Shellsharks Blogroll - BlogFlock

Read "The machines are fine. I'm worried about us." - Molly White's activity feed

2026-04-03T12:43:08.000Z

Read:

“The machines are fine. I'm worried about us.”

Minas Karamanis in ergosphere.blog. Published March 30, 2026.

People call this friction "grunt work." Schwartz uses exactly that phrase, and he's right that LLMs can remove it. What he doesn't say, because he already has decades of hard-won intuition and doesn't need the grunt work anymore, is that for someone who doesn't yet have that intuition, the grunt work is the work. The boring parts and the important parts are tangled together in a way that you can't separate in advance. You don't know which afternoon of debugging was the one that taught you something fundamental about your data until three years later, when you're working on a completely different problem and the insight surfaces. Serendipity doesn't come from efficiency. It comes from spending time in the space where the problem lives, getting your hands dirty, making mistakes that nobody asked you to make and learning things nobody assigned you to learn.

Notable links: April 3, 2026 - Werd I/O

2026-04-03T11:58:00.000Z

Most Fridays, I share a handful of pieces that caught my eye at the intersection of technology, media, and society.

Did I miss something important? Send me an email to let me know.

The open web isn't dying. We're killing it

Julien Genestoux is right:

“Why did we keep outsourcing identity, distribution, and monetization to companies whose incentives were obviously misaligned with ours?

[…] It is because, collectively, we preferred the short-term consumer surplus of convenience over the long-term responsibilities of stewardship.”

We can raise the alarm about the demise of the open web all we want, but the truth is that other solutions were quicker and easier — even for many of us that held up the open web banner.

Julien’s proposal is that we should think of ourselves as netizens rather than just consumers. I actually think that this is driving a lot of the innovation in the ATproto ecosystem in particular, but also on the Fediverse. People in those spaces have intentionally moved somewhere new where they can have a credible exit, can export their data cleanly, and can feel like they’re having safer, more productive, less fascistic conversations.

But the money piece isn’t there. The running joke is that the Fediverse hates money — conversations about revenue or capitalism are very often shut down early, and people who try to fundraise are often criticized — but it’s also been an ongoing issue in ATproto land too. If people are going to build good things, they need to be able to eat and pay rent so they can keep doing it. I’d argue that, yes, you do need netizens, and I’m very excited to see a resurgence in this kind of movement across the open social web in particular. We need more netizens, and the more there are, the more likely it is that people will pay for the right kind of services.

I work for a newsroom that people often donate to out of a sense of catharsis — a gratitude that something is being done in a world where they feel powerless. I think there’s something to learn from here too. In the past, I’ve argued that highly ideological tech spaces need more product thinking so that we can more sharply identify valuable solutions to people’s problems, and there’s still truth in that — but I've learned that sometimes the product value is agency in the face of powerlessness rather than a set of features. There may well be value in leaning right in to the anti big tech angle on the open web. What might it look like to put people’s distrust of X, Google, Microsoft, et al front and center, and put a fundraising banner up like Wikipedia does?

I think we can take Julien’s point about netizens and connect it directly to the idea of citizens. People see what’s going on in the world and know that tech companies are intertwined with it. Some of them — not most of them, but a reasonable number — may want to do something about that. Not because they believe in an open web as such, or even know what that is, but because they believe in an open society. Using this kind of messaging would be overtly political in a way that tech is sometimes afraid to be, but we’ve seen similar messaging create interest in funding alternatives to US big tech in Europe, for example (and result in actual funding). I think the interest is there to move away from the tech powers-that-be globally, but engaged citizens don't always know what to concretely do about it. We can bring our message to them.

We need more netizens and citizens both, and we should be talking about this more. Rather than de-emphasizing the ideology of the open web in favor of more proximate product value, which is a thing I’ve sometimes argued for in the past, we should accept that it is a work of engaged citizenry that verges on activism. Embracing that could find us aligned people outside of our existing development circles who might be interested in broadening our impact. I’d like to see us try.

An AI company set out to fix news deserts. Instead, it copied local journalists’ work

Repeat after me: AI cannot write journalism and should never be used in place of a journalist. I believe it can be a very useful tool — but it is a tool for humans.

So this whole initiative was misconceived:

“Artificial intelligence company Nota — whose clients include organizations like The Boston Globe and the Institute for Nonprofit News — is scrapping its network of local news sites after learning that they contained dozens of instances of plagiarism. […] The 11 sites — collectively called Nota News — launched in September as an effort to bring “bilingual local reporting and civic tools to underserved communities.””

The deal here was that the company would identify news deserts: places that were unserved or underserved by real newsrooms. And then it would try to serve those areas with content created by an LLM-based system.

This was inevitably going to plagiarize existing journalism, because what other source could it possibly use? An agentic system can’t do the on-the-ground research and reporting work involved in creating a story. It can gather together data points and turn them into something that looks like news, rather than journalism: sports scores, city council votes, and that kind of thing. But it can’t provide context if someone hasn’t already written it.

As the linked Poynter article points out:

“The articles were supposed to be based on publicly available civic information, such as press releases and videos of city council meetings. In reality, Poynter found more than 70 stories dating back to October that included reporting, writing and photography from local journalists without attribution.”

Someone had already written it: human journalists whose work was subsequently incorporated without attribution. The eleven human editors who used the LLM tools to generate content apparently didn’t realize that this work had been drawn into the mix. Again: that was inevitably going to happen as the stories began to not just say what had happened but explain why.

The AI hype cycle has created a bunch of really regrettable case studies that other organizations should learn from. This is one. There are more like it, where good intentions lead to accidental plagiarism (or hallucinations). There are plenty of stories where organizations have prematurely let people go because they incorrectly think they can replace human initiative with software. And all of them come down to believing a science fiction version of what this technology does instead of the actual reality of it.

That’s understandable: the reality is shifting quickly, and the marketing machine is incredibly strong. But everyone needs to take a breath with AI and get themselves to a more nuanced understanding of what it is — and isn’t.

LinkedIn Is Illegally Searching Your Computer

This is quite a serious accusation:

“Every time any of LinkedIn’s one billion users visits linkedin.com, hidden code searches their computer for installed software, collects the results, and transmits them to LinkedIn’s servers and to third-party companies including an American-Israeli cybersecurity firm.”

This is an EU-based site, hence the reference to the location of the cybersecurity firm. The authors are quick to point out that they believe this scanning is illegal in the EU.

The claim is also partially a little bit hyperbolic. “Installed software” makes it sound like LinkedIn is scanning your whole computer. In reality, it’s checking for browser extensions. That’s a fairly common component of modern browser fingerprinting: at this point it’s fairly well-known that, because of the individual mix of extensions, fonts, etc available to a browser, this can be used to track individuals on the web without using cookies.

That’s not to say that it’s not invasive — it clearly is!

Browser extensions can cover a ton of identifying activity: they can reveal a person’s religion, sexuality, interests, political orientation, and so on. The implication is that this is specifically bad here because LinkedIn knows the identity of its logged-in users; as a result, this is information it could use to hydrate profiles of the specific, known individuals who use its site for unknown purposes. It’s a little over the top to call this espionage, as the linked site here does, but it’s an abuse of trust that is certainly worth calling out.

I was mostly interested in how this works; if LinkedIn is doing it, then others surely are too. The answer seems to be a set of JS calls that work in most Chromium-based browsers (Chrome, Edge, Arc, Dia, etc). They’re checking for over six thousand extensions that they know and care about, which all have specific “tells” that a website can check for. And then they check to see if the page has been modified by anything to catch any that weren’t on their list. They also check, cheekily, to see if you have “Do Not Track” switched on, but track you regardless (it’s just another part of the fingerprint to them). Finally, they’re gathering everything from your screen size and CPU type to your battery level.

This all does double duty: the resulting fingerprint is so detailed that they can track you and notice when you’re using a different computer or have changed your settings, but can also be used to profile you for profit.

The quickest solution is to use Firefox, which blocks these kinds of fingerprinting attacks. Zen Browser, which is based on the Firefox core, is my day-to-day browser, and I love it. But Chromium-based browsers need to do more to stop fingerprinting, and jurisdictions like the EU need to ban the practice outright.

What Digital Isolation and Censorship Evasion Look Like In Wartime Iran

I’ve worried that the internet will become a casualty of our worsening global politics. The inherent co-operation needed to let global networks talk to each other is aligned with an open world but not so much with an authoritarian one. Walled-off national internets — often called splinternets — may become more common.

While I worry about this for the US as the authoritarian screws continue to tighten, this is the concrete reality for people in Iran and 20 other countries today. As this piece in Tech Policy Press points out:

“The cybersecurity company Surfshark recorded 81 new internet restrictions in 2025 across 21 countries, pointing to evolving patterns of repression. Out of the 81 restrictions Surfshark tracked, 51 of these restrictive measures were taken in response to political situations.”

News and information needs to be shared differently in this kind of environment: the digital distribution techniques we’ve spent the last few decades learning simply don’t apply. Last year, in Building distributed media for a democratic breakdown, I wrote about how we might learn from Cuba’s ‌El Paquete Semanal and take advantage of both sneakernets and peer-to-peer networks to overcome these kinds of blockades. In a restrictive environment, people need news and journalism more than ever.

I wrote that piece somewhat speculatively, but the reception to it in journalistic circles took me by surprise. It’s an idea and a worry that people are taking seriously. And over the last six months, in a world that has seen more conflict, more restrictions, and more attacks on free speech, there have only been reasons to take it more so.

The Right Is Using AI Content Scanners to Try to Supercharge Book Banning

This AI-powered effort is intentionally designed to create chilling effects and reduce support for vulnerable communities:

“Conservative parents’ advocacy groups have been experimenting with using commercially available artificial intelligence tools to help them flag more books they’ve deemed pornographic to be removed from public schools and libraries. Even though LLMs are notoriously error-prone, and the books in question aren’t pornographic, these groups continue to explore use cases for AI anyway.”

According to 404 Media’s reporting, the script has a list of 300 or so words that form the basis of a heuristic that applies an “appropriateness” score to each one. If the book is deemed inappropriate, the script creates an automated report designed to be attached to book challenges at the school district level.

This reminds me of DOGE itself, which used a keyword-based system to flag “woke” grants that should be defunded that led to some incredibly dumb decisions about what should go:

“Among them, for example, was a $470,000 grant to study the evolution of mint plants and how they spread across continents. As best we can tell, the project ran into trouble with Republicans on the Senate Committee on Commerce, Science and Transportation because of two specific words used in its application to the NSF: “diversify,” referring to the biodiversity of plants, and “female,” where the application noted how the project would support a young female scientist on the research team.”

These techniques are clearly inaccurate, but that’s not the point: it’s enough to cause havoc and make people second guess publishing books on certain topics. It’s the same culture of chaos that led to a school librarian being fired for (correctly) refusing to remove over a hundred LGBTQ books from the children’s to the adult section of her library. And it’s all designed to harm some of the people who need the most support.

The DOJ thinks news is contraband

This Freedom of the Press piece is highly relevant to how one might think about source materials in any kind of newsroom that accepts tips from others. It might not be obvious to outsiders, but newsrooms don’t facilitate tips directly from sources: material has to be volunteered without participation from the newsroom. Aside from generic instructions, nobody’s helping sources to do it.

A Biden-era precedent, now leapt on enthusiastically by the Trump administration, has begun to treat those materials as contraband regardless of how they were obtained. It’s also expanded that definition to include interviews with anyone who’s not approved to speak on the record. That line of thinking justified the raid on Washington Post reporter Hannah Natanson, where they took terabytes of data. Natanson had, just a month prior, published her account of being an engagement reporter whose job included receiving tips from the federal government. In more normal times, that account would not have made her a target.

It was previously found, in the aftermath of Daniel Ellsberg’s Pentagon Papers case, that newsrooms could publish information that was leaked to them. That’s a vital foundation for journalism and a free press, and therefore our ability to make informed democratic decisions. But this new precedent undermines that principle, and therefore our ability to understand the world around us. As the Freedom of the Press Foundation put it:

“The Pentagon Papers case stands for the proposition that the government cannot suppress the publication of truthful information of public concern, even when it would very much like to. The contraband theory is an attempt to achieve the suppression indirectly — by redefining journalists’ work product as something illicit that the government can confiscate.”

As they point out in the piece, legislation is in the works to rein these abuses in, and the judge in a pending court case has the opportunity to stand up for the First Amendment and a free press.

But there’s everything to play for. In the current political environment it’s not a slam dunk that our right to understand the world around us through investigative journalism will be upheld. We need it to be if we want to have any hope of holding people with power accountable.

The White House has an app now, and Trump wants you to report people to ICE on it

A little history lesson from the Wiener Holocaust Library:

“In Nazi Germany, some citizens passed on information about their neighbours, family, and friends to the Gestapo . This was called informing. Nazi propaganda presented the Gestapo as an omnipresent , all-seeing, all-knowing group, but in reality there was just one secret police officer for approximately every 10,000 citizens of Nazi Germany. The Gestapo were therefore reliant on a network of thousands of informants.

The information passed on by informants typically accused someone of breaking the law or of being a criminal in some way. The information provided was not always based on fact and could often be rumour or suspicion.”

Meanwhile, in completely unrelated news, The Verge reports on a new app from the White House:

“A new official White House app on Android and iOS takes the content from the White House website and copies it into app format. […] A handful of tabs in the app mostly replicate pages that exist on the Trump Administration’s version of the White House website, including news, livestreams, social feeds, and a gallery. A prominent “Get in Touch” button on the social feeds tab includes an option for users to submit a tip to ICE, which takes them to a tip form on the ICE website.”

Wow, am I glad to be living in a time where everything is normal and the historical precedents are not literally screaming at us.

Book Review: Superintelligence - Paths, Dangers, Strategies by Nick Bostrom ★★★★⯪ - Terence Eden’s Blog

2026-04-03T11:34:34.000Z

When I finally invent time-travel, the first thing I'll do is go back in time and give everyone a copy of this book. Published in 2014, it clearly sets out the likely problems with true Artificial Intelligence (not the LLM crap we have now) and what measures need to be put in place before it is created.

It opens with The Unfinished Fable of the Sparrows:

Which, frankly, should be the end of the discussion. Oh Scronkfinkle, why didn't they listen to you?

This book attempts to set out they why and the how of protecting humanity from the (inevitable?) arrival of machines which we would describe as "superintelligent". That is, capable of human-level reasoning and understanding, but unlimited in terms of speed, working memory, and accuracy.

For example, automated trading algorithms caused a "Flash Crash" of the stock market in 2010. Unchecked machines very nearly destabilised the financial work. As Bostrom writes:

[…] while automation contributed to the incident, it also contributed to its resolution. The pre-preprogrammed stop order logic, which suspended trading when prices moved too far out of whack, was set to execute automatically because it had been correctly anticipated that the triggering events could happen on a timescale too swift for humans to respond. The need for pre-installed and automatically executing safety functionality—as opposed to reliance on runtime human supervision—again foreshadows a theme that will be important in our discussion of machine superintelligence.

So where are those safety functions now? Are any of the AI providers building in guardrails to prevent atrocities? We know that some LLMs are restricted from sharing details about devastating weapons of mass destruction - but there seems little else put in place.

The book is mostly accessible but veers wildly between casual language, deep philosophical tracts, pointed snark, and the occasional dive into maths and physics. For anyone with even a passing interest in the progression of any technology, it is a worthwhile read.

Many of the predictions are spot on:

As of 2012, the Zen series of go-playing programs has reached rank 6 dan in fast games (the level of a very strong amateur player), using Monte Carlo tree search and machine learning techniques. Go-playing programs have been improving at a rate of about 1 dan/year in recent years. If this rate of improvement continues, they might beat the human world champion in about a decade.

In fact, AlphaGo achieved mastery at the end of 2016.

In the slightly longer term, the cost of acquiring additional hardware may be driven up as a growing portion of the world’s installed capacity is being used to run digital minds […] as investors bid up the price for existing computing infrastructure to match the return they expect from their investment

As I wrote about in "AI is a NAND Maximiser" this too has come to pass.

While LLMs weren't yet invented when this was written, there's an excellent prediction about how an AI could become a pernicious psychological adversary:

Caution and restraint would be required, however, for us not to ask too many such questions—and not to allow ourselves to partake of too many details of the answers given to the questions we do ask—lest we give the untrustworthy oracle opportunities to work on our psychology (by means of plausible-seeming but subtly manipulative messages). It might not take many bits of communication for an AI with the social manipulation superpower to bend us to its will.

Indeed, I think it is clear that this is already happening. While I don't ascribe malice (or any other motivation) to the AIs, it is clear that their makers have a bias towards obsequiousness.

Other predictions are perhaps a little wide of the mark:

if somebody were to succeed in creating an AI that could understand natural language as well as a human adult, they would in all likelihood also either already have succeeded in creating an AI that could do everything else that human intelligence can do, or they would be but a very short step from such a general capability.

We're a few years in to the LLM revolution and, while we can quibble about what "understand" means, it's clear that natural language can now mostly be interpreted by computers. But that doesn't seem to have made the leap to general intelligence, nor the acceleration of art and science.

Others are hopeful but possibly a bit naïve:

A future superintelligence occupies an epistemically superior vantage point: its beliefs are (probably, on most topics) more likely than ours to be true. We should therefore defer to the superintelligence’s opinion whenever feasible.

Yes, there probably are modern concepts which have more in common with "phlogiston" than reality. But if a scientist were to time-travel back to the early 1700s, how easy would it be for them to disprove the theory? Perhaps AI ought to exist in the "trust but verify" space?

It is slightly over-footnoted, with no distinction between citation and diverting passage. There's also a tendency to go off in fanciful directions - the stuff on genetically enhancing humans goes on a bit too long for my tastes. Similarly, the philosophy of maximising happiness by emulating brains and virtually doping them seemed unconvincing.

That said, some of the thought experiments are both fun and profound - the seminal "Paperclip Maximiser" was introduced in this book.

There are some downsides. An over-reliance on specific individuals like Eliezer Yudkowsky crowds out some of the other important thinkers.

One of the suggestions made has already fallen:

One valuable asset would be a donor network comprising individuals devoted to rational philanthropy, informed about existential risk, and discerning about the means of mitigation. It is especially desirable that the early-day funders be astute and altruistic, because they may have opportunities to shape the field’s culture before the usual venal interests take up position and entrench.

The "Effective Altruism" movement is now hopelessly compromised and seemingly in tatters. Similarly, the cult of rationalism has taken an unfortunate turn to the bizarre and dangerous.

Nevertheless, it's hard to argue with the philosophy. Whether or not "superintelligence" is ever achieved, we should have systems in place now to protect us. It's the same as any other technology - the time to set up nuclear non-proliferation agreements and the systems to monitor them was before we invented them.

Simplifying MBA obfuscation with CoBRA - Trail of Bits Blog

2026-04-03T11:00:00.000Z

Mixed Boolean-Arithmetic (MBA) obfuscation disguises simple operations like x + y behind tangles of arithmetic and bitwise operators. Malware authors and software protectors rely on it because no standard simplification technique covers both domains simultaneously; algebraic simplifiers don’t understand bitwise logic, and Boolean minimizers can’t handle arithmetic.

We’re releasing CoBRA, an open-source tool that simplifies the full range of MBA expressions used in the wild. Point it at an obfuscated expression and it recovers a simplified equivalent:

$ cobra-cli --mba "(x&y)+(x|y)"
x + y

$ cobra-cli --mba "((a^b)|(a^c)) + 65469 * ~((a&(b&c))) + 65470 * (a&(b&c))" --bitwidth 16
67 + (a | b | c)

CoBRA simplifies 99.86% of the 73,000+ expressions drawn from seven independent datasets. It ships as a CLI tool, a C++ library, and an LLVM pass plugin. If you’ve hit MBA obfuscation during malware analysis, reversing software protection schemes, or tearing apart VM-based obfuscators, CoBRA gives you readable expressions back.

Why existing approaches fall short

The core difficulty is that verifying MBA identities requires reasoning about how bits and arithmetic interact under modular wrapping, where values silently overflow and wrap around at fixed bit-widths. An identity like (x ^ y) + 2 * (x & y) == x + y is true precisely because of this interaction, but algebraic simplifiers only see the arithmetic and Boolean minimizers only see the logic; neither can verify it alone. Obfuscators layer these substitutions to build arbitrarily complex expressions from simpler operations.

Previous MBA simplifiers have tackled parts of this problem. SiMBA handles linear expressions well. GAMBA extends support to polynomial cases. Until CoBRA, no single tool achieved high success rates across the full range of MBA expression types that security engineers encounter in the wild.

How CoBRA works

CoBRA uses a worklist-based orchestrator that classifies each input expression and selects the right combination of simplification techniques. The orchestrator manages 36 discrete passes organized across four families—linear, semilinear, polynomial, and mixed—and routes work items based on the expression’s structure.

Most MBA expressions in the wild are linear: sums of bitwise terms like (x & y), (x | y), and ~x, each multiplied by a constant. For these, the orchestrator evaluates the expression on all Boolean inputs to produce a signature, then races multiple recovery techniques against each other and picks the cheapest verified result. Here’s what that looks like for (x ^ y) + 2 * (x & y):

CoBRA linear simplification flow: (x ^ y) + 2 * (x & y)
Step 1: Classification Input expression is identified as Linear MBA
↓
Step 2: Truth Table Generation Evaluate on all boolean inputs → `[0, 1, 1, 2] truth table`
↓
Step 3a: Pattern Match Scan identity database	Step 3b: ANF Conversion Bitwise normal form	Step 3c: Interpolation Solve basis coefficients
↓
Step 4: Competition Compare candidate results → Winner: x + y (Lowest Cost)
↓
Step 5: Verification Spot-check against random 64-bit inputs or prove with Z3 → Pass

When constant masks appear (like x & 0xFF), the expression enters CoBRA’s semi-linear pipeline, which breaks it down into its smallest bitwise building blocks, recovers structural patterns, and reconstructs a simplified result through bit-partitioned assembly. For expressions involving products of bitwise subexpressions (like (x & y) * (x | y)), a decomposition engine extracts polynomial cores and solves residuals.

Mixed expressions that combine products with bitwise operations often contain repeated subexpressions. A lifting pass replaces these with temporary variables, simplifying the inner pieces first, then solving the expression that connects them. Here’s what that looks like for a product identity (x & y) * (x | y) + (x & ~y) * (~x & y):

CoBRA mixed simplification flow: (x & y) * (x \| y) + (x & ~y) * (~x & y)
Step 1: Classification Input is identified as Mixed MBA
↓
Step 2: Decompose Decompose into subexpressions ↓
(x & y) * (x \| y)	(x & ~y) * (~x & y)
↓	↓
Step 3: Lift & Solve Lift products, solve inner pieces
↓
Step 4: Collapse Identity Collapse product identity → *x y**
↓
Step 5: Verification Spot-check against random 64-bit inputs or prove with Z3 → Pass

Regardless of which pipeline an expression passes through, the final step is the same: CoBRA verifies every result against random inputs or proves equivalence with Z3. No simplification is returned unless it is confirmed correct.

What you can do with it

CoBRA runs in three modes:

CLI tool: Pass an expression directly and get the simplified form back. Use --bitwidth to set modular arithmetic width (1 to 64 bits) and --verify for Z3 equivalence proofs.
C++ library: Link against CoBRA’s core library to integrate simplification into your own tools. If you’re building an automated analysis pipeline, the Simplify API takes an expression and returns a simplified result or reports it as unsupported.
LLVM pass plugin: Load libCobraPass.so into opt to deobfuscate MBA patterns directly in LLVM IR. If you’re building deobfuscation pipelines on top of tools like Remill, this integrates directly as a pass. It handles patterns spanning multiple basic blocks and applies a cost gate, only replacing instructions when the simplified form is smaller, and supports LLVM 19 through 22.

Validated against seven independent datasets

We tested CoBRA against 73,066 expressions from SiMBA, GAMBA, OSES, and four other independent sources. These cover the full spectrum of MBA complexity, from two-variable linear expressions to deeply nested mixed-product obfuscations.

Category	Expressions	Simplified	Rate
Linear	~55,000	~55,000	~100%
Semilinear	~1,000	~1,000	~100%
Polynomial	~5,000	~4,950	~99%
Mixed	~9,000	~8,900	~99%
Total	73,066	72,960	99.86%

The 106 unsupported expressions are carry-sensitive mixed-domain cases where bitwise and arithmetic operations interact in ways that current techniques can’t decompose. CoBRA reports these as unsupported rather than guessing wrong. The full benchmark breakdown is in DATASETS.md.

What’s next

CoBRA’s remaining failures fall into two categories: expressions with heavy subexpression duplication that exhaust the worklist budget even with lifting, and carry-sensitive residuals where bitwise masks over arithmetic products create bit-level dependencies that no current decomposition technique can recover. We’re also exploring broader integration options beyond just an LLVM pass, like native plugins for IDA Pro and Binary Ninja.

The source is available on GitHub under the Apache 2.0 license. If you run into expressions CoBRA can’t simplify, please open an issue on the repository. We want the hard problems.

The "Passive Income" trap ate a generation of entrepreneurs - Westenberg

2026-04-03T06:25:28.000Z

I had coffee last year with a guy - I won't use his real name - who told me he was "building a business." I asked what it did. Dropshipping jade face rollers.

I made him say it twice.

Jade face rollers.

He'd found them on Alibaba for $1.20 each, and started selling them through Shopify for $29.99. Never used one himself. Didn't really know what they were for - something about lymphatic drainage? Reducing puffiness? He said "lymphatic" the way you say a word you've only ever read and never heard out loud.

Some guy on YouTube said jade rollers were "trending," the margins looked insane on paper, so he'd "built" a website with stock photos of a dewy-skinned woman rolling a green rock across her cheekbone and started running Facebook ads at $50 a day. Customers would email asking where their stuff was - shipping from Guangzhou, three to six weeks, sometimes way longer - and he'd copy-paste a response he found on a dropshipping subreddit. He had a Google Doc full of pre-written customer service replies.

Never talked to a single customer.

I swear to god.

Five months in, he was $800 in the hole.

He told me all this like he'd invented the wheel.

I bought him another coffee. I genuinely had no idea what else to do.

Jade Roller Guy has become my go-to example of something that went drastically, terribly wrong with how a whole generation of would-be entrepreneurs thought about work and money. A specific ideology - I've been calling it Passive Income Brain - grabbed a huge chunk of the people who were, by temperament and ability, most likely to start real businesses, and it gave them a completely fucked set of priorities.

Somewhere between 2015 and 2022, "passive income" stopped being a boring financial planning term and became, I don't know how else to put this, a salvation narrative. I mean that literally. There was an eschatology if you want to get nerdy about it. The Rapture was the day your "passive income" exceeded your monthly expenses and you could quit your job forever. People talked about it with that exact energy.

But, of course, the folks making any actual income, of any kind, were the ones selling courses about making passive income. It was an ouroboros. It was an ouroboros that had incorporated in Delaware and was running Facebook ads.

The pitch went something like: you, a sucker, currently trade your time for money. This is what employees do, and employees are suckers. (I'm paraphrasing, but not by much.) Smart people build SYSTEMS. A system is anything that generates revenue without your ongoing involvement. Write an ebook. Build a dropshipping store. Create an online course. Set up affiliate websites.

The specific vehicle doesn't matter because the important thing isn't what you build, it's the structure. You want a machine that generates cash while you sleep, and once you have that machine, you are free.

Free to do what? Sit on a beach, apparently. Every single one of these people wanted to sit on a beach. I've never understood this. Have they been to a beach? There's sand. It gets everywhere. You can sit there for maybe three hours before you want to do literally anything else.

But I digress.

The allure is real. Who doesn't want money that shows up while you sleep?

I'd fucking love that. I'd love it very much indeed. But "passive income" as an organizing philosophy for your entire business life, for how you think about work, is almost perfectly designed to produce garbage.

When you make "passivity" the thing you're optimizing for, you stop caring about anything a customer might actually want. Caring is active. Caring takes time. Caring is work.

Giving a shit is, by definition, not passive.

Between 2019 and 2021, roughly 700,000 new Shopify stores opened. The platform went from about a million merchants to 1.7 million in two years. About 90% of those stores failed within their first year. That's not a business model. That's a meat grinder with a landing page.

We started drowning in a million businesses nobody was actually running. Dropshipping stores with six-week shipping times and customer service that was just copy-pasted templates. Guys who'd put their "brand name" - usually something like ZENITHPRO or AXELVIBE, always in all caps, always vaguely aggressive - on a garlic press identical to four hundred other garlic presses on the same Amazon page. AXELVIBE! For a garlic press!

And the affiliate blogs! Hundreds of thousands of them, pumped full of SEO-optimized reviews of products the authors had never touched, never even seen in person. A fractal of bullshit that technically qualifies as commerce but puts zero dollars of actual value into the world.

Leverage is real; I'm not disputing that. There is a difference between trading hours for dollars and building something that scales. Software does this. Publishing does this. You write a book once, sell it many times, nobody calls that a scam. Fine! That part they got right!

Where it went wrong is that the whole movement confused "build a good product that scales" with "build any mechanism that extracts money without you being involved." I don't think that confusion was accidental. I think the confusion was the point. Because if you're teaching people to build real businesses, you have to sit with hard, boring questions about whether anyone actually wants what you're selling. But if you're teaching people to build "passive income streams" you can skip all of that and go straight to the fun tactical shit. How to run Facebook ads, how to set up a Shopify store in a weekend, how to write email sequences that manipulate people into buying things they don't need.

Nobody talks enough about what the passive income movement did to the content quality of the entire internet. If you've tried to google "best [anything]" in the last five years and gotten a wall of nearly identical listicles, all with the same structure ("We tested 47 blenders so you don't have to!"), all making the same recommendations, all linking to the same Amazon products, you've experienced the results.

Those articles weren't written by people who cared whether you bought a good blender. They were written by people who cared whether you clicked their affiliate link, because that's what generated passive income, and the incentives made honesty actively counterproductive.

The honest review of blenders is: "most blenders are fine, just get whatever's on sale, the differences below $100 are basically meaningless." That review generates zero affiliate revenue. So nobody wrote it.

Instead you got "The Vitamix A3500 is our #1 pick!" with a nice affiliate link, written by someone who has never blended anything in their life. Multiply this across every product category and you start to understand the informational desert we've been living in. We broke Google results, at least partly, because an army of passive income seekers had an incentive to flood the internet with plausible-sounding garbage.

(Someone is going to object that Google should have filtered this stuff out, and yes, sure, but also, "the people creating the pollution aren't at fault because the EPA should have caught it" has never been a great argument.)

I've met dozens of smart, capable people who had actual energy, and who spent their entire twenties bouncing between passive income schemes instead of building real skills // real businesses // real careers. The pattern was always the same: six months on a dropshipping store, it fails, pivot to Amazon FBA, that fails, pivot to creating a course about dropshipping (because of course), and then the course doesn't sell either because by 2021 there were approximately forty thousand courses about dropshipping and the market had been saturated since before they started.

And the whole time they were getting further and further from the thing that actually creates economic value, which is: find a real problem, solve it for real people, care enough to stick around and keep improving. The boring thing. The thing that takes years. The thing that is, to be absolutely clear about this, not passive.

I once saw a guy ask whether he should start a dog walking business and the top response was something like "dog walking isn't scalable, you should build a dog walking platform instead." This person liked dogs! He liked walking! He lived in a neighborhood full of busy professionals with dogs!

But the Passive Income Brain thing had gotten so deep into how people talked about business online that "do the simple obvious thing that works for you" was considered naive, and "build a technology platform for an activity you've never actually done as a business" was considered smart.

The dog walking guy could have been profitable in a week.

The app guy would have burned through his savings in six months and ended up with a landing page and no users.

By 2020 the passive income world was absolutely crawling with grift: guys posing with rented Lamborghinis in YouTube thumbnails, "digital nomads" whose actual income came entirely from selling the dream of being a digital nomad to other aspiring digital nomads, podcast hosts interviewing each other in an endless circle of mutual promotion where everyone claimed to make $30K/month and nobody could explain what they actually produced. By 2021 or so it started to look like a distributed, socially acceptable MLM. The product was the dream of not working. The customers were people desperate enough to pay for it.

Not everyone in this world was cynical. I genuinely believe that. A lot of the people selling passive income content believed their own pitch. They'd had some real success with a niche site - pulled $3,000/month for a while, it does happen - read the same books everyone else read, figured okay, I'll teach other people my system. Why not. I would have done the same thing at 24. I'm almost sure of it.

But zoom out and what you had was just an enormous machine converting human ambition into noise. Affiliate spam // dropshipped junk // ebooks about passive income // courses about courses. An entire layer of the internet that was nothing but confident-sounding bullshit produced by people who had optimized for everything except making something worth buying.

The people near the top made money. Everyone else spent months or years chasing a mirage and came out with nothing but a Shopify subscription they forgot to cancel. They thought they'd failed. They hadn't failed. The system, every system, failed them.

What actually makes money hasn't changed. You find something people need. You get good at providing it. You charge a fair price and you keep showing up even when it's tedious and even when you don't want to. You build relationships over years. You build reputation over years. None of it is passive, and none of it has ever been passive! All of it revolves around giving a shit, day after day, about something specific. I don't think anyone has ever found a way around that and I don't think anyone will.

The passive income thing was a fantasy about not having to give a shit.

This is a terrible foundation for pretty much anything.

The affiliate SEO blogs are being slaughtered right now by AI-generated content. The people who spent years producing algorithmically optimized content of no value to humans are getting outcompeted by software that does the exact same thing, faster and cheaper. Facebook ad costs went through the roof and took the dropshipping gold rush with them. The biggest passive income gurus have already pivoted to selling AI courses. The machine keeps running. It just swaps out the brochure.

But I've noticed more people talking about what I'd call "give a shit" businesses - people who make furniture, run plumbing companies, write software they actually use themselves. Stuff where the answer to "why does your business exist?" isn't "to generate passive income for me." This works a lot better than the laptop-on-the-beach grind.

Jade Roller Guy, if you're out there: I hope you found something real.

I hope it keeps you busy.

Westenberg is designed, built and funded by my solo-powered agency, Studio Self. Reach out and work with me:

Work with me

The open web isn't dying. We're killing it - Werd I/O

2026-04-03T01:58:17.000Z

[Julien Genestoux]

Julien is right:

“Why did we keep outsourcing identity, distribution, and monetization to companies whose incentives were obviously misaligned with ours?

[…] It is because, collectively, we preferred the short-term consumer surplus of convenience over the long-term responsibilities of stewardship.”

We can raise the alarm about the demise of the open web all we want, but you can’t sell or promote a technology based on ideology alone. The truth is that other solutions were quicker and easier — even for many of us that held up the open web banner.

[Link]

An AI company set out to fix news deserts. Instead, it copied local journalists’ work - Werd I/O

2026-04-03T01:26:38.000Z

[Angela Fu in Poynter]

Repeat after me: AI cannot write journalism and should never be used in place of a journalist. I believe it can be a very useful tool — but it is a tool for humans.

So this whole initiative was misconceived:

“Artificial intelligence company Nota — whose clients include organizations like The Boston Globe and the Institute for Nonprofit News — is scrapping its network of local news sites after learning that they contained dozens of instances of plagiarism. […] The 11 sites — collectively called Nota News — launched in September as an effort to bring “bilingual local reporting and civic tools to underserved communities.””

As the linked Poynter article points out:

“The articles were supposed to be based on publicly available civic information, such as press releases and videos of city council meetings. In reality, Poynter found more than 70 stories dating back to October that included reporting, writing and photography from local journalists without attribution.”

[Link]

LinkedIn Is Illegally Searching Your Computer - Werd I/O

2026-04-03T01:11:11.000Z

[BrowserGate by Fairlinked]

This is quite a serious accusation:

“Every time any of LinkedIn’s one billion users visits linkedin.com, hidden code searches their computer for installed software, collects the results, and transmits them to LinkedIn’s servers and to third-party companies including an American-Israeli cybersecurity firm.”

This is an EU-based site, hence the reference to the location of the cybersecurity firm. The authors are quick to point out that they believe this scanning is illegal in the EU.

The claim is also partially a little bit hyperbolic. “Installed software” makes it sound like LinkedIn is scanning your whole computer; in reality, it’s checking for browser extensions. That’s a fairly common component of modern browser fingerprinting; at this point it’s fairly well-known that, because of the individual mix of extensions, fonts, etc available to a browser, this can be used to track individuals on the web without using cookies. That’s not to say that it’s not invasive — it clearly is!

[Link]

Surf demonstrates the power of the open social web - Werd I/O

2026-04-02T19:32:28.000Z

My friends at Flipboard launched Surf, its open social web browser, on the web today.

I’ve been using Surf for a while. It’s a kind of browser for the open social web: a way to bring together all of your social feeds (Bluesky, Mastodon, RSS, YouTube) in one place and read them together. You can get an all-in-one feed, but anyone can create a curated feed for a specific topic.

For example, here’s my Speaking Truth to Power feed, which I’ve curated to highlight reporting shared by non-profit newsrooms covering the US. I also have a companion Speaking Truth to Tech Power feed, which specifically highlights tech stories that go a little bit deeper and explore the power dynamics technology can enforce.

For media companies, it’s even more interesting. The feed for Decoder, the podcast from The Verge, lets you listen to every Decoder episode. But if you click through to the other tabs, you’ll also find posts from sources and topics that the Verge thinks are interesting, and any discussion about the show that uses the #decoder hashtag. You can also click to see the sources that the Verge used to make the feed, which allows you to remix and make your own.

Beyond Decoder and The Verge, there are a whole host of other publications already creating feeds in Surf. I’m aware of (deep breath): WIRED, Rolling Stone Politics, 404 Media, Shutdown Fullcast, The MMQB, Defector: Sports!, All Net, FilmFeed, and The Oregonian, but more will follow. These are media properties that have chosen to create their own feeds with Surf, but it’s important to understand that they’ve also made the conscious choice to join the open social web.

This kind of functionality is only possible on an open social web: a place where all content can be brought together using open protocols to create new kinds of community experiences. It’s genuinely exciting to me. Surf is a first-class consumer web service, but it’s also one of the first to show what the unique value of the open social web can truly be for publishers. Any publication can now showcase its own posts across platforms together, with the social proof of conversation from other people who are talking about its work, together with media from other, relevant companies. And they can do it without asking anyone for permission.

And this openness goes both ways. As well as content from the open social web flowing into Surf, feeds made with Surf integrate with Bluesky, so you can follow the curated posts there, too. For example, here’s Speaking Truth to Power and its tech equivalent over there. This openness also demonstrates that publishers aren’t locked into Surf itself, and you can easily imagine more developers integrating with these feeds and creating other interesting experiences around them.

In short, I think this is great: a tool that shows (not tells) what the open social web makes possible, creates new value for publishers in the process, and does it through a first-class experience. More like this, please.

You can sign up for Surf at surf.social.

Note published on April 2, 2026 at 5:41 PM UTC - Molly White's activity feed

2026-04-02T17:41:11.000Z

One of the government's attorneys in the CFTC's lawsuit against the states who've sued Kalshi was a lawyer for Kalshi in its lawsuit against the CFTC in 2023. He joined the DOJ in February 2025.

Note published on April 2, 2026 at 5:17 PM UTC - Molly White's activity feed

2026-04-02T17:17:59.000Z

The CFTC (the US commodities regulator) has just sued Arizona, Connecticut, and Illinois for their efforts to "outlaw, regulate, or otherwise restrain" prediction markets like Kalshi.

This is another escalation by newly appointed CFTC chair Mike Selig (and sole Commissioner at the agency), who has taken it upon himself to assert the CFTC's sole regulatory authority over prediction markets. Recently, the CFTC filed a supporting brief in Crypto.com's lawsuit against Nevada.

As I wrote then, "Since the CFTC has filed no enforcement actions against prediction markets after embracing the sector following Trump’s election, Selig’s jurisdictional claim seems designed to shield the sector rather than regulate it."

Nevertheless, the CFTC's press release accompanying these lawsuits claims that state regulatory intervention could result in "poorer consumer protection and increased risk of fraud and manipulation".

Note published on April 2, 2026 at 2:32 PM UTC - Molly White's activity feed

2026-04-02T14:32:45.000Z

misophonia sufferers vindicated as scientists confirm the remaining 3% are also under investigation

"Study: 97% Of All Sounds Infuriating", The Onion

Concert Review: London Philharmonic - Pictures at an Exhibition ★★★★★ - Terence Eden’s Blog

2026-04-02T11:34:07.000Z

A delightful and emotional rendition of three rather different works.

Mark-Anthony Turnage's "Three Screaming Popes" was a chaotic cacophony. Wild, bizarre, inventive, and seemingly driven by excess. A fascinating performance, although not one I'll put on in the background. Turnage himself took to the stage to bask in the applause.

Bartók's Violin Concerto No. 1. Reading the story behind the composition made the performance by soloist Alina Ibragimova even more terrifying than it might have otherwise been. The sounds emanating from her violin were somewhere between a tantrum and flirtatious coquette. Stunning to see her tear up the stage.

Mussorgsky's Pictures at an Exhibition. Outstanding. Hearing a 100 piece orchestra power through the score was exhilarating. It is such a vivid piece. There's no other way to describe it - each movement is distinct and full of character. One of those rare pieces where you can feel the music worming its way into your brain.

You can listen to the concert on BBC Radio 3.

Pre- and Post-Show

I've written before about The art of the Pre-Show and Post-Show. Venues and shows have multiple ways to make an event special for an audience.

This concert did some things really well. For a start - the programme was free! I wish the West End was a bit more like Broadway with a free "Playbill" at every show. Even better, the programme was actually useful! Some nice blurbs about the performers and the pieces.

I particularly liked this little snippet:

How wonderful! It's always someone's first time at an orchestral concert. More programmes should have these little comfort notes.

Other than that, there wasn't much. There was no interaction between the conductor and audience, which felt a little odd. The programme had a QR code to a 31(!) point questionnaire. I'm not sure how many people would be bothered to complete that.

Royal Festival Hall is a delight - plenty of space, multiple bars, lots of seating areas, and a larger number of spacious & clean toilets. An excellent venue.

Time is a User-Interface - Westenberg

2026-04-02T00:32:14.000Z

Using my edit button shortcut - James' Coffee Blog

2026-04-02T00:00:00.000Z

In 2025 I built a browser extension that adds an edit button to your browser. The edit button pages if a page either has:

A rel=edit link;
A custom edit link set in the extension preferences, or;
A link with an anchor like “edit page” (only available if you enable the setting, since this is a heuristic).

Back when I built the extension, I added in a keyboard shortcut to open the edit link associated with a page. On Mac, the shortcut is Command + Shift + E.

I forgot all about this shortcut until recently, when I accidentally pressed Command + Shift + E instead of Command + Shift + R, the shortcut to refresh a page. At first, I was surprised, but the mis-press gave me the reminder I needed that this feature exists.

Since then, I have been using the Command + Shift + E shortcut almost daily to edit pages on my website.

I like that the shortcut has a similar hand position to refreshing, a shortcut that I find relatively comfortable to use. I also like that the shortcut only requires use of my left hand, so that I can press the edit button while using my mouse to navigate to my next task.

My flow to edit a page now usually looks something like this:

Go to a page on my website (i.e. my software notes page).
Press Command + Shift + E.
Ghost opens in my browser.
I use my mouse to navigate to Apple Notes, where I usually have notes I want to copy onto my website.
I use my mouse to go back to Ghost where I paste in my notes and organise and develop them a bit where necessary.
I save my edits.

While I could also use the mouse to press the edit link button that appears in my browser, the shortcut is so convenient.

The irony is that I forgot the shortcut existed until I accidentally encountered it. Indeed, overall, I struggle with remembering keyboard shortcuts beyond the basics (copy, paste, quit, refresh), preferring to opt for a menu or another visible affordance. But the edit keyboard shortcut is now becoming one I use regularly so it is increasingly etched into my memory. I think there was a gap to bridge between adding the shortcut as a feature in the development process and making a habit around its use.

browser extension that adds an edit button to your browser software notes page

For The Seiko of It - Hey, it's Jason!

2026-04-02T00:00:00.000Z

I wasn't going to pick up any new watches on this trip. Then I picked up a new watch. 🤷

March 2026 Summary - Joel's Log Files

2026-04-01T15:50:50.000Z

The year continues to move at an incredible pace, and I continue to engage with so many forms of media, keeping track is starting to get a bit confusing! Nothing impossible to manage of course, it’s fun to have so many more things going on.

Podcasts

Once again, my podcast listening has been diminishing this year, as music continues to go upwards! I think that now that I fully settled on scrobbling with Listenbrainz, plus going to sleep with music over podcasts, has helped quite a bunch. Another big reason might be that I haven’t listened to Welcome to Night Vale in a while, which was what I listened to before sleep. In any case I listened to 23 horus of podcasts in March!

The podcasts I have been listening

Into The Aether - The usual run of current weekly episodes. The run so far has been amazing, featuring all maner of games like Resident Evil Requiem, Persona 4 Golden, Pokémon Pokopia, Danganronpa, Marathon, Slay The Spire 2 and Minishoot Adventures.
99% Invisible - A couple of great episodes on the Em Dash, and the history behind knowing where we are.
Wolf 359 - Listened up to episode 45 of this show. The story continues to be incredible, some of my favorites episodes that I still remembered from my first listen around 5 years ago. I drama and the stakes are getting real.
Revolutions - Listened to another four episodes or so of the French Revolution. This historical event has so much to unpack, I have listened to 50 episodes of it so far.
Stuff You Should Know - Just a random selection of episodes I listened to. Like an episode on tracking time, and flood myths.
Dungeons and Daddies - Listened to one episode and a half of Season 3! It got interested by the end so I expect to keep this up next month a bit more.
They’re Just Movies - This one is no longer around, but I listened to their overview of the Aliens movie, and want to check some more of their episodes. I kinda miss it.
Trash Taste - Just picking episodes at random, not much else.

Gaming

Gaming took over, and despite it all, I didn’t finish a single game! I just started so many at once and I am kind of having fun just jumping around between them without any rhyme or reason. But hey, they’re games, meant to be fun, after all.

The games I have been playing

Started

Resident Evil - I decided to venture into the world… of Survival Horror. The game that started it all! After the sequel, I thought I’d visit the original, and I have to say, I have really enjoyed it so far. I am happy to say I’ve managed to figure out all of the puzzles without help, except for the one that uses the chemical. Other than that, it’s been fun.
Metroid Fusion - I have so many Metroidvanias avilable to me, and I haven’t finished Silksong in ages, and yet again, I’ve decided to start another run of Fusion on my Miyoo Mini Flip. This game rules, and I’ve already reached the third boss of the game. I want to finish it as quickly as I can without using save states!
Ridge Racer Type 4 - I listened to the soundtrack of this game and I wanted to check it out. There are so many menus and modes and an actual story? I just jumped into a race as quick as I could and enjoyed the soundtrack a bit, but I admit I didn’t do more, I prefer the PSP physics and gameplay.
River City Ransom - This is a game that I tried online with Naty playing via NSO. It is a fairly deep game for its time, and we definitely had a lot of fun with its gameplay and mechanics, we played it for like 40 minutes but ran out of time and we haven’t returned to it.
What Did I Do To Deserve This, My Lord!? 2 - This is considered a hidden gem of the PSP. A game where you create an underground dungeon and grow your own army of creatures who grow by themselves and follow basic movement patterns to fight against the heroes. It’s a fun subversion, but not my cup of tea, I think.
Pokémon Emerald Legacy - I played the first 20 minutes of this game and I am tempted to give it a proper go. The Legacy romhack is supposed to be the ultimate way to enjoy the game and I look forward to having the mood to get into it.
Caves of Qud - I played a bit of the tutorial since I’ve heard so many great things, but I didn’t go much deeper than that, it seems huge and I’m definitely interested though.

Ongoing

CrossCode - A wonderful game that really grew up on me during this month. I made a bunch of progress and since I’m playing it alongside some friends, I’ve really looked forward to what they think or have to say about stuff. I like that I’m ahead too, not gonna lie. In any case, all the dungeons have been awesome, and even if the puzzle design can be a little tiresome, it definitely gets my brain working and I love the feeling of figuring things out. The puzzles can definitely get long though.
Super Mario 3D World - This has been a fun game to play with friends, and even to go through by myself a couple of times. We are trying to get every single star and sticker from this before finishing the story! We made it to the final stage now that it’s kind of like a circus, and I’m looking forward to beating this game at some point in the next couple of months.
Ridge Racer - This masterpiece for the PSP continues to be excellent to play. I have made some progress doing World Tours in the EX class, and I love how this game just hooks me and won’t let me go at all.
Into The Breach - I ended up returning to this gem of a game and finally managed to complete a run on it, even if it was on easy. The tactics and mechanics of this masterpiece are just amazing. I want to keep playing more of it and master all the available mechs too.
Balatro - Ended up playing this game with friends a couple of times, however, I ended up finally caving in and purchasing the title for my phone… It is fun, and I am scared. I am yet to win a game though, despite it all.
Gladiator Begins - This title for the PSP is an arena battler that I’ve played on and off. I touched it for a bit during the PSP season of Into The Aether, but didn’t even bring it up much. I have played some more lately and yeah, it’s very fun! I’m currently stock in a boss fight though, where I simply need to git gud.
Vampire Survivors - This roguelike “bullet heaven” is finally losing its spell among my group of friends, we play it for time to time, but it definitely feels a bit more like homework lately, just to complete the unlockables and achievements. We will keep playing though, just not as crazy as before.
Grapple Dog - I barely touched this game, although I had a lot of fun with it last month, I need to get back to it, I really enjoyed the physics and mechanics of it, but I guess that Switch and handheld gaming took over to compensate for the Laptop-focused gaming of February.
Super Smash Bros Ultimate - Just a couple of matches with friends… I’ve been tempted to play the solo campaign lately though, to unlock more characters and just test myself.

Movies

I just watched this one movie

The only movie I got to watch in March was David. An animated, faith-based, musical film about the traditional story of David and his rise to the throne as a King. I already said it on my weeknotes, this film is pretty good for what it is, but and probably among the best when it comes to Christian animation, with a few truly awesome scenes.

However, it falls short in other aspects, it gets preachy at times—although not as bad as others—and the songs, while good in the moment and with an OK message, they just aren’t very memorable, and there’s maybe one or two that weren’t really necessary. I also would have liked to see a bit more action. I don’t expect anything gruesome from a kids movie, but at the very least some swords clashing would have been fun.

Manga

What a great month this was for manga, other than the fact two of the ones I finished didn’t meet my expectations, the rest of what I read was rather enjoyable!

The mange I have been reading

Started

Kagurabachi - Up to chapter 115. Speaking of swords clashing, this was a manga that completely hooked me and wouldn’t let me go at all. I read from the start to the latest released chapter as of now, catching up with it. This is a revenge story, and features some amazing characters, excellent action and panelling, simple, yet breath-taking artwork and some actually good writing for once! I’ve enjoyed everything thus far, zero complaints, genuinely surprised.

Ongoing

Fly Me To The Moon - Up to chapter 214. This is a manga I started ages ago, and this month I finally decided to return to it. It starts as a fun rom-com manga about a newly wed couple, but it has turned into something much more interesting. There is a mystery to it all, and everything has started to finally unveil, if at a slow pace. However, I don’t mind, even without the mystery, the humor and wholesome moments are plenty. I enjoy it.
DanDaDan - Up to chapter 226. I barely read any of this manga, but at the very least I managed to get to the big bad guy of the current arc, I think, and it’s definitely an interesting premise. I am only a few chapters behind, so I am honestly just waiting for more chapters to release and build up some momentum.
Blue Lock - Up to chapter 340. I catched up and I’m reading week by week. This match against France has definitely been an epic one. I enjoy the challenge that Isagi has been facing. So many questions, doubts and tactics that don’t work. I really love the drama thus far.
Love’s in Sight! - Up to chapter 56. It had been a while since I revisited this one as well, it’s a cute rom-com about a blind girl and a delinquent guy with a soft heart. It’s pretty wholesome, and it actually deals with a lot of the accesibility and life of a blind person. Way more educational than I expected, and some of the narratives focused on that are really well done.
Kingdom - Up to chapter 866. This continues to be an absolutely epic tale. There were a couple of great moments going on during the current arc (The Battle against Zhao), and I am only three or so chapters behind. Some great developments have been made.
Spy x Family - Up to chapter 130. Currently on a very fun arc where Loid, Yor and Yor’s brother are held hostage, and while the three of them could easily get away and stop the whole thing, neither of them wants to blow off their cover. The conflict is solving itself in the most hilarous way, I love this manga.

Complete

Planetes - This is definitely a must read, a great science fiction manga in space in a nearby future that follows a group of garbage collectors that keep Earth’s space as clean as it can be. We follow multiple characters of this crew, all of them with their own journeys and ideal, forming relationships, dealing with the struggles of life in space. We meet some of their families, we see how technology continues to develop, we see the impact that seeking for the stars can have in life. There are so many topics, there are so many incredible moments, so much conflict, be it in political drama, between characters, and of course, internal dilemmas, depression, trauma, joy, hope, love. This is a true piece of art, up there with Yokohama Kaidashi Kikou, Vagabond and Kingdom. In only 22 chapters, this gave me so much food for thought. Just read it if you can.
Chainsaw Man - I have no words to describe what finishing this feels like. It is such an internal conflict. I absolutely loved Part 1 of this, and early on, I also loved Part 2. But something happened, and things started to look way too dire. Nonsense after nonsense, and chapters kept getting shorter and uglier. In the end, this manga finished with a 6-page long issue. I don’t know what to say. It was definitely a journey, and there’s a way to see this as the only ending Chainsaw Man could have had, but nah, I needed more out of it. I have a sour taste in my mouth. Thankfully I read plenty of masterpieces this month I even forgot to bring it up on my weeknotes—I edited them now, but still. I hope the anime fixes it.
Jujutsu Kaisen Modulo - Another manga that also started with a lot of promise, but didn’t manage to stick the landing at all. Its redeeming grace is that it only really had 25 chapters, and that 15 or so of them are very good. The art itself is awesome though, and even though the final sequences are super rushed, the art is great to see.

Anime

The only anime I watched this month

Orb: On the Movements of the Earth was the only anime I started, and I watched up to episode 4. This is an anime that caught me by surprise. A story set in the middle ages about a smart kid with a love for astronomy who eventually learns and the Earth revolves around the Sun, in an era where the Catholic Church considered the heliocentric model to be heresy.

The conflict and the relationship between truth, faith and science is very interesting to see. I definitely need to watch the rest of the season, it loks very promising.

Books

So many books were read, I actually started a couple more than the ones I mention here, but these are the significant ones, to be honest.

The books I read this month

Started

Clarkesworld Magazine #211 by Neil Clarke - I finally started going through the Clarkesworld magazines that I subscribed to a couple years back. I went through the first two stories found on this issue—The Lark Ascending and An Intergalactic Smugglers Guide to Homecoming—the third one is the longest thus far, but I’ll hopefully deal with it soon! The second story is my favorite thus far.
Strange Dogs by James S.A. Corey. - A novella that takes place before Persepolis Rising, so far so good! I barely read it though because reading on my XTEINK X4 took over.

Completed

Chrono Trigger by Michael P. Williams - A memoir, a critique, and retrospective of my favorite game of all time. It was quite cool! And contained plenty of information I didn’t know at all. It also featured some great interviews with the translators of the game. I enjoyed it, it’s a fun read but you definitely need to play the game before getting to it.
Non-Stop by Brian W. Aldiss - An incredible story that makes great use of the generation ship plot. I loved it from start to finish and flew through it in a matter of days. I already published my review of it so I won’t say much more. It’s worth a read despite its age, in my opinion.
Persepolis Rising by James S.A. Corey - The seventh entry in The Expanse series. This journey does a timeskip and places us in a new status quo, which is about to be challenged by Humanity’s greatest enemy once again, itself. A great start to this last trilogy. I look forward to the rest!

This is day 44 of #100DaysToOffload

Goals

Last month I set some goals that I would pursue during March, but I think I should do some more general goals that I can do during the year, and during the month itself. This is what I came up with. I added those I completed from last month, but I don’t think I want to list everything I completed as the year goes, so, yeah, just ongoing goals and progress updates, I guess.

Completed:

Survived my work
Finished Persepolis Rising
Went to the movies once

New

Fully sorting and labelling everything on my shelves for once
Finish a pending commission for a friend
Finish a pending commission for my parents

In progress

A full website redesign (??)
Read the whole Bible in a year (9/365)
Finish listening to Wolf 359 (45/61)
Complete 15 books (4/15)
Complete 15 videogames (2/15)

Finishing thoughts

This month was wild. Work really took over a lot of my life since my coworker went on his long vacation, and yet, despite it all, I managed to surpass expectations when it comes to the amount of media I watched. I am particularly happy about the books and manga I got to read.

It’s getting to a point I may just highlight some specific things instead of mentioning everything.

And all the blogposts I managed to do this month? It’s not my best or the most constant, but I am rather happy about it. Plus all the small changes and additions to my website. A good month all around, even if I could have gone without the extra workload. Can’t complain much though.

Definitely looking forward to what April has in store, I hope things will go alright.

Until next time!

This is day 44 of #100DaysToOffload

Reply to this post via email | Reply on Fediverse

What Digital Isolation and Censorship Evasion Look Like In Wartime Iran - Werd I/O

2026-04-01T14:12:55.000Z

[Laura Scherling in Tech Policy Press]

“The cybersecurity company Surfshark recorded 81 new internet restrictions in 2025 across 21 countries, pointing to evolving patterns of repression. Out of the 81 restrictions Surfshark tracked, 51 of these restrictive measures were taken in response to political situations.”

[Link]

The Right Is Using AI Content Scanners to Try to Supercharge Book Banning - Werd I/O

2026-04-01T13:42:25.000Z

[Claire Woodcock at 404 Media]

This AI-powered effort is intentionally designed to create chilling effects and reduce support for vulnerable communities:

“Conservative parents’ advocacy groups have been experimenting with using commercially available artificial intelligence tools to help them flag more books they’ve deemed pornographic to be removed from public schools and libraries. Even though LLMs are notoriously error-prone, and the books in question aren’t pornographic, these groups continue to explore use cases for AI anyway.”

This reminds me of DOGE itself, which used a keyword-based system to flag “woke” grants that should be defunded that led to some incredibly dumb decisions about what should go:

“Among them, for example, was a $470,000 grant to study the evolution of mint plants and how they spread across continents. As best we can tell, the project ran into trouble with Republicans on the Senate Committee on Commerce, Science and Transportation because of two specific words used in its application to the NSF: “diversify,” referring to the biodiversity of plants, and “female,” where the application noted how the project would support a young female scientist on the research team.”

[Link]

Random File Format - Terence Eden’s Blog

2026-04-01T11:34:57.000Z

This was an idea I had back in the days of Naptster.

At the turn of the century, it was common to listen to an "acquired" music file only to find it was missing a few seconds at the end due to a prematurely stopped download. Some video formats would refuse to play at all if the moov atom at the end of the file was missing.

I wondered if it would be possible to make a file format which was close to impossible to read unless the entire file was intact. I don't mean including a checksum to detect download errors - I mean a layout which was intrinsically fragile to corruption.

While digging through an old backup CD, I found my original notes. I'm rather impressed at what neophyte-me had constructed. My outline was:

The file ends with a 32 bit pointer. This points to the location of the first information block.
The information block describes the length of the data block which follows it.
At the end of the data block is another 32 bit pointer. This points to the location of the next information block.
The start of the file may be a pointer, or it may be padded with random data.
There may be random data padded between the data blocks.

This ensures that a file which has been only partially downloaded - whether truncated at the end or missing pieces elsewhere - cannot be successfully read.

Here's a worked example. Start at the end and follow the thread.

Random data.
Data block size is 2.
Data
Data
EOF.
Data block size is 1.
Data.
Go to location 1.
Random data.
Go to location 5.

There are, of course, a few downsides to this idea.

Most prominently, it bloats file size. If the data block size was a constant 1MB, that would pad the size a negligible amount. But with variable data block size, it could increase it significantly. Random padding also increases the size.

If the block size is consistent and there's no random padding data, the files can be mostly reconstructed.

Depending on which parts of the file are missing, it may be possible to recover the majority of the file.

A location block size of 32 bits restricts the file-size to less than 4GB. A 64 bit pointer might be excessive or might be future-proof!

Highly structured files with predictable patterns, or text files, may be easy to recover large bits of information.

A malformed file could contain an infinite loop of pointers.

Perhaps a magic number should be at the start (or end) of the file?

While reading the file is as simple as following the pointers, constructing the file is more complex, especially if blocks have variable lengths.

Code

Here's a trivial encoder. It reads a file in consistently sized chunks of 1,024 bytes. It shuffles them up and writes them to a new file. The last 4 bytes contain a pointer to the first block, which says the data length is 1,024. After that, there is a 4 byte pointer to the next block location.

import random

#   Size of data, headers, and pointers.
data_length = 1024
header_length  = 4
pointer_length = 4

#   Read the file into a data structure.
original_blocks = list()
with open( "test.jpg", "rb") as file:
    for data in iter( lambda: file.read( data_length ), b"" ):
        #   Add padding if length is less than the desired length.
        padding = data_length - len( data )
        data += b"\0" * padding
        original_blocks.append( data )

#   How many blocks are there?
original_length = len( original_blocks )

#   Create a random order of blocks.
order = list( range( 0, original_length ) )
random.shuffle( order )

#   Where is the start of the file?
first_block_index = order.index( 0 )
first_block_pointer = first_block_index * ( header_length + data_length + pointer_length )

#   Loop through the order and write to a new file.
i = 0
#   Open as binary file to add the pointers correctly.
with open( "output.rff", "wb" ) as output:
    while i < original_length:
        #   Where are we?
        current_block = i
        current_block_value = order[i]
        #   Write length of data in little-endian 32 bytes.
        output.write( data_length.to_bytes( header_length, "little") )
        #   Write data
        output.write( original_blocks[ current_block_value ] )
        i = i+1
        #   Last block. Write an EOF header.
        if ( current_block_value + 1 >= original_length ):
            eof = 4294967295
            output.write( eof.to_bytes( header_length, "little") )
        else:
            next_block = order.index( current_block_value + 1 )
            #   Write pointer to next block
            next_block_location = next_block * ( header_length + data_length + pointer_length )
            output.write( next_block_location.to_bytes( pointer_length, "little" ) )
    #   At the end of the file, write the pointer to block 0.
    output.write( first_block_pointer.to_bytes( pointer_length, "little" ) )

And here is a similarly trivial decoder. It reads the last 32 bits, moves to that location, reads the block size, reads the data and writes it to a new file, then reads the next pointer.

import os
#   Size of data, headers, and pointers.
header_length  = 4
pointer_length = 4
#   File name to write to.
decoded_file = "decoded.bin"

#   Create an empty file.
with open( decoded_file, "w") as file:
    pass

#   Function to loop through the blocks.
def read_block( position, i ):
    #   Move to the position in the file.
    input_file.seek( position, 0 )
    #   Read the data length header.
    data_length = int.from_bytes( input_file.read( header_length ), "little" )
    #   Move to the data block.
    input_file.seek( position + header_length, 0 )
    #   Read the data.
    data = input_file.read( data_length )
    #   Read the pointer header.
    next_position = int.from_bytes( input_file.read( pointer_length ), "little" )
    #   If this is the final block, it may have null padding. Remove it.
    if ( next_position == 4294967295 ) :
        data = data.rstrip(b"\0")
    #   Append the data to the decoded file.
    with open( decoded_file, "ab" ) as file:
        file.write( data )
    #   If this is the final block, finish searching.
    if ( next_position == 4294967295 ) :
         print("File decoded.")
    else:
        #   Move to the next position.
        read_block( next_position, i+1 )

#   Open the file as binary.
input_file = open( "output.rff", "rb" )

#   Read the last 4 bytes.
input_file.seek( -4, 2 )

#   Get position of first block
first_block = int.from_bytes( input_file.read(), "little" )

#   Start reading the file.
seek_to = first_block
read_block( seek_to, 0 )

As I said, these are both trivial. They are a bit buggy and contain some hardcoded assumptions.

Here are two files encoded as "RFF" - Random File Format - an image by Maria Sibylla Merian, and the text of Romeo and Juliet.

Have fun decoding them!