Called this. www.galois.com/articles/cla...

Good Morning Spider is an underrated album.

New frontiers in carnitas-making. Today: took the fat cap/skin off in a whole sheet, sliced that into big cubes, rendered it for a couple hours, tried not to eat all of that, then browned the shoulder in the fat, cubed up, threw the skin in, and braised it off. I've been doing the fat cap all wrong!

What the FUCK, Microsoft?

Current status at Apple SEAR: www.youtube.com/watch?v=1GJS...

I am unreasonably excited about this. go.dev/blog/jsonv2-...

My basic thing is if you're going to write a whole big splashy blog post about how a piece of anti-surveillance tech has a vulnerability in it, you should first be sure it has that vulnerability in it. It'll look pretty grim if you write the piece and it doesn't.

ANSI art is back, baby. simonwillison.net/2025/Sep/2/r...

I don't get what Ken White thinks he stands to gain by wading into these social media slapfights between progressives and liberals. Lakshya Jain's first couple polls for The Argument haven't impressed me, but he's not a comic book villain. The people who think he is hate Ken and everything believes.

Somewhere on Kyle Kingsbury's site there's a link to a "What are birds?" video (it is what it sounds like) and I always assumed it was just a meme everyone knew but the Internet does not know about this meme and it lives permanently in my brain and I'm constantly having to go find it on his site.

Champaign-Urbana, Illinois: heart of the Prairie Demoscene.

Changed my mind, back to hating AI.

ohhhhh boy queue.acm.org/detail.cfm?i...

It is weird that I feel like I've never read this take before. andre.arko.net/2025/06/30/y...

Ed... can I call you Ed? If you want to write a piece about "how to argue with an AI booster", one good reportorial step you might take would be to actually *have an argument with an AI booster*. I'm available, but so are other people who have done things more recently than 2 months ago.

He's like Steve Buscemi's P.I. character in 30 Rock. How do you take this seriously? There are plenty of LLM skeptics who actually code professionally. Why source your skepticism here?

Marking this now as a contender for the funniest subhed of 2025.

Quick reminder for Chicago nerds that Chisec is tonight, the last one we're having at Twisted Spoke (Ogden/Grand), because Spoke is closing --- 7PM. No RSVP or anything, just show up. It's nice out, we'll probably be on the roof.

Chicago nerds: Chisec is tomorrow, at Twisted Spoke on Ogden/Grand at 7PM-ish. It's the last-ever Spoke Chisec, since Spoke is... ☠️closing☠️. (Erin will find someplace else to hold it in September).

The DARPA AIxCC results are in. Team Atlanta (GATech, KAIST) takes #1, followed by Trail, followed by Theori. Here's Trail's system, open sourced: blog.trailofbits.com/2025/08/08/b...

TIL: once tomatoes show color near the blossom end, the plant has stopped sending them nutrients; in blinded tests, nobody can tell the difference if they ripen on the vine vs. on the plant. DENY THE SQUIRRELS YOUR TOMATOES.

I didn't know we got to brand our dotfiles. I call this segment of my .zshrc TESSARACTUS: (omarchy.org)

this is why I poach fish in liquid osmium

What? No.

Local butcher shop now doing really good rillettes, so time for a sandwich smackdown: the BLT vs. the RLT.

We have a family of Coopers Hawks (4 of them, by my count) in the tree outside my house, presumably picking off 28 starlings and mice a week, and my update for all of you is that they sound real goofy, like angry chickens, nothing at all like movie hawks.

Comments like this are why I will never quit HN. We need cryptocurrency because bank fees are so high because every time you do a conventional bank transfer a truck has to take your money from one bank to another bank. So beautiful my heart is breaking. news.ycombinator.com/item?id=4471...

This is pretty neat. I think they're right, there is a weird discontinuity in tooling and ergonomics for eBPF stuff (bcc, thankfully in the rear-view now, pretty good evidence for that). github.com/multikernel/...

First BLT of the season: yesterday. First two-BLT day of the season: today.

Obviously, there should on Amazon be an ultra-popular SKU for "USB cables with USB-C or USB-A on one end and EVERY OTHER END OF A USB CABLE EVER DEVISED BY MAN on the other".

I had a whole spiel about how Sketch.dev was crushing Codex for me today, and then it wrote this and now I want to destroy it.

"Because of legal uncertainty around Swiss government proposals(new window) to introduce mass surveillance — proposals that have been outlawed in the EU — Proton is moving most of its physical infrastructure out of Switzerland." Bahahahahahahahahahahaahahaha

There are ways to mitigate it (prune context by summarizing conversations, extract key bits of memory by making it call some kind of `save_memory` tool)... but they also run headfirst into the first problem re: chaining reliabilities. You're just piling 95% recall on top of each other.

Some really good detail in this post on the limitations of agent architectures: utkarshkanwat.com/writing/bett...

Briefly hung around the Chicago River in Pilsen tonight and watched a beaver patrol a segment of it. River beaver. That is all.

I will now sell five copies of "Instant Holograms On Metal Film" by Stereolab.

"The executive director of an IT consultancy". Ok, then.

ChiSec is happening tonight at Twisted Spoke (Ogden/Grand), around 7ish, it's a "just show up" kind of thing, not all security people (but still mostly embittered nerds).

The trick to hanger steak: butterfly it, so it cooks evenly and you get nice big slices across the grain.

I realize now an important missed detail of my LLM post: no Rust programmer needs an LLM to generate code; they can just post Go code anywhere on the Internet and say "I don't think this could be expressed better in Rust".

I am taking today off of real work and it is AMAZING why do I not do this all the time

Huh, new Stereolab is very good.

I get annoyed when big accounts post fake ragebait. The newest EOL'd device was released 13 years (2 generations) ago; remote/cloud features will no longer work; all the devices will still work as thermostats. This is honestly way better support than I've seen for any early generation IOT device.

gee thanks sketch i wasn't sure

OH: "The year is 2030, our git repo is 95% ALL CAPS files telling systems what to do"

🤘

Any time you reply to a vulnerability with "the S in MCP stands for Security" I am going to assume you didn't read the bug report carefully.

This is an interesting post, but I'm hung up on how insane the predicate for this vulnerability is: "developer points Cursor with full MCP SQL access at untrusted content". This isn't "lethal trifecta". It already has a name: self-XSS. simonwillison.net/2025/Jul/6/s...

This is extremely funny for deeply emacsy reasons.