Skip to content

Justin's Linklog Posts

The “you wouldn’t steal a car” anti-piracy PSA was made with piracy

Published April 24, 2025

Evertop

Published April 22, 2025

  • Evertop

    E-ink IBM XT clone "with solar power, ultra low power consumption, and ultra long battery life: in power saving mode it can run between 200 hours on the low side and 500 hours or in some cases even much longer of constant interactive use, not standby." -- this is an absolutely crazy gadget. I never thought I'd feel nostalgic for MS-DOS, but here we are

    Tags: pc e-ink solar retrocomputing emulation hardware gadgets self-builds ibm-xt solarpunk

notes on using an LLM for personal email search

Published April 22, 2025

  • notes on using an LLM for personal email search

    Nelson Minar asked Mastodon about using an LLM for email search over "20+ years of email archives":

    "Main use would be a query for specific things, "what did I say to this friend 10 years ago about music?" But also just for general knowledge. I think it'd mostly work as free text but there's a little email-specific structure it'd be nice to capture."

    The thread has some good suggestions, notably Mark Fletcher's RAG suggestion. I'm thinking this could work well as a self-hosted ollama+notmuch setup...

    Tags: llms search email rag notmuch archives via:nelson

This Is How Meta AI Staffers Deemed More Than 7 Million Books to Have No “Economic Value”

Published April 17, 2025

  • This Is How Meta AI Staffers Deemed More Than 7 Million Books to Have No “Economic Value”

    This is jaw-dropping legal logic:

    [Meta's] defense hinges on the argument that the individual books themselves are, essentially, worthless — one expert witness for Meta describes that the influence of a single book in LLM pretraining “adjusted its performance by less than 0.06% on industry standard benchmarks, a meaningless change no different from noise.”

    Furthermore, Meta says, that while the company “has invested hundreds of millions of dollars in LLM development,” they see no market in paying authors to license their books because “for there to be a market, there must be something of value to exchange, but none of Plaintiffs works has economic value, individually, as training data.” (An argument essential to fair use, but that also sounds like a scaled up version of a scenario in which the New York Philharmonic board argues against paying individual members of the orchestra because the organization spent a lot of money on the upkeep of David Geffen Hall, and also, a solo bassoon cannot play every part in “The Rite of Spring.”)

    as Paul Mainwood notes, this is the Sorites paradox: https://plato.stanford.edu/entries/sorites-paradox/ --

    • 1 grain of wheat does not make a heap.
    • If 1 grain doesn’t make a heap, then 2 grains don’t.
    • If 2 grains don’t make a heap, then 3 grains don’t.
    • ...
    • If 999,999 grains don’t make a heap, then 1 million grains don’t.

    Therefore, 1 million grains don’t make a heap.

    Tags: ml copyright ip books training llms meta llama pretraining paradoxes sorites-paradox

CaMeL

Published April 17, 2025

  • CaMeL

    Google reinvents "taint" checking:

    Google DeepMind has unveiled CaMeL (CApabilities for MachinE Learning), a new approach to stopping prompt-injection attacks that abandons the failed strategy of having AI models police themselves. Instead, CaMeL treats language models as fundamentally untrusted components within a secure software framework, creating clear boundaries between user commands and potentially malicious content.

    The new paper grounds CaMeL's design in established software security principles like Control Flow Integrity (CFI), Access Control, and Information Flow Control (IFC), adapting decades of security engineering wisdom to the challenges of LLMs.

    Honestly, this is great. Data flow tracing/taint checking is exactly the method that needed to be applied, IMO, so good job DeepMind. Also as Jeremy Kahn suggested, the name is definitely a shout-out to Perl, the language where taint checks were first widely-used. :)

    Paper: https://arxiv.org/pdf/2503.18813

    (Via Jeremy Kahn.)

    Tags: llms ai security via:trochee data-flow infosec taint-checking taint camel papers

The 5 Levels of Configuration Languages

Published April 15, 2025

Using Karabiner-Elements to remap shift-3 from “£” to “#”

Published April 10, 2025

I've just been setting up a new Macbook, running MacOS Sequoia, and my previous trick I'd used to handle an ANSI keyboard in an Irish/UK English locale, specifically to remap shift-3 from "£" to "#", no longer works. So here's a replacement approach, using a Karabiner-Elements "Complex Modification" rule:

{
    "description": "Change right-shift-3 to hash",
    "manipulators": [
        {
            "from": {
                "key_code": "3",
                "modifiers": { "mandatory": ["right_shift"] }
            },
            "to": [
                {
                    "key_code": "3",
                    "modifiers": ["right_option"]
                }
            ],
            "type": "basic"
        }
    ]
}

just-containers/s6-overlay

Published April 9, 2025

  • just-containers/s6-overlay

    s6-overlay -- a Docker process management system, current state of the art used by Paperless and the Linux-server.io teams, with the following goals:

    • Be usable on top of any Docker base image (Ubuntu, CentOS, Fedora, Alpine, Busybox);
    • Make it easy to create new images, that will operate like any other images;
    • Provide users with a turnkey s6 installation that will give them a stable pid 1, a fast and orderly init sequence and shutdown sequence, and the power of process supervision and automatically rotated logs.

    Tags: docker containerization containers init scripts process-management linux docker-images

Practical Rateless Set Reconciliation

Published April 8, 2025

  • Practical Rateless Set Reconciliation

    Rateless Set Reconciliation, via Carlos Baquero:

    Set reconciliation, where two parties hold fixed-length bit strings and run a protocol to learn the strings they are missing from each other, is a fundamental task in many distributed systems. We present Rateless Invertible Bloom Lookup Tables (Rateless IBLTs), the first set reconciliation protocol, to the best of our knowledge, that achieves low computation cost and near-optimal communication cost across a wide range of scenarios: set differences of one to millions, bit strings of a few bytes to megabytes, and workloads injected by potential adversaries. Rateless IBLT is based on a novel encoder that incrementally encodes the set difference into an infinite stream of coded symbols, resembling rateless error-correcting codes. We compare Rateless IBLT with state-of-the-art set reconciliation schemes and demonstrate significant improvements. Rateless IBLT achieves 3–4× lower communication cost than non-rateless schemes with similar computation cost, and 2–2000× lower computation cost than schemes with similar communication cost. We show the real-world benefits of Rateless IBLT by applying it to synchronize the state of the Ethereum blockchain, and demonstrate 5.6× lower end-to-end completion time and 4.4× lower communication cost compared to the system used in production.

    Tags: set-reconciliation algorithms papers via:xmal sets data-structures bloom-tables error-correction

My Self-Hosted GMail Backup

Published April 4, 2025

My Self-Hosted GMail Backup

For the past few months, I’ve had a bit of a background project going to ensure that my cloud-hosted personal data is safely archived on my own, self-hosted hardware, just in case. Google services are nice 'n' all, but I’m not 100% happy trusting them with everything in the long run.

Part of this project has been to archive my old email collection from GMail, which dates back to the initial public beta in 2004(ish?) -- and make it searchable, because what’s the point in having all that email if you can’t find the needle in the 20-year haystack when you need it?

Enter “notmuch” -- a “fast, global-search and tag-based email system”, which runs as a set of UNIX CLI commands, and is inspired by Sup, a mailreader I used previously. I have a self-hosted home server running Ubuntu 20.04 with a chunky SATA disk, so that's where I'll run it.

Here’s the process I followed:

Order a Google Takeout of your GMail account. This takes a couple of days to prepare. Request the 50GB tgz files.

When you get the email telling you it’s ready, download the files (this is awkward as you can only download one at a time, and only via your web browser, not fun). scp them to your server, and to a disk with lots of free space (/x/4 in my case).

Extract each one:

cd /x/4/tmp
tar xvfz takeout-20250322T145242Z-001.tgz
tar xvfz takeout-20250322T145242Z-002.tgz
...
rm takeout-20250322T145242Z-00*tgz

You will wind up with a few bits of uninteresting metadata, and one gigantic mbox file: Takeout/Mail/All\ mail\ Including\ Spam\ and\ Trash.mbox . In order to make this useful, it needs to be converted into Maildir format, so install “mb2md”:

sudo apt install mb2md

Now run it, creating a GMailTakeout directory for the result:

mkdir -p /x/4/GMailTakeout
mb2md -s /x/4/tmp/Takeout/Mail/All\ mail\ Including\ Spam\ and\ Trash.mbox -d /x/4/GMailTakeout

This takes quite a while for 20 years of email! Unfortunately, the resulting single directory is still unusably huge, so split it into 100 new Maildir folders:

cd /x/4/GMailTakeout/cur
find . -type f -print > /tmp/dirlisting
perl -ne '
  $dir = sprintf("dir_%03d", ($. % 100));
  (-d $dir) or mkdir($dir);
  chop; rename($_, "$dir/$_") or die "cannot rename $_";
' /tmp/dirlisting

cd /x/4/GMailTakeout
mv cur/* .
for f in dir_* ; do mkdir mail$f mail$f/{new,tmp} ; mv $f mail$f/cur ; done

The result of this is 100 Maildirs, /x/4/GMailTakeout/maildir_000 to /x/4/GMailTakeout/maildir_099, each containing about 300MB of email, in my case.

There really isn't much need to keep the mails labelled as spam, so let's just nuke them in advance:

grep -r 'X-Gmail-Labels: Spam' . | perl -pe 's/:.*$//' | xargs -n 100 rm -f

Next step is to install “notmuch” and create a “notmuch” configuration. I used the Debian packaged “notmuch”, version 0.29.3. Install using apt-get, and then run “notmuch”. Accept the defaults for the config, and don’t add any mail folders yet.

My initial attempt was simply to import the lot in one go: this went badly, throwing up a multi-day progress indicator, and with no safe way to checkpoint partial progress, and it quickly started consuming lots of RAM, causing me to suspect some leaking.

I aborted it and tried this instead to index each dir one-by-one:

for f in /x/4/GMailTakeout/maildir_* ; do ln -s $f ~/mail/ && nice notmuch new ; done

Unfortunately, this also turned out badly. The import of each maildir gradually slowed as data built up in notmuch’s Xapian indexes. After processing about 60 maildirs, memory consumption during the import became a problem, and the “notmuch” processes started being killed by the Linux OOM killer. In a couple of cases this resulted in corrupt index files and data loss. Ouch.

So I started again, with a new approach:

#!/bin/sh
set -exu
mkdir -p /x/4/GMailTakeout/notmuchbackup/xapian/
for f in /x/4/GMailTakeout/maildir_0*
do
    ln -s $f ~/mail/ && nice notmuch new
    nice notmuch compact
    cp /home/jm/mail/.notmuch/xapian/* /x/4/GMailTakeout/notmuchbackup/xapian/
done

Calling “notmuch compact” does seem to help, trimming the size of the indexes as it goes; taking a copy of the Xapian indexes in a backup dir is for extra safety. Since the “-e” shell flag is in place, any OOMs or other random failures will crash the entire script and ensure the last backup is still safe to use for recovery.

Unfortunately this still got bogged down and started OOMing fairly reliably after about maildir_065, 2 days into the process; at this point, I decided to keep that set of dirs as “notmuch config 1” and start a separate import process, into another index, as “notmuch config 2”. Accordingly, I moved ~/mail to ~/mail1 , ~/.notmuch-config to ~/.notmuch-config1, created a ~/mail2 , and started a new notmuch config file pointing at that instead. Ideally I’ll be able to merge the indexes at some point, but it’s no biggie.

With these two aliases, it’s pretty painless:

alias notmuch1='notmuch --config=$HOME/.notmuch-config1'
alias notmuch2='notmuch --config=$HOME/.notmuch-config2'

After another day or so of indexing, this is the result --

du -sh /home/jm/mail?/.notmuch/xapian
19G     /home/jm/mail1/.notmuch/xapian
4.2G    /home/jm/mail2/.notmuch/xapian

Notmuch supports pretty much all the nice email search features that GMail does, but seemingly more reliably, and faster; I’ve already been able to use this new mail index to find a mail that (worryingly!) GMail's own search can’t seem to locate -- my license for the Moom OSX window manager tool purchased over a decade ago:

time notmuch1 search moom "Many Tricks"
thread:00000000000034fe   2013-10-15 [1/1] Many Tricks; Your Many Tricks purchase (inbox unread)
thread:00000000000c267b   2013-10-15 [1/1] sales@manytricks.com; Your Moom License (attachment inbox unread)

real    0m0.068s
user    0m0.048s
sys     0m0.016s

And it’s just nice to have 20 years of email archived safely, off the cloud, and indexed.

Next steps? Maybe lieer would be good to try, to download incremental updates as we go forward. Let's see.

Corporate memory loss

Published April 3, 2025

  • Corporate memory loss

    From Lessons from the Malahide Viaduct collapse, a post-mortem on the serious failure of the main Dublin-Belfast railway line here in Ireland in 2009:

    This failure is a reminder of the mundane but typically critical role played by human factors in structural collapse. By 2009, it appears that the knowledge and information relating to the scour susceptibility of the Malahide Viaduct resided in the heads of a number of individuals who had left the [Iarnrod Eireann engineering] division, rather than in a formal system that was accessible to the engineers responsible for the structure. In an era where the concept of a ‘job for life’ is becoming more uncommon, and with engineers moving ever more frequently from job to job and role to role, often taking corporate knowledge with them, this failure highlights the very real risks faced by asset management organisations, due to the threat of corporate memory loss.

    (via Brian Scanlan)

    Tags: memory-loss memory institutional-memory corporate companies organisations history malahide iarnrod-eireann ireland rail engineering post-mortems via:bscanlan reports

Go Optimization Guide

Published April 1, 2025

  • Go Optimization Guide

    "a collection of articles aimed at helping developers write faster, more efficient Go applications. Whether you're building high-throughput APIs, microservices, or distributed systems, this series offers practical patterns, real-world use cases, and low-level performance insights to guide your optimization efforts.

    While Go doesn’t expose as many knobs for performance tuning as languages like C++ or Rust, it still provides plenty of opportunities to make your applications significantly faster. From memory reuse and allocation control to efficient networking and concurrency patterns, Go offers a pragmatic set of tools for writing high-performance code."

    Tags: golang go reference optimization programming performance coding via:hn

The Ultimate Energy-Efficient Unraid Server Build

Published April 1, 2025

  • The Ultimate Energy-Efficient Unraid Server Build

    "The goal of this build was to create a powerful 90TB server that idles at just 20-25 watts, proving that substantial storage capacity doesn’t have to come with massive power consumption." -- Extremely relevant to my current interests!

    "At the core of this build is an N100-based motherboard, featuring six SATA ports and two NVMe slots. Priced at around $150-180, it provides excellent value for those looking to build energy-conscious storage solutions. To maximize storage connectivity, an NVMe to SATA adapter was used along with 32 GB of DDR5 RAM."

    Tags: ssd hard-disks nas storage disks hardware n100 servers home low-power power sata

The demoscene as a UNESCO heritage in Sweden

Published March 31, 2025

  • The demoscene as a UNESCO heritage in Sweden

    I love this:

    The demoscene has become a national UNESCO-heritage in Sweden, thanks to an application that Ziphoid and me did last year. This has already happened in several European countries, as part of the international Art of Coding initiative to make the demoscene a global UNESCO heritage. I think this makes plenty of sense, since the demoscene is arguably the oldest creative digital subculture around. It has largely stuck to its own values and traditions throughout the world’s technological and economical shifts, and that sort of consistency is quite unusual in the digital world.

    Tags: demos demoscene history microcomputing sweden unesco heritage art

Better Binary Quantization (BBQ)

Published March 28, 2025

  • Better Binary Quantization (BBQ)

    Elasticsearch with a new quantization approach for vector search:

    In Elasticsearch 8.16 and Lucene, we introduced Better Binary Quantization (BBQ), a new approach developed from insights drawn from a recent technique - dubbed “RaBitQ” - proposed by researchers from Nanyang Technological University, Singapore.

    BBQ is a leap forward in quantization for Lucene and Elasticsearch, reducing float32 dimensions to bits, delivering ~95% memory reduction while maintaining high ranking quality. BBQ outperforms traditional approaches like Product Quantization (PQ) in indexing speed (20-30x less quantization time), query speed (2-5x faster queries), with no additional loss in accuracy.

    In this blog, we will explore BBQ in Lucene and Elasticsearch, focusing on recall, efficient bitwise operations, and optimized storage for fast, accurate vector search.

    Note, there are differences in this implementation than the one proposed by the original RaBitQ authors. Mainly:

    • Only a single centroid is used for simple integration with HNSW and faster indexing
    • Because we don't randomly rotate the codebook we do not have the property that the estimator is unbiased over multiple invocations of the algorithm
    • Rescoring is not dependent on the estimated quantization error
    • Rescoring is not completed during graph index search and is instead reserved only after initial estimated vectors are calculated
    • Dot product is fully implemented and supported. The original authors focused on Euclidean distance only. While support for dot product was hinted at, it was not fully considered, implemented, nor measured. Additionally, we support max-inner product, where the vector magnitude is important, so simple normalization just won't suffice.

    Tags: bbq rabitq quantization vectors search llms lucene elasticsearch compression

I Can’t Stop Cackling At This Relic That’s Basically A Teen’s Angry Note To His Mum

Published March 27, 2025

Would either of these be a good option for a Plex server? : r/PleX

Published March 27, 2025

Odroid H4+

Published March 27, 2025

  • Odroid H4+

    Odroid do an N97:

    "the latest iteration of the Odroid H-Series board, the Odroid H4+. This is the best all-rounder of the new generation Odroid H4 Series of boards. Specifications-wise, the Odroid H4+ has an Intel 4-Core N97 processor, accepts DDR5 SODIMM RAM (up to 48GB), [...] four SATA ports, and a second Ethernet port"

    Also an M.2 PCI Express module socket, 4x SATA3 6.0 Gb/s data connectors, 2x USB 3, 2.5 Gb ethernet. The processor supports AVX2 vector extensions, good for media transcoding workloads.

    Supports either a 60W power supply, or 133W to support booting with 3.5" hard disks; I know that was a problem with multiple large disks attached in the past on earlier Odroid boards.

    All my home servers for the past decade have been Odroid SBCs. There's a very good chance this is going to be the next one...

    Tags: odroid hardware home gadgets n97 sbc shopping

UltraLogLog

Published March 25, 2025

  • UltraLogLog

    UltraLogLog: A Practical and More Space-Efficient Alternative to HyperLogLog for Approximate Distinct Counting:

    Since its invention HyperLogLog has become the standard algorithm for approximate distinct counting. Due to its space efficiency and suitability for distributed systems, it is widely used and also implemented in numerous databases. This work presents UltraLogLog, which shares the same practical properties as HyperLogLog. It is commutative, idempotent, mergeable, and has a fast guaranteed constant-time insert operation. At the same time, it requires 28% less space to encode the same amount of distinct count information, which can be extracted using the maximum likelihood method. Alternatively, a simpler and faster estimator is proposed, which still achieves a space reduction of 24%, but at an estimation speed comparable to that of HyperLogLog. In a non-distributed setting where martingale estimation can be used, UltraLogLog is able to reduce space by 17%. Moreover, its smaller entropy and its 8-bit registers lead to better compaction when using standard compression algorithms. All this is verified by experimental results that are in perfect agreement with the theoretical analysis which also outlines potential for even more space-efficient data structures. A production-ready Java implementation of UltraLogLog has been released as part of the open-source Hash4j library.

    (via Tony Finch)

    Tags: via:fanf algorithms data-structures hyperloglog ultraloglog counting count-distinct distinct approximation counts java

Zip bombs to frustrate AI crawlers

Published March 25, 2025

  • Zip bombs to frustrate AI crawlers

    Nifty trick; redirecting abusive AI crawlers to a gzipped file containing 100GB of zeros with a few lines of nginx config:

    set $redir_to_gz 1;
if ($host = gz.niko.lgbt) {
    set $redir_to_gz 0;
}
if ($http_user_agent !~* (claudebot|ZoominfoBot|GPTBot|SeznamBot|DotBot|Amazonbot|DataForSeoBot|2ip|paloaltonetworks.com|SummalyBot|incestoma)) {
    set $redir_to_gz 0;
}
if ($redir_to_gz) {
    return 301 
}

as for the actual stuff behind gz.niko.lgbt

server {
    # SSL and listen -- snipped

    # static files
    root /var/www/gz.niko.lgbt;
    location / {
        add_header Content-Encoding gzip;
        try_files /42.gz =404;
        gunzip off;
        types { text/html gz; }
    }

    # gunzip off is very important because if the client doesn't support gzip encoding nginx will blow its foot off without that
    # 42.gz is generated with dd if=/dev/zero bs=1M count=102400 | gzip -c - > 42.gz

    # additional config -- snipped
}

    Nice one @niko, I'm definitely going to use that :)

    Tags: gzip zip zip-bombs defence bots crawling scraping crawlers dev-zero abuse

Handling billions of invocations – best practices from AWS Lambda

Published March 24, 2025

  • Handling billions of invocations – best practices from AWS Lambda

    Good write-up on how to horizontally scale a multi-tenant async API service, from AWS. I particularly found this shuffle-sharding-based technique to be an excellent idea:

    Drawing inspiration from the “The Power of Two Random Choices” paper, the Lambda team explored the shuffle-sharding technique for its asynchronous invocations processing. Using this technique, you shuffle-shard tenants into several randomly assigned queues. Upon receiving an asynchronous invocation, you place the message in the queue with the smallest backlog to optimize load distribution. This approach helps to minimize the likelihood of assigning tenants to a busy queue. [....]

    The shuffle-sharding technique proved remarkably effective. By distributing tenants across shards, the approach ensures that only a very small subset of tenants could be affected by a noisy neighbor. The potential impact is also minimized since each affected tenant maintains access to unaffected queues. As your workloads grow, increasing the number of queues enhances resilience and further reduces the probability of multiple tenants being assigned to the same shard. This significantly lowers the risk of a single point of failure, making shuffle sharding a robust strategy for workload isolation and fault tolerance.

    Automated Isolation, covered in the next section, is also a neat trick. (via Last Week In AWS)

    Tags: via:lwia sharding architecture services horizontal-scaling shuffle-sharding algorithms load-balancing async queues aws multitenant

Pitchfork

Published March 21, 2025

  • Pitchfork

    An amazing journey through Ruby heap memory optimization, from one of the experts at Shopify, who are heavy users of Rails. Using cleverly-timed fork(2) usage, it's possible to optimize memory usage in a Rails app and discard a lot of performance/heap overhead caused by lazy loading and poorly-timed in-memory caching.

    This very much reminds me of optimising similar issues in Perl-land, back in the day -- and really helps me appreciate how easy the modern JVM world has it, in comparison. There's a lot of complaints to be made about the complexity of optimising JVM garbage collection settings, but this kind of problem is malleable there without a fundamental architectural rewrite like this approach.

    Tags: ruby performance optimisation optimization heap memory fork forking http services servers monolith rails gc

The Unbelievable Scale of AI’s Pirated-Books Problem

Published March 20, 2025

  • The Unbelievable Scale of AI’s Pirated-Books Problem

    The Atlantic go digging in LibGen, the insanely huge collection of 7.5 million pirated books used to train Meta's Llama LLM:

    One of the biggest questions of the digital age is how to manage the flow of knowledge and creative work in a way that benefits society the most. LibGen and other such pirated libraries make information more accessible, allowing people to read original work without paying for it. Yet generative-AI companies such as Meta have gone a step further: Their goal is to absorb the work into profitable technology products that compete with the originals. Will these be better for society than the human dialogue they are already starting to replace?

    Also, I found this quote from a Meta Director of Engineering in the legal discovery output interesting: "The problem is that people don’t realize that if we license one single book, we won’t be able to lean into fair use strategy". huh.

    Tags: books knowledge papers meta llama llms law piracy ip libgen genai fair-use

EFF gets it wrong on AI

Published March 19, 2025

  • EFF gets it wrong on AI

    EFF just posted this, "California’s A.B. 412: A Bill That Could Crush Startups and Cement A Big Tech AI Monopoly":

    California legislators have begun debating a bill (A.B. 412) that would require AI developers to track and disclose every registered copyrighted work used in AI training. At first glance, this might sound like a reasonable step toward transparency. But it’s an impossible standard that could crush small AI startups and developers while giving big tech firms even more power.

    Back in the early 2000s, we wrote SpamAssassin, a machine-learning driven antispam system which was trained on user-submitted data. We tracked the attribution of every item of input used to train that system. We weren't even a startup, we were an open source project.

    If we could do it, why can't modern AI systems? And don't say "because the existing large language models didn't do it" -- that's just accepting past shitty behaviour as a fait accompli.

    Extremely disappointed in the current state of the EFF if this is what they think.

    Tags: ai llms training copyright eff politics tech startups

The right’s Covid narrative has been turbo-charged into the mainstream

Published March 18, 2025

  • The right’s Covid narrative has been turbo-charged into the mainstream

    "Before the next outbreak, we need a serious conversation about how to cope – but first, the more strident, misguided voices must pipe down ... A different narrative has invaded the conversation: it wasn’t the virus that ruined our lives, but the response. This narrative was always there, but for a long time it stayed on the fringes. Now it’s becoming mainstream, turbo-charged by the recent successes of its political champions who typically gravitate towards the populist right. Public health experts have watched its advance with a gathering sense of doom. They know that how we respond to the next pandemic depends on how we understand the last, and that the next one is probably closer than most people think."

    I'd have to agree, and I'd also add the lab-leak SARS-CoV-2 origin hypothesis to that mix. In general, the right wing has somehow "won" the propaganda war and are able to rewrite COVID-19 history, possibly as a result of how they've been allowed to take over social media.

    Tags: covid-19 history sars-cov-2 disease social-media media right-wing politics

“A Canticle for Leibowitz” inspired “Fallout”

Published March 18, 2025

  • "A Canticle for Leibowitz" inspired "Fallout"

    A Canticle For Leibowitz is one of my favourite post-apocalyptic SF deep cuts. Here's some top trivia --

    Chris Taylor: "In the early 90s, I read all of the Hugo winners at the time. A Canticle for Leibowitz was one of my favorites. A few years later, it was one of the three major influences we used when making the original Fallout (along with [The] Road Warrior and City of Lost Children)."

    Tags: leibowitz scifi sf books fallout games gaming hugo-awards

GitHub Action supply chain attack

Published March 18, 2025

  • GitHub Action supply chain attack

    Yikes.... Both the "tj-actions/changed-files" and "reviewdog/actions-setup", along with many other Actions in the reviewdog scope, were compromised "with a malicious payload that caused affected repositories to leak their secrets in logs".

    the compromised reviewdog action injected malicious code into any CI workflows using it, dumping the CI runner memory containing the workflow secrets. While this is the same outcome as in the tj-actions case, the payload was distinct and did not use curl to retrieve the payload. Instead, the payload was base64 encoded and directly inserted into the install.sh file used by the workflow.

    On public repositories, the secrets would then be visible to everyone as part of the workflow logs, though obfuscated as a double-encoded base64 payload. As of now, no external exfiltration of secrets to an attacker-controlled server were observed; secrets were only observable within the affected repositories themselves.

    Two things:

    • The design of Github Actions, where a user is expected to depend on a random third party Github repo to not be compromised, is fundamentally dodgy.

    • Even worse, if you find a "trustworthy" version of a Github Action and use it in your CI pipeline, it now seems that the release tags on these actions are not immutable. In this attack older stable tags were redirected to point at exploited versions.

    Major design flaws IMO!

    Tags: ci github security builds supply-chain attacks exploits infosec

My Solar PV Output For 2024

Published March 15, 2025

My Solar PV Output For 2024

A couple of years ago, I had 5.8kW of solar panels and a 5kW battery installed on my (fairly typical) Dublin house.

The tricky part with solar PV is that, while you may have a set of solar panels, these may not be generating electricity at the time you want to use it. Even with a battery, your available stored power may wind up fully discharged by 7pm, leaving you running from expensive, non-renewable grid power for the rest of the evening. And up here in the high latitudes of northern Europe, you just don't get a whole lot of solar energy in December and January.

2024 was the first year in which (a) my panels and battery were fully up and running, (b) we were using a day/peak/night rate for grid electricity, and (c) for much of the year I had load-shifting in place; in other words, charging the battery from cheap night-rate electricity, then discharging it gradually over the course of the day, topping up with solar power once the sun gets high enough. As such, it’s worth doing the sums for the entire year to see how effective it’s been in real-world usage terms.

The total solar power generated across the year was reported from my Solis inverter as 4119 kWh.

Over the course of 2024, the entire household consumption comes to 8628 kWh. This was comprised of a fairly constant 800ish kWh per month, across the year; we still have gas-fired heating, so the winter months generally use gas energy instead of scaling up our electricity consumption.

Of that, the power consumed from solar PV was 2653 kWh (reported from the Solis web app as “annual PV to consumption”), and that from the grid was 5975 kWh (reported by the ESB Networks data feed).

So the correct figure is that 30% of our household consumption was driven from solar. This is a big difference from the naive figure of 4119/8628 = 47%; you can see that a big chunk of that power is being “lost”, due to happening at the wrong time to provide household power.

Of course, that power isn’t really “lost” -- it was exported to the grid instead. This export comprised 1403 kWh; this occurred when the battery was full, the household power usage was low, but there was still plenty of solar power being generated. (Arguably a bigger battery would be worthwhile to capture this, but at least we get paid for this export.)

There was a 2%-4% discrepancy between the Solis data and that from ESB Networks; Solis reported higher consumption (6102 kWh vs 5975) and higher export (1465 kWh vs 1403). I’m liable to believe ESB Networks more though.

In monetary terms:

The household consumption was 8628 kWh. Had we consumed this with the normal 24-hour rate tariff, we'd have paid (€236.62 standing charge per year) + (8628 at 23.61 cents per kWh) = (236.62 + 8628 * 0.2361) = €2273.69.

Checking the bills received over the year, taking into account load-shifting to take advantage of day/night variable rates and the power generated by the panels, and discounting the one-off government bill credits -- we spent €1325.97 -- 58.2% of the non-solar price.

Here! Have some graphs:

bookmarks.taint.org

Published March 15, 2025

Why The Metaverse Was A Turkey

Published March 14, 2025

  • Why The Metaverse Was A Turkey

    New World Notes: What Went Wrong With [Meta's] Horizon Worlds [previously the Metaverse]? Former Meta Devs Share Surprising Insights. Sounds like it was doomed from the start:

    Horizon Worlds / Workrooms, etc. is a pretty awful codebase with hundreds of people working on it. They grabbed a bunch of people from the Facebook/Instagram half of the company because they knew React. [...] Horizon Worlds uses a VR version of that called "ReactVR".

    What this effectively means is that most of the people developing Horizon Worlds (HW) are 2D app developers driven by engagement metrics and retention numbers. So... HW became flooded with a ton of 2D developers who never put on the headset even test their menus, all competing to try to create the most "engaging" menu that would sell microtransactions, or drive social engagement, or make some other number look good - because that's WHAT THEY DO at Facebook/Instagram. [...]

    The guy that was put in charge of Horizon Worlds needed help learning how to don the headset and launch the game after being in charge of it for 3 months.

    I think that programming in HW will never work because it lacks so many of the everyday necessary features programmers need, and the spatial element gives it almost no advantage. I cannot easily work with someone on a script... it’s all scratch-style building blocks. [...]

    They were actively denying pull requests (code changes) that were awesome features; features that VRChat eventually put in, or Second Life already had to begin with 15 years ago.

    It was dead as soon as they released it. Not a single developer thought it was ready, then when it dropped no one played it. Then, Facebook just tried to keep pumping it with "features" like little microtransaction stuff so they could say it made money.

    Plus devs "automating" their dogfood testing because it was so annoying, and the CTO shouting at people not to mention kids using their app. Ouch.

    Tags: vr meta funny fail horizon-worlds metaverse ouch facebook

waybackify.pl

Published March 14, 2025

amarlearning/spot-optimizer

Published March 14, 2025

  • amarlearning/spot-optimizer

    "Spot Optimizer is a Python library that helps users select the best AWS spot instances based on their resource requirements, including cores, RAM, storage type (SSD), instance architecture (x86 or ARM), AWS region, EMR version compatibility, and instance family preferences.

    It replaces complex, in-house logic for finding the best spot instances with a simple and powerful abstraction. No more manual guesswork — just the right instances at the right time."

    Implemented as a Python lib and CLI tool.

    Tags: aws spot-instances python ops cli tools

Netgear R7800 “hnyman” firmware

Published March 13, 2025

AI Search Has A Citation Problem

Published March 13, 2025

  • AI Search Has A Citation Problem

    LOL, these are terrible results.

    We randomly selected ten articles from each publisher, then manually selected direct excerpts from those articles for use in our queries. After providing each chatbot with the selected excerpts, we asked it to identify the corresponding article’s headline, original publisher, publication date, and URL [...] We deliberately chose excerpts that, if pasted into a traditional Google search, returned the original source within the first three results. We ran sixteen hundred queries (twenty publishers times ten articles times eight chatbots) in total.

    Results:

    Overall, the chatbots often failed to retrieve the correct articles. Collectively, they provided incorrect answers to more than 60 percent of queries. Across different platforms, the level of inaccuracy varied, with Perplexity answering 37 percent of the queries incorrectly, while Grok 3 had a much higher error rate, answering 94 percent of the queries incorrectly.

    Most of the tools we tested presented inaccurate answers with alarming confidence, rarely using qualifying phrases [...] With the exception of Copilot — which declined more questions than it answered — all of the tools were consistently more likely to provide an incorrect answer than to acknowledge limitations.

    Comically, the premium for-pay models "answered more prompts correctly than their corresponding free equivalents, [but] paradoxically also demonstrated higher error rates. This contradiction stems primarily from their tendency to provide definitive, but wrong, answers rather than declining to answer the question directly."

    Bottom line -- don't let an LLM attribute citations...

    Tags: llm llms media journalism news research search ai chatgpt grok perplexity tests citations

llms and humans unite, you have nothing to lose but your chores

Published March 12, 2025

  • llms and humans unite, you have nothing to lose but your chores

    Danny O'Brien posts a nice little automation script co-written with Claude.AI which has a couple of noteworthy angles; (1) instead of scraping the Uber site directly, it co-drives a browser using the Chrome DevTool Protocol and the playwright Python package; and (2) it has inline requirements.txt specifications using uv comments at the top of the script, which I hadn't seen before.

    I like the co-driving idea; it's a nice way to automate clicky-clicky boring tasks without using a standalone browser or a scraper client, while being easy to keep an eye on and possibly debug when it breaks. Also good to keep an eye on what LLM-authored code is up to.

    In the past I've used Browserflow as a no-code app builder for one-off automations of clicky-clicky web flows like this, but next time I might give the vibe-coding+CDP approach a go.

    Tags: vibe-coding tools automation one-offs scripting web cdp google-chrome playwright claude hacks llms ai browsers

Arguments about AI summarisation

Published March 11, 2025

  • Arguments about AI summarisation

    This is from an W3C discussion thread, where AI summarisation and minuting of meetings was proposed, and it lays out some interesting issues with LLM summarisation:

    Sure I'm excited about new tech as the next person, but I want to express my concerns (sorry to point out some elephants in the room):

    1. Ethics - major large language models rely on stolen training data, and they use low wage workers to 'train' at the expense of the well being of those workers.

    2. Environment - Apart from raw material usage that comes with increase in processing power, LLMs uses a lot more energy and water than human scribes and summarisers do (both during training and at point of use). Magnitudes more, not negligible, such that major tech cos are building/buying nuclear power plants and areas near data centres suffer from water shortages and price hikes. Can we improve disability rights while disregarding environmental effects?

    3. Quality - we've got a lot of experts in our group: who are sometimes wrong, sure, but it seems like a disservice to their input, knowledge and expertise to pipe their speech through LLMs. From the couple of groups I've been in that used AI summaries, I've seen them:

    • a. miss the point a lot of the time; it looks reasonable but doesn't match up with what people said/meant;
    • b. 'normalise' what was said to what most people would say, so it biases towards what's more common in training data, rather than towards the smart things individuals in this group often bring up. Normalising seems orthogonal to innovation?
    • c. create summaries that are either very long and wooly, with many unnecessary words, or short but incorrect.

    If we're considering if it's technically possible, I'd urge us to consider the problems with these systems too, including in ethics, environmental impact and quality.

    The "normalising" risk is one that hadn't occurred to me, but it makes perfect sense given how LLMs operate.

    Tags: llms ai summarisation w3c discussion meetings automation transcription

AWS WAF adds JA4 fingerprinting

Published March 7, 2025

  • AWS WAF adds JA4 fingerprinting

    TIL:

    A JA4 TLS client fingerprint contains a 36-character long fingerprint of the TLS Client Hello which is used to initiate a secure connection from clients. The fingerprint can be used to build a database of known good and bad actors to apply when inspecting HTTP[S] requests. These new features enhance your ability to identify and mitigate sophisticated attacks by creating more precise rules based on client behavior patterns. By leveraging both JA4 and JA3 fingerprinting capabilities, you can implement robust protection against automated threats while maintaining legitimate traffic flow to your applications.

    Tags: fingerprinting http https tls ja3 ja4 inspection networking firewalls waf web

WireMock

Published March 6, 2025

  • WireMock

    I could have done with knowing about this before implementing mock APNs, Huawei, Microsoft and FCM push APIs over the last few years!

    An open-source tool for API mock testing, with over 5 million downloads per month. It can help you to create stable test and development environments, isolate yourself from flakey 3rd parties and simulate APIs that don't exist yet.

    Nice features include running in-process in a JVM, standalone, or in a Docker container; GraphQL and gRPC support; and fault and latency injection. https://library.wiremock.org/ is a library of pre-built API mocks other people have previously made.

    Tags: mocking testing mocks integration-testing wiremock tools coding apis

KIP-932: Queues for Kafka

Published March 6, 2025

  • KIP-932: Queues for Kafka

    KIP-932 adds a long awaited capability to the Apache Kafka project: queue-like semantics, including the ability to acknowledge messages on a one-by-one basis. This positions Kafka for use cases such as job queuing, for which it hasn’t been a good fit historically. As multiple members of a share group can process the messages from a single topic partition, the partition count does not limit the degree of consumer parallelism any longer. The number of consumers in a group can quickly be increased and decreased as needed, without requiring to repartition the topic.

    [....] Available as an early access feature as of the [unreleased] Kafka 4.0 release, Kafka queues are not recommended for production usage yet, and there are several limitations worth calling out: most importantly, the lack of DLQ support. More control over retry timing would be desirable, too. As such, I don’t think Kafka queues in their current form will make users of established queue solutions such as Artemis or RabbitMQ migrate to Kafka. It is a very useful addition to the Kafka feature set nevertheless, coming in handy for instance for teams already running Kafka and who look for a solution for simple queuing use cases, avoiding to stand up and operate a separate solution just for these. This story will become even more compelling if the feature gets built out and improved in future Kafka releases.

    Tags: kafka queueing queues architecture

HAJPAQUE

Published March 6, 2025

  • HAJPAQUE

    "Hardware Acceleration for JSON Parsing, Querying and Schema Validation" --

    State-of-the-art analytics pipelines can now process data at a rate that exceeds 50 Gbps owing to recent advances in RDMA, NVM, and network technology (notably Infiniband). The peak throughput of the best-performing software solutions for parsing, querying, and validating JSON data is 20 Gbps, which is far lower than the current requirement.

    We propose a novel [hardware-]based accelerator that ingests 16-bytes of JSON data at a time and processes all the 16 bytes in parallel as opposed to competing approaches that process such data byte by byte. Our novel solution comprises lookup tables, parallel sliding windows, and recursive computation. Together, they ensure that our online pipeline does not encounter any stalls while performing all the operations on JSON data. We ran experiments on several widely used JSON benchmarks/datasets and demonstrated that we can parse and query JSON data at 106 Gbps (@28 nm).

    (Via Rob)

    Tags: accelerators papers asics json parsing throughput performance via:rsynnott

The history behind “Assassin’s Creed: Valhalla”

Published March 5, 2025

kafkacat and visidata

Published March 4, 2025

  • kafkacat and visidata

    Two excellent tools in one blog post.

    Visidata "is a commandline tool to work with data in all sorts of formats, including from stdin"; in this example it's taking lines of JSONL and producing an instant histogram of values from the stream:

    Once visidata is open, use the arrow keys to move to the column on which you want to build a histogram and press Shift-F. Since it works with pipes if you leave the -e off the kafkacat argument you get a live stream of messages from the Kafka topic and the visidata will continue to update as messages arrive (although I think you need to replot the histogram if you want it to refresh).

    On top of that, there's kcat, "netcat for Kafka”, "a swiss-army knife of tools for inspecting and creating data in Kafka", even supporting on-the-fly decode of Avro messages. https://github.com/edenhill/kcat

    Tags: kcat kafka streams visidata tools cli avro debugging

Ruff

Published March 3, 2025

  • Ruff

    An extremely fast Python linter and code formatter, written in Rust.

    Ruff aims to be orders of magnitude faster than alternative tools while integrating more functionality behind a single, common interface.

    Ruff can be used to replace Flake8 (plus dozens of plugins), Black, isort, pydocstyle, pyupgrade, autoflake, and more, all while executing tens or hundreds of times faster than any individual tool.

    Tags: formatting coding python tools lint code

Inside an Amazon CoE

Published March 3, 2025

  • Inside an Amazon CoE

    This is a decent write-up of what Amazon's "Correction of Error" documents look like. CoEs are the standard format for writing up post-mortems of significant outages or customer-impacting incidents in Amazon and AWS; I've had the unpleasant duty of writing a couple myself -- thankfully for nothing too major.

    This is fairly similar to what's being used elsewhere, but it's good to have an authoritative bookmark to refer to. (via LWIA)

    Tags: via:lwia aws amazon post-mortems coe incidents ops process

18F’s shutdown page

Published March 3, 2025

  • 18F's shutdown page

    "We are dedicated to the American public and we're not done yet". legends!

    For over 11 years, 18F has been proudly serving you to make government technology work better. We are non-partisan civil servants. 18F has worked on hundreds of projects, all designed to make government technology not just efficient but effective, and to save money for American taxpayers.

    However, all employees at 18F – a group that the Trump Administration GSA Technology Transformation Services Director called "the gold standard" of civic tech – were terminated today at midnight ET.

    Tags: policy government programming tech software politics 18f maga doge

DeepSeek’s smallpond

Published March 3, 2025

  • DeepSeek’s smallpond

    Some interesting notes about smallpond, a new high-performance DuckDB-based distributed data lake query system from DeepSeek:

    DeepSeek is introducing smallpond, a lightweight open-source framework, leveraging DuckDB to process terabyte-scale datasets in a distributed manner. Their benchmark states: “Sorted 110.5TiB of data in 30 minutes and 14 seconds, achieving an average throughput of 3.66TiB/min.”

    The benchmark on 100TB mentioned is actually using the custom DeepSeek 3FS framework: Fire-Flyer File System is a high-performance distributed file system designed to address the challenges of AI training and inference workloads. [...] compared to AWS S3, 3FS is built for speed, not just storage. While S3 is a reliable and scalable object store, it comes with higher latency and eventual consistency [...] 3FS, on the other hand, is a high-performance distributed file system that leverages SSDs and RDMA networks to deliver low-latency, high-throughput storage. It supports random access to training data, efficient checkpointing, and strong consistency.

    So -- this is very impressive. However!

    1. RDMA (remote direct memory access) networking for a large-scale storage system! That is absolutely bananas. I wonder how much that benchmark cluster cost to run... still, this is a very interesting technology for massive-scale super-low-latency storage. https://www.definite.app/blog/smallpond also notes "3FS achieves a remarkable read throughput of 6.6 TiB/s on a 180-node cluster, which is significantly higher than many traditional distributed file systems."

    2. it seems smallpond operates strictly with partition-level parallelism, so if your data isn't partitioned in exactly the right way, you may still find your query bottlenecked:

    Smallpond’s distribution leverages Ray Core at the Python level, using partitions for scalability. Partitioning can be done manually, and Smallpond supports:

    • Hash partitioning (based on column values);
    • Even partitioning (by files or row counts);
    • Random shuffle partitioning

    As I understand it, Trino has a better idea of how to scale out queries across worker nodes even without careful pre-partitioning, which is handy.

    Tags: data-lakes deepseek duckdb rdma networking 3fs smallpond trino ray

The Anti-Capitalist Software License

Published February 27, 2025

  • The Anti-Capitalist Software License

    Here it is in full:

    ANTI-CAPITALIST SOFTWARE LICENSE (v 1.4)
    

    Copyright © [year] [copyright holders]
    

    This is anti-capitalist software, released for free use by individuals and organizations that do not operate by capitalist principles.
    

    Permission is hereby granted, free of charge, to any person or organization (the "User") obtaining a copy of this software and associated documentation files (the "Software"), to use, copy, modify, merge, distribute, and/or sell copies of the Software, subject to the following conditions:
    

      

    1. 

      The above copyright notice and this permission notice shall be included in all copies or modified versions of the Software.
      

      2. 

    2. 

      The User is one of the following:
a. An individual person, laboring for themselves
b. A non-profit organization
c. An educational institution
d. An organization that seeks shared profit for all of its members, and allows non-members to set the cost of their labor
      

      3. 

    3. 

      If the User is an organization with owners, then all owners are workers and all workers are owners with equal equity and/or equal vote.
      

      4. 

    4. 

      If the User is an organization, then the User is not law enforcement or military, or working for or under either.
      

      5. 

    

    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT EXPRESS OR IMPLIED WARRANTY OF ANY KIND, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

    This is fun because it would make esr's head explode.

    Tags: licenses capitalism ethics licensing software politics anti-capitalist open-source

Mark Butcher on AWS sustainability claims

Published February 27, 2025

  • Mark Butcher on AWS sustainability claims

    Sustainable IT expert lays into AWS:

    3 years after shouting about Amazons total lack of transparency with sustainability reporting, here's a list of what I think they've achieved:

    1) They let you export a CSV for 3 lines of numbers showing your last months made up numbers that are up to 99% too low

    2) Urmmm.... that's about it

    [....] I know of several very large enterprise orgs starting to proactively marginalise them (i.e. not move away 100%, but massively reducing consumption). The one's I know about will cost them around $1 billion of spend. Is that enough to make them pay attention?

    This article from Canalys in the Register says "Amazon doesn't provide AWS-specific, location-based data, meaning: "We don't really know how big AWS's footprint truly is, which I think is a bit worrying."

    They follow up with "Amazon has chosen not break out data on environmental stats such as greenhouse gas emissions for AWS from the rest of the company in its sustainability reports, making it almost impossible to determine whether these emissions are growing as they have been for its cloud rivals."

    Interesting isn't it... if they were actually as sustainable as they pretend, you'd expect them to share open and honest numbers, instead what we get are marketing puff pieces making what seem like invented PUE claims backed by zero evidence.

    Elsewhere he notes "AWS customers are still unable to natively measure actual power consumption, report on actual carbon emissions, report on water usage. This'll make life interesting for all those AI companies subject to legislation like the EU AI Act or needing to report to the EED and similar."

    (Via ClimateAction.tech)

    Tags: climate-change aws sustainability pue reporting amazon cloud datacenters emissions

Europe begins to worry about US-controlled clouds

Published February 26, 2025

  • Europe begins to worry about US-controlled clouds

    Interview with Bert Hubert about this major supply chain issue for EU governments:

    The Register: In the US, the argument against China supplying network hardware [was] based on the concern that the Chinese government can just order China-based vendors to insert a backdoor. It sounds like you're saying that, essentially, an analogous situation exists in the US now.

    Hubert: Yeah, exactly. And that has been the case for a while. I mean, this is not an entirely new realization. The thing that is making it so interesting right now is that we are on the brink of [going all-in on Microsoft's cloud].

    The Dutch government is sort of just typical, so I mention it because I am Dutch, but they're very representative of European governments right now. And they were heading to a situation where there was no email except Microsoft, which means that if one ministry wants to email the other ministry, they have to pass it by US servers.

    Which leads to the odd situation that if the Dutch Ministry of Finance wants to send a secret to the Dutch National Bank, they'd have to send someone over with a typewriter to make it happen because [the communications channel has been outsourced].

    There's nothing left that we do not share with the US.

    Tags: supply-chains clouds eu us politics geopolitics backdoors infosec security europe

subtrace

Published February 26, 2025

  • subtrace

    Subtrace is "Wireshark for your Docker containers. It lets developers see all incoming and outgoing requests in their backend server so that they can resolve production issues faster."

    • Works out-of-the-box
    • No code changes needed
    • Supports all languages (Python + Node + Go + everything else)
    • See full payload, headers, status code, and latency
    • Less than 100µs performance overhead
    • Built on Clickhouse
    • Open source

    Looks like it outputs to the Chrome Dev Console's Network tab, or a facsimile of it; "Open the subt.link URL in your browser to watch a live stream of your backend server’s network logs".

    It may be interesting to try this out. (via LWIA)

    Tags: subtrace tracing wireshark debugging docker containers ops clickhouse open-source tools tcpdump

Netflix/hollow

Published February 25, 2025

  • Netflix/hollow

    Hollow is a java library and toolset for disseminating in-memory datasets from a single producer to many consumers for high performance read-only access.

    Hollow focuses narrowly on its prescribed problem set: keeping an entire, read-only dataset in-memory on consumers. It circumvents the consequences of updating and evicting data from a partial cache.

    Due to its performance characteristics, Hollow shifts the scale in terms of appropriate dataset sizes for an in-memory solution. Datasets for which such liberation may never previously have been considered can be candidates for Hollow. For example, Hollow may be entirely appropriate for datasets which, if represented with json or XML, might require in excess of 100GB.

    Interesting approach, though possibly a bit scary in terms of circumventing the "keep things simple and boring" rule... still, a useful tool to have.

    Tags: cache caching netflix java jvm memory hollow read-only architecture systems

Yahoo Mail hallucinates subject lines

Published February 24, 2025

  • Yahoo Mail hallucinates subject lines

    OMG, this is hilarious. What a disaster from Yahoo Mail:

    A quick Google search revealed that a few months ago Yahoo jumped on the AI craze with the launch of ”AI-generated, one-line email summaries”. At this point, the penny dropped. Just like Apple AI generating fake news summaries, Yahoo AI was hallucinating the fake winner messages, presumably as a result of training their model on our old emails. Worse, they were putting an untrustworthy AI summary in the exact place that users expect to see an email subject, with no mention of it being AI-generated ?

    Tags: ai llms hallucinations yahoo email gen-ai

write hedging in Amazon DynamoDB

Published February 24, 2025

  • write hedging in Amazon DynamoDB

    "Write hedging" is a nice technique to address p99 tail latencies, by increasing the volume of writes (or in the case of read hedging, reads):

    Imagine you want a very low p99 read latency. One way to lower tail latencies is to hedge requests. You make a read request and then, if the response doesn’t come back quickly enough, make a second equivalent hedging request and let the two race. First response wins. If the first request suffered a dropped network packet, the second request will probably win. If things are just temporarily slow somewhere, the first request will probably win. Either way, hedging helps improve the p99 metrics, at the cost of some extra read requests.

    Write hedging has a little more complexity involved, since you want to avoid accidental overwrites during races; this blog post goes into some detail on a technique to do this in DynamoDB, using timestamps. Good stuff.

    (via Last Week In AWS)

    Tags: via:lwia aws dynamodb write-hedging read-hedging p99 latencies tail-latencies optimization performance algorithms

tsdproxy

Published February 24, 2025

  • tsdproxy

    I'm pretty happy with my current setup for the home network, but this is one I'll keep in the back pocket for future possible use:

    [Tailscale Docker Proxy] simplifies the process of securely exposing services and Docker containers to your Tailscale network by automatically creating Tailscale machines for each tagged container. This allows services to be accessible via unique, secure URLs without the need for complex configurations or additional Tailscale containers.

    Tags: docker tailscale containers home networking

3DBenchy Enters the Public Domain

Published February 14, 2025

  • 3DBenchy Enters the Public Domain

    "3DBenchy, a 3D model [of an adorable little boat] designed specifically for testing and benchmarking 3D printers, is now in the public domain."

    Originally released on April 9, 2015, by Creative Tools, the model has become a beloved icon of the 3D printing community. [...] NTI has decided to release 3DBenchy to the world by making it public domain, marking its 10th anniversary with this significant gesture.

    Mark your calendars for April 9, 2025, as 3DBenchy celebrates its 10th anniversary! A special surprise is planned for the 3DBenchy community to commemorate this milestone.

    (Via Alan Butler)

    Tags: 3dbenchy 3d-printing via:alan-butler ip public-domain creative-commons

A Visual Guide to Vèvè

Published February 14, 2025

Monzo Stand-in

Published February 14, 2025

  • Monzo Stand-in

    This is great -- Monzo built "Monzo Stand-in", a full "backup" of the main stack, since uptime is critical to them:

    We take reliability seriously at Monzo so we built a completely separate backup banking infrastructure called Monzo Stand-in to add another layer of defence so customers can continue to use important services provided by us. We consider Monzo Stand-in to be a backup of last resort, not our primary mechanism of providing a reliable service to our customers, by providing us with an extra line of defence.

    Monzo Stand-in is an independent set of systems that run on Google Cloud Platform (GCP) and is able to take over from our Primary Platform, which runs in Amazon Web Services (AWS), in the event of a major incident. It supports the most important features of Monzo like spending on cards, withdrawing cash, sending and receiving bank transfers, checking account balances and transactions, and freezing or unfreezing cards.

    Flashback to the old Pimms setup in AWS Network Monitoring; we had an entire duplicate stack in AWS -- every single piece duplicated and running independently.

    Tags: architecture uptime monzo banking reliability ops via:itc

Language Models Do Addition Using Helices

Published February 13, 2025

  • Language Models Do Addition Using Helices

    wtf:

    Mathematical reasoning is an increasingly important indicator of large language model (LLM) capabilities, yet we lack understanding of how LLMs process even simple mathematical tasks. To address this, we reverse engineer how three mid-sized LLMs compute addition. We first discover that numbers are represented in these LLMs as a generalized helix, which is strongly causally implicated for the tasks of addition and subtraction, and is also causally relevant for integer division, multiplication, and modular arithmetic. We then propose that LLMs compute addition by manipulating this generalized helix using the "Clock" algorithm: to solve a+b, the helices for a and b are manipulated to produce the a+b answer helix which is then read out to model logits. We model influential MLP outputs, attention head outputs, and even individual neuron preactivations with these helices and verify our understanding with causal interventions. By demonstrating that LLMs represent numbers on a helix and manipulate this helix to perform addition, we present the first representation-level explanation of an LLM's mathematical capability.

    Tags: llms helices trigonometry magic weird ai papers arithmetic addition subtraction

Critical Ignoring as a Core Competence for Digital Citizens

Published February 13, 2025

  • Critical Ignoring as a Core Competence for Digital Citizens

    "Critical ignoring" as a strategy to control and immunize one's information environment (Kozyreva et al., 2023):

    Low-quality and misleading information online can hijack people’s attention, often by evoking curiosity, outrage, or anger. Resisting certain types of information and actors online requires people to adopt new mental habits that help them avoid being tempted by attention-grabbing and potentially harmful content.

    We argue that digital information literacy must include the competence of critical ignoring—choosing what to ignore and where to invest one’s limited attentional capacities. We review three types of cognitive strategies for implementing critical ignoring:

    • self-nudging, in which one ignores temptations by removing them from one’s digital environments;
    • lateral reading, in which one vets information by leaving the source and verifying its credibility elsewhere online;
    • and the do-not-feed-the-trolls heuristic, which advises one to not reward malicious actors with attention.

    We argue that these strategies implementing critical ignoring should be part of school curricula on digital information literacy.

    Good to give names to these practices, since we're all having to do them nowadays anyway...

    (Via Stan Carey)

    Tags: psychology trolls media kids internet literacy attention critical-ignoring ignoring papers via:stancarey

LinuxPDF

Published February 13, 2025

  • LinuxPDF

    It's Linux, running inside a PDF file.

    "The humble PDF file format supports JavaScript – with a limited standard library, mind you. By leveraging this, [vk6] managed to compile a RISC-V emulator (TinyEMU) into JavaScript using an old version of Emscripten targeting asm.js instead of WebAssembly. The emulator, embedded within the PDF, interfaces with virtual input through a keyboard and text box."

    (via Fuzzix)

    Tags: via:fuzzix linux pdf hacks emulation javascript emscripten tinyemu

Undergraduate Upends a 40-Year-Old Data Science Conjecture

Published February 11, 2025

  • Undergraduate Upends a 40-Year-Old Data Science Conjecture

    This is a great story; bonus that it's a notable improvement for the humble hash-table data structure:

    Krapivin was not held back by the conventional wisdom for the simple reason that he was unaware of it. “I did this without knowing about Yao’s conjecture,” he said. His explorations with tiny pointers led to a new kind of hash table — one that did not rely on uniform probing. And for this new hash table, the time required for worst-case queries and insertions is proportional to (log x)^2 — far faster than x. This result directly contradicted Yao’s conjecture. Farach-Colton and Kuszmaul helped Krapivin show that (log x)^2 is the optimal, unbeatable bound for the popular class of hash tables Yao had written about.

    Paper here -- https://arxiv.org/abs/2501.02305 .

    Tags: data-structures hash-tables cs programming coding papers optimization open-addressing

PleIAs/common_corpus

Published February 11, 2025

  • PleIAs/common_corpus

    This is great to see:

    Common Corpus is the largest open and permissible licensed text dataset, comprising 2 trillion tokens (1,998,647,168,282 tokens). It is a diverse dataset, consisting of books, newspapers, scientific articles, government and legal documents, code, and more. Common Corpus has been created by Pleias in association with several partners and contributed in-kind to Current AI initiative.

    The dataset in its entirety meets the requirements of the Code of Conduct of the AI Act and goes further than the current requirements for data transparency. It aims to set a new standard of openness in AI, showing that detailed provenance at a granular document level is a realistic objective, even at the scale of 2 trillion tokens.

    Tags: ai llms open-data open-source pleias common-corpus corpora training ai-act

Government agency removes spoon emoji from work platform amid protests

Published February 10, 2025

  • Government agency removes spoon emoji from work platform amid protests

    lol. "On Wednesday, employees at the Technology Transformation Services division of the [U.S. government’s General Services Administration] reportedly unleashed a torrent of spoon emojis in the chat that accompanied an organization-wide, 600-person video conference with new leader Thomas Shedd, a former Tesla engineer." ... Workers embraced the digital cutlery to protest the Trump administration’s “Fork in the Road” resignation offer."

    Tags: forks spoons funny protest us-politics emojis

Are better models better?

Published February 10, 2025

  • Are better models better?

    This is very interesting, on the applicability and usefulness of generative AI, given their inherent error rate and probabilistic operation:

    Asking if an LLM can do very specific and precise information retrieval might be like asking if an Apple II can match the uptime of a mainframe, or asking if you can build Photoshop inside Netscape. No, they can’t really do that, but that’s not the point and doesn’t mean they’re useless. They do something else, and that ‘something else’ matters more and pulls in all of the investment, innovation and company creation. Maybe, 20 years later, they can do the old thing too - maybe you can run a bank on PCs and build graphics software in a browser, eventually - but that’s not what matters at the beginning. They unlock something else.

    What is that ‘something else’ for generative AI, though? How do you think conceptually about places where that error rate is a feature, not a bug?

    (Via James Tindall)

    Tags: errors probabilistic computing ai genai llms via:james-tindall

Woof.group vs the OSA

Published February 10, 2025

  • Woof.group vs the OSA

    The UK's new Online Safety Act law is extremely vague, extremely punitive, and has Fediverse operators Woof.group very worried --

    Ofcom carefully avoided answering almost all of our questions. They declined to say whether ~185 users was a “significant number”. Several other participants in Ofcom's livestreams also asked what a significant number meant. Every time, Ofcom responded obliquely: there are no numeric thresholds, a significant number could be “small”, Ofcom could target “a one-man band”, and providers are expected to have a robust justification for deciding they do not have a significant number of UK users. It is unclear how anyone could make a robust justification given this nebulous guidance. In their letter, Ofcom also declined to say whether non-commercial services have target markets, or whether pornography poses a “material risk of significant harm”. In short, we have no answer as to whether Woof.group or other Fediverse instances are likely to fall in scope of the OSA.

    Do we block pre-emptively, or if and when Ofcom asks? This is the ethical question Woof.group's team, like other community forums, have been wrestling with. Ofcom would certainly like sites to take action immediately. As Hoskings warned:

    "Don't wait until it's too late. That's the message. Once you do get the breach letter, that is when it is too late. The time doesn't start ticking from then. The time is ticking from—for part five services, from January, part three from July."

    Tags: woof.group fediverse mastodon social-media uk osa laws ofcom porn blocking

Apple Ordered by UK to Create Global iCloud Encryption Backdoor

Published February 7, 2025

  • Apple Ordered by UK to Create Global iCloud Encryption Backdoor

    The British government has secretly demanded that Apple give it blanket access to all encrypted user content uploaded to the cloud, reports The Washington Post.

    The spying order came by way of a "technical capability notice," a document sent to Apple by the Home Secretary, ordering it to provide access under the sweeping UK Investigatory Powers Act (IPA) of 2016. Critics have labeled the legislation the "Snooper's Charter," as it authorizes law enforcement to compel assistance from companies when needed to collect evidence.

    Apple is likely to stop offering encrypted storage in the UK, rather than break the security promises it made to its users, people familiar with the matter told the publication. However, that would not affect the UK order for backdoor access to the service in other countries, including the United States. Apple has previously said it would consider pulling services such as FaceTime and iMessage from the UK rather than compromise future security.

    (via gwire)

    Tags: via:gwire apple encryption backups cloud ipa surveillance icloud backdoors security infosec

Within Bounds: Limiting AI’s environmental impact

Published February 6, 2025

  • Within Bounds: Limiting AI's environmental impact

    A joint statement issued by the Green Screen Coalition, the Green Web Foundation, Beyond Fossil Fuels, Aspiration, and the critical infrastructure lab, regarding AI's impact on climate change:

    To meet the challenge of climate change, environmental degradation, pollution and biodiversity loss, and its attendant injustices, we urge policymakers, industry leaders and all stakeholders to acknowledge the true environmental costs of AI, to phase out fossil fuels throughout the technology supply chain, to reject false solutions, and to dedicate all necessary means to bring AI systems in line with planetary boundaries. Meeting these demands is an essential step to ensure that AI is not driving further planetary degradation and could instead support a sustainable and equitable transition.

    Their demands are:

    • I. PHASE OUT FOSSIL FUELS
    • II. COMPUTING WITHIN LIMITS
    • III. RESPONSIBLE SUPPLY CHAINS
    • IV. EQUITABLE PARTICIPATION
    • V. TRANSPARENCY

    Tags: via:climateaction climate climate-change ai fossil-fuels sustainability

cur.vantage.sh

Published February 5, 2025

  • cur.vantage.sh

    via Ben Schaechter: "a new microsite we’ve launched for the AWS community that helps with understanding billing codes present in either Cost Explorer or the CUR. We profiled the number of distinct billing codes across our customer base and have about ~60k unique billing codes. We hear all the time that FinOps practitioners and engineers are confused about the billing codes present in Cost Explorer or the Cost and Usage Report. Think of these as being things like “Requests-Tier1” for S3 or “CW:GMWI-Metrics” for CloudWatch. There is usually really limited resources for determining what these billing codes are even when you Google around for them."

    Tags: aws billing codes cost-explorer ec2 s3 finops

Words from an ex-Zizian-adjacent person

Published February 4, 2025

  • Words from an ex-Zizian-adjacent person

    It seems there's now a full-on Mansonesque death cult emerging from the LessWrong/rationalist/effective-altruism community: https://www.sfgate.com/bayarea/article/bay-area-death-cult-zizian-murders-20064333.php

    This HN comment was very interesting for background:

    [Former member of that world, roommates with one of Ziz's friends for a while, so I feel reasonably qualified to speak on this.] The problem with rationalists/EA as a group has never been the rationality, but the people practicing it and the cultural norms they endorse as a community.

    As relevant here:

    1) While following logical threads to their conclusions is a useful exercise, each logical step often involves some degree of rounding or unknown-unknowns. A -> B and B -> C means A -> C in a formal sense, but A -almostcertainly-> B and B -almostcertainly-> C does not mean A -almostcertainly-> C. Rationalists, by tending to overly formalist approaches, tend to lose the thread of the messiness of the real world and follow these lossy implications as though they are lossless. That leads to...

    2) Precision errors in utility calculations that are numerically-unstable. Any small chance of harm times infinity equals infinity. This framing shows up a lot in the context of AI risk, but it works in other settings too: infinity times a speck of dust in your eye >>> 1 times murder, so murder is "justified" to prevent a speck of dust in the eye of eternity. When the thing you're trying to create is infinitely good or the thing you're trying to prevent is infinitely bad, anything is justified to bring it about/prevent it respectively.

    3) Its leadership - or some of it, anyway - is extremely egotistical and borderline cult-like to begin with. I think even people who like e.g. Eliezer [Yudkowsky] would agree that he is not a humble man by any stretch of the imagination (the guy makes Neil deGrasse Tyson look like a monk). They have, in the past, responded to criticism with statements to the effect of "anyone who would criticize us for any reason is a bad person who is lying to cause us harm". That kind of framing can't help but get culty.

    4) The nature of being a "freethinker" is that you're at the mercy of your own neural circuitry. If there is a feedback loop in your brain, you'll get stuck in it, because there's no external "drag" or forcing functions to pull you back to reality. That can lead you to be a genius who sees what others cannot. It can also lead you into schizophrenia really easily. So you've got a culty environment that is particularly susceptible to internally-consistent madness, and finally:

    5) It's a bunch of very weird people who have nowhere else they feel at home. I totally get this. I'd never felt like I was in a room with people so like me, and ripping myself away from that world was not easy. (There's some folks down the thread wondering why trans people are overrepresented in this particular group: well, take your standard weird nerd, and then make two-thirds of the world hate your guts more than anything else, you might be pretty vulnerable to whoever will give you the time of day, too.)

    TLDR: isolation, very strong in-group defenses, logical "doctrine" that is formally valid and leaks in hard-to-notice ways, apocalyptic utility-scale, and being a very appealing environment for the kind of person who goes super nuts -> pretty much perfect conditions for a cult. Or multiple cults, really. Ziz's group is only one of several.

    Tags: zizians cults extropianism tescreal effective-altruism rationalism lesswrong death-cults

Burrows–Wheeler Transform

Published February 4, 2025

  • Burrows–Wheeler Transform

    an algorithm used to prepare data for use with data compression techniques such as bzip2. It permutes the order of characters in a string (S), sorting all the circular shifts of the text in lexicographic order, then extracting the last column and the index of the original string in the set of sorted permutations of S.

    Some day when I have lots of free time to spare, I'll spend a while getting my head around this deep magic, because it's just amazing that this works.

    (via John Regehr)

    Tags: compression algorithms burrows-wheeler-transform bzip2 via:john-regehr magic text

Irish spider zombies!

Published January 31, 2025

  • Irish spider zombies!

    This is fantastic -- a newly-discovered species of fungus does the same trick as Ophiocordyceps in Brazil; it infects the brains of orb-weaving cave spiders in Ireland, and induces them to leave their lairs or webs, and migrate to die in an exposed situation, in order to favor dispersal of the fungal spores.

    Ophiocordyceps is, of course, the inspiration for the zombie-forming fungus in The Last Of Us.

    Tags: cordyceps fungi ireland spiders zombies fungus nature gross

The Billion Docs JSON Challenge: ClickHouse vs. MongoDB, Elasticsearch, and more

Published January 31, 2025

ODROID-H4+

Published January 28, 2025

  • ODROID-H4+

    The next generation of the excellent ODROID SBCs; based on Intel's N97 architecture, AVX2 extensions, faster DRAM, 4 SATA ports, and up to 48GB of RAM.

    Significantly beefier in general, reportedly around the EUR180 mark in price.

    Tags: odroid sbcs n97 hardware home devices servers

Coordinated Lunar Time

Published January 28, 2025

  • Coordinated Lunar Time

    The moon may have a timezone of its own soon, Coordinated Lunar Time (LTC):

    Due to the moon's lower gravity and its motion relative to Earth, moon time passes 56 microseconds faster each earth day. As a result, an atomic clock on Earth would run at a different rate than an atomic clock on the moon.

    Similar to how UTC is determined, the memo suggests "an ensemble of clocks" deployed to the moon might be used to set the new time standard.

    (via David Cuthbert)

    Tags: via:david-cuthbert moon time timezones ltc

Understanding the BM25 full text search algorithm

Published January 28, 2025

LLM-Driven Code Completion in JetBrains IDEs

Published January 27, 2025

  • LLM-Driven Code Completion in JetBrains IDEs

    JetBrains have come up with a new relatively-lightweight LLM-driven code generation option, constrained to producing single line suggestions:

    The length of the completion suggestions is a trade-off. While longer suggestions do tend to reduce how many keystrokes you have to make, which is good, they also increase the number of reviews required on your end. Taking the above into account, we decided that completing a single line of code would be a fair compromise.

    Some key features:

    • It works locally and is available offline. This means you can take advantage of the feature even if you aren’t connected to the internet.

    • It doesn’t send any data from your machine over the internet. The language models that power full line code completion run locally, which is great for two reasons. First, your code remains safe, as it never leaves your machine. Second, there are no additional cloud-related expenses – that’s why this feature comes at no additional cost.

    Also, customer code is never used for training.

    I've used this (in RubyMine), and found it fairly useful; it's good for generating the obvious next line, but is easily ignored when that's not what's needed. Not bad at all.

    Tags: coding code-completion jetbrains ides java ruby llms ai code-generation rubymine intellij

VIC 20 Elite

Published January 27, 2025

  • VIC 20 Elite

    Crazy stuff. Elite, ported to the Commodore VIC 20 (albeit with a 32K expansion):

    VIC 20 Elite is based on the C-64 source. VIC 20 specific graphics, text, keyboard & joystick input, and sound routines were written from scratch to replace the corresponding C-64 code.

    Of course, the complete enhanced Elite won’t fit within the VIC 20’s limited memory, so some features had to be left out. Following the original 1984 BBC Cassette and Acorn Electron version, the VIC 20 version omits extended planet descriptions, planetary details (craters and meridians), and the missions that appear further on in the game. The pause mode options are dropped, and there is no Find Planet option in Galactic Chart (that would be only really useful during missions).

    (via Sleepy from FP)

    Tags: retrogaming commodore emulation gaming history elite vic-20

goref

Published January 27, 2025

  • goref

    "a Go heap object reference analysis tool based on delve: It can display the space and object count distribution of Go memory references, which is helpful for efficiently locating memory leak issues or viewing persistent heap objects to optimize the garbage collector (GC) overhead."

    Nice to see Go supporting similar debugging/optimisation tools to those offered by the JVM.

    Tags: go heap memory gc memory-leaks

Artsy’s Technology Choices evaluation process

Published January 24, 2025

  • Artsy's Technology Choices evaluation process

    This is a nice way to evaluate new technology options, from Artsy:

    We want to accomplish a lot with a lean team, which means we must choose stable technologies. However, we also want to adopt best-of-breed technologies or best-suited tools, which may need work or still be evolving. We've borrowed from ThoughtWorks' Radar to define the following stages for evaluating, adopting, and retiring technologies:

    • Adopt: Reasonable defaults for most work. These choices have been exercised successfully in production at Artsy and there is a critical mass of engineers comfortable working with them.
    • Trial: These technologies are being evaluated in limited production circumstances. We don't have enough production experience to recommend them for high-risk or business-critical use cases, but they may be worth consideration if your project seems like a fit.
    • Assess: Technologies we are interested in and maybe even built proofs-of-concept for, but haven't yet trialed in production.
    • Hold: Based on our experience, these technologies should be avoided. We've found them to be flawed, immature, or simply supplanted by better alternatives. In some cases these remain in legacy production uses, but we should take every opportunity to retire or migrate away.

    (Via Lar Van Der Jagt on the Last Week In AWS slack instance)

    Tags: via:lwia tech technology radar choices evaluation process architecture planning tools

API Error Design

Published January 23, 2025

  • API Error Design

    Some good thoughts from a SlateDB dev, regarding initial principles for errors in SlateDB, derived from experience with Kafka:

    • Keep public errors separate from internal errors. The set of public errors should be kept minimal and new errors should be highly scrutinized. For internal errors, we can go to town since they can be refactored and consolidated over time without affecting the user.
    • Public errors should be prescriptive. Can an operation be retried? Is the database left in an inconsistent state? Can a transaction be aborted? What should the user actually do when the error is encountered? The error should have clear guidance.
    • Prefer coarse error types with rich error messages. There are probably hundreds of cases where the database can enter an invalid state. We don't need a separate type for each of them. We can use a single FatalError and pack as much information into the error message as is necessary to diagnose the root cause.

    (via Chris Riccomini)

    Tags: errors api design slatedb api-design error-handling exceptions architecture