](\"https://images-assets.nasa.gov/image/art002e009284/art002e009284~large.jpg?w=1920&h=1280&fit=clip&crop=faces%2Cfocalpoint\")
![\"015A9942.NEF\"](\"https://images-assets.nasa.gov/image/art002e009282/art002e009282~large.jpg?w=1920&h=1280&fit=clip&crop=faces%2Cfocalpoint\")
![\"015A7551.NEF\"](\"https://images-assets.nasa.gov/image/art002e012178/art002e012178~large.jpg?w=1920&h=1280&fit=clip&crop=faces%2Cfocalpoint\")
![\"019A0002.NEF\"](\"https://images-assets.nasa.gov/image/art002e012278/art002e012278~large.jpg?w=1920&h=1280&fit=clip&crop=faces%2Cfocalpoint\")
![\"019A0005.NEF\"](\"https://images-assets.nasa.gov/image/art002e012279/art002e012279~large.jpg?w=1920&h=1280&fit=clip&crop=faces%2Cfocalpoint\")
![\"015A7400.NEF\"](\"https://images-assets.nasa.gov/image/art002e012028/art002e012028~large.jpg?w=1920&h=1280&fit=clip&crop=faces%2Cfocalpoint\")
![\"019A1290.NEF\"](\"https://images-assets.nasa.gov/image/art002e009293/art002e009293~large.jpg?w=1920&h=1280&fit=clip&crop=faces%2Cfocalpoint\")
![\"015A7981.NEF\"](\"https://images-assets.nasa.gov/image/art002e009279/art002e009279~large.jpg?w=1920&h=1280&fit=clip&crop=faces%2Cfocalpoint\")
![\"The](\"https://images-assets.nasa.gov/image/jsc2026e020490/jsc2026e020490~large.jpg?w=1920&h=1279&fit=clip&crop=faces%2Cfocalpoint\")
![\"IMG_0261.DNG\"](\"https://images-assets.nasa.gov/image/art002e009295/art002e009295~large.jpg?w=1920&h=1440&fit=clip&crop=faces%2Cfocalpoint\")
![\"015A7463.NEF\"](\"https://images-assets.nasa.gov/image/art002e012090/art002e012090~large.jpg?w=1920&h=1280&fit=clip&crop=faces%2Cfocalpoint\")
![\"015A7466.NEF\"](\"https://images-assets.nasa.gov/image/art002e012093/art002e012093~large.jpg?w=1920&h=1280&fit=clip&crop=faces%2Cfocalpoint\")
![\"The](\"https://images-assets.nasa.gov/image/art002e009571/art002e009571~large.jpg?w=1920&h=1440&fit=clip&crop=faces%2Cfocalpoint\")
![\"015B1036.NEF\"](\"https://images-assets.nasa.gov/image/art002e009280b/art002e009280b~large.jpg?w=1280&h=1920&fit=clip&crop=faces%2Cfocalpoint\")
![\"cmasaw3_20260406215024.JPG\"](\"https://images-assets.nasa.gov/image/art002e009566/art002e009566~large.jpg?w=1920&h=1440&fit=clip&crop=faces%2Cfocalpoint\")
![\"015A7502.NEF\"](\"https://images-assets.nasa.gov/image/art002e012129/art002e012129~large.jpg?w=1920&h=1280&fit=clip&crop=faces%2Cfocalpoint\")
![\"015A7430.NEF\"](\"https://images-assets.nasa.gov/image/art002e009278/art002e009278~large.jpg?w=1920&h=1280&fit=clip&crop=faces%2Cfocalpoint\")
![\"017A6989.NEF\"](\"https://images-assets.nasa.gov/image/art002e009290/art002e009290~large.jpg?w=1920&h=1280&fit=clip&crop=faces%2Cfocalpoint\")
![\"IMG_0264.DNG\"](\"https://images-assets.nasa.gov/image/art002e009296/art002e009296~large.jpg?w=1920&h=1440&fit=clip&crop=faces%2Cfocalpoint\")
![\"015B0281.NEF\"](\"https://images-assets.nasa.gov/image/art002e009285/art002e009285~large.jpg?w=1920&h=1280&fit=clip&crop=faces%2Cfocalpoint\")
![\"019A1191.NEF\"](\"https://images-assets.nasa.gov/image/art002e009292/art002e009292~large.jpg?w=1920&h=1280&fit=clip&crop=faces%2Cfocalpoint\")
![\"015A7244.NEF\"](\"https://images-assets.nasa.gov/image/art002e009277/art002e009277~large.jpg?w=1920&h=1280&fit=clip&crop=faces%2Cfocalpoint\")
![\"cmasaw3_20260407012240_013.JPG\"](\"https://images-assets.nasa.gov/image/art002e009575/art002e009575~large.jpg?w=1920&h=1440&fit=clip&crop=faces%2Cfocalpoint\")
![\"Flight](\"https://images-assets.nasa.gov/image/jsc2026e020501/jsc2026e020501~large.jpg?w=1920&h=1535&fit=clip&crop=faces%2Cfocalpoint\")
![\"cmasaw4_20260407133216_050.JPG\"](\"https://images-assets.nasa.gov/image/art002e012583/art002e012583~large.jpg?w=1920&h=1440&fit=clip&crop=faces%2Cfocalpoint\")
![](\"https://www.jsnover.com/blog/wp-content/uploads/2026/03/image-3-scaled.png\")
![\"natural-monopoly\"](\"https://sschueller.github.io/posts/the-free-market-lie/natural-monopoly.png\")
![\"3](\"https://sschueller.github.io/posts/the-free-market-lie/3-trenches.png\")
![\"US](\"https://sschueller.github.io/posts/the-free-market-lie/us-fiber.png\")
![\"Open](\"https://sschueller.github.io/posts/the-free-market-lie/open-access-colored.png\")
![\"4](\"https://sschueller.github.io/posts/the-free-market-lie/4-fiber.png\")
![\"OTO\"](\"https://sschueller.github.io/posts/the-free-market-lie/oto.png\")
![\"Speedtest\"](\"https://www.speedtest.net/result/c/f11e8bde-e5a3-4fe7-9c-13-f0ef236d0566.png\")
![\"GEPON\"](\"https://sschueller.github.io/posts/the-free-market-lie/gepon.png\")
GEPON P2MP Splitter![\"The](\"https://piechowski.io/post/git-commands-before-reading-code/cover_hu3f66e25b7571f7e32d40f355f31a2ca9_56928_1500x0_resize_q75_h2_box_2.webp\")
![\"Concrete](\"https://sam-burns.com/posts/concrete-laptop-stand/images/gallery-1/01-concrete-laptop-stand-being-used.jpg\")
![\"Plug](\"https://sam-burns.com/posts/concrete-laptop-stand/images/gallery-1/02-concrete-laptop-stand-plug-socket.jpg\")
![\"Integral](\"https://sam-burns.com/posts/concrete-laptop-stand/images/gallery-1/03-concrete-laptop-stand-plant.jpg\")
![\"Rusted](\"https://sam-burns.com/posts/concrete-laptop-stand/images/gallery-1/04-exposed-wire.jpg\")
![\"An](\"https://sam-burns.com/posts/concrete-laptop-stand/images/gallery-2/01-concrete-laptop-stand-drawing.jpg\")
![\"The](\"https://sam-burns.com/posts/concrete-laptop-stand/images/gallery-2/02-concrete-laptop-stand-rebar-cage.jpg\")
![\"Integral](\"https://sam-burns.com/posts/concrete-laptop-stand/images/gallery-2/06-concrete-laptop-stand-integral-plantpot.jpg\")
![\"Rusted](\"https://sam-burns.com/posts/concrete-laptop-stand/images/gallery-2/07-concrete-laptop-stand-can-penpot.jpg\")
![\"Concrete](\"https://sam-burns.com/posts/concrete-laptop-stand/images/gallery-2/03-concrete-laptop-stand-in-form.jpg\")
![\"Concrete](\"https://sam-burns.com/posts/concrete-laptop-stand/images/gallery-2/04-concrete-laptop-stand-demolding.jpg\")
![\"Concrete](\"https://sam-burns.com/posts/concrete-laptop-stand/images/gallery-2/05-concrete-laptop-stand-gap-with-polystyrene.jpg\")
![\"SourceForge](\"https://a.fsdn.com/con/images/sandiego/sf-logo-full.svg\"){kind=logo}
![\"Microsoft](\"https://veracrypt.jp/MS_Termination.png\")
![\"Marty\"](\"https://a.fsdn.com/con/images/sandiego/icons/default-avatar.png\" "\\"Marty\\""){kind=icon}
![\"MongoDB](\"https://a.fsdn.com/con/img/hi-logo.png\"){kind=logo}
![\"MongoDB\"](\"https://a.fsdn.com/con/img/hi-text.png\")
![\"graph](\"https://assets.buttondown.email/images/c768727d-01a9-4f44-919b-bab3c84cb81d.png?w=960&fit=max\")
![\"Aurora](\"https://assets.buttondown.email/images/e29aa9d6-cb9e-40ee-9340-a2d128ddaabf.jpeg?w=960&fit=max\")