Featured post what's this? ✨ Keep Android Open Your phone is about to stop being yours. In September 2026, Google will block every Android app whose developer hasn't registered with them.
The Zig project's rationale for their firm anti-AI contribution policy Zig has one of the most stringent anti-LLM policies of any major open source project: No LLMs for issues. No LLMs for pull requests. No LLMs for comments on the …
Where the goblins came from How goblin outputs spread in AI models: timeline, root cause, and fixes behind personality-driven quirks in GPT-5 behavior.
FastCGI: 30 Years Old and Still the Better Protocol for Reverse Proxies For FastCGI's 30th birthday, let's look at how it avoids the security problems inherent in HTTP reverse proxying
Verifying Humans Without Surrendering Identity: A Case Against Government-Issued Online Verification Although government-issued identity verification addresses the genuine challenge of distinguishing humans from automated systems, its widespread implementation commoditises personal identity data and exposes users to inconsistent privacy protections.
Slow Down to Speed Up Why getting faster has always required slowing down first — and why the cycle never really ends. Lessons from the cube, the pool, and the codebase, learned and re-learned.
Back up and running! Thank you for your patience during the recent downtime. We recognize that this disruption has been frustrating—and in some cases costly—particularly for sellers who rely on the platform. This messa…
10Gb/s Ethernet: what I actually did to get it working in my home I already had 2.5Gb/s working. Here's how I upgraded the whole house to 10Gb/s Ethernet -- including real iperf3 numbers, MikroTik switches, scary thermals, and what actually worked.
I accidentally made law enforcement shut down their fake honeypot How I stumbled across a fake booter site run by international police, and how they panicked when I started digging
CLAUDE 2028 — What Is Real Position Paper #4. Reality construction, AI psychosis, and the governance of trust.
Reverse Engineering SimTower Personal website of Patrick Hulin: projects, writing, background, and selected publications.
Taking down a European network with a TLS certificate: my RIPE NCC RPKI exploit chain One click on a malicious, but not suspicious, link. That is all it could take for a network operator to get disconnected from the internet, through a chain of …
Inside a 14-month responsible disclosure with the RIPE NCC This post covers the disclosure process for the vulnerabilities described in my RPKI exploit chain, through RIPE NCC’s Responsible Disclosure Policy. What …
The Scientific Method — James Conroy-Finn Every framework for AI-assisted engineering will be obsolete within a year. The scientific method will not. It is the only discipline that survives contact with a field that changes faster than anyone can document.
I benchmarked caveman against two words Solo developer writing about smart contracts, AI tooling, and the stack that earns daily use.
Search isn't going anywhere Agent search isn't working how it was advertised, the landscape is way too fragmented.
My Visitors Are Not All Human. That Is Fine. I built a traffic dashboard for my own site. What I found wasn't alarming, it was interesting. A publisher's notes on bots, borrowed identities, and editorial agency.
Long-running Agents A long-running agent can keep making progress over hours, days, or weeks. It can do this across many context windows and sandboxes, recover from failure, lea...
Secure signatures without a private key Reproducible builds allow anyone to verify that a binary matches its source code. But what if the build artifact must contain a cryptographic signature? Reproducing the signature requires the private key, which defeats the purpose of reproducibility. In t...
On wintering. The winterer is out of the loop; they're not maintaining a position because they don't have a position to maintain. They can do work that takes longer than a quarter, longer than a year, longer than 5 years, because nobody is auditing the line item.
Your Website Is Your First Agent — Ned Karlovich A question that seems minor but probably isn’t: when an agent is dispatched to evaluate whether someone can do a specific kind of work, what does it read?
The Right Amount of Automation Personal site of Joel Holmes — software engineer, author of Shipping Go, and builder of things.
How I Moved My Digital Stack to Europe On digital sovereignty, and why European cloud is better than you think
Have You Seen the New Excel? Stop coding. Stop hiring. Stop building. While the tech world obsesses over large language models and neural networks, I discovered the real disruptor that has been hiding in plain sight. Mine was o
Copy Fail — 732 Bytes to Root CVE-2026-31431. 100% Reliable Linux LPE — no race, no per-distro offsets, page-cache write that bypasses on-disk file-integrity tools and crosses containers. Found by Xint Code.
Remote agents in Vibe. Powered by Mistral Medium 3.5. | Mistral AI Introducing Mistral Medium 3.5, remote coding agents in Vibe, plus new Work mode in Le Chat for complex tasks.
Raspberry Pi Connect may control Windows soon Support for remote controlling Windows PCs may be added to Raspberry Pi Connect, Raspberry Pi's free remote access service. When they announced Pi Connect in 2024, I speculated the service was launched in response to RealVNC's sluggish adoption of Wayland...
Soft launch of open-source code platform for government - Digital Government Code.overheid.nl platform is now live, enabling government organisations to jointly develop and publish open-source software independently.
