Shellsharks Blogroll - BlogFlock

Every ongoing game I have in 2025 - Joel's Log Files

2025-12-05T15:50:00.000Z

During November, the gaming section was filled with ongoing games for some reason. There were so many that my friend Wouter pointed it out to me, surely his backlog is less than mine right?

Anyway, I decided to share an updated list of every game I played, even if only for a day, during 2025, and that I am yet to complete.

I will eventually list a proper section on my website with all the games I have completed, as they are not present on this post.

Backloggd has been a fantastic resource for this! You can follow my profile there if you wish. I am kinda obsessed with filling my whole gaming life on it, and posts like this wouldn’t exist without it—I could just do a normal spreadsheet but whatever.

Party/Multiplayer games

Here we have online or party games, that I just return to based on mood and the people I’m with, so they are constantly present in my gaming log.

Nintendo Switch Sports
Mario Kart 8 Deluxe
Runbow
Mario Party 3
Worms W.M.D
Super Smash Bros Ultimate
Fortnite
Ultimate Chicken Horse
TMNT: Shredder’s Revenge
Ember Knights

I don’t care

These were games I tested or played for a bit, but ultimately decided I can abandon them for a while or simply don’t care enough about going back to them.

Ridge Racer 64 - I already have the PSP Ridge Racers and they are better in every way.
LocoRoco - Fun levels but there’s plenty of platformers for me to progress over this one.
One Step from Eden - Pure gameplay, almost no story, I don’t know what is the point of what I’m doing at all.
Batman: Arkham Asylum - Excellent game but my Laptop doesn’t have the power to play it how I wish I could.
Brave Story: New Traveler - I could return to this, it had some charm, but I also have four Dragon Quest games and a dozen Final Fantasy games waiting for me.

Might finish at some point

Axiom Verge - I have played the starting hour a couple times and then I just get lost and I’m too proud to look up at a guide and see what I missed, once I do that or just find the path myself, I hope I can finish this.
UFO 50 - I’m just waiting for my physical collector’s edition to show up so I play it there!
The Legend of Heroes: Trails in the Sky FC - The only reason I might not is because I already have the new remake for Nintendo Switch and there’s a high chance I just stick to that, still can’t put this one off the list though.
Minecraft - Umm, believe it or not I have never beaten Minecraft properly, but it’s something I’ll always be willing to play anyway so it’s fine.
Ridge Racer 2 - I am currently stuck in 1 vs 1 races against some difficult adversaries, but I’ll get around to it someday, gotta get better at drifting!
Slice & Dice - I am not sure if there is any such thing as finishing this game, but I’ll definitely play more.
Balatro - Same as the above.
Faster Than Light - Same as the above.
Dicey Dungeons - Same as the above.

Must finish at some point

Full Metal Furies - Since this game is one of my favorites in multiplayer, it has an actual campaign and level progression and the like, I think I’ll definitely finish it, as long as my friends are up for the challenge.
Portal 2 - It’s Portal, I obviosly have to complete it. I should play the first one first though.
Advance Wars - If I finished Fire Emblem: The Blazing Blade I can deal with this one too right? Not sure in a year, but yes.
Streets of Rage 1 & 2 - I could beat both of these in one sitting I’m sure, I just need to get to it with a friend, but the 2-player limit isn’t ideal.
Triangle Strategy - I have loved the actual gameplay of this even if the story has felt a little meh to me, so I want to see how the tactics evolve!
Spelunky - I just have to do a full run at some point, the game has everything to be beaten in one sitting after all!
Monster Hunter Rise - I want hundreds of hours on this, I want to reach the DLC and G-Rank content!
Dungeon Antiqua - This has been fun and simple even if I haven’t reached that far yet, but it can’t be that difficult to beat right?

Might finish next year

The Hundred Line: Last Defense Academy - The stories of this game have been amazing, but they also feel like something to experience in medium doses over different periods of time! I will chug along as much as I can though.
Final Fantasy VII - This is another one where it’s just ridiculous, I have a lot of progress and I know where to go next, I just need to actually go there and progress the story for once! Let’s goooo.
Ys I & II Chronicles - I must admit the fact I need to talk to everyone to know what’s going on turned me off a bit, but it’s also charming! I just keep choosing Ridge Racer 2 whenever I turn on my PSP.
Super Mario 3D World - The only thing holding me from beating this game is that I only play it with friends and that I want all the stickers and stars! Proper completion with other people is a little tough, but we are dealing with it!
Xenoblade Chronicles: Definitive Edition - I played like 6 hours in one sitting and I was so into it, but all the other games made me fall in despair and I decided to let it go for now.
Solomon’s Club - This little puzzle game is similar to Mario vs Donkey Kong in style. Single screen levels that I shouldn’t have a hard time beating! They have been fun so it’d be nice to check out in short spans.
Dredge - I started this on a whim when I kinda got into laptop gaming, but things changed a bit and kinda left it behind, there’s nothing I disliked really so I might give it a go again, maybe get it on Switch.

Must finish next year

Hades - Only a few more successful runs to reach credits, although I may end up playing it way more as well, simply because it’s that good. The story here has been amazing, and the voice acting as well, I love it everytime I open it.
Dragon Quest XI S: Echoes of an Elusive Age - Definitive Edition for Nintendo Switch - This is probably the most long term game I have other than The Hundred Line, but it has always managed to hold my attention and fuel my enthusiasm for gaming as a whole whenever I return to it. It’s just a masterpiece!
CrossCode - I wish I could complete it in 2025, but I find it harder to believe given its length, great game so far though. Playing along other friends too.
Final Fantasy VI - I am on the second half now, I know I can do this! I really must try my best! The future looks grim, the characters are at their lowest, the world is in pain, but we keep moving forward!
The Legend of Zelda: Breath of the Wild - And this, this has been such a joy, I am pretty much in the late game now. I really need to get a grip to finish the story, but I also genuinely want to explore every single secret this game has to offer! I even got the DLC for it and I am yet to experience it all.
Final Fantasy IV: The Complete Collection - I really just need to grind and level up for the final dungeon, and then I’ll be happy.

Might finish before the year ends

Astro Boy: Omega Factor - As a platformer/beat’em up, this game is just impossible not to complete, especially with save states and the like! It’s just a matter of how often I play it so I reach credits on it!
Mario vs Donkey Kong - Since I’m past the halfway point, I think I have a decent shot if I commit to this during my commutes and dead times. We will see how it goes.

Must finish before the year ends

Hollow Knight: Silksong - The one and only, the clear objective, my main target. I want to beat the boss, I want to uncover the mysteries of Pharloom! I want to do everything it has to offer in the following Act. I am going to try my best, if a fellow workmate managed to do it, so can I!

Finishing thoughts

Wow, that’s almost 50 games I’ve played but didn’t complete this year…

And well, there you have it. There are some other games that I have not played since 2024 that I still consider to be ongoing, but we will leave those out for the sake of brevity.

I think this makes it clear though, I have a bit of a problem, yes. However, by listing all my ongoing games I can at least point at something and know what I should focus on next. Categorising them the way I did was rather helpful too! I will try to not get to new games until I can at least complete some of the ones I got here.

Reply to this post via email | Reply on Fediverse

A new home page - James' Coffee Blog

2025-12-05T15:10:47.000Z

I have been thinking about redesigning my website for a while. I wrote a bit about one of the design directions I explored recently. I loved doing the design part of the project, but knew there would be several hours of work to integrate the new style into my website.

Today I came back to the metaphorical drawing board – aka, browser developer tools – and started tinkering around with designing only a new home page. This gave me room to play while also not committing myself to redesigning my whole website. I wonder what I can make!

After lots of exploration, I have a new home page!

My motivation was especially piqued today as I am reading “The Non-Designer’s Design Book,” the IndieWeb Book Club choice for this month. I have learned a lot from the book so far; the more I read, the more I wanted to start designing something.

The source code behind my new home page is a bit messy: I designed the page in developer tools, copied the changed CSS, and pasted it onto a new page. With that said, maybe this in itself tells a story – that this is a project fuelled by experimentation and play and the immediate feedback that the browser gives you as you write and arrange and re-arrange HTML and CSS within the developer tools. I had so much fun making the new design!

For posterity – for I am cognisant that over the years my home page is likely to change more, and I like to have an archive of some of my designs – here is a screenshot of my home page as it is now:

I may end up designing other pages on my website in a similar theme, but for now I'm happy with the work I did on the home page!

Friday links: December 5, 2025 - Werd I/O

2025-12-05T10:00:25.000Z

This week I'm re-launching my links digest. Every Friday, I'll share a handful of pieces that caught my eye, usually somewhere in the messy, fascinating overlap of technology, media, and society. Occasionally, I'll stray further afield.

This week: what might come after the AI hype cycle, how new community platforms are trying to rethink participation, why our urban spaces may be pushing kids online, and how the Trump administration is using immigration enforcement to pressure online communities.

These pieces share a familiar tension: the friction between communities we build for ourselves and systems imposed from above. It's a question that runs through all my work: how do we design technology that strengthens communities rather than extracts from them?

What Happens After the Hype? Lessons from Mobile Internet’s Long Road to Success

We’re beginning to see the light at the end of the AI hype cycle. That doesn’t mean that there aren’t uses for aspects of the technology, but it does mean that some of the hyperbole will diminish as investors and speculators move on to the next thing.

As Ecrue founder Shomila Malik points out here:

“The question isn’t whether the current AI investment cycle will face a reckoning. It’s what form that reckoning takes — and what comes after.”

The lessons she draws from the mobile industry’s hype and decline also parallel what happened during the dotcom crash, when a lot of companies went away but a lot of underlying useful infrastructure was left for the next generation of innovations. But a facet of how those two events were different is exactly how they imploded:

“The difference between a pop and a deflation often comes down to how adaptable the infrastructure is. 3G networks built for one vision of mobile internet ended up powering something completely different — but they still got used. The investment wasn’t wasted, just redirected. Time will tell if AI will be a deflation like mobile internet or a ear deafening explosion like the dot com crash.”

Either way, investment is way ahead of proven capabilities or even business models. Companies like OpenAI are losing money hand over fist. At some point, these endeavors have to touch oxygen, and either they’ll find their way to stunning profitability, or they’ll fizzle into acquisitions at best and leave some interesting ideas behind.

My bet? Ten years from now we’ll be looking at a series of smaller, more focused models that perform well-scoped tasks really well, and we’ll look back at the hype around generalized megamodels — and particularly AGI — with rolled eyes and a slight shudder when we remember the environmental and human impacts.

Introducing Roundabout

Really interesting to see New_ Public announce its first community product from its Local Lab:

“The main thing to know, maybe the most important thing, is that this is not just another social media app. Roundabout is a community space, built from the ground up with community leaders and neighbors.

[…] As a project incubated within New_ Public, a nonprofit, Roundabout will grow incrementally, sustained by a diverse and balanced set of revenue sources. With business incentives aligned towards utility and everyday value, instead of engagement and relentless scale, we’re designing Roundabout to be shielded from the cycle of enshittification. The ultimate goal is to build for social trust — every decision, every design, optimized to build bonds and increase belonging.”

There’s a lot to comment on here.

It’s amazing to see a social product co-designed with communities. For the safety and equity of all involved, this is how it should be done. I really hope New_ Public shows off more of its methodology in the future. I’d love to dive into the meta-conversation about what they’ve learned about this kind of co-design. The descriptions of participating communities — in Burlington, NC; Richmond, VA; Lincoln County, WI; North Chattanooga, TN; and Lancaster, PA — are already really promising.

The technical lead is Blaine Cook, who you might remember as Twitter’s first employee and first CTO. Since then he’s been a strong, sharp advocate for decentralized social.

On Mastodon, New_ Public mentioned that it’s building the platform in a way that’s compatible with AT Protocol, although it’s not the main focus for now.

Over on Bluesky, Blaine said they’re “building on atproto primitives but off-network because it's currently not possible to push private/scoped data around the wider atproto network.” He also made the important point that it’s not worth building for interop until you know what the user behaviors are actually going to be — so it’s too early to focus on decentralization.

That community co-design is key, and it makes sense that this is the first step. Communities are human; they can’t be defined by protocols. The protocols should describe real human behavior, not the other way around.

I’m excited to see how the platform develops, and how New_ Public seeds the ecosystem conversations around it. And: this is only one of its community initiatives. There’s more to come.

Where Do the Children Play?

This meaningful discussion touches on the role — and dangers — of online spaces in the lives of children, but has a lot more to say about how our lives and environments are designed overall.

“[…] Digital space is the only place left where children can grow up without us. For most of our evolutionary history, childhood wasn’t an adult affair. Independent worlds and peer cultures were the crux of development, as they still are among the BaYaka; kids spent their time together, largely beyond the prying eyes of grown-ups.

But in the West, the grown-ups have paved over the forests and creeks where children would have once hidden. They have exposed the secret places. So the children seek out a world of their own, as they have for millennia, if not longer. They find a proverbial forest to wander. They don’t know what we know: this forest has eyes and teeth.”

There are some really striking statistics here. 45% of American children aged 8-12 have not walked in a different aisle than their parents at a store; 61% have not made plans with friends without adults helping them. That’s so far away from my own childhood to be unrecognizable. It’s also wildly oppressive. Of course kids are looking for spaces where their helicopter parents aren’t constantly hovering overhead.

The biggest source of underlying fears from parents, as well as feelings of isolation from children themselves? A car-centric culture. Parents are worried about their children being hit by a car, which unfortunately isn’t unreasonable. Children, on the other hand, can’t drive, and often find themselves fully unable to visit friends or have their own lives without the participation of someone with a license.

So, yes, online spaces need to be safer for children — but our lived-in spaces also need to be more human. American infrastructure in particular is architected for control; it’s rare to live in a walkable, safe environment. Jane Jacobs would have had a lot to say about this analysis, and her own solutions still hold up. We need to stop dividing communities, break the influence of the car, and create spaces that allow humans to roam, live, eat, and play — permissionlessly.

Trump administration orders enhanced vetting for applicants of H-1B visa

The US has taken the extraordinary move of blocking H-1B visa recipients who work to keep online spaces safe from abuse:

“The cable, sent to all U.S. missions on December 2, orders U.S. consular officers to review resumes or LinkedIn profiles of H-1B applicants - and family members who would be traveling with them - to see if they have worked in areas that include activities such as misinformation, disinformation, content moderation, fact-checking, compliance and online safety, among others.

If you uncover evidence an applicant was responsible for, or complicit in, censorship or attempted censorship of protected expression in the United States, you should pursue a finding that the applicant is ineligible," under a specific article of the Immigration and Nationality Act, the cable said.”

The message here is very clear: the people who make online communities safe are not welcome in the United States. Trust and safety is a very wide field, which encompasses the policies, processes, and technologies online platforms use to protect users from harm, ensure a secure environment, and maintain user trust. Compliance ensures that safety rules are adhered to. None of these activities constitute censorship.

These capabilities are required to make online communities livable. Without them, online spaces become toxic very quickly. The ultimate effect of this policy — if spread beyond H-1B visa holders — would be to make US-run online spaces unusable, and drive users elsewhere. If you want the future of social to be defined in other countries, it’s a great path to take. Otherwise, it’s stunningly short-sighted.

My Life is a Lie: How a Broken Benchmark Quietly Broke America

Simplify Asset Management’s Chief Strategist and Portfolio Manager Michael W Green examined how the US poverty line is determined, and discovered that it has been wildly miscalculated for years. In fact:

“[…] if you measured income inadequacy today the way Orshansky measured it in 1963, the threshold for a family of four wouldn’t be $31,200.

It would be somewhere between $130,000 and $150,000.”

The big differentiator is childcare, which in the US averages out at $32,773 a year, but it’s not the only differentiator. Our costs are enormous, and a poverty line at $31,200 only really helps legislators avoid having to provide (and therefore pay for) real support.

A family of four that genuinely earns $32,773 will receive all kinds of state help. A family that earns $80,000 does not. As Green points out, the difference largely comes from costs that went away during the pandemic:

Childcare ($32k): Suspended. Kids were home.

Commuting ($15k): Suspended.

Work Lunches/Clothes ($5k): Suspended.

Of course, many incomes also went away, depending on the jobs that were keeping these families afloat. Knowledge workers were relatively sitting pretty, while people who worked in retail, etc, were in trouble. There’s a lot more help that we can provide everyone. But this is one reason why I cannot stand return to office mandates, particularly when peoples’ salaries are under the $140,000 threshold that Green identifies. (Hint: outside high earning categories like big tech, it’s almost all of them, and inside those categories there are plenty of people who are earning lower.)

In future posts, it sounds like Green is moving to show that 401(k)s and similar instruments are also a scam for most ordinary earners — something I tend to agree with (at least compared to more pro-social alternatives). If society is an operating system that allows people to live well, start businesses, be healthy, etc, it’s failing us on every level. I say it’s time for an upgrade.

"Disagree and Let's See"

This feels emotionally honest and an idea I can get behind, as an alternative to the popular “disagree and commit”:

““Disagree and let’s see” allows you to stay aligned with the team without forcing you to pretend you had conviction you didn’t have. It lets you walk into a room with your team and be honest:

“Here’s the path that was chosen. It wasn’t my first pick, but here’s the experiment we’re running, and here’s what we’re trying to learn.””

Committing to something you disagree with is an emotional contortion that is hard to do in practice. But the work of every team is a series of experiments at its heart, and by changing the onus from “let’s commit to this thing we don’t all agree with” to “let’s try it and see what happens”, we move from steamrollering dissent to mutually agreeing on an experimental hypothesis and testing it. You’re learning based on agreed criteria.

That’s much harder to argue with — and at the end, there’s no “I told you so” or winners and losers. There’s just a “here’s what we learned” and an implied set of next steps. Bliss.

It's worth saying that this was the original intention when Jeff Bezos coined the phrase in his 2016 letter to Amazon shareholders:

Third, use the phrase “disagree and commit.” This phrase will save a lot of time. If you have conviction on a particular direction even though there’s no consensus, it’s helpful to say, “Look, I know we disagree on this but will you gamble with me on it? Disagree and commit?” By the time you’re at this point, no one can know the answer for sure, and you’ll probably get a quick yes.

This isn’t one way. If you’re the boss, you should do this too. I disagree and commit all the time. We recently greenlit a particular Amazon Studios original. I told the team my view: debatable whether it would be interesting enough, complicated to produce, the business terms aren’t that good, and we have lots of other opportunities. They had a completely different opinion and wanted to go ahead. I wrote back right away with “I disagree and commit and hope it becomes the most watched thing we’ve ever made.” Consider how much slower this decision cycle would have been if the team had actually had to convince me rather than simply get my commitment.

The perception among many people is that it's morphed into a kind of corporate authoritarianism. So in some ways, "disagree and let's see" is just a course correction back to its original intent.

imperfect notes & my second subconscious

I’ve never been a successful notetaker. Winnie Lim enumerates the many reasons why not, which seem to be very close to her thinking too:

“Because of my personality I tend to solve for the whole before wanting to do something. For years I wanted to figure out how I could retrieve the notes in a meaningful manner before I committed to making them. If I cannot remember I had made the note, did the note really exist?”

The problem is that you end up trying to come up with a smart taxonomy of notes ahead of time — and that’s always bound to fail, at least for me. I’ve lost count of the number of times I’ve wiped my Obsidian vault clean because I didn’t like the structure or the maintenance of it all threatened to overtake any utility. Instead, as Winnie points out, the best thing to do is just write the note. It’s a bit like throwing the text into a big bucket, and that’s okay.

I hate to say it, but this might be a decent use case for some kind of personal LLM (ideally on-device so I’m not sharing my private notes with a third party I don’t trust). If you’re constantly just making notes without structure, being able to ask something about their content feels like it would have a lot of utility — again, at least for me. I’d love to be able to have my notes about a certain topic summarized when I need them. Or even have the summary proactively come up for me depending on my context.

Then again, maybe that doesn’t matter at all:

“My brain is constantly holding scattered bits of information so it is just better to offload them somewhere in one place. I think the main difference is I don’t see obsidian as my second brain, I see it as my second subconscious.”

I like that. Blogging is a little bit that for me, but blogging has an audience. There’s something useful in being the Harriet the Spy of your own life and putting words to things that otherwise might go unsaid. There’s poetry in it, too, which is very obvious from Winnie’s post.

I’ll give notetaking another try.

Turning my reading list into podcasts - Posts feed

2025-12-05T00:23:00.000Z

linkding is one of my favorite applications that I self-host and the place where I save everything I want to read later. The catch being that what little time I can dedicate to actually reading is spent on books. What I do have is time where I can listen to things while doing chores around the house, out on walks or otherwise engaged in an activity that doesn't demand my full, undivided attention.

I typically consume short form writing by listening to it. In the past, I've used Pocket¹, Instapaper, Readwise's Reader and Safari's listen to page feature for this. Safari had become something of a default choice for this as I didn't have a compelling, self-hosted option available. So I built one.

I use Audiobookshelf to listen to audiobooks and podcasts, making it a natural fit to listen to the articles I save. Neither Safari nor Readwise's Reader support queueing articles to listen to², which meant starting playback manually for each article listened to. Audiobookshelf and the clients I've used all support queueing, which solves that particular usability pain point.

I have text, I have a solution for playing audio which left me needing to coerce the former into the latter. Rather than dump my entire bespoke project repo into a blog post, the high level flow looks like this:

Deploy the project to my Audiobookshelf server using Coolify.
- The deploy clones the project, installs dependencies, downloads a Piper voice model from Hugging Face³, and configures a cron job to run every 5 minutes.
Every 5 minutes the deployed application will check linkding for new items.
If an item has not been converted to audio, is unread and is not tagged with video or podcast, the article text is fetched and parsed using Mozilla's Readability.js.⁴
Once parsed, the article is processed further into a string that will be converted to speech. This string is simply the following concatenated together: article title, author and content. Pauses are added after periods that don't otherwise have one, URLs are cleaned up and email addresses are removed.
The processed text is written to a temporary text file and passed to Piper to generate a WAV file using the voice model downloaded when the application is deployed. ffmpeg is used to convert the WAV file to an mp3 and node-id3 is used to tag the resulting file.
- The tag data is fairly simple — the article title is the episode title, a consistent, static podcast title (Linkding Articles) and artist (Linkding TTS Bot) and the article author and description are saved to the episode description. Year and date correspond to when the item was saved, the show art is the linkding logo/icon and the rest is generic podcast metadata expected by Audiobookshelf.
Once the audio is generated and tagged, the app triggers a scan of my podcast library using the Audiobookshelf API.

With all of this in place, I can save things to linkding and there will be an automatically generated queue waiting when I open my preferred Audiobookshelf client.⁵⁶

RIP. ↩
Or didn't when I last used them. ↩
Gross! I know. ↩
To avoid generating duplicate audio files, the ID for each processed article is stored in an array in a JSON file available to the application. The current episode number is also stored in this file. ↩
At the moment, this is ShelfPlayer. ↩
If a site happens to disallow access when I try and fetch the article text, I'll stop trying to fetch it. If I encounter an error (e.g. a 5XX response), I'll retry periodically using an exponential backoff mechanism. ↩

Trump administration orders enhanced vetting for applicants of H-1B visa - Werd I/O

2025-12-05T00:19:21.000Z

[Humeyra Pamuk for Reuters]

The US has taken the extraordinary move of blocking H-1B visa recipients who work to keep online spaces safe from abuse:

“The cable, sent to all U.S. missions on December 2, orders U.S. consular officers to review resumes or LinkedIn profiles of H-1B applicants - and family members who would be traveling with them - to see if they have worked in areas that include activities such as misinformation, disinformation, content moderation, fact-checking, compliance and online safety, among others.

If you uncover evidence an applicant was responsible for, or complicit in, censorship or attempted censorship of protected expression in the United States, you should pursue a finding that the applicant is ineligible," under a specific article of the Immigration and Nationality Act, the cable said.”

Via Kate Klonick, who highlighted it over on Bluesky.

[Link]

Hunting for the Hottest Pink Ink - Robb Knight • Posts • Atom Feed

2025-12-04T21:09:14.000Z

When I was on The Pen Addict a few weeks ago, I mentioned I was looking for the hottest pink ink the world has to offer to go with my Estie Funky Town. I got loads of suggestions and I eventually stumbled on an ink that I think is perfect for what I wanted - Octopus Fluids Neon Pink.

I ordered a bunch of inks during Black Friday day/week/month and Ben sent me a sample of Robert Oster Hot Pink. It wasn't until after I got all these inks that I then realised I already owned a very similar ink that was also what I was looking for, Diamine Hope Pink, but I had misremembered and didn't think it was as bright as it was. Some of these I knew wouldn't be the winner but I wanted anyway because they're nice colours - Wearingeul Cheshire Cat for example. Nevertheless, here's the samples:

There are more than I don't have from the suggestions including:

Pilot Iroshizuku Tsutsuji which Brad is sending me a sample of
Diamine Pink Glitz
Lamy Rhodonite
Sailor Ink Studio 431 and 731
Colorverse Las Vegas

There are a shedload of lovely pinks and purples here (and in general, look at this list on Mountain of Ink) and I can see myself using all of the ones I bought at different times. Although Hope Pink and Neon Pink look similar in the sample, Neon Pink definitely has a slight edge over the Diamine for me but I suspect if they weren't next to each other I wouldn't be able to tell the difference.

The Web Runs On Tolerance - Terence Eden’s Blog

2025-12-04T12:34:34.000Z

If you've ever tried to write a computer program, you'll know the dread of a syntax error. An errant space and your code won't compile. Miss a semi-colon and the world collapses. Don't close your brackets and watch how the computer recoils in distress.

The modern web isn't like that.

You can make your HTML as malformed as you like and the web-browser will do its best to display the page for you. I love the todepond website, but the source-code makes me break out in a cold sweat. Yet it renders just fine.

Sure, occasionally there are weird artefacts. But the web works because browsers are tolerant.

You can be crap at coding and the web still works. Yes, it takes an awful lot of effort from browser manufacturers to make "do what I mean, not what I say" a reality. But the world is better for it.

That's the crucial mistake that XHTML made. It was an attempt to bring pure syntactic rigour to the web. It had an intolerant ideology. Every document had to precisely conform to the specification. If it didn't, the page was irrevocably broken. I don't mean broken like a weird layout glitch, I mean broken like this:

The user experience of XHTML was rubbish. The disrespect shown to anyone for deviating from the One True Path made it an unwelcoming and unfriendly place. Understandably, XHTML is now a mere footnote on the web. Sure, people are free to use it if they want, but its unforgiving nature makes it nobody's first choice.

The beauty of the web as a platform is that it isn't a monoculture.

That's why it baffles me that some prominent technologists embrace hateful ideologies. I'm not going to give them any SEO-juice by linking to them, but I cannot fathom how someone can look at the beautiful diversity of the web and then declare that only pure-blooded people should live in a particular city.

How do you acknowledge that the father of the computer was a homosexual, brutally bullied by the state into suicide, and then fund groups that want to deny gay people fundamental human rights?

The ARM processor which powers the modern world was co-designed by a trans woman. When you throw slurs and denigrate people's pronouns, your ignorance and hatred does a disservice to history and drives away the next generation of talent.

History shows us that all progress comes from the meeting of diverse people, with different ideas, and different backgrounds. The notion that only a pure ethnostate can prosper is simply historically illiterate.

This isn't an academic argument over big-endian or little-endian. It isn't an ideological battle about the superiority of your favourite text editor. There's no good-natured ribbing about which desktop environment has the better design philosophy.

Denying rights to others is poison. Wishing violence on people because of their heritage is harmful to all of us.

Do we want all computing to go through the snow-white purity of Apple Computer? Have them as the one and only arbiters of what is and isn't allowed? No. That's obviously terrible for our ecosystem.

Do we want to segregate computer users so that an Android user can never connect their phone to a Windows machine, or make it impossible for Linux laptops to talk to Kodak cameras? That sort of isolation should be an anathema to us.

Why then align with people who espouse isolationism? Why gleefully cheer the violent racists who terrorise our communities? Why demean people who merely wish to exist?

The web runs on tolerance. Anyone who preaches the ideology of hate has no business here.

An Early Look At My 2025 Music Recap - Cool As Heck

2025-12-03T20:21:00.000Z

While my LastFM 2025 yearly report likely won't come in until after the new year, I've grabbed some screenshots from a few tools that work with the LastFM API.

None of this is really surprising. Sleep Token and Bilmuri have been my favorite bands for the last couple of years. Spiritbox is always in there, and Eidola has moved up the ranks lately. Architects, Novelists, Dayseeker, and Poppy were big ones for me this year as well.

Listening Timeline

Listening Activity

Mainstream Factor

The Fisherman and The Businessman - Kev Quirk

2025-12-03T14:17:00.000Z

I didn’t expect a parable about a fisherman to smack me in the face with such clarity, but here we are.

While reading Grow slowly, stay small on Herman’s blog, I learned about The Fisherman and The Businessman, which goes like this:

A businessman meets a fisherman who is selling fish at his stall one morning. The businessman enquires of the fisherman what he does after he finishes selling his fish for the day. The fisherman responds that he spends time with his friends and family, cooks good food, and watches the sunset with his wife. Then in the morning he wakes up early, takes his boat out on the ocean, and catches some fish.

The businessman, shocked that the fisherman was wasting so much time encourages him fish for longer in the morning, increasing his yield and maximising the utility of his boat. Then he should sell those extra fish in the afternoon and save up until he has enough money to buy a second fishing boat and potentially employ some other fishermen. Focus on the selling side of the business, set up a permanent store, and possibly, if he does everything correctly, get a loan to expand the operation even further.

In 10 to 20 years he could own an entire fishing fleet, make a lot of money, and finally retire. The fisherman then asks the businessman what he would do with his days once retired, to which the businessman responds: “Well, you could spend more time with your friends and family, cook good food, watch the sunset with your wife, and wake up early in the morning and go fishing, if you want.”

– Herman Martinus

Ah man, preach! This resonated so much because I recently realised that I’m The Fisherman. Well, to be more accurate, I was The Fisherman posing as The Businessman. Now I’m just The Fisherman, and it’s lovely.

Since stepping down as an executive I’ve become happier, got far more job satisfaction, and I spend more time with my family. I’ve also realised that a lot of what was driving me was ego. I wanted to be important. I wanted the fancy title, the corner office, the prestige.

I wanted the job for all the wrong reasons.

I’m not saying all execs are egomaniacs. I’m saying my reasons for chasing that level were mostly ego. That’s on me.

At this point I have what I think is the perfect balance between pay, free time, and job satisfaction. I love my job again and I’m really fucking happy.

What’s the point of this post? Honestly, I have no idea. I just wanted to share this great little parable and say thanks to Herman for sharing it originally. If you’re not happy with your job, maybe it’s worth asking which one you’re being right now.

Thanks for reading this post via RSS. RSS is great, and you're great for using it. ❤️

Reply to this post by email

You can't legislate serendipity - Werd I/O

2025-12-02T17:40:35.000Z

A decade and change ago, I used to tell a story about three startups I was involved with, as a way of explaining why the Bay Area startup ecosystem was special. It went like this:

I founded my first startup in Edinburgh, Scotland. Everyone told me to get a real job and that it would never work. There were no investors.

The second startup I was involved with was founded in Austin. Everyone was super-enthusiastic, but the investors didn’t understand how technology was built, and had mismatched expectations about how their money would be spent.

The third was founded in San Francisco. Everyone was super-enthusiastic and the investors provided a ton of value because they knew the industry better than we did.

It’s Goldilocks and the Three Bears, of course: the San Francisco porridge was just right. But it’s also true — or, at least, it was at the time. Since I founded that first startup in 2004, Edinburgh has developed a small startup scene. The Austin tech scene is significantly more sophisticated than it was. San Francisco, though, is still going strong, and the Bay Area ecosystem continues to dominate the tech industry.

But should it?

This year, the answer is not obviously yes. Major tech companies have made efforts to curry favor with the second Trump administration. Elon Musk held an official government position — and threw a Hitler salute on Inauguration Day — while figures like Larry Ellison have openly celebrated increasingly authoritarian governance models. AI vendors have positioned their services to be surveillance machines at their heart, ingesting huge amounts of sensitive data and training their products on copyrighted work without permission or compensation.

Silicon Valley’s embrace of authoritarianism is concerning, but for governments and communities outside America's borders, the risk goes beyond ideology: using American software means submitting to American legal jurisdiction. Legislation like the CLOUD Act allows data processed by US companies to be accessed by US law enforcement, even if it is gathered in countries with strong privacy rules. Using American software means importing American values and subjecting yourself to American rules.

It’s no wonder, then, that jurisdictions like the EU have accelerated their efforts to create alternatives. If Silicon Valley’s values are becoming misaligned with democratic societies, it makes sense for those societies to look for alternatives.

The EuroStack might be the most prominent: a 300 Billion Euro plan for instigating a new European technology ecosystem that reduces dependence on US providers while promoting core values like privacy and transparency. The idea is that the initiative will establish standards, invest in technologies that meet those standards, and then encourage EU governments to default to buying those products.

Eurosky, meanwhile, is an effort to create a European alternative to social media, largely on top of Bluesky’s AT Protocol stack. It’s a potential candidate for funding by the EuroStack initiative, although it’s already got support from a range of non-profits. Interestingly, some of those are actually based in the US — most notably New_ Public and Free Our Feeds. That’s because establishing data sovereignty in one jurisdiction benefits users everywhere: the standards, software, and models for collaboration are portable. If European users have genuine alternatives to US platforms, it creates competitive pressure that could improve privacy protections globally; more concretely, open protocols developed under European privacy standards become tools that users anywhere can deploy.

These efforts strike me as being fundamentally top-down. The EuroStack seeks to create a framework of interoperability and support that startups and projects need to compete to be supported by. Eurosky dictates the protocols and methods through which a social media alternative can be built.

Power in tech comes from two things at once: infrastructure and community. Europe is trying to rebuild the first, but it won’t succeed without the second. And I’m not seeing a ton of that in any of these new initiatives.

In San Francisco, I once had coffee with a founder I’d only recently connected with online. By the afternoon, they’d pointed me in the direction of an expert advisor and an angel investor and talked me through their own failed company so I could learn from it. I was speaking with both of those new contacts within a day or two. That kind of generosity is the Valley’s real competitive advantage.

Silicon Valley works because it’s a decentralized ecosystem: participants in the network receive backing from funds that are often powered by founders of previous ventures or other figures from successful tech companies. When they’re successful, they then pay it forward. The biggest defining feature of my own interactions there is that everyone is happy to meet and share their thoughts, advice, and connections. That doesn’t necessarily mean that you’ll find funding, but you’ll certainly find a community of support.

Venture capitalist Brad Feld, studying how Boulder, Colorado built a thriving startup community despite being far from Silicon Valley, identified what he calls the Boulder Thesis: entrepreneurs must lead the community (not government or universities), leaders must commit long-term, the community must be radically inclusive, and there must be continual engagement. At its heart is the idea of offering help without defining what you’ll get in return: once again, a culture of paying it forward.

That's the key. The real opportunity for Europe isn’t just to build an alternative tech stack: it’s to build an alternative tech culture.

It’s far easier to establish a culture at the beginning of something than trying to graft it on to an existing process or community. There are existing tech communities in Europe, of course: lots of open tech in Berlin, e-commerce in Amsterdam, and so on. But these are archipelagos that, while producing interesting projects and successful companies, haven’t yet coalesced into an integrated ecosystem with Silicon Valley’s density and network effects.

But culture is not the same as capital, and Europe keeps trying to buy with money and regulatory frameworks what Silicon Valley built with relationships. You can mandate standards, fund research programs, or require governments to prefer domestic vendors. What you can’t do is legislate serendipity: the hallway conversations, the shared failures, the informal mentorship networks, the introductions made because someone believes in someone else’s wild idea. That’s the real infrastructure of an ecosystem, and it’s still largely missing.

That's not to say EuroStack's approach is wrong: it’s just missing a crucial piece. The funding and procurement frameworks will provide vital support for the right projects. But they’re means, not ends. Without relational infrastructure, they’re like building highways before anyone owns a car.

So how do you establish that infrastructure? I look to what Corey Ford calls intentional serendipity: cultivating a culture of curiosity, embracing uncertainty, acting on unexpected opportunities, failing fast, and understanding that the path to success is fundamentally nonlinear.

For Europe, intentional serendipity would mean cultivating spaces where openness, privacy, and democratic governance aren’t just compliance requirements but shared values. A place where researchers, policymakers, and startup founders can be in the same room without hierarchy; where civic technologists and commercial technologists cross-pollinate; where people from different nations can build shared norms; where founders are backed for their mindsets, values, and capabilities rather than specific projects. Silicon Valley has social gravity; Europe needs social cohesion. That starts with intentionally connecting the people who want to build a different kind of internet.

It also means not just forgiving failure but understanding that it’s part of the process. Silicon Valley’s culture of rapid iteration emerged because people could take risks without being exiled if things didn’t work out; their peers knew that failure was information. Europe’s emerging ecosystem, burdened by a more risk-averse, less failure-friendly culture, will need to intentionally build that same muscle of iteration. The goal isn’t to mimic the Valley, but to create an environment that encourages principled risk-taking, recognizing that failure is a core part of learning. This means creating a safe-to-fail environment where founders are encouraged to share their setbacks as an essential part of learning and community-building.

To do so, it needs to build those spaces and invest in those communities. Yes, procurement and funding scenarios are important, but they’re scaffolding that help a cultivated community grow in the right direction. What’s most important is the relational infrastructure: non-hierarchical hubs and opportunities for informal mentorship that let relationships form, building trust and allowing ideas to spread at speed. All of these spaces need to be built and supported — ideally in a way that’s accessible to everyone, rather than being the kinds of closed-off members-only spaces that dominate ecosystems like London. These accessible third places form the sort of community infrastructure that government is uniquely positioned to provide.

It’s not all about community. In a world where tech is strongly linked with authoritarianism, the values frameworks those European projects are talking about are vital. In this era of history, we need those values to succeed. My point is not that we should copy the Silicon Valley playbook; it’s that those values and frameworks won’t succeed without the community culture work.

Europe can and should cultivate an ethos of intentional serendipity, but with its own values and identity, supported by the kinds of frameworks, procurement policies, and standards it’s proposing. Instead of importing Silicon Valley’s assumptions, it can build an ecosystem that reflects its political and cultural commitments: openness, privacy, pluralism, and democratic accountability. That would be a fourth kind of story: not Edinburgh’s discouragement, or Austin’s enthusiasm without alignment, or San Francisco’s density of expertise, but something genuinely new. And that, I think, is the one the world needs next.

Where Do the Children Play? - Werd I/O

2025-12-02T16:15:14.000Z

[Eli Stark-Elster in Unpublishable Papers]

This meaningful discussion touches on the role — and dangers — of online spaces in the lives of children, but has a lot more to say about how our lives and environments are designed overall.

“[…] Digital space is the only place left where children can grow up without us. For most of our evolutionary history, childhood wasn’t an adult affair. Independent worlds and peer cultures were the crux of development, as they still are among the BaYaka; kids spent their time together, largely beyond the prying eyes of grown-ups.

But in the West, the grown-ups have paved over the forests and creeks where children would have once hidden. They have exposed the secret places. So the children seek out a world of their own, as they have for millennia, if not longer. They find a proverbial forest to wander. They don’t know what we know: this forest has eyes and teeth.”

[Link]

Responsible Disclosure: Joiners, Movers, and Leavers in NHS BSA - Terence Eden’s Blog

2025-12-02T12:34:08.000Z

Many many years ago, I did some work for the NHS. As part of that, I was given access to certain GitHub organisations so that I could contribute to various projects. Once I left that job my access was revoked.

Mostly.

A few weeks ago, I received this email from GitHub.

On the surface, this is a sensible email. They want all their members to only have strong 2FA and I still had SMS configured as a fallback method. Except, of course, I should not be a member. I should have been kicked out when I handed back my laptop and lanyard. There was still a bit of pandemic pandemonium about - but surely in the last few years someone should have audited the organisation's membership?

The JML process is critical to cybersecurity. There's no point having fancy controls if you don't revoke the permissions of people who are no longer entitled to access. On a fully integrated system this is (usually) easy - untick a box on Active Directory or whatever and *poof* the user is banned.

But with external systems the problem is harder. You now need to keep track of external usernames, synchronise them with internal names, periodically check them for updates, integrate with an API, and - in some cases - take manual action. It's clear that this particular bit of the NHS had slipped up. Looking through the private list of collaborators, there were many old accounts.

I was able to see all private collaborators:

I could see all private repositories:

I even had access to create new repositories - including special ones:

To be abundantly clear, there was no medical data on GitHub. There was no patient data available for me to view. Absolutely nothing medically sensitive was stored there. This isn't a GDPR or medical privacy issue. If I had made any changes to the code stored on there, it would never have made it to production. There were no API keys or sensitive data or passwords for me to exfiltrate. The NHS BSA is a business unit - not a medical unit.

Nevertheless, it is important that all parts of a large organisation are able to quickly and competently remove users once they have left.

Timeline

2025-10-17
- Received GitHub email.
- Visited https://www.nhs.uk/.well-known/security.txt to get details of how to raise security issues.
- Raised the issue on HackerOne
2025-10-21
- After triage, the issue was assigned directly to the BSA.
2025-10-31
- I was removed from the organisation.
- Requested permission to publish this post. No objection received.
2025-12-02
- Published

Introducing constant-time support for LLVM to protect cryptographic code - Trail of Bits Blog

2025-12-02T12:00:00.000Z

Trail of Bits has developed constant-time coding support for LLVM, providing developers with compiler-level guarantees that their cryptographic implementations remain secure against branching-related timing attacks. These changes are being reviewed and will be added in an upcoming release, LLVM 22. This work introduces the __builtin_ct_select family of intrinsics and supporting infrastructure that prevents the Clang compiler, and potentially other compilers built with LLVM, from inadvertently breaking carefully crafted constant-time code. This post will walk you through what we built, how it works, and what it supports. We’ll also discuss some of our future plans for extending this work.

The compiler optimization problem

Modern compilers excel at making code run faster. They eliminate redundant operations, vectorize loops, and cleverly restructure algorithms to squeeze out every bit of performance. But this optimization zeal becomes a liability when dealing with cryptographic code.

Consider this seemingly innocent constant-time lookup from Sprenkels (2019):

uint64_t constant_time_lookup(const size_t secret_idx,
 const uint64_t table[16]) {
 uint64_t result = 0;
 for (size_t i = 0; i < 8; i++) {
 const bool cond = i == secret_idx;
 const uint64_t mask = (-(int64_t)cond);
 result |= table[i] & mask;
 }

 return result;}

This code carefully avoids branching on the secret index. Every iteration executes the same operations regardless of the secret value. However, as compilers are built to make your code go faster, they would see an opportunity to improve this carefully crafted code by optimizing it into a version that includes branching.

The problem is that any data-dependent behavior in the compiled code would create a timing side channel. If the compiler introduces a branch like if (i == secret_idx), the CPU will take different amounts of time depending on whether the branch is taken. Modern CPUs have branch predictors that learn patterns, making correctly predicted branches faster than mispredicted ones. An attacker who can measure these timing differences across many executions can statistically determine which index is being accessed, effectively recovering the secret. Even small timing variations of a few CPU cycles can be exploited with sufficient measurements.

What we built

Our solution provides cryptographic developers with explicit compiler intrinsics that preserve constant-time properties through the entire compilation pipeline. The core addition is the __builtin_ct_select family of intrinsics:

// Constant-time conditional selection
result = __builtin_ct_select(condition, value_if_true, value_if_false);

This intrinsic guarantees that the selection operation above will compile to constant-time machine code, regardless of optimization level. When you write this in your C/C++ code, the compiler translates it into a special LLVM intermediate representation intrinsic (llvm.ct.select.*) that carries semantic meaning: “this operation must remain constant-time.”

Unlike regular code that the optimizer freely rearranges and transforms, this intrinsic acts as a barrier. The optimizer recognizes it as a security-critical operation and preserves its constant-time properties through every compilation stage, from source code to assembly.

Real-world impact

In their recent study “Breaking Bad: How Compilers Break Constant-Time Implementations,” Srdjan Čapkun and his graduate students Moritz Schneider and Nicolas Dutly found that compilers break constant-time guarantees in numerous production cryptographic libraries. Their analysis of 19 libraries across five compilers revealed systematic vulnerabilities introduced during compilation.

With our intrinsics, the problematic lookup function becomes this constant-time version:

uint64_t
constant_time_lookup(const size_t secret_idx,
 const uint64_t table[16]) {
 uint64_t result = 0;

 for (size_t i = 0; i < 8; i++) {
 const bool cond = i == secret_idx;
 result |= __builtin_ct_select(cond, table[i], 0u);
 }
 return result;
}

The use of an intrinsic function prevents the compiler from making any modifications to it, which ensures the selection remains constant time. No optimization pass will transform it into a vulnerable memory access pattern.

Community engagement and adoption

Getting these changes upstream required extensive community engagement. We published our RFC on the LLVM Discourse forum in August 2025.

The RFC received significant feedback from both the compiler and cryptography communities. Open-source maintainers from Rust Crypto, BearSSL, and PuTTY expressed strong interest in adopting these intrinsics to replace their current inline assembly workarounds, while providing valuable feedback on implementation approaches and future primitives. LLVM developers helped ensure the intrinsics work correctly with auto-vectorization and other optimization passes, along with architecture-specific implementation guidance.

Building on existing work

Our approach synthesizes lessons from multiple previous efforts:

Simon and Chisnall __builtin_ct_choose (2018): This work provided the conceptual foundation for compiler intrinsics that preserve constant-time properties, but was never upstreamed.
Jasmin (2017): This work showed the value of compiler-aware constant-time primitives but would have required a new language.
Rust’s #[optimize(never)] experiments: These experiments highlighted the need for fine-grained optimization control.

How it works across architectures

Our implementation ensures __builtin_ct_select compiles to constant-time code on every platform:

x86-64: The intrinsic compiles directly to the cmov (conditional move) instruction, which always executes in constant time regardless of the condition value.

i386: Since i386 lacks cmov, we use a masked arithmetic pattern with bitwise operations to achieve constant-time selection.

ARM and AArch64: For AArch64, the intrinsic is lowered to the CSEL instruction, which provides constant-time execution. For ARM, since ARMv7 doesn’t have a constant-time instruction like AAarch64, the implementation generates a masked arithmetic pattern using bitwise operations instead.

Other architectures: A generic fallback implementation uses bitwise arithmetic to ensure constant-time execution, even on platforms we haven’t natively added support for.

Each architecture needs different instructions to achieve constant-time behavior. Our implementation handles these differences transparently, so developers can write portable constant-time code without worrying about platform-specific details.

Benchmarking results

Our partners at ETH Zürich are conducting comprehensive benchmarking using their test suite from the “Breaking Bad” study. Initial results show the following:

Minimal performance overhead for most cryptographic operations
100% preservation of constant-time properties across all tested optimization levels
Successful integration with major cryptographic libraries including HACL*, Fiat-Crypto, and BoringSSL

What’s next

While __builtin_ct_select addresses the most critical need, our RFC outlines a roadmap for additional intrinsics:

Constant-time operations

We have future plans for extending the constant-time implementation, specifically for targeting arithmetic or string operations and evaluating expressions to be constant time.

_builtin_ct<op> // for constant-time arithmetic or string operation
__builtin_ct_expr(expression) // Force entire expression to evaluate without branches

Adoption path for other languages

The modular nature of our LLVM implementation means any language targeting LLVM can leverage this work:

Rust: The Rust compiler team is exploring how to expose these intrinsics through its core::intrinsics module, potentially providing safe wrappers in the standard library.

Swift: Apple’s security team has expressed interest in adopting these primitives for its cryptographic frameworks.

WebAssembly: These intrinsics would be particularly useful for browser-based cryptography, where timing attacks remain a concern despite sandboxing.

Acknowledgments

This work was done in collaboration with the System Security Group at ETH Zürich. Special thanks to Laurent Simon and David Chisnall for their pioneering work on constant-time compiler support, and to the LLVM community for their constructive feedback during the RFC process.

We’re particularly grateful to our Trail of Bits cryptography team for its technical review.

Resources

The work to which this blog post refers was conducted by Trail of Bits based upon work supported by DARPA under Contract No. N66001-21-C-4027 (Distribution Statement A, Approved for Public Release: Distribution Unlimited). Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the United States Government or DARPA.

Introducing Roundabout - Werd I/O

2025-12-02T01:11:16.000Z

[Hays Witt and Josh Kramer at New_ Public]

Really interesting to see New_ Public announce its first community product from its Local Lab:

“The main thing to know, maybe the most important thing, is that this is not just another social media app. Roundabout is a community space, built from the ground up with community leaders and neighbors.

[…] As a project incubated within New_ Public, a nonprofit, Roundabout will grow incrementally, sustained by a diverse and balanced set of revenue sources. With business incentives aligned towards utility and everyday value, instead of engagement and relentless scale, we’re designing Roundabout to be shielded from the cycle of enshittification. The ultimate goal is to build for social trust — every decision, every design, optimized to build bonds and increase belonging.”

There’s a lot to comment on here.

The technical lead is Blaine Cook, who you might remember as Twitter’s first employee and first CTO. Since then he’s been a strong, sharp advocate for decentralized social.

On Mastodon, New_ Public mentioned that it’s building the platform in a way that’s compatible with AT Protocol, although it’s not the main focus for now.

I’m excited to see how the platform develops, and how New_ Public seeds the ecosystem conversations around it. And: this is only one of its community initiatives. There’s more to come.

[Link]

What Happens After the Hype? Lessons from Mobile Internet’s Long Road to Success - Werd I/O

2025-12-01T14:34:14.000Z

[Shomila Malik]

We’re beginning to see the end of the AI hype cycle, and thank goodness. That doesn’t mean that there aren’t uses for aspects of the technology, but it does mean that some of the hyperbole will diminish as investors and speculators move on to the next thing.

As Ecrue founder Shomila Malik points out here:

“The question isn’t whether the current AI investment cycle will face a reckoning. It’s what form that reckoning takes — and what comes after.”

“The difference between a pop and a deflation often comes down to how adaptable the infrastructure is. 3G networks built for one vision of mobile internet ended up powering something completely different — but they still got used. The investment wasn’t wasted, just redirected. Time will tell if AI will be a deflation like mobile internet or a ear deafening explosion like the dot com crash.”

[Link]

Year 3 at the Smallholding - Kev Quirk

2025-12-01T12:00:00.000Z

We're been living on our smallholding in Wales for 3 years now. Here's how things have been going this year.

I’m a little late with my update this year because I’ve had a few things going on at home. This has accidentally become an annual tradition at this point, so I’m gonna roll with it.

I re-read last year’s update to see what I did and, more importantly, what I’d listed in the closing what’s next? section. It included:

Renovating the brick shed on the drive into an annex for guests.
Continuing to work on the garden.
Insulating the roof in the conservatory.
Two more bathrooms, a downstairs loo, and the kitchen.

Well, dear reader, most of that plan went to utter rat shit this year. Aside from continuing to work on the garden, we got absolutely nothing on the list done. That’s mainly because we ended up having to replace the entire roof on the house, which is still ongoing as I write this.

Worse still, because the new roof is heading into winter, we’ve had lots of rain. That in turn means leaks in the house, the worst of which has been in my oldest son’s bedroom. If you read last year’s post, you’ll recall we only renovated that room last year. 😡

If you’ve never had to put a new roof on your house, firstly you’re very lucky. But secondly, they’re really expensive. So that has meant we haven’t had any disposable income for other projects.

Making progress in the garden

We managed to plant some wildflowers in the far field, which one of our neighbours who keeps bees is very appreciative of.

Wild flowers starting to come through in field

We also had a load of groundwork done at the back to flatten some of it off. They ended up moving 50 tonnes of soil from the area to make it level. Our hope is that this summer we’ll be able to enjoy drinks and barbecues on the new flat piece of land.

We’re also continuing to improve the chicken coop. We now have a fairly large enclosed outdoor space for them, mainly because of bird flu in the and the council applying restrictions on where they can roam. We’ve also grown the flock to 17 hens and a rooster.

Looking to year 4

The list for this year is going to be similar to last year’s. I just hope there will be fewer expensive surprises.

We’re hoping to add a polytunnel so we can grow more of our own vegetables. I’d also like to insulate the roof in the conservatory as it’ll effectively give us another room we can use all year round.

The bathrooms, toilet and kitchen will have to wait. We’ll just have to see how the cashflow looks. If next year I can get the polytunnel and conservatory done, I’ll class that as a win. I’d love to get a quad bike for towing the flail too, but again…money.

All in all it’s been a difficult year at the smallholding, but we have a new roof, so that’s good. I suppose…

Thanks for reading this post via RSS. RSS is great, and you're great for using it. ❤️

Reply to this post by email

Knowing when to leave - Werd I/O

2025-11-30T17:12:19.000Z

I wrote this in my blog drafts well over a decade ago (exact date unclear). I thought I'd publish it as-is as an aside. I'm sure it was going to be an excellent full post, but clearly this is just the intro. I still agree though: knowing when to go is important!

Some years ago, someone I worked with closely on a project that was failing had a mini-meltdown. He unfriended the rest of the team across social media, including the official accounts, which he took over unilaterally; he refused to even sit at the same table as the rest of the team on company trips, and at events.

To this day, I still don't exactly know what triggered the episode. But it was a moment that made me realize the project we were working on together could never succeed. Four months later, I had extracted myself.

Years later, I believe this was the wrong decision.

Knowing when to leave is an important skill. You've got to balance your loyalty, and your long-term career, against the objective facts in any situation. Leaving a project early is not a good idea: it sends a message that you're ready to flake out when times get tough. (In a startup situation, times will get tough.) However, if a project:

genuinely has no long-term prospects, either for you personally or as a whole
and there's absolutely nothing you can do about it
and the situation is not directly of your own making

You need to think about going. Anything else is running on a treadmill for no reason.

imperfect notes & my second subconscious - Werd I/O

2025-11-30T14:22:24.000Z

[Winnie Lim]

I’ve never been a successful notetaker. Winnie Lim enumerates the many reasons why not, which seem to be very close to her thinking too:

“Because of my personality I tend to solve for the whole before wanting to do something. For years I wanted to figure out how I could retrieve the notes in a meaningful manner before I committed to making them. If I cannot remember I had made the note, did the note really exist?”

Then again, maybe that doesn’t matter at all:

“My brain is constantly holding scattered bits of information so it is just better to offload them somewhere in one place. I think the main difference is I don’t see obsidian as my second brain, I see it as my second subconscious.”

I’ll give notetaking another try.

[Link]

A big list of things I disable in WordPress - Terence Eden’s Blog

2025-11-30T12:34:23.000Z

There are many things I like about the WordPress blogging software, and many things I find irritating. The most annoying aspect is that WordPress insists that its way is the best and there shall be no deviance. That means a lot of forced cruft being injected into my site. Headers that bloat my page size, Gutenberg stuff I've no use for, and ridiculous editorial decisions.

To double-down on the annoyance, there's no simple way to turn them off. In part, that is due to the "WordPress Philosophy":

Decisions, not options

[…] Every time you give a user an option, you are asking them to make a decision. When a user doesn’t care or understand the option this ultimately leads to frustration.

I broadly agree with that. Having hundreds of options is a burden for users and a nightmare for maintainers. Do please read this excellent discussion from Tom McFarlin for a more detailed analysis.

But I want to turn things off. Luckily, there is a way. If you're a developer, you can remove a fair number of these "enforced" decisions. Add the following to your theme's functions.php file and watch the mandatory WordPress bloat whither away. I've commented each removal and, where possible, given a source for more information. Feel free to leave a comment suggesting how this script can be improved and simplified.

//  Remove mandatory classic theme.
function disable_classic_theme_styles() {
    wp_deregister_style( "classic-theme-styles" );
    wp_dequeue_style(    "classic-theme-styles" );
}
add_action( "wp_enqueue_scripts", "disable_classic_theme_styles" );

//  Remove WP Emoji.
//  http://www.denisbouquet.com/remove-wordpress-emoji-code/
remove_action( "wp_head",             "print_emoji_detection_script", 7 );
remove_action( "wp_print_styles",     "print_emoji_styles"              );
remove_action( "admin_print_scripts", "print_emoji_detection_script"    );
remove_action( "admin_print_styles",  "print_emoji_styles"              );
//  https://wordpress.org/support/topic/remove-the-new-dns-prefetch-code/
add_filter( "emoji_svg_url", "__return_false" );

//  Stop emoji replacement with images in RSS / Atom Feeds
//  https://danq.me/2023/09/04/wordpress-stop-emoji-images/
remove_filter( "the_content_feed", "wp_staticize_emoji" );
remove_filter( "comment_text_rss", "wp_staticize_emoji" );

//  Remove automatic formatting.
//  https://css-tricks.com/snippets/wordpress/disable-automatic-formatting/
remove_filter( "the_content",  "wptexturize" );
remove_filter( "the_excerpt",  "wptexturize" );
remove_filter( "comment_text", "wptexturize" );
remove_filter( "the_title",    "wptexturize" );

//  More formatting crap.
add_action("init", function() {
    remove_filter( "the_content", "convert_smilies", 20 );
    foreach ( array( "the_content", "the_title", "wp_title", "document_title" ) as $filter ) {
        remove_filter( $filter, "capital_P_dangit", 11 );
    }
    remove_filter( "comment_text", "capital_P_dangit", 31 );    //  No idea why this is separate
    remove_filter( "the_content",  "do_blocks", 9 );
}, 11);

//  Remove Gutenberg Styles.
//  https://wordpress.org/support/topic/how-to-disable-inline-styling-style-idglobal-styles-inline-css/
remove_action( "wp_enqueue_scripts", "wp_enqueue_global_styles" );

//  Remove Gutenberg editing widgets.
//  From https://wordpress.org/plugins/classic-widgets/
//  Disables the block editor from managing widgets in the Gutenberg plugin.
add_filter( "gutenberg_use_widgets_block_editor", "__return_false" );
//  Disables the block editor from managing widgets.
add_filter( "use_widgets_block_editor", "__return_false" );

//  Remove Gutenberg Block Library CSS from loading on the frontend.
//  https://smartwp.com/remove-gutenberg-css/
function remove_wp_block_library_css() {
    wp_dequeue_style( "wp-block-library"       );
    wp_dequeue_style( "wp-block-library-theme" );
    wp_dequeue_style( "wp-components"          );
}
add_action( "wp_enqueue_scripts", "remove_wp_block_library_css", 100 );

//  Remove hovercards on comment links in admin area.
//  https://wordpress.org/support/topic/how-to-disable-mshots-service/#post-12946617
add_filter( "akismet_enable_mshots", "__return_false" );

//  Remove Unused Plugin code.
function remove_plugin_css_js() {
    wp_dequeue_style( "image-sizes" );
}
add_action( "wp_enqueue_scripts", "remove_plugin_css_js", 100 );

//  Remove WordPress forced image size
//  https://core.trac.wordpress.org/ticket/62413#comment:40
add_filter( "wp_img_tag_add_auto_sizes", "__return_false" );

//  Remove <img> enhancements
//  https://developer.wordpress.org/reference/functions/wp_filter_content_tags/
remove_filter( "the_content",  "wp_filter_content_tags", 12 );

//  Stop rewriting http:// URls for the main domain.
//  https://developer.wordpress.org/reference/hooks/wp_should_replace_insecure_home_url/
remove_filter( "the_content", "wp_replace_insecure_home_url", 10 );

//  Remove the attachment stuff
//  https://developer.wordpress.org/news/2024/01/building-dynamic-block-based-attachment-templates-in-themes/
remove_filter( "the_content", "prepend_attachment" );

//  Remove the block filter
remove_filter( "the_content", "apply_block_hooks_to_content_from_post_object", 8 );

//  Remove browser check from Admin dashboard.
//  https://core.trac.wordpress.org/attachment/ticket/27626/disable-wp-check-browser-version.0.2.php
if ( !empty( $_SERVER["HTTP_USER_AGENT"] ) ) {
    add_filter( "pre_site_transient_browser_" . md5( $_SERVER["HTTP_USER_AGENT"] ), "__return_null" );
}

//  Remove shortlink.
//  https://stackoverflow.com/questions/42444063/disable-wordpress-short-links
remove_action( "wp_head", "wp_shortlink_wp_head" );

//  Remove RSD.
//  https://wpengineer.com/1438/wordpress-header/
remove_action( "wp_head", "rsd_link" );

//  Remove extra feed links.
//  https://developer.wordpress.org/reference/functions/feed_links/
add_filter( "feed_links_show_comments_feed", "__return_false" );
add_filter( "feed_links_show_posts_feed",    "__return_false" );

//  Remove api.w.org link.
//  https://wordpress.stackexchange.com/questions/211467/remove-json-api-links-in-header-html
remove_action( "wp_head", "rest_output_link_wp_head" );
//  https://wordpress.stackexchange.com/questions/211817/how-to-remove-rest-api-link-in-http-headers
//  https://developer.wordpress.org/reference/functions/rest_output_link_header/
remove_action( "template_redirect", "rest_output_link_header", 11, 0 );

You can find the latest version of my debloat script in my theme's repo.

If there are other things you find helpful to remove, or a better way to organise this file, please drop a comment in the box.

"Disagree and Let’s See" - Werd I/O

2025-11-30T01:22:54.000Z

[Molly Graham]

This feels emotionally honest and an idea I can get behind, as an alternative to the popular “disagree and commit”:

““Disagree and let’s see” allows you to stay aligned with the team without forcing you to pretend you had conviction you didn’t have. It lets you walk into a room with your team and be honest:

“Here’s the path that was chosen. It wasn’t my first pick, but here’s the experiment we’re running, and here’s what we’re trying to learn.””

That’s much harder to argue with — and at the end, there’s no “I told you so” or winners and losers. There’s just a “here’s what we learned” and an implied set of next steps. Bliss.

[Link]