Leftovers

• Health/Nutrition/Agriculture

  • Hackaday ☛ Investigating The Health Impacts Of UFPs And VOCs From FDM Printers

    FDM 3D printing is fairly messy on a molecular scale, with the filament being heated up to temperatures high enough to melt it, which produces ultra-fine particles (UFPs) and volatile organic compounds (VOCs) in addition to the new plastic item on the build plate. Recently [Simon Pow] got somewhat worried about this pollution considering that he spends a considerable amount of time in the same room as FDM printers, sharing air.

  • Vlad-Stefan Harbuz ☛ Open Source Burnout Claims Another Project

    That’s the end of nvim-treesitter. At least, for now.

    But more importantly, we’ve driven away another person whose contributions we should cherish.

  • Amit Gawande ☛ Slowing down

    If that means I am not up to date on world events, so be it. That I would not have much to add to a conversation, so be it. That I would be considered to be crawling while the world around me zooms past, so be it.

    I choose to slow down.

• Proprietary / SaaS

  • Bitdefender ☛ FBI warns students and staff that ShinyHunters may come knocking after Canvas breach

    On 15 May 2026, the FBI's Internet Crime Complaint Center (IC3) issued an advisory about the ShinyHunters extortion gang that recently breached "an online Learning Management System" used by educational institutions across the United States.

    The advisory doesn't say the platform that was hacked was Canvas, and that the company concerned was Instructure.

  • University of Toronto ☛ Unix has been changing, but in places where I don't see it

    The biggest change is probably the growth of cloud Unix, which I could characterize as "Unix machines on demand". In practice, cloud Unix is a whole new Unix environment that is quite different from traditional Unix, with different tools and especially different practices. Some of the practices are (sort of) extensions from old fashioned large scale Unix administration but many aren't really. I'm aware of cloud Unix and this gulf between operating it and what we do if I think about it, but I don't usually.

  • So-Called 'Artificial Intelligence' ('AI') / LLM Slop / Plagiarism

    • Sean Conner ☛ The AI has come for my code

      I was wondering if I would get a PR from some LLM on one of my repositories and lo! It has come to pass. I just received a notification that I have a PR for my 6809 assembler: [...]

    • Rishi Baldawa ☛ Stop Bouncing PRs

      Walk into any engineering org right now and the slack threads around PRs have shifted. The argument about whether AI PRs are noisy is mostly worn out. Everyone begrudgingly accepts the queue is heavier than it used to be. The argument that’s left is messier. There’s a bad PR is sitting in your queue. What do you actually do with it?

      Sending it back with comments feels like the path of least resistance. But what if the author is either an AI agent that won’t remember the feedback on the next PR? Or a developer who doesn’t understand the underlying code enough to internalize your advice? Rejecting the PR feels harsh. Fixing it yourself doesn’t scale. You can’t just leave your long thoughtful comments anymore.

    • No One's Happy ☛ The Scale, The Plan, and The People

      My previous post documented what happens to people and teams when output is decoupled from understanding. That was the micro picture: what the pattern looks like from inside the room where the work is supposed to happen. The response was larger than I expected. A considerable number of readers wrote in to corroborate the pattern from inside their own organizations. Because of this, I am drafting guidelines on recommended organizational AI use, downstream of those conversations, which will appear separately and soon. If you’d like to contribute please email.

    • Robinhood Europe UAB ☛ The power play behind Hyperion, Mark Zuckerberg’s colossal data center being built in rural Louisiana

      But a power imbalance is playing out. The tech companies are able to secure humongous tax breaks from local governments that are loath to pass up an opportunity to turn otherwise underutilized land into potential investment dollars and the promise of good-paying jobs. But many times, the number of local jobs isn’t guaranteed, and massive demands on water and power resources burden the infrastructure at unprecedented levels. Property values near data center sites skyrocket, which makes homes harder to purchase for those looking to move in. For existing residents, it also sends things into a bit of disarray: residents’ home values soar, but that also means tax assessments could rise, leading to higher property tax bills.

      The tax breaks and incentives that Louisiana gave Meta are worth billions. The company will pay no sales tax on the tens of billions of dollars’ worth of expensive GPUs and advanced networking gear that will fill the data center’s racks. The local power authority even agreed to build new power lines and infrastructure to accommodate the astonishing amount of electricity that will be needed to feed the data center, which will be one of the largest in the world.

    • Marisa Kabas ☛ Hating AI is good, actually

      Lately I’ve felt myself rapidly radicalizing into what I can only call an anti-AI evangelist. I’ve never been quiet about my feelings on the subject—I even wrote a screed about it last month—but as more and more examples show how easily it can be used unethically, I’m not just skeptical. I'm against it.

      I wouldn’t call this a particularly bold stance, given the front page of today’s Wall Street Journal declares an “AI Rebellion,” noting that public opinion on the subject is souring “at breakneck speed.” What is novel, I think, is recognizing that people who loathe AI and the way it’s being foisted upon society are an actual constituency to be taken seriously. I figure that if billionaires and brands are going to try to beat us into AI submission, it’s only fair we get to take a few swings. We’re told that if we don’t use AI then we’ll get left behind, but what if we’d like to leave the AI boosters behind instead? It’s time to give a voice to those who don’t view AI as an inevitability but a liability.

      Now is our time.

    • Manuel Moreale ☛ On people writing about their use of AI

      I find the trend of people posting about the way they use generative AI to be fascinating at an anthropological level. I do not remember the last time a piece of technology pushed so many different people into writing about the way they use it, or not use it, or abuse it, or misuse it. To me, this is way more interesting and intriguing than the technology itself.

      I obviously do not know why so many people are doing so, and I suspect they must all have their own specific reasons, but I currently have three main theories but I’m sure there are more than that.

    • Scoop News Group ☛ Weaponized AI: The new frontier of fraud and identity spoofing

      Today’s enterprise executives are navigating a complex landscape of AI-driven challenges, but none is more urgent than the rapid escalation of AI-generated fraud.

      Fraudsters are weaponizing generative AI to automate impersonation and mass-produce synthetic identities at a scale and pace that is rendering enterprises’ long-standing defenses obsolete. This is no longer a slow-moving game of cat and mouse; it is a high-velocity arms race.

    • Karl Bode ☛ AI Rage Is Inextricably Fused With Justified Loathing Of The Extraction Class. 'Deal With It'

      As if the world isn't on fire.

      It's all starting to bubble over.

      A few weeks ago a speaker giving a commencement address at the University of Central Florida was loudly booed after she proclaimed that improvements in software automation should be viewed as the "next industrial revolution."

    • David Bushell ☛ Google just spat in my face – David Bushell – Web Dev (UK)

      It’s Google I/O week and this year’s theme is performative slop. Budding Googlers battle it out on stage vying for executive eyeballs. The prize? Exemption from the next culling.

      "As you might know AI isn’t my cup of tea and my AI policy explains why."

      AI peddlers like Google have made one thing abundantly clear: their product will take your skills. It will take your profession. It will dehumanise you and you’ll pay for it.

    • New York Times ☛ Powered by A.I., Google Changes Its Search Box for the First Time in 25 Years

      On Tuesday, Google said the A.I. shift had inspired it to overhaul the dimensions of its search bar for the first time since 2001. The box is getting bigger and more interactive so that people can ask even longer questions and upload photographs and videos into queries.

    • Pivot to AI ☛ Google is replacing search results with only the AI

      This was the beginning of the end. Google somehow thinks it can keep being a huge ad agency without the reason it’s a huge ad agency.

    • Homo Ludditus ☛ Chatbots are increasingly useless ● Searching for a watch

      I don’t use chatbots to write either texts or code for me. For code, Gemini CLI wasn’t bad when I used it, and Qwen Code was very decent, too, but it discontinued its free tier. Claude in Amazon’s Kiro was usable but often drunk. I use chatbots to help me with everyday questions. And they’re worse and worse, both in reasoning or searching and in their limits for a free user (although Claude and Gemini recently had severe decreases in quotas for paying customers, too!).

      Here’s how major chatbots failed to help me just now, some worse than others.

    • Weird Gloop ☛ Aggressive AI scrapers are making it kinda suck to run wikis

      Everyone who runs wikis is dealing with the exact same problem. The Wikimedia Foundation has a post about it impacting operations, every major wiki farm has had varying degrees of service outages, and some smaller independent wikis have been knocked completely offline. Overall, I’d guess that about 95% of all server issues in the wiki ecosystem this year have been caused by bad scrapers.

      Every wiki sysadmin I’ve talked to is dealing with these specific problems: [...]

  • Social Control Media

    • Nick Heer ☛ The Metaverse Fever Dream

      There are many open questions about the metaverse; most glaringly among them, whether it could actually become a thing for normal people. That depends a little bit on what definition we use. If it simply means the slow erosion of the boundary between our physical and digital environments, that is probably something that will continue to happen. For most people, though, that does not look like Meta’s Connect 2021 concept animations. Whatever that ends up being will probably be the result of people finding something useful and intriguing about doing something different. It will not be the product of big companies redirecting the money hose of platform fees onto themselves.

    • Lee Peterson ☛ Take a break from social media, YouTube, news and podcasts for a week, see what happens

      What this means for me is

      • Social media apps off my phone
      • No YouTube
      • No podcasts
      • No checking my RSS app
      • No news sites (believe it or not I haven’t been to the main BBC site for 5 years!)

    • Gigi ☛ Careful, Icarus - Why "on-chain zaps" are a terrible idea

      Yesterday I relapsed. Not alcohol, or drugs, or gambling, or anything of that sort. It was something worse: having an argument online.

      Back when twitter was still called twitter I found myself getting into many an argument. Not because I wanted to, but because—at least back in those days—the algorithm encouraged it. A constant back-and-forth between two stubborn people is off-the-charts on all engagement metrics, so naturally it’s what people want to see and do online, right? Anyway, I promised myself that I would never get into a twitter argument ever again, and resorted to shitposting instead. Bliss.

    • Cory Dransfeldt ☛ Lifting Mastodon rate limits

      One thing I encountered when using Indigo was regular rate limit warnings. Having recently moved to my own, self-hosted Mastodon instance my instinct was that this was due to a misconfiguration on my server. Mastodon sets explicit rate limits in /opt/mastodon/config/initializers/rack_attack.rb and they are not configurable via an .env var or other convenient method. You can override them, but the process is a bit fiddly.

  • Windows TCO / Windows Bot Nets

    • Jamie Zawinski ☛ The AI botnets cannot be stopped

      I am constantly getting scrape attempts for avatar-image-JPEG URLs that have not existed on my blog since a restructuring in 2022. They come in bursts of about a 100 per minute, each from a different IP address, and in random order.

      I thought: enough is enough, I need to figure out what clown service these are coming from and start blocking whole networks.

      Nope, they're almost all from cable modems, not from hosting facilities: [...]

• Security

  • LWN ☛ Forgejo "carrot disclosure" raises security questions [LWN.net]

    An unusual, some might say hostile, approach to disclosing an alleged remote-code-execution (RCE) flaw in the Forgejo software-collaboration platform has sparked a multifaceted conversation. A so-called ""carrot disclosure"" in April has raised questions about the researcher's methods of unveiling a security problem, Forgejo's security policies, and the project's overall security posture.

    Forgejo was forked from the Gitea collaboration and hosting platform in 2022. It is a project supported by the Codeberg e.V. nonprofit and is the software used by the Codeberg hosting service. The Fedora Project is also in the final steps of replacing its homegrown Pagure platform with Forgejo.

  • Privacy/Surveillance

    • Johnny Decimal ☛ undermanager: Three things about data

      Critically analyse all data that you hold, especially if it identifies your customers. If you don't need it, purge it. It's time to start shifting our habits away from collecting this stuff in the first place.

    • Russell Davies ☛ Three things about data

      Because:

      a. Data is a risk. Every bit of data has to be managed/looked after/cared for. That costs time and money. And most of it is useless.

      b. Data is distracting. Most of it is just noise. You're gathering it because you can, just in case, because it seems valuable. Then you spend ages trying to work out what to do with it. When you should be paying attention to just a couple of bits of it and actually doing something about it.

      c. It becomes a job. Get enough data and you need data scientists. Then you're stuck in a self-perpetuating structure that requires more data to feed the data scientists.

  • Confidentiality

    • Chuck Carroll ☛ Self Hosting Passwords

      My setup is KeepassXC to manage all my passwords in a database and Syncthing to sync all my passwords across my smartphone, laptop, and server. I read a comment on HN recently about how a couple people who had a similar setup and struggled with syncing conflicts, eventually switching back to an online password manager. In the 5 years I've been using KeepassXC + Syncthing, I have yet to have a single conflict with my password. Granted, I don't have a lot of credentials and am very diligent about going through the motions of deleting an online account I no longer have a use for. Once I get confirmation the account is deleted, I then delete the credential from my password manager. I have about 150 credentials in total and I'd guesstimate I could delete around 20 of those.

• Defence/Aggression

  • Robert Reich ☛ Office Hours: Who's Been Most Effective at Alerting America?

    The sad truth is that (with a few exceptions, such as Bernie, Elizabeth Warren, and AOC) a clear Democratic message isn’t getting through about the dangers Trump poses to America and the world, and what must be done.

    So I’ve begun to look farther afield for effective messengers.

    The best advertising I’ve seen alerting Americans is being done by the The Lincoln Project. Some excellent videos are being done by More Perfect Union and, modesty aside, Inequality Media Civic Action.

  • Idiomdrottning ☛ Immigration motte and bailey

    Except of course to the extent it binds the outgroup. “Vote for our rich-get-richer policies and we’ll protect you from the muslims, Mexicans, and queers,” just like Mussolini drew it up.

  • The Next Move ☛ The Democratic World Needs a D7 - by Anders Fogh Rasmussen

    An Axis of Autocracies is consolidating, visible on the Ukrainian battlefield through North Korean soldiers and Iranian drones. United States foreign policy has turned erratic, with tariffs at levels not seen since the 1930s. China weaponizes economic dependence to extract political compliance from democracies one at a time, from Australia to Lithuania, South Korea to Canada. Democratic middle powers now face coercion, protectionism and multilateral institutions that can no longer protect them.

    Middle powers may appear to face a binary choice: pursue unattainable self-sufficiency or accept a performative sovereignty as satellites of a great power.

    This article sets out a third path.

  • Trifork ☛ After the Rupture: An Alliance of Middle-Power Democracies Led by as D7 [PDF]

    The post-war order as we knew it is gone. The institutions that served democracies for seventy years are diminished, co-opted, or actively undermined by the great powers they were designed to constrain. Nostalgia is understandable - but it will not bring that order back.

    The architecture proposed here is ambitious but realistic. It does not require utopian consensus. It requires a critical mass of democracies willing to act together on concrete problems - issue by issue - building trust and institutional capacity as they go. The Ukraine Coalition of the Willing has demonstrated that this approach works. If democracies can do it for defence, they can do it for trade, investment, technology and critical minerals.

    The collective economic, hard and soft power of the world's democracies remains formidable. What is lacking is the political architecture to convert this competitive advantage into effective collective action. The window of opportunity is narrow. Every act of unanswered economic coercion normalises the practice. Every uncoordinated response to protectionism weakens democratic solidarity. The time to act is now, not with a single grand gesture, but with practical steps toward a new way of working together.

• Transparency/Investigative Reporting

  • Marcy Wheeler ☛ Former AUSA Accused of Being Marginally as Criminal as Trump Is

    DOJ has charged former prosecutor, Carmen Mercedes Lineburger, for attempting to liberate documents pertaining to Trump’s theft of government documents.

• Environment

  • Nick Heer ☛ Meta Secured Over $3 Billion in Tax Breaks in Louisiana to Build a Data Centre

    This is the very same project where Jonathan Weil, of the Wall Street Journal, found “aggressive accounting” that “strains credibility”. Neither of these advantages would be possible for a less-resourced competitor. Meta is a company so rich it benefits immensely without carrying nearly as much risk as the scale of this project would imply.

  • Arizona Luminaria ☛ Public officials reconsider NDA process amid Project Blue outrage

    As officials in Pima County and the City of Tucson discussed and planned one of the region’s largest development projects in history, for at least two years not a single hint about the project was released to the public, largely because of non-disclosure agreements, commonly referred to as NDAs.

    Before the proposal was considered by the Pima County Board of Supervisors and Arizona Luminaria reporting revealed the company behind the data centers to be Amazon Web Services, important details had been unavailable to the public.

  • Pivot to AI ☛ Tucson Project Blue: data centres lie about water again

    Beale and Amazon have pulled every trick they can to keep all details of this plan out of the public eye, and even out of the awareness of the local governments.

    Project Blue has actually been in the works since 2022. That’s the year City of Tuscon staff signed non-disclosure agreements with Amazon such that the staff didn’t tell the elected city councillors anything about the plan until 2025: [...]

• AstroTurf/Lobbying/Politics

  • CNBC ☛ SpaceX (SPCX) IPO: Live updates

    The company recorded a net loss in the latest quarter of $4.28 billion after losing $4.94 billion in 2025.

  • Stephen Hackett ☛ SpaceX to File for IPO

    Maybe after going public — as soon as next month — SpaceX could afford to restart that water treatment plant that xAI promised to build.

  • The New Stack ☛ Anthropic hires OpenAI co-founder Andrej Karpathy to lead Claude pre-training research

    Anthropic scored a major hire today. Former Tesla senior director and OpenAI founding member Andrej Karpathy is joining the organization as a member of the company’s pre-training team.

• Freedom of Information / Freedom of the Press

  • David Rosenthal ☛ Flooded Zones Part 2

    This is the promised follow-on to Flooded Zones Part 1, which discussed the Distributed Denial of Service (DDoS) attack being mounted by AI against the scholarly publication system. By reducing the cost of generating and submitting a paper or a review, AI has caused a massive increase in the quantity and a significant decrease in the quality of submissions to a system that was already vastly overloaded.

    Below the fold I look at AI-enabled DDoS attacks against two other even more important areas; software security and political discourse (as shown in the overview image).

• Civil Rights / Policing / Accessibility

  • Inside Towers ☛ Native American Tribe Sues to Halt Broadband Work at Sacred Burial Site

    The tribe claims crews ignored evidence of human remains, violated stop-work orders, and failed to properly report or reinter disturbed remains tied to three federally funded broadband projects worth about $13.7 million. The lawsuit also accuses Whatcom County of approving permits without required tribal consultation or archaeological review.

• Monopolies/Monopsonies

  • The United Kingdom ☛ CMA launches strategic market status investigation into Microsoft’s business software ecosystem

    CMA wants to hear from businesses, including challenger tech companies, customers and rivals about whether their choices may be limited - including due to bundling, lack of interoperability and default settings

  • Bruce Lawson ☛ Bruce Lawson's personal site : UK competition regulator investigates Microsoft

    Last week the UK Competition and Markets Authority (CMA) launched its strategic market status investigation into Microsoft’s business software ecosystem. An investigation doesn’t necessarily imply that Microsoft has done anything wrong; it will examine Microsoft’s position in the markets and decide whether it is powerful enough to require “action to promote customer choice”.

    This is A Good Thing. Doubtless vendors of video conferencing, email clients, and clown computing will have their own stories to tell of Microsoft’s self-preferencing, but I’m in the browser business, so here’s mine.