Shellsharks Blogroll - BlogFlock

Hot Cross Buns - The Weblog of fLaMEd

2026-05-06T14:58:18.000Z

What’s going on, Internet? I’ve been eating hot cross buns since January. Can you believe it? Growing up I remember that seasonal treats would come out a week or two before the associated holiday. As you might have noticed yourself, these days the bakeries, and supermarkets are pushing them out months before the event. For hot cross buns though, I’m not complaining.

I’m not a big fan of raisins, or orange spice, and whatever else they use to make hot cross buns. But when they’re combined and baked and the end result is a fresh hot cross bun, I’m right there for all of it.

While Easter is over now and my stash of hot cross buns has dried up, I’m both saddened and relieved. Since January I’ve been having at least one hot cross bun every morning with my hot chocolate (I gave up caffeine, and coffee with it, years ago). My favourite method of heating these delicious buns these days is in the air fryer. Cut in half and 170°C on the bake function for 4 minutes does the trick. Then a layer of butter. I’m not talking about a measly spread of butter. Nope. I’m talking about a slice of butter as thick as a slice of cheese. Then the goal is to eat it as quickly, but not too quickly before the butter melts and drips everywhere.

Damn they’re so good.

Daily Bread were the standout, but at the price I only sprung for them once. They use an Italian sourdough starter, multiple awards every year, you can taste why. Daily Bread also bakes a collab bun for Farro Fresh, sold right alongside the originals — slightly bigger, half the price, probably not the same starter but still super good. Bakers Delight ran a little drier than those two, though the size meant I could load them up with even more butter.

During our road trip down to Martinborough I got to try a few. The Stables in Greytown had a hot cross doughnutm the dough was good but the sugar coating wasn’t really my thing. I would have preferred a standard bun than the doughnut hybrid. The French Baker, also in Greytown, delivered the real deal. But the surprise was Jean’s, a small bakery in Upper Hutt that my wife loves to visit. Crazy delicious like all of their baked goods. Next year I’m getting a box shipped up to Auckland the moment they’re available. I was a bit gutted when I demolished the last one the other day.

I’m relieved I get a break until next year. If they were around all year I’d be in real trouble. But who am I kidding? I’m already counting down to next year’s batch. 🤙

Hey, thanks for reading this post in your feed reader! Want to chat? Reply by email or add me on XMPP, or send a webmention. Check out the posts archive on the website.

Emotional regulation is a dying art. - Westenberg

2026-05-06T00:21:50.000Z

There was a time when adults could feel something without screaming at you about it. We could disagree, hard, in a meeting and walk out with our faces still attached. Bad news arrived at the dinner table and the meal finished anyway. Call it discipline: the capacity to feel a thing in full and still choose what to do next.

That capacity is going the way of the Buffalo. You can watch it disappear in real time on any platform that rewards reaction; the faster the feedback loop, the worse the regulation. People are unleashing their feelings, unbounded and uninhibited, before they’ve finished having them, which means they aren’t really having them at all. They’re skipping the inner step where a person sits with a sensation and decides whether or not it deserves to leave the body.

The new orthodoxy says suppressing emotion is harmful. This might be true, but outside of a therapist’s office, it’s trivial. Suppression and regulation are different animals. Suppression is shoving the feeling into a closet and pretending it isn’t there until it crawls out twenty years later as an autoimmune disease; regulation is letting yourself feel the feeling, in full, while keeping your hands on the wheel of the car. We’ve collapsed the distinction.

Look at how grown people now speak about minor friction. Someone disagrees with them at work and they describe it as “harm.” Someone fails to text back within an acceptable window and they say their boundary has been violated. The vocabulary of clinical psychology has been borrowed wholesale and applied to ordinary life, where it has begun to function as a permission slip. If every discomfort is trauma, then every reaction is justified, and the work of metabolizing your experience becomes either optional or the domain of the privileged.

This is downstream of a cultural shift that confuses authenticity with reactivity. The assumption is that whatever you feel first, raw and unmediated, is the real you, and anything else is a performance. In my experience, the opposite is closer to the truth. The real self is the part of you who survives the first reaction; the part that can be angry and still be kind, scared and still steady. The reactive self is a child throwing food.

Calling the food-throwing “brave” is a mistake.

Actual children, watching this, are absorbing the model with terrifying efficiency, and they’re growing up in homes where the adults rage-text their bosses and stage public meltdowns in airport terminals while filming themselves. The lesson they’ll enact is that feelings are emergencies, and emergencies require an audience. Walk into any third-grade classroom now and you’ll find children who can name fourteen emotions and regulate none of them. They already have the vocabulary of a therapist but they maintain the impulse control of a puppy.

Some of this is technological. Phones reward a specific kind of nervous system, twitching first and thinking later. The dopamine architecture that hooks you on slot machines hooks you on outrage, and the platforms have figured out that a regulated person is a bad customer. The regulated close the app, but the dysregulated person scroll until four in the morning, bleeding cortisol and efficiently monetized.

But laming the phone lets too many people off the hook. Phones inherited the tantrum and scaled it; the deeper rot is philosophical. Several decades of therapeutic culture, well-meaning and badly executed, have taught generations that the goal of inner life is to express and never to contain. Containment has been rebranded as toxic, and composure rebranded as being cold.

For all my critiques of the philosophy’s Reddit-bound adherents, the Stoics weren’t automatons; Marcus Aurelius wept for his son, and Epictetus had been a slave whose owner crippled him for sport. They knew exactly how much the world hurt, and they wrote about it unapologetically. Their “innovation” was the claim that our hurt is not the last word. Between stimulus and response there exists a space, and in that space a person with agency can choose, and be responsible for that choice. A human being, however battered, retains a small and sovereign workshop where they make and remake and rebuild and mend themselves. That workshop is the only piece of territory that can’t be confiscated by circumstance - lose access to it and you lose yourself.

A good many people now are locked out of their own workshops. They feel a thing and the thing feels them right back, and there’s no daylight between the two.

The art of emotional regulation is dying because the conditions that taught it have been removed. We’ve lost slow time and private time; we’ve lost the time when no one asked what you thought before you’d finished thinking it. A whole generation of children has watched the adults around them treat every passing affect as a press release, and they’re learning to do the same. But you can’t regulate what you’ve already broadcast - and you can’t reclaim a workshop you’ve turned into a stage.

Building the future - Posts feed

2026-05-05T19:45:00.000Z

Watching the tech hype train while working in the industry has always felt a bit surreal. There's this nascent feeling that what I'm working on, while it pays my bills, either won't amount to much or is potentially a net negative. I'll admit that I'm predisposed to cynicism and will freely cast off jokes at the expense of what I observe. It's easy to do.

RSS Feeds Send Me More Traffic Than Google - Terence Eden’s Blog

2026-05-05T11:34:12.000Z

Yeah yeah, I know, data-point of 1.

I recently read Susam's blog post where they said that "most of the traffic to my personal website still comes from web feeds" - I wondered if that was true for my site.

I've been writing this blog for a while. I've never much bothered with "aggressive" SEO - I have a fairly semantic layout, all my reviews have metadata, and stuff like that - but I'm not cramming in keywords, using AMP, or whatever other chickens Google requires to be sacrificed for a higher ranking. Nevertheless, I do OK.

Last year, I added a bit of local-only, lightweight statistics-gathering to my blog. I can see which sites people click on to reach mine. Google is right up the top, DuckDuckGo is surprisingly high, Bing is lucky to crack the top 20 on any day. Similarly, I can see how much traffic I get from the Fediverse and BlueSky (Twitter has all but vanished).

A few weeks ago I added RSS and Newsletter tracking. These data are very lossy. If someone is subscribed to my RSS feed and opens a post and their client downloads a lazy-loaded image at the end of the post, I get a hit. For email it's broadly the same. If an email is opened and the tracker image is loaded, I get a hit (although Gmail does obfuscate that somewhat).

I'm not looking for super-accurate numbers (although I do block as many AI crawlers and bots as possible). I'm not creepily following people around the web nor am I trying to sell them anything. I just want a rough idea of where people find me.

Here are my blog's views for the last 28 days.

Some months I get a surge of hits from link aggregators like HN or Reddit. Sometimes I'm linked to from a popular site or cited in academic work. But most of the time I bumble along getting hits from here, there, and everywhere. Nevertheless, it's lovely to see so many people choosing to subscribe⁰ (for free!) and astonishing that they provide more traffic than a major search engine.

Obviously, these are two very different types of traffic. People who are searching for a specific thing and stumble upon my blog are different from those who decide to like and subscribe.

But, yeah, about 25% of my traffic comes from people who have chosen to subscribe.

I'm just delighted that so many people read my random thoughts.

For historic reasons, I have separate Atom and RSS feeds. Perhaps I should consider merging them? But it doesn't take much effort to publish in two subtly different formats. ↩︎

C/C++ checklist challenges, solved - Trail of Bits Blog

2026-05-05T11:00:00.000Z

We recently added a C/C++ security checklist to the Testing Handbook and challenged readers to spot the bugs in two code samples: a deceptively simple Linux ping program and a Windows driver registry handler. If you found the inet_ntoa global buffer gotcha or the missing RTL_QUERY_REGISTRY_TYPECHECK flag, nice work. If not, here’s a full walkthrough of both challenges, plus a deep dive into how the Windows registry type confusion escalates from a local denial of service to a kernel write primitive.

Since we first released the new C/C++ security checklist, we also developed a new Claude skill, c-review. It turns the checklist into bug-finding prompts that an LLM can run against a codebase. It’s also platform and threat-model aware. Run these commands to install the skill:

claude skills add-marketplace https://github.com/trailofbits/skills
claude skills enable c-review --marketplace trailofbits/skills

The Linux ping program challenge

The Linux warmup challenge we showed you in the last blog post has an obvious command injection issue.

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <arpa/inet.h>

#define ALLOWED_IP "127.3.3.1"

int main() {
 char ip_addr[128];
 struct in_addr to_ping_host, trusted_host;

 // get address
 if (!fgets(ip_addr, sizeof(ip_addr), stdin))
 return 1;
 ip_addr[strcspn(ip_addr, "\n")] = 0;

 // verify address
 if (!inet_aton(ip_addr, &to_ping_host))
 return 1;
 char *ip_addr_resolved = inet_ntoa(to_ping_host);

 // prevent SSRF
 if ((ntohl(to_ping_host.s_addr) >> 24) == 127)
 return 1;

 // only allowed
 if (!inet_aton(ALLOWED_IP, &trusted_host))
 return 1;
 char *trusted_resolved = inet_ntoa(trusted_host);

 if (strcmp(ip_addr_resolved, trusted_resolved) != 0)
 return 1;

 // ping
 char cmd[256];
 snprintf(cmd, sizeof(cmd), "ping '%s'", ip_addr);
 system(cmd);
 return 0;
}

There are three validations that have to be bypassed before the system call can be reached with malicious inputs:

The inet_aton function “converts the Internet host address from the IPv4 numbers-and-dots notation into binary form” and “returns nonzero if the address is valid, zero if not.” Theoretically, if we provide an invalid IPv4 string as input, then the program should return early.
The ntohl call aims to prevent server-side request forgery (SSRF) attacks by disallowing addresses in 127.0.0.0/8 range.
The parsed IP address is normalized with an inet_ntoa call and compared against the ALLOWED_IP. We are only allowed to ping localhost, which should not be possible given the SSRF check (making the code effectively broken with this configuration).

The issue with the inet_aton function is that it accepts trailing garbage. This behavior is not documented on its man page, making it a likely source of vulnerabilities. In our challenge, one can simply send “127.0.0.1 ‘; anything #” as valid input.

The gotcha with inet_ntoa is that it returns a pointer to a global buffer. Therefore, subsequent calls to the function overwrite previous outputs. In the challenge, ip_addr_resolved and trusted_resolved are the same pointer. When we provide “1.2.3.4” as input, ip_addr_resolved points to the string “1.2.3.4”, the SSRF check passes, the second call to inet_ntoa makes the ip_addr_resolved pointer point to “127.3.3.1”, and so the strcmp check passes too.

There are a few more functions that return pointers to static buffers; these are documented in the new C/C++ Testing Handbook chapter.

The Windows driver registry challenge

We showed you this Windows Driver Framework (WDF) request handler from a Windows driver and asked you to spot the bugs.

NTSTATUS
InitServiceCallback(
 _In_ WDFREQUEST Request
)
{
 NTSTATUS status;
 PWCHAR regPath = NULL;
 size_t bufferLength = 0;


 // fetch the product registry path from the request
 status = WdfRequestRetrieveInputBuffer(Request, 4, &regPath, &bufferLength);
 if (!NT_SUCCESS(status))
 {
 TraceEvents(
 TRACE_LEVEL_ERROR,
 TRACE_QUEUE,
 "%!FUNC! Failed to retrieve input buffer. Status: %d", (int)status
 );
 return status;
 }
 /* check that the buffer size is a null-terminated
 Unicode (UTF-16) string of a sensible size */
 if (bufferLength < 4 ||
 bufferLength > 512 ||
 (bufferLength % 2) != 0 ||
 regPath[(bufferLength / 2) - 1] != L'\0')
 {
 TraceEvents(
 TRACE_LEVEL_ERROR,
 TRACE_QUEUE,
 "%!FUNC! Buffer length %d was incorrect.", (int)bufferLength
 );
 return STATUS_INVALID_PARAMETER;
 }


 ProductVersionInfo version = { 0 };
 HandlerCallback handlerCallback = NewCallback;
 int readValue = 0;
 // read the major version from the registry
 RTL_QUERY_REGISTRY_TABLE regQueryTable[2];
 RtlZeroMemory(regQueryTable, sizeof(RTL_QUERY_REGISTRY_TABLE) * 2);
 regQueryTable[0].Name = L"MajorVersion";
 regQueryTable[0].EntryContext = &readValue;
 regQueryTable[0].Flags = RTL_QUERY_REGISTRY_DIRECT;
 regQueryTable[0].QueryRoutine = NULL;
 status = RtlQueryRegistryValues(
 RTL_REGISTRY_ABSOLUTE,
 regPath,
 regQueryTable,
 NULL,
 NULL
 );
 if (!NT_SUCCESS(status))
 {
 TraceEvents(
 TRACE_LEVEL_ERROR,
 TRACE_QUEUE,
 "%!FUNC! Failed to query registry. Status: %d", (int)status
 );
 return status;
 }
 TraceEvents(
 TRACE_LEVEL_INFORMATION,
 TRACE_QUEUE,
 "%!FUNC! Major version is %d",
 (int)readValue
 );
 version.Major = readValue;
 if (version.Major < 3)
 {
 // versions prior to 3.0 need an additional check
 RtlZeroMemory(regQueryTable, sizeof(RTL_QUERY_REGISTRY_TABLE) * 2);
 regQueryTable[0].Name = L"MinorVersion";
 regQueryTable[0].EntryContext = &readValue;
 regQueryTable[0].Flags = RTL_QUERY_REGISTRY_DIRECT;
 regQueryTable[0].QueryRoutine = NULL;
 status = RtlQueryRegistryValues(
 RTL_REGISTRY_ABSOLUTE,
 regPath,
 regQueryTable,
 NULL,
 NULL
 );
 if (!NT_SUCCESS(status))
 {
 TraceEvents(
 TRACE_LEVEL_ERROR,
 TRACE_QUEUE,
 "%!FUNC! Failed to query registry. Status: %d",
 (int)status
 );
 return status;
 }
 TraceEvents(
 TRACE_LEVEL_INFORMATION,
 TRACE_QUEUE,
 "%!FUNC! Minor version is %d", (int)readValue
 );
 version.Minor = readValue;
 if (!DoesVersionSupportNewCallback(version))
 {
 handlerCallback = OldCallback;
 }
 }
 SetGlobalHandlerCallback(handlerCallback);
}

The intended behavior of the code is to read some software version information from the registry using the RtlQueryRegistryValues API, then select one of two possible callback functions depending on that version information.

An attacker-controlled registry path

The first bug is that the path to the registry key is provided in the request, without validating the path string or checking that the caller is authorized to access the specified registry key. This means that anyone who can call into this handler can pick which registry key gets read, even if they ordinarily wouldn’t have access to that key. How this path string is interpreted depends on the RelativeTo parameter of the RtlQueryRegistryValues call. In this case, RelativeTo is set to RTL_REGISTRY_ABSOLUTE, which means that the path will be treated as an absolute path to a registry key object (e.g., \Registry\User\CurrentUser). There are two main reasons why this is a potential security issue.

First, if an attacker can control which registry key is being read, then they can point it at a registry key they control the contents of, allowing them to further manipulate the driver behavior. This may lead to logical inconsistencies (e.g., the wrong callback being set) or, as we will see shortly, enable exploitation of security issues elsewhere in the code.

Second, this enables a confused deputy attack that can be used to leak registry information that would normally be inaccessible to the user due to access controls. For example, a registry key might have a DACL applied that prevents normal users from enumerating its subkeys or reading any of the values inside those keys. Since the handler doesn’t check whether the call has sufficient rights to read the key, and the code emits a trace message and passes back the status code from RtlQueryRegistryValues, it can be used as an oracle to check for the existence of any registry key. It can also be used to leak any registry value named MajorVersion (and sometimes also MinorVersion) anywhere in the registry, but this is unlikely to be particularly useful in practice.

Missing type checks with RTL_QUERY_REGISTRY_DIRECT

The more serious bugs in this case arise from the flags set in the RTL_QUERY_REGISTRY_TABLE structs. The RtlQueryRegistryValues API takes in an array of these structs, terminated by an all-zero entry, to describe which registry values should be read from the specified key and how they should be processed and returned. There are two primary modes of operation here: callback or direct. In callback mode, which is the default, the QueryRoutine field of the struct points to a callback function that receives the value read from the registry. In direct mode, the QueryRoutine field is ignored and the value is instead written directly to a buffer whose location is passed in the EntryContext field. Direct mode is selected by including RTL_QUERY_REGISTRY_DIRECT in the Flags field.

In our example, the MajorVersion value is read using the following code:

HandlerCallback handlerCallback = NewCallback;
 int readValue = 0;
 // read the major version from the registry
 RTL_QUERY_REGISTRY_TABLE regQueryTable[2];
 RtlZeroMemory(regQueryTable, sizeof(RTL_QUERY_REGISTRY_TABLE) * 2);
 regQueryTable[0].Name = L"MajorVersion";
 regQueryTable[0].EntryContext = &readValue;
 regQueryTable[0].Flags = RTL_QUERY_REGISTRY_DIRECT;
 regQueryTable[0].QueryRoutine = NULL;
 status = RtlQueryRegistryValues(
 RTL_REGISTRY_ABSOLUTE,
 regPath,
 regQueryTable,
 NULL,
 NULL
 );

Here, RTL_QUERY_REGISTRY_DIRECT is used to select direct mode, and the buffer points to readValue, which is an integer variable on the stack. You might notice something important, though: at no point has the code specified what type of value is being read, nor has it specified the size of the buffer. It is clear from the context that this code is expecting to read a REG_DWORD, but what if the MajorVersion value isn’t a REG_DWORD?

A first attempt at exploitation

Let’s try to exploit this using a REG_QWORD. A REG_DWORD value is a 32-bit unsigned integer, whereas a REG_QWORD is a 64-bit unsigned integer, so if we make MajorVersion a REG_QWORD value instead, then we should be able to overwrite four bytes immediately after readValue on the stack. Since HKEY_CURRENT_USER is writable by low-privilege users, we can create a key somewhere in there, place a REG_QWORD value called MajorVersion in there, and pass the path of that key to the driver. And success, we get a BSOD!

Except… it’s not quite what we wanted. The bugcheck code is KERNEL_SECURITY_CHECK_FAILURE, which isn’t really what we would expect if we successfully overwrote some of the stack. Why is this happening? The answer is in the documentation:

Starting with Windows 8, if an RtlQueryRegistryValues call accesses an untrusted hive, and the caller sets the RTL_QUERY_REGISTRY_DIRECT flag for this call, the caller must additionally set the RTL_QUERY_REGISTRY_TYPECHECK flag. A violation of this rule by a call from user mode causes an exception. A violation of this rule by a call from kernel mode causes a 0x139 bug check (KERNEL_SECURITY_CHECK_FAILURE).

Only system hives are trusted. An RtlQueryRegistryValues call that accesses a system hive does not cause an exception or a bug check if the RTL_QUERY_REGISTRY_DIRECT flag is set and the RTL_QUERY_REGISTRY_TYPECHECK flag is not set. However, as a best practice, the RTL_QUERY_REGISTRY_TYPECHECK flag should always be set if the RTL_QUERY_REGISTRY_DIRECT flag is set.

Similarly, in versions of Windows before Windows 8, as a best practice, an RtlQueryRegistryValues call that sets the RTL_QUERY_REGISTRY_DIRECT flag should additionally set the RTL_QUERY_REGISTRY_TYPECHECK flag. However, failure to follow this recommendation does not cause an exception or a bug check. This protective behavior was introduced as a response to MS11-011, in which this registry type confusion bug was first reported.

To summarize, if you try to read from an untrusted registry hive using RtlQueryRegistryValues with RTL_QUERY_REGISTRY_DIRECT set but without also setting RTL_QUERY_REGISTRY_TYPECHECK, then Windows will automatically raise a bugcheck to crash the system and prevent the operation from succeeding.

The RTL_QUERY_REGISTRY_TYPECHECK flag allows the caller to specify an expected type as part of the query table entry, thus mitigating the type confusion bug. Since this flag is not set in our example, a bugcheck will be triggered if we attempt to read from any registry hive other than the following trusted system hives:

\REGISTRY\MACHINE\HARDWARE
\REGISTRY\MACHINE\SOFTWARE
\REGISTRY\MACHINE\SYSTEM
\REGISTRY\MACHINE\SECURITY
\REGISTRY\MACHINE\SAM

HKEY_CURRENT_USER is not included within this set, which explains why we saw the KERNEL_SECURITY_CHECK_FAILURE bugcheck when we tried to exploit it that way. This downgrades us from a potential kernel privilege escalation bug to a local denial of service. Still a bug, but not quite as exciting.

Finding writable keys in trusted hives

However, who says we can’t write values somewhere within these trusted hives? All it takes is a single key within one of those hives with a DACL that allows a lower-privileged user to write to it. Finding these isn’t too hard; the NtObjectManager powershell module has a command named Get-AccessibleKey that is perfect for the task:

Get-AccessibleKey \Registry\Machine -Recurse -Access SetValue

This command searches recursively within the \Registry\Machine object namespace for keys that the current process has permissions to set values within. Running it as a regular desktop user returns thousands of options that can be written without UAC elevation! Nice.

However, for style points, we can go one step further. Mandatory integrity control (MIC), one of the key access control features in Windows that underpins UAC, allows processes to run with higher or lower privileges than would normally be assigned to the user that ran them. Most desktop processes run at the medium integrity level (IL). Elevating a process via UAC (often referred to as “run as administrator”) typically increases the process’s IL to high. There is also a low IL, which is often used to sandbox certain processes for security reasons, significantly limiting which resources they can access. Any securable object on Windows can have a mandatory label applied to its system access control list (SACL), and that mandatory label specifies the ILs that are allowed to access the object. The SACL is checked before the DACL, meaning that the IL check must pass even if the DACL would normally grant the user permissions to access the object. This means that a process running with a low-integrity security token cannot access a medium-integrity object, and a process running with a medium-integrity security token cannot access a high-integrity object. So, can we find any cases where we could write to one of the trusted system hives from a low-integrity process?

To check for keys that are accessible at a low IL, the first thing we want to do is duplicate our process token and apply a low integrity label to it:

$token = Get-NtToken -Primary -Duplicate -IntegrityLevel Low

This gives us a copy of our current process’s security token that behaves as if we were running at a low IL. Using this, we then rerun the scan, passing in that modified token:

Get-AccessibleKey \Registry\Machine -Recurse -Access SetValue -Token $token

This does actually return a few results, on both Windows 10 and 11. Here are two of the most interesting:

\REGISTRY\MACHINE\SOFTWARE\Microsoft\DRM \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\PlayReady\Troubleshooter

Both of these keys allow a low-integrity token to write to them. The DRM key’s DACL has fairly complex permissions applied but grants the Set Value permission to the Everyone group. The PlayReady\Troubleshooter key’s DACL grants Full Control to Users, ALL APPLICATION PACKAGES, and ALL RESTRICTED APP PACKAGES. Either of these two keys can be abused to plant controlled registry values within a trusted system hive from a low privilege level.

(Note: Whether or not the driver’s request endpoint can be called from a low IL is a different matter, but this is just for fun and style points, so let’s ignore that for now.)

If we set a REG_QWORD value called MajorVersion in the DRM key, then pass that key’s path to the WDF handler, we can now overwrite four bytes of stack past the end of readValue with values that we control. Since handlerCallback was declared adjacent to readValue, there’s a chance that we can overwrite half of that function pointer! If that callback is called later, then we obtain partial control over the instruction pointer, which is a fairly strong primitive for local privilege escalation (LPE). This does depend on stack alignment, however, and it would not be surprising if the 32-bit readValue variable ended up 64-bit aligned, leaving a gap, so this approach may not get us far in practice.

Can we do better?

A string is a type of integer, right?

Ok, so far we’ve only explored what happens when we exploit the type confusion with REG_QWORD, but what happens if we use REG_SZ?

In the case of REG_SZ (i.e., a string value), the documentation says the following about RtlQueryRegistryValues’ behavior in direct mode:

A null-terminated Unicode string (such as REG_SZ, REG_EXPAND_SZ): EntryContext must point to an initialized UNICODE_STRING structure. If the Buffer member of UNICODE_STRING is NULL, the routine allocates storage for the string data. Otherwise, it stores the string data in the buffer that Buffer points to.

Let’s try exploiting this. RtlQueryRegistryValues will interpret the EntryContext field as if it were a UNICODE_STRING struct, but it’s actually pointing at readValue, which is an int. Here’s what a UNICODE_STRING looks like:

typedef struct _UNICODE_STRING {
 USHORT Length;
 USHORT MaximumLength;
 PWSTR Buffer;
} UNICODE_STRING, *PUNICODE_STRING;

In the first call that the code makes to RtlQueryRegistryValues, when reading MajorVersion, the value of readValue has been initialized to zero. Since readValue is four bytes and a USHORT is two bytes, interpreting readValue as a UNICODE_STRING at that time will result in both Length and MaximumLength being zero and Buffer containing whatever’s immediately after readValue in the stack. Since the length of the buffer is zero, RtlQueryRegistryValues will just return STATUS_BUFFER_TOO_SMALL and not attempt to write to the Buffer field.

However, let’s take a look at the second call to RtlQueryRegistryValues:

version.Major = readValue;
 if (version.Major < 3)
 {
 // versions prior to 3.0 need an additional check
 RtlZeroMemory(regQueryTable, sizeof(RTL_QUERY_REGISTRY_TABLE) * 2);
 regQueryTable[0].Name = L"MinorVersion";
 regQueryTable[0].EntryContext = &readValue;
 regQueryTable[0].Flags = RTL_QUERY_REGISTRY_DIRECT;
 regQueryTable[0].QueryRoutine = NULL;
 status = RtlQueryRegistryValues(
 RTL_REGISTRY_ABSOLUTE,
 regPath,
 regQueryTable,
 NULL,
 NULL
 );
 // ...

This part of the code first checks if the MajorVersion value is less than three and, if so, reads the MinorVersion value using the same approach as before. A key observation here is that readValue is not reinitialized between the calls. This gives us some extra control: by leaving MajorVersion as a REG_DWORD, as originally intended by the code, we can have the first RtlQueryRegistryValues call load a value into readValue. Then, when the second call to RtlQueryRegistryValues is made, to read MinorVersion, we control the first four bytes of data pointed to by EntryContext. If MinorVersion is a REG_SZ value, a type confusion occurs where RtlQueryRegistryValues expects EntryContext to point to a UNICODE_STRING, causing the contents of the MajorVersion integer to be reinterpreted as the Length and MaximumLength fields. The only restriction is that we need the major version check to pass (i.e., version.Major must be less than 3) in order for the second registry query to take place. However, this turns out to be easy: if we set the MajorVersion value to 0xF000F002, the code will interpret this as -268374014 because readValue is a signed 32-bit integer. The Length and MaximumLength fields, however, are unsigned 16-bit integers, causing the 0xF000F002 value to get interpreted as the following when type confused as a UNICODE_STRING:

USHORT Length = F000;
 USHORT MaximumLength = F002;
 PWSTR Buffer = ????????`????????;

The Buffer field ends up pointing at whatever’s next in the stack. If we combine this current approach with the REG_QWORD trick from before, we can also overwrite four bytes of the Buffer pointer during the MajorVersion read. This means we partially control the address being written to, we fully control the length of what is written, and we can write any UTF-16 string there. This gets us a semi-controlled write-what-where primitive in the kernel. Nice!

But can we do even better?

A fully controlled stack overwrite with REG_BINARY

Let’s take a look at what happens if we try a REG_BINARY value instead. Here’s what the documentation has to say about such values in direct mode:

Nonstring data with size, in bytes, greater than sizeof(ULONG): The buffer pointed to by EntryContext must begin with a signed LONG value. The magnitude of the value must specify the size, in bytes, of the buffer. If the sign of the value is negative, RtlQueryRegistryValues will only store the data of the key value. Otherwise, it will use the first ULONG in the buffer to record the value length, in bytes, the second ULONG to record the value type, and the rest of the buffer to store the value data.

This one is a bit more complicated, with two possible cases for the format of the buffer. In both cases, the buffer pointed to by EntryContext is expected to be prefilled with a signed LONG value that tells RtlQueryRegistryValues how large the buffer is. A LONG is just a 32-bit integer, so a signed LONG is functionally equivalent to int for this case. The interesting part is that this length value can either be positive or negative. If the value is negative, the API will copy the REG_BINARY data directly into the buffer pointed to by EntryContext. If the value is positive, it will first write the length of the REG_BINARY data into the first ULONG of the buffer, then it will write the REG_BINARY type value into the second ULONG of the buffer, and finally it will copy the REG_BINARY data into the remainder of the buffer.

You may have figured out the exploit already here. The MinorVersion registry value is only read when the MajorVersion is less than 3. If we set MajorVersion to some negative number, this check will pass. This negative number ends up left in readValue for the second RtlQueryRegistryValues call. If the MinorVersion value is a REG_BINARY, RtlQueryRegistryValues treats the first ULONG in the “buffer” as being the signed length field. Since our “buffer” is just whatever was in readValue from the previous call, this causes RtlQueryRegistryValues to copy the contents of the registry value into the “buffer,” which is really just stack memory starting at readBytes. Since we control the magnitude of the negative number, we therefore control the purported length of the buffer, allowing us to control the length of the overwrite. And, since the contents of the REG_BINARY value can be anything we like, it means we control what is overwritten.

For example, if we create a REG_DWORD value called MajorVersion with a value of 0xFFFFFFF4, then create a REG_BINARY value called MinorVersion with a value of 00 00 00 00 DE AD BE EF DE AD BE EF, this causes the first RtlQueryRegistryValues call to fill readValue with -12, which the second RtlQueryRegistryValues call interprets as a 12-byte buffer where only the binary should be copied. This results in RtlQueryRegistryValues copying 00 00 00 00 into readValue, then writing DE AD BE EF DE AD BE EF onto the stack afterwards. Assuming that the handlerCallback function pointer is stored after the readValue variable on the stack, we can now overwrite it with whatever we like. If this callback is invoked anywhere in the future, we gain control over the instruction pointer, leading to a kernel LPE.

But can we do even better still? If you think you can, get in touch! We’d love to hear your tips and tricks.

Your turn

These challenges only scratch the surface of what the C/C++ Testing Handbook chapter covers—from seccomp sandbox escapes to Windows path traversal via WorstFit Unicode bugs. Read the chapter and follow the checklist against a codebase you know well. Pair it with a run of the c-review skill, if you’re inclined. If you find a pattern we haven’t documented yet, open a PR. We’d especially love to hear from anyone who found a cleaner exploitation path for the driver challenge than the ones we showed here. And, as always, if you need help securing your C/C++ systems, contact us.

Outrage is letting someone else set the frame - Westenberg

2026-05-05T06:20:33.000Z

William Randolph Hearst bought the New York Morning Journal in 1895 - and immediately started running stories designed to make his readers furious before they’d finished their breakfast. The pages manufactured a mood, and that mood sold papers.

Three years later, when his correspondent Frederic Remington cabled from Cuba that there was no war to cover, Hearst replied with the line that became his epitaph: “You furnish the pictures, and I’ll furnish the war.”

That was the original sin, and the original business model. Find a target, deliver the outrage daily, harvest the engagement and sell the audience to advertisers.

The economics haven’t changed since 1895.

Walter Lippmann, writing in Public Opinion in 1922, described how a small class of editors and publicists had taken on the job of “manufacturing consent” by deciding which stories would be put in front of the public and to which framings they would be attached. He thought this was, on balance, fine. Most readers, he said, would never have the time or competence to form views from primary sources. Someone had to do the framing.

Someone.

A century on, the framing is automated // the framers are algorithms tuned to a single metric: how long can we keep you scrolling?

Jonah Berger and Katherine Milkman, studying viral content for the Journal of Marketing Research in 2012, found that the emotion most reliably correlated with sharing was high-arousal anger. Neither sadness, contentment or even joy came close; anger was the engine. Every platform, and ever performer that lives on advertising eventually discovers this and bends its product around the discovery.

There is nothing neutral about the feed.

It’s a slot machine built to dispense outrage on whatever schedule keeps you returning. The story in front of you was picked because an algorithm, somewhere, ran the numbers and concluded it would make you feel something corrosive enough to produce a reaction.

Whose ledger does that reaction land on? Theirs. Your time on the platform is sold to advertisers in increments, your annotated rage in the comments trains the recommendation model, your re-share recruits one more person into the same loop, and your dwell time on each story sharpens the algorithm’s prediction of what will hold you next. The feeling moves through you and leaves a residue on the corporate balance sheet. You absorb the cost, and they book the revenue.

Chris Voss, the FBI’s lead international kidnapping negotiator, wrote Never Split the Difference in 2016, on the principle that whoever feels more in a negotiation loses. Across the table from a hostage taker, Voss wouldn't match the emotional temperature of the room; he'd lower it, keeping possession of his own pulse while everyone else lost theirs.

This is a useful posture to steal: you refuse to feel what you’re being told to feel by people whose business model depends on the feeling, and the refusal is procedural. The feeling might turn out to be correct, or it might not; that’s a separate question, evaluated later. Before the feeling arrives in full, you ask: who’s pushing this into my field of view, what do they collect if I take the bait, what’s the response they want from me, and does that response actually serve me?

Call it sequencing.

Feel first and think second, the slot machine wins.
Think first and feel second (or not at all, depending), and the game stops paying out.

Rage is metabolically expensive; borrowed rage even more so. You spend cognitive bandwidth on a quarrel imported from a stranger’s algorithm, then arrive at your own work depleted, with less attention left for the people and projects you’d actually choose. The outrage cycle runs on fuel siphoned from your real life. Mary Oliver asked what you plan to do with your one wild and precious life; for a lot of us the answer, when we’re being honest, is: argue with people we’ve never met about events we can’t influence on a platform whose advertisers are paying for our distress.

But you can, of course, decline.

Tristan Harris, founding the Center for Humane Technology in 2018, framed it as recognising the asymmetry: a thousand engineers on one side of the screen, optimising for your attention; one tired person on the other side, trying to hold their ground.

Stop offering the response the system was built to extract, and watch what shows up in the space the rage used to occupy: the work you’ve been avoiding, the conversation you owe someone you actually care about, the book on your nightstand, the neighbour you’ve been meaning to call back.

The un-cinematic projects that don’t trend and don’t reward you with a hit of validation when you rage-post about them.

AKA: your actual life, previously crowded and smothered by the outrage.

Westenberg is designed, built and funded by Studio Self.
Reach out and work with us.

Learn more

Night shift - James' Coffee Blog

2026-05-05T00:00:00.000Z

Writing my post on how I use my phone in grayscale yesterday got me thinking about other customisations I make to the computing devices I use. The first one that came to mind is that I keep my laptop, and by extension my external display when I am using it, in night shift mode at all times. According to Apple, night shift mode “adjusts the colours of your display to the warmer end of the spectrum – making the display easier on your eyes.”

I have had night shift mode enabled on my laptop for at least a year or two, and used night shift technology on previous computers in years prior. When night shift is enabled, my display feels less visually intense. I disabled the setting before writing this post and realised, as I feel with greyscale, that I had to toggle the mode back – the cool colours were too jarring now that I am used to night shift.

Night shift technology means that I see colours on computers differently. I even keep the setting on when I am designing websites and working with colours. My philosophy is that if text is readable in night shift mode, and has been designed with proper colour contrast in mind, it should look good when night shift mode is disabled. In contrast, if text is less readable in night shift mode, I may need to review my design.

Technically, night shift mode cannot be turned permanently on with an Apple Mac. Instead, I have a custom schedule set that enables night shift from 22:00 to 21:59, which means all day except for the minute between. I have the option selected to “Turn on until tomorrow” and have the colour temperature setting almost at the end of the spectrum to the “More warm” setting. Here is what the options I have set look like on my computer:

ALT

The Apple Night Shift window. This image is described in the previous paragraph.

As with grayscale, night shift is part of how I experience my computer. I don’t think about night shift unless I am discussing it with someone.

In addition to using Apple’s night shift feature, I also have Flux installed, an application that shifts the colour on your computer. I am not exactly sure how Flux interacts with the system-level settings, but I do know that my display gets warmer at night. I like the way I have things set up.

More broadly, I love that I can customise my computers in this way. Night shift makes it easier for me to work with my computer. This is especially important given the large amount of time I spend using computers. I don’t necessarily recommend having night shift mode on at all times, but I like it.

how I use my phone in grayscale Flux According to Apple, night shift mode

Ribbon - a linkding client - Posts feed

2026-05-04T22:08:00.000Z

I built a native iOS client for linkding and launched it, as I usually do, with a sarcastic-ish Mastodon post. I'd been using my instance as a PWA (inasmuch as PWAs are supported on iOS) and found it to be ok but not terribly satisfying. I appreciated the existing clients, but didn't love them. I'd tried them all, but ended up generally using a Safari extension and the web app in Safari.

Bouncy castle, a Lego build and Children's Day - W18 - Joel's Log Files

2026-05-04T15:54:26.000Z

Obligatory May The 4th Be With You, by the way. Another week is over, I am still wearing my pajamas and enjoying a day off, which makes this Monday one of the best Mondays of the year thus far. Zero complaints!

Here’s a question, when was the last time you actually just played like a kid? something like tag, or with toys and such? I did some fun stuff this week that made me feel twelve again, it was awesome. It was Children’s Day in Mexico on April 30th, so I guess it makes sense.

🧱 Had some time to assemble a Lego set! The Time Machine from Back to the Future!, I documented my progress on my polymaths profile, in case you want to see more pics.
🥳 A friend of mine had a birthday party, and the highlight of the event was a bouncy castle! Most of the time people our age aren’t allowed to get into those, but this was exclusively for grown-up kids like me. We played for actual hours and all of my joints ended up kinda bruised and burned the next day. But it was absolutely worth it. I am really happy to have had that experience again. We played tag and similar games and ended up very tired, so fun!
🐻 A while ago Syl made a pixel bear for me! This was such a fun and unexpected gift to receive, but I hadn’t showed it off anywhere on my site yet. You can now find it on my footer section! Thank you again Syl, it’s a lovely gift. I also took it upon myself to make a few more pixel bears for other friends of mine, this is still work in progress though.
🛍️ My parents returned from their short trip and brought back some epic stuff for me, I got two shirts from Avatar (my sister who they visited, picked them for me) and I am enamoured by the Appa one.
🏕️ My church rented a quinta (a sort of ranch/country house where parties, weddings, quinceañeras and similar small events are held, often away from the city) for a day, to baptize a few new members of the congregation and celebrate Children’s Day at the same time! After the ceremonies, most families stayed to have lunch and enjoy the day, away from everything and enjoying the pool.
🚲 For some reason… I have been interested on maybe acquiring a new bike and actually pedalling to places. I should find a used bycicle somewhere and get to it, I wonder if my shape is good enough for that, to be honest, but I want to try.
🃏 I didn’t get in the pool myself, but I brought a bunch of card games, from Exploding Kittens, to Coup, to a pretty try-hard session of Skull and a pretty competitive run of Oh Hell! we also played your typical Spoons and Cheat. Seriously fun stuff when we got 6 or 7 players in many of these.
🏀 During a break from card games I went to a small basketball court in the quinta, playing turns throwing the ball into the basket. I somehow did like 6 shots in a row that fell right in the center of the net. I was very surprised with myself to be honest.

A collage of the events happening this week. An assembled DeLorean, UFO 50 on my Nintendo Switch, a panel of a romance manga, a photo inside the bouncy castle, a frame from the 100 Meters movie, the Avatar t-shirts designs, my PSP with MGS Peace Walker, and a table with cards on top of it.

Watching

Just yesterday I watched 100 Meters, an anime movie, from the same author of Orb: On the Movement of the Earth—my favorite anime series watched this year so far—and it quickly showed me more of that spark that I got from Orb’s writing. This movie portrays the life of a child prodigy who loves to run, and helps another kid how to do it, with a quote that would kickstart a rivalry for years to come: “Running the 100 meters faster than anyone else can solve almost anything.”

Is that just a naive child with a lot to learn, or is it worth considering as a core value? There are many points this movie brings up as the film questions, celebrates and critiques the sport, as we wonder how we find the joy in giving all our body has to offer for something as seemingly simple as a 10 seconds sprint.

The animation work here is incredible, switching styles a few times, from traditional animation, to some incredibly detailed rotoscoping, to an absolutely breath-taking continuous take, in ones of a race under heavy rain. This film is great, I implore you to watch it. There are a lot of life lessons to be learned and reflected upon with this movie. It’s raw and visceral, a work of art.

Gaming

I am happy to say that I have completed Metal Gear Solid: Peace Walker, which you probably already know since I mentioned it on my Monthly Summary a couple days ago. What a fantastic title that was, review coming soon though. Spoiler: go and play it.

I decided to team up with Wouter and play UFO 50 at last. It’s a collection of 50 titles and has a sort of meta/alternate history background: these games were developed by a game company from the 80s, for their own console and all. Because of this, we agreed to treat these games as “rented” from Blockbuster or something, which is how I would have experienced these games in real life, playing one for a week straight and then moving to the next, finished or not. I am currently playing Barbuta, and having an interesting time. It’s pretty complicated and archaic, but it does have some charm to it, and getting familiar with the map and mechanics has been kinda satisfying. I may write mini-reviews for these.

I am still playing Tomodachi Life: Living the Dream as well, and checking up with my Miis every day, there have been some fun shenanigans and things going on here, my Mii got married with Lucca, there are a couple of love triangles going on, and other drama that I find very funny and hilarious. My island is level 34 now. I should spend some time creating an island with an actual design though, I’ve been kinda lazy about it.

Reading

Smoking Behind the Supermarket with You - Up to chapter 60. I am fully caught up with this romance manga, it is a monthly release so now I have to find something else to read from start to finish I guess. I will patiently wait for how this story progresses. It’s really good stuff.
Heavenly Delusion - Up to chapter 43. I returned to this sci-fi mystery manga at last, I didn’t really read any new chapters, as I backtracked a few chapters to get familiar with where the story was going. It’s a very unique story with a confusing thread of events that have been slowly threading together. I really, really enjoy it so far.
Spy x Family - Up to chapter 133. A super fun arc just ended! and Anya got some really fun slice of life moments on this one. Enjoyable comedy as always.
Sakamoto Days - Up to chapter 229. Gotta admit I kinda lost the thread and need to read some more to get hooked again.

Around the Web

Blogposts

My Budget Emulation PC, I’ve been wanting to do this too, but already got enough gaming devices.
A Short Review Of Physical Nintendo Switch Publishers. This is just a fun time, I am inclined to agree with the ratings given here.
Why are the Artemis II photos on Flickr?. A genuinely interesting look at how Flickr has evolved over the years. I am actually interested on revisiting that website. I actually made an account there when I was like 13 I think and shared some origami pictures on it.
Putting my XTEink inside my Lochby Mini Field Journal makes it easy to take notes in my commonplace book. No more text is needed.
How I was cured of my Garfield attachment. One of those totally random things I read and can’t stop. It’s a fun anecdote though.

YouYube

Deconstructing the Deadly Lighting of Resident Evil - The production value of this video is off the charts, and the channel is surprisingly small. If you care about how videogames work I recommend keeping an eye on it.
Why Every Generation Uses This One Slang Word | Otherwords - A very cool video. Watch it.
Why aren’t actors ugly anymore? - I keep noticing how perfect everyone looks on all the posters for Netflix produced movies (and most modern movies in general) and yeah, crazy stuff.
How We Keep Making Offices Worse - This was kind of eye-opening. Very sad to see how things are. I am in one of those open office spaces and yeah, it’s meh.

This is day 61 of #100DaysToOffload

Reply to this post via email | Reply on Fediverse

[RSS Club] Where are you from? - Terence Eden’s Blog

2026-05-04T11:34:40.000Z

Psssst! This top secret post is only available to RSS subscribers!

A little while ago I added some locally hosted, privacy first stats to my blog. Using an offline GeoIP service I can get a very rough idea of where visitors are from.

It doesn't deal with people using a VPN, or their mobile roaming to a different country, or rapid changes in IP allocation - but it's good enough for my purposes.

Here's a quick table showing the vague distribution of RSS Club members.

Country	Flag	Total Views	Percentage
US	🇺🇸	6,242	24.1%
GB	🇬🇧	5,764	22.2%
DE	🇩🇪	1,947	7.5%
NL	🇳🇱	1,669	6.4%
CN	🇨🇳	1,027	4.0%
HK	🇭🇰	909	3.5%
AU	🇦🇺	770	3.0%
CA	🇨🇦	691	2.7%
FR	🇫🇷	605	2.3%
SE	🇸🇪	589	2.3%
JP	🇯🇵	442	1.7%
FI	🇫🇮	405	1.6%
CH	🇨🇭	395	1.5%
BR	🇧🇷	392	1.5%
ES	🇪🇸	345	1.3%
IT	🇮🇹	324	1.3%
PT	🇵🇹	285	1.1%
PL	🇵🇱	272	1.0%
BE	🇧🇪	249	1.0%
IN	🇮🇳	198	0.8%
CZ	🇨🇿	153	0.6%
TR	🇹🇷	134	0.5%
IE	🇮🇪	126	0.5%
BG	🇧🇬	121	0.5%
TW	🇹🇼	114	0.4%
SG	🇸🇬	110	0.4%
NZ	🇳🇿	99	0.4%
ZA	🇿🇦	97	0.4%
NO	🇳🇴	95	0.4%
AT	🇦🇹	91	0.4%
RU	🇷🇺	86	0.3%
DK	🇩🇰	84	0.3%
HU	🇭🇺	76	0.3%
GR	🇬🇷	64	0.2%
UA	🇺🇦	56	0.2%
IS	🇮🇸	49	0.2%
AE	🇦🇪	49	0.2%
GE	🇬🇪	44	0.2%
PR	🇵🇷	44	0.2%
LU	🇱🇺	42	0.2%
IL	🇮🇱	42	0.2%
PH	🇵🇭	41	0.2%
EE	🇪🇪	36	0.1%
AR	🇦🇷	36	0.1%
ID	🇮🇩	34	0.1%
MY	🇲🇾	31	0.1%
SI	🇸🇮	30	0.1%
BZ	🇧🇿	29	0.1%
TH	🇹🇭	29	0.1%
RO	🇷🇴	25	0.1%
VN	🇻🇳	24	0.1%
LT	🇱🇹	24	0.1%
MQ	🇲🇶	20	0.1%
KR	🇰🇷	20	0.1%
UN	🇺🇳	18	0.1%
RS	🇷🇸	17	0.1%
TN	🇹🇳	15	0.1%
CL	🇨🇱	14	0.1%
SK	🇸🇰	14	0.1%
MX	🇲🇽	14	0.1%
CO	🇨🇴	11	0.0%
BD	🇧🇩	10	0.0%
EC	🇪🇨	10	0.0%
EG	🇪🇬	10	0.0%

There are a few more rows but, in the spirit of privacy, I've not included some of the more unique countries. Not all of those are unique views - these are aggregate statistics. If your RSS reader is hosted in a different country - or on a large platform - it may only show up inaccurately.

If you don't see your country in this list, please drop me a comment via your favourite method.

Quotes from Tufte’s course - James' Coffee Blog

2026-05-04T00:00:00.000Z

I took Edward Tufte’s online course on analysing and presenting data. It lasted four hours and was a mixture of reading from his books and listening to lecture material. The course was terrific and I learned so much. As I was taking the course, I took down a few quotes that stood out to me. I feel some of these points have applications that stretch further than data presentation.

Here is what I noted down. All quotes from Tufte.

“It is not about how much information there is, but rather how effectively it is arranged.”
“The information is the interface.”
“They have come to your presentation for the content.” (Italics represent aural emphasis.)
“How do I/you/they really know that?”
“How could I/you/they possibly ever know that?”
“There are a million possible sequences, so let them [people] decide how to read it on their own.”

I will be thinking about these for a while.

The last quote in particular was interesting to me. Early on in the course, Tufte walked through the visual layout of a U.S. National Weather Service website. Seen with his guidance, the information density and layout had new meaning – it was like I saw the page myself once and then saw it again with Tufte’s analysis. He noted how there was a lot of information on the page and people could go to whatever they needed or may find interesting, whether it be the temperature and summary forecast for the day or the more complex, data-rich weather maps.

The point I took away is that people will navigate how they want: an interface can put the information on the page and help people find for what they are looking but, ultimately, readers will read in their own way. With the web, people can scroll up and down to navigate information; people can become familiar with a website and skip to the part they want. ¹

Tufte later went on to talk about how people read documents, which I think is the context in which I noted down the quote.

People skim, study, scrutinise, read, and re-read documents in their own way. When reading fiction, I sometimes read complex or important sentences twice to make sure I understand them. Whereas in another context, such as reading the news, I might skim more and focus on specific parts of the article – the first few paragraphs, the first sentences in the next few.

I don’t know exactly what analysis I have on this other than it makes sense, and that I never know what information someone might read or not read on a page. It is always interesting to learn about how people navigate information.

One metaphor for skipping to a part of a web page is reading a book. I know to skip the first few pages that have meta information about a book. My cue of where to start reading is usually either the opening acknowledgement or the table of contents. I skim the first few pages so I can get to the main content in a book. So too do I scroll past different elements on web pages to find for what I am looking.

[↩]

1 [↩] online course on analysing and presenting data

Vikings and Mead - Cool As Heck

2026-05-03T19:45:28.000Z

I've been thinking a lot about Vikings and mead lately, probably because I've recently started two batches fermenting in the basement: a spiced pomegranate and a pineapple coconut. It's funny how much mythology surrounds this drink versus what actually happened.

So here's the thing: Vikings didn't invent mead. Not even close. Archaeologists have found evidence of mead production in China from like 7000 BCE. That's roughly 8,000 years before the first Viking longship set sail. The stuff basically showed up independently all over the place: Africa, Greece, India. Turns out ancient humans everywhere figured out that honey + water + time = alcoholic goodness.

The Vikings were more like really enthusiastic fans who committed to the bit.

If you were an average Viking just living your life, you probably weren't sipping mead daily. Honey was scarce in cold Scandinavia. Making mead took time and resources. It was the special occasion drink; feasts, weddings, religious ceremonies, sealing important deals.

For everyday drinking? Most Vikings had ale or beer. It was cheaper, easier to make, and safer than water since the fermentation process killed off bacteria. Kids even drank weak versions of it. I've heard that even today in Germany you can get your kid a weak ale with dinner.

Kind of makes you appreciate having access to whatever fruit you can find for experiments. Right now I'm curious how the pineapple coconut will turn out. I didn't really plan it out all that much, I'm mostly winging it, but I've learned enough over the last year or so to feel pretty comfortable with that.

Okay, this part is my favorite. The Vikings didn't just drink mead, they literally believed it was magical.

There's this story about the Mead of Poetry. After a war between two groups of gods, they made peace by spitting into a bowl (yes, really). From that spit came Kvasir, the wisest being alive. Some dwarves killed him, mixed his blood with honey, and boom, magical mead that gave anyone who drank it the gift of poetry and wisdom.

Odin, being Odin, tricked his way into a mountain, seduced a giantess guarding the mead, drank ALL of it, and flew back to the gods as an eagle while spitting some out mid-flight. The stuff he spilled? That's why bad poets exist.

Also, in Valhalla there's a magical goat named Heiðrún standing on the roof eating tree leaves, and mead flows from her udders into a massive vat for fallen warriors. Norse mythology is something else.

Here's a fun fact that doesn't make it into the movies: brewing was women's work. The mistress of the household was in charge of making ale and mead. It was a respected skill, often passed down through generations.

Some families had "magic sticks". These were wooden stirring sticks that harbored yeast from previous batches. They'd use the same stick to start fermentation, basically an early form of yeast cultivation. I'm over here pitching EC-1118 and D47 from a packet, but they were maintaining yeast colonies on birch sticks for generations. That's dedication.

At big feasts, the lady of the house would serve the first drink to her husband, then work her way through guests by rank. She basically controlled the whole vibe of the party.

Did they actually drink from horns? Sometimes. Archaeologists have found plenty of drinking horns in Scandinavia, often decorated with silver or gold. But you can't set a horn down mid-drink without spilling, so they were more for ceremonial toasts.

For casual sipping throughout a meal? Wooden cups, bowls, imported glass for the wealthy. The famous Jelling Cup found in Denmark belonged to King Harald Bluetooth himself.

Mead's having a moment. Hundreds of new meaderies have opened in the last couple decades, and a lot of them lean hard into the Viking aesthetic. But I think what's cool is that the Vikings treated mead as more than just a beverage. It was about community, connection, marking important moments.

Maybe that's why it still resonates with hobbyists these days. In a world of mass-produced beer and cocktail trends, there's something deeply human about simply fermenting honey and water, waiting patiently, and sharing it with people you care about. It's a fun science experiment that also happens to be delicious and you can share it with your friends and family.

Anyway, that's where my head's been at since starting the spiced pomegranate and pineapple coconut batches. I even got some yeast similar to what the Vikings used for their ale and mead. I haven't decided what batch to use it with yet, but I'll try to keep posting updates on my batches here. TTFN. 🍺 🍯

The way to save news is not to create monopolistic monocultures - Werd I/O

2026-05-03T15:00:29.000Z

Link: Some Rationalization May Finally Be Coming for Newsroom Intermediaries, by Richard J. Tofel in Second Rough Draft

In his latest post, Dick Tofel talks about a need for consolidation in organizations that support newsrooms (and, in fact, in newsrooms themselves).

“Devoting limited resources to competing services where one offering is superior not only leads those using the inferior service to poorer results, it also subsidizes entirely unnecessary administrative costs at the inferior service. And in circumstances where competing services are roughly equivalent, mere duplication can also be inefficient—and, as noted above, may place an administrative burden on already over-stressed client newsrooms. Time is one of the scarcest resources of all.”

I’m worried.

This isn’t a criticism of Dick Tofel: he calls out the benefits of competition and the difficulty of determining winners in a market. But I do think there are two more things to consider.

The first is that I don’t believe any intermediary service designed for newsrooms is optimal. That’s not a criticism of them, either: every service has room to grow. Any time you remove competition from a market and hand it to a single privately-owned player (nationalized services are another thing entirely), the offerings stagnate because the driver to improve has gone away. Just ask anyone who remembers the web’s Internet Explorer wilderness years before Firefox disrupted them and forced widespread standardization.

The second, and probably most important, is that funders are a narrow group of people with a narrow set of perspectives. Unless they’ve done the work to be representative and inclusive in their work and culture, they may miss how one service serves a community better than another and erroneously mark them as duplicative. Or to put it another way, if there is any consolidation in any American market, I don’t trust that organizations run by women and people of color won’t be the ones to lose out.

This isn’t anyone’s intention, but reducing competition at any level — funders, intermediaries, newsrooms, distributors — has the potential to create monopolies that become gatekeepers for vulnerable communities who need more support, not less. I don’t think that’s what the moment we’re living through needs. We need more ideas, more approaches, more funding, more communities served, and more diversity. The people who want to shut down an effective, independent press want to create a monoculture. The way to combat that is not to create another one.

Vertically Aligning Roman Numerals in Code - Terence Eden’s Blog

2026-05-03T11:34:59.000Z

I have a PHP function which uses Roman Numerals. It looks like this:

$romanNumerals = [
    "Ⅿ"  => 1000,
    "ⅭⅯ" => 900,
    "Ⅾ"  => 500,
    "ⅭⅮ" => 400,
    "Ⅽ"  => 100,
    "ⅩC" =>  90,
    "Ⅼ"  =>  50,
    "ⅩⅬ" => 40,
    "Ⅹ"  => 10,
    "Ⅸ"  => 9,
    "Ⅷ" => 8,
    "Ⅶ"  => 7,
    "Ⅵ"  => 6,
    "Ⅴ"   => 5,
    "Ⅳ"  => 4,
    "Ⅲ"  => 3,
    "Ⅱ"  => 2,
    "Ⅰ"   => 1
];

The problem is, the operators don't line up and the whole thing looks messy. Why? Because the Unicode Roman Numerals are not monospaced! ⅭⅯ is a different width to ⅩC and Ⅷ is only a single character! Copy the above to a text editor and see if you can get neat columns. I bet you can't!

I'm obsessed with vertically aligning my code. So how to solve this ugly problem?

The answer was simple. Assign keys to the values and then flip the array!

$romanNumerals = array_flip([
    1000 => "Ⅿ",
     900 => "ⅭⅯ",
     500 => "Ⅾ",
     400 => "ⅭⅮ",
     100 => "Ⅽ",
      90 => "ⅩC",
      50 => "Ⅼ",
      40 => "ⅩⅬ",
      10 => "Ⅹ",
       9 => "Ⅸ",
       8 => "Ⅷ",
       7 => "Ⅶ",
       6 => "Ⅵ",
       5 => "Ⅴ",
       4 => "Ⅳ",
       3 => "Ⅲ",
       2 => "Ⅱ",
       1 => "Ⅰ"
]);

There! Doesn't that look much neater!

As was written long ago:

A computer language is not just a way of getting a computer to perform operations but rather … it is a novel formal medium for expressing ideas about methodology. Thus, programs must be written for people to read, and only incidentally for machines to execute.

Open source maintainers need to go in with open eyes - Werd I/O

2026-05-02T14:55:00.000Z

Link: Report on Burnout in Open Source Software, by Miranda Heath

This bleak report on burnout in open source software communities from last year has been doing the rounds. I think it’s clearly indicative of where open source is at (and its trajectory), but the solutions aren’t immediately clear — we know this because similar concerns have been anecdotally highlighted by various people for well over a decade. However, this is the first formal research report I can remember reading.

It’s pretty stark: 60% of open source maintainers work unpaid, 60% have quit or considered quitting, and 44% cite burnout specifically.

From the author:

“In my report, I draw upon a combination of academic literature and OSS community discussion to identify 6 factors that contribute OSS developer burnout: difficulty getting paid, workload and time commitment, maintenance work as unrewarding, toxic community behaviour, hyper-responsibility and pressure to prove oneself. I then make 4 broad recommendations for how to address it: pay OSS engineers, foster a culture of recognition and respect, grow the community and advocate for maintainers.“

The thing is: who is going to pay OSS engineers? Every attempt to get downstream users to pay out of the goodness of their hearts has failed at scale. There are certainly corporate sponsors of OSS maintainers already, when there’s a clear link between an open source project and a company’s bottom line. That could certainly be a broader standard, but there are also a ton of open source projects that tie less obviously into bottom lines, or are useful for communities outside large corporations.

Beyond the lack of direct compensation, it’s also a pretty thankless job. Downstream users will often make demands of maintainers that don’t take their contexts into account; people who are unpaid and overworked find themselves treated as if their users had paid them large sums of money. Open source users communities can sometimes also be wildly detached from reality; I’ve had people tell me that the solution is to move beyond a money-driven society or to have a revolution to overthrow capitalism. I mean, sure, whatever, but is that going to happen tomorrow? In the meantime there’s rent to be paid and food to buy.

The answer may be that, actually, open source doesn’t work very well except (1) in mutualistic co-operative communities (2) as a strategic move by corporations who want to change the markets that affect them in some way (3) as a self-promotional way to gain more widespread recognition for your abilities. If that’s the case, maintainers should go into it with open eyes: if they’re successful, their work will be used by people who make a bunch of money without compensating them in any way.

If new maintainers understand that they’re voluntarily signing up for extraction, I think it’s uncomplicated. If they think they’re going to “win” open source and make a living by giving their work away for free, they may be sorely disappointed.

Seasons - James' Coffee Blog

2026-05-02T00:00:00.000Z

My first thought was the field of pink petals. Day by day, petals fall from the tree as green leaves grow from the blossom. I wonder for how long the petals will keep falling. There seem to be a million dots of pink in spring, from which there is a new perspective to see every day. Yesterday I saw a reflection. Today I saw growth.

I hear birds walking among the bushes; grey tits flutter their wings as they move from branch to branch. I paused to look at one bird and then I saw several. With every moment that passed I noticed something new – the stoic position of a bird perched atop a branch, more birds around the one that caught my attention. The novel is on the periphery of the known. The birdsong makes me smile – the sound of the new season.

Oddly, I started thinking of the prolonged period of cloudiness at the tail end of winter. I think winter came to mind because I have distance from it – today, I am with the weather to which I looked forward. I am not alone in being with winter in spring: the occasional brown leaf rests amid the growth of verdant bushes. I carry all the seasons with me. I have weathered weeks without sun, and now I walk among the blossom.

I continue on my walk, delighted by the warmth. The scent of grass permeates through the air. If spring had a scent let grass be it! If spring had a feeling, let it be the gentle breeze! But how could spring have but one of these phenomena? For spring is so abundant that there could not be one scent or feeling that encapsulates the season; the world is always bigger.

I look up to the sky and see incomprehensible distance, and wonder about all of the perspectives there are as yet undiscovered. The sky I see from the country path is infinite. How do you describe infinity? I feel a zest for life in every new question I ask. Does Nature end in space? How powerful the wondering.

Toward the end of my walk, I once again admire the pink petals which continue to fall as the sun dazzles through swaying branches. I pause so that I might make more of an impression in my mind of the blossom – that the beautiful, graceful image of falling blossom might make a memory that carries forward through the seasons. I love spring.

Making an original Jubilee line door button into a Hue light switch - localghost

2026-05-02T00:00:00.000Z

There are many things that make me extremely uncool, but one of my particularly nerdy interests is the London Underground. The evolution of its iconic map, showing long-forgotten stations; old wooden-floor train stock I remember from my childhood; the Hidden London tours of old stations, closed-off platforms and soot-covered stairwells with beautiful original tiling.

"Station closed" poster at Aldwych

Disused Jubilee line platform at Charing Cross, now used for filming

I wouldn’t say I’m a Train Person per se - it’s the history I love, standing where people would have walked a hundred or more years ago. I think it satisfies the same part of my brain that loves secret passages in video games - something hidden and secret - and exploring long-abandoned buildings to learn about what came before in the Horizon games.

The London Transport Museum (worth a visit, EXCELLENT shop) occasionally sells old bits of train and station paraphernalia on its website, including a load of original Jubilee line door button plates a few years back. Imagine my delight when I stumbled upon a Reddit post by a user called mw83 who turned a Jubilee line door button into a Philips Hue light switch, and wrote an Instructables tutorial to boot! As it so happened, I was in need of both a Hue light switch for my office and a capital-P Project for my sabbatical, so this seemed like the perfect solution.

(Here I’ll politely gloss over the fact that said sabbatical was in 2024, and I’ve only just finished.)

I’d missed the door buttons on the Museum shop, but managed to snag a pair off eBay. They were absolutely filthy - covered in decades of underground grime.

You've heard of Left Shark, this is Left Jubilee Line Door Button.

Cleaning up

The first step was to give them the scrubbing of a lifetime. I disassembled the buttons and got to work with a toothbrush. It took ages and it was boring as shit, but I did get the front plate gleaming. Even after cleaning, the orange glow rings were looking a bit worse for wear, with cracks that had quite a lot of dirt embedded.

Look at all that grime!

Peeking at the electronics

Good as new (almost)!

Wiring it up

The next step of the tutorial with the actual electronics was a bit, well, “draw the rest of the owl”. I had no idea what I was doing and it didn't really go into enough detail to hold my hand through it. Ultimately I hadn’t done much in the way of electronics since GCSE Physics 20 years ago - growing up I’d always resented that the boys’ school across the road got electronics classes, while the girls’ school did Textiles (though I do also love sewing, so it wasn’t all bad). So I had to go back to square one a little bit - studying the basics of building circuits to understand how I needed to get this thing wired up. I had an old Arduino in a drawer that I used as a starting point but had no idea how to make it do things. I stuck it into a breadboard and learned how to make button presses register using one of the Arduino tutorials.

Programming the microcontroller

The author used an ESP32 microcontroller, so that's what I used.

The tutorial included a link to the author’s Github repo with the code he used, so I forked it and set it up with my Hue system. You can see my fork on GitHub.

I started by using the Arduino IDE, but by the end of the project I'd graduated to using VSCode with platformio to flash the controller. In the time-honoured tradition of debugging with console.log, I got it to record button presses to the serial output so I could check whether the presses were actually being picked up.

I had to get an API key for the Hue bridge using the instructions on the Hue developer website - you have to log into the bridge via your local network, and make requests to the bridge's API. I plugged the API key it gave me into the config in the code, and also got the IDs of the scenes and lights I wanted to target.

Getting the prototype working with the ESP32

Replacing the LEDs

The original LEDs wired into the panel need a lot of power, and can’t be powered off the same circuit as the microcontroller - I needed a separate 9V battery as well as a transistor to amplify the signal from the Arduino. Again, needed to do a fair bit of learning here. The tutorial named a type of transistor called a MOSFET, so I ordered one of those and stuck it into my breadboard. (Shout out to Kara for letting me bombard her with a million questions.)

The left prong of the MOSFET (the gate) connects to the pin for the button on the ESP32, with a resistor in the middle; the middle prong (drain) goes to the button's negative wire; the rightmost prong (source) goes to ground. The current flows between the drain and the source, and the gate varies the voltage. There's a good explainer on MOSFETs on The Engineering Mindset. There are likely some resistors missing in this picture - this is not what went into the final thing!

Some of the comments on the Instructables page had mentioned replacing the original LEDs with a modern LED strip so you don't have to use a battery, and 3D printing a replacement orange ring which they had helpfully uploaded the model file for. The comments didn’t mention how to set up the LED strip, so I had to figure that bit out.

Interestingly, this is something I found Claude quite useful for: quizzing it about my setup and how I should integrate an LED strip. As someone with no Arduino experience, very little electronics experience but lots of programming knowledge, it was actually great to understand more about what I needed to do. I fed it the code for the button, the existing LED code, and the tutorial I was using. It told me about the FastLED library and recommended a type of LED strip I should be using which did indeed work a treat.

This approach allowed me to ditch the transistor and battery altogether: the LEDs draw much less power so they could be powered off the microcontroller. I got some translucent orange PLA+ and 3D printed the new version of the ring, which has a channel inside to house the LED strip. The solder points on the LED strip were tiny as it was such a narrow strip, so I had to leave quite a bit of slack to avoid putting too much strain on the join and causing the solder to peel off.

The LED strip was too short in this photo - it got bent at the join, and the solder peeled off. It didn't switch on after this photo was taken.

For the board, I used an Adafruit Perma-Proto, which looks like a tiny breadboard that you can actually solder stuff to. (My soldering is fucking dreadful, so you’re not getting any close-ups of that.)

Finally, my husband made a lovely wooden case for it. I also had to glue-gun a piece of wood between the board and the front plate to avoid it shorting.

And now I have a fancy light switch! It can power the lights on and off, long-press to change brightness, and double-press to change scene. All powered by USB, no batteries necessary.

A video showing me pressing the button to turn a Philips Hue Go on ond off. First I press it once to turn on the lights, then I double-press it several times to cycle through different scenes. The light changes colour to pink, then a warm yellow. Then I hold the button to dim the light, and finally press it again to turn it off.

Acknowledgements

A big old thanks to the original author of the tutorial, mw83 aka banjowise, and pneuteboom who uploaded the STL file for the 3D printed orange ring in the comments of that post!

April 2026 Summary - Joel's Log Files

2026-05-01T17:19:59.000Z

April is over, there were many birthdays and celebration parties from friends and family, there were also unexpected losses to mourn. My siblings visited for a while and we went out quite a lot. We returned to the moon and landed safely back on Earth, everyone I know of except Amin got an XTEINK X4, I got some new card games that everyone loved. I started to buy books from the Kobo store, I am yet to play Land of Eem again, and this Monthly Summary is a day late.

Let us move.

🎙️ Podcasts

Into The Aether - Regular weekly episode listening. Make sure to check their bonus episode on Persona 4 Golden, there’s also a bonus on PS Vita and its games on their Patreon, which I’m currently listening through.
Welcome to Night Vale - Same old night-time listening before going to sleep, I am relistening to old episodes though.
Eye of the Duck - A film podcast that I’ve always enjoyed, I listened to their episode on The Matrix.
Stuff You Should Know - Quite a lot of good episdoes this time, about Free Range Parenting, The History of Fire and Roar, the most dangerous movie ever made, pretty cool stuff.
Trash Taste - Listened to episode 296 and that was pretty much it. Lots of talk about anime movies and My Hero Academia for some reason, I can’t believe I’m kind of interested on giving that super long anime a watch…
Clarkesworld Magazine - I am relistening to their audio version of The Indomitable Captain Holli.
Wolf 359 - I listened to episode 46: Boléro, which turned out to be the season finale. I am halfway through a special episode and then will continue to the next season!

🕹 Gaming

Completed

Resident Evil - I already shared plenty of thoughts on this game on its review earlier in the month. This was a joy to play through and even though it shows its age, it’s still perfectly playable today. I particularly enjoyed the puzzle elements of this game compared to its sequel. Even though it was inferior in other aspects, the way it defined the fundamentals of what a survival horror should be like has remained to this day. Tank controls and all, this game was a delight, and is very fun when approached with the right mindset.
Metal Gear Solid Peace Walker - This title for the PSP was a grandiose adventure, I decided to start it on a whim a few days after completing Resident Evil, and I couldn’t stop. It became my immediate choice during my commute to work, always managing to complete a mission or two, or listen to a few of the audio logs while the bus rode on. The characters were awesome, the gameplay was great most of the time, and even if the controls felt limited and something actively annoying to use, this wasn’t the case most of the time. I’ll expand more on this as soon as I write my review for it. I got to the end and realized there’s an extra chapter that can be done to connect the story more with the rest of the series. I’ll probably keep playing it for another bit, but I’ll move on if it gets too grindy. It has been a joy so far, either way.

Started

Tomodachi Life: Living the Dream - This game got me hooked for a whole couple of days, playing it like 15 hours on a Friday and Saturday. Since then it has been a bit more relaxed, only playing it for an hour or less each day to check up on my Miis. I’ve recreated a lot of characters, online friends and people I know in person. It is super fun and chaotic, and sharing what happens to my friends on group chats and such is very fun. I still need to look more into terraforming and creating my own items though.
Vampire Crawlers - I wish I could say more about this game, but since I my purchase of the previously mentioned title, I’ve only really played like half an hour of this so far. I am sure it’s fun, I only need to invest some time into it.

Ongoing

Metroid Fusion - A wonderful game I’ve completed before, which I’m enjoying again on my Miyoo Mini Flip. Feel free to check my review for it.
Terranigma - An Action RPG for the SNES that I’ve been meaning to play once and for all, I’ve abandoned it before due to my own lack of commitment, but I want to give it a proper shot once more. It has been really fun, I love the combat mechanics, the music and the artwork, I’m looking forward to more of its story to develop.
Balatro - Just a few rounds that I played with friends. I also bought it for my phone, but I am still unable to win a run, rest in peace.

📚 Books

Completed

To Be Taught If Fortunate by Becky Chambers - This book was a welcome surprise for me, I enjoyed the pacing the characters and the science concepts that allowed the story to develop. There was a lot of variety in the alien life described, which I really loved. I already wrote a review so you may as well give it a read.

Ongoing

Clarkesworld Magazine #211 - I did finish The Indomitable Captain Holli, which was the longest of the entries in the magazine, a fantastic novella featuring a great concept and a lot of mysteries and things that are unexplained, but slowly unfold as the story continues, I highly recommend giving it a go. It’s available online for free.
Strange Dogs - I feel bad because I still barely read this at all, I should move it to my XTEINK X4 so I actually make progress on it…

💬 Manga

Started

Smoking Behind the Supermarket with You - A manga that I had added to my TBR list for years, but never got around to it until now. This is a manga about Sasaki, a middle-aged guy working for a black corporation who goes to the same supermarket at the end of each shift, to see Yamada, a cashier who he admires, and always cheers him up. Yamada has an alter ego called Tayama, who dresses and acts in a much “cooler” manner, and invites him for a smoke (behind the supermarket!) where she teases and tests him, to see if he doesn’t have bad intentions. A relationship develops from there that feels very human and real, as Tamaya is afraid of confessing shes lying to him, and Sasaki doesn’t want to be a bother for her either. I already caught up to the manga, which has a monthly release, and some incredible revelations have been teased on the following chapter. Looking forward to it all.

Ongoing

Fly Me To The Moon - Up to chapter 289. I’ve been flying through the pages of this rom-com and really having fun with its characters and the diabetes moments in it. It was very much taken over by the manga above though during the last two weeks of April, I woulc be caught up with it otherwise.
Spy x Family - Up to chapter 133, I’ve read the weekly releases and have had a great time. There was some fun dynamics where Loid, Yor and her brother were stuck together in a hostage situation which turned into a very chaotic fun.
Yokohama Kaidashi Kikou - Up to chapter 70. This month I decided to read a couple of chapters of this masterpiece. Alpha has been walking and wandering without a set destination, really, and she managed to find an old and small airport. There she sees a plane upclose, and a couple more surprises. Lovely as always.
Kingdom - Up to chapter 871. I read quite a bit of chapters of this and quicly catched up, but there’s been a few that I missed since I started the other manga. In any case, this keeps being great.
Dandadan - Up to chapter 229. I am a couple chapters behind, but having fun.
Blue Lock - Up to chapter 342. I am behind as well on this, but yea, just the usual.
Sakamoto Days - Up to chapter 229. I am super far behind.

📺 Anime

Orb: On the Movements of the Earth - I completed this masterpiece, and I highly recommend everyone to give it a watch. I already wrote a pretty extensive set of paragraphs about it on my weeknotes, where I basically wrote a short review of it. I may even write more about it in the future.
Jujutsu Kaisen Season 3 - Up to episode 8. I was watching it with a sibling when she came to visit during Easter vacation, unfortunately I’ve not returned to it since then, I don’t know if I’ll get to continuing it, but the battle choreography and animation work seems to be top notch.

📺 TV Shows

Malcom in the Middle: Life’s Still Unfair - My favorite sitcom of all time was next in the list of nostalgic TV shows to have a return to the screen. This one was very enjoyable for me! I think it managed to capture a lot of the original’s magic, it was extremely over the top multiple times and I loved it because of it. There were some things to criticize of course but overall, I recommend it, but you must watch the classic first.

🎥 Movies

The Super Mario Galaxy Movie - The only reason I remember the plot of this movie it’s because of its similarity with the game, and also Fox McCloud shows up on it. Yeah it’s a Mario movie, I can’t expect a cinematic masterpiece out of it. Fun time though.
Project Hail Mary - A science fiction adaptation of the book of the same name, it doesn’t really get a lot of the science to the screen, and a lot of things feel convenient because of it, but I really loved seeing the characters come to life, the visuals and the practical effects. The score was also pretty great! Not the best hard sci-fi ever, but a good flick nonetheless.

✅ Goals

New

Make something to simplifly keeping track of these goals on Jekyll.
Create some pixel bears for a few friends (2/10?)
Complete all the games from the UFO 50 compilation (0/50)

In Progress

A full website redesign (??)
Fully sorting and labelling everything on my shelves for once
Finish a pending commission for a friend
Finish a pending commission for my parents
Complete 15 videogames (4/15)
Complete 15 books (5/15)
Read the whole bible in a year (38/365)
Finish listening to Wolf 359 (45/61)

This is day 60 of #100DaysToOffload

Reply to this post via email | Reply on Fediverse

Thoughts on Leaving GitHub - Kev Quirk

2026-05-01T16:01:00.000Z

I've read a few posts about people leaving GitHub recently, and following my short note to the Fediverse a number of people have piped up saying they're not fans of GitHub, either.

From the reading I've done, these frustrations are usually threefold:

Microsoft ownership
Microsoft training Copilot on open source software
Large amounts of downtime

In all honesty, none of the factors above really bother me that much. I think that's because I don't rely on GitHub for anything significant. I'm not a professional software developer, so my livelihood doesn't depend on it.

As for Copilot being trained on open source software, and them repeatedly ignoring the GPL to do so, it does irk me, but I kind of expect shit like this from Microsoft at this point. I went into using GitHub assuming that any code I upload there can (and probably will) be used for shitty stuff.

But even that isn't enough in isolation to put me off GitHub. The way I see it is that public code is for the public, and if Microsoft want to use my code in that way, while not ideal, doesn't piss me off that much.

So why think about moving at all?

Well, for me it's about reliance on big tech. I'm trying to reduce it where possible, but the social and "centre of mass" aspects of GitHub are giving me pause.

For example, the Simple.css repo has a whopping 5,000 stars! Do I really want to lose that visibility?

Buuuuuuuuuut, I can always redirect any popular repos to another platform, just like I did with 512KB Club when I handed that to Brad.

Plus, let's be honest, it's all just popularity bullshit. It doesn't really mean anything. What's important is that the code is readily available for people to use.

It's like leaving Facebook - when I was thinking about it, I was worried if I'd miss my friends or be out the loop. It's been over a decade at this point and I don't miss it one bit - no regrets whatsoever. I think moving off of GitHub would be the same.

So what am I doing?

I plan to slowly start migrating public repositories over to Codeberg so that all my projects are hosted there. I'll also use it as an opportunity to archive off any old repos that I no longer need.

Codeberg also supports logging in with GitHub and Gitea, so anyone who contributes to my projects on GitHub, should be able to do so easily in Codeberg too.

Then, for my private repos (of which there are many that host personal projects) I've installed Synology's Git server on my Synology, and have been playing with that for a few days. It works extremely well, so all my private repos will live there, safe and sound, away from Microsoft's greasy mitts.

Final thoughts

Ultimately it's personal choice. For me it's about reducing my reliance on big tech, but also making my private repos more private.

I won't be deleting my GitHub account though, as I think it will be important to use as a marker for anyone who wants to find my source code when it moves.

Have you thought about leaving GitHub?

Thanks for reading this post via RSS. RSS is ace, and so are you. ❤️

You can reply to this post by email, or leave a comment.

Claude Opus can now identify an author from their writing - Werd I/O

2026-05-01T13:32:03.000Z

Link: I can never talk to an AI anonymously again, by Kelsey Piper in The Argument

On first read, I found this a little bit sobering:

“But soon, the entire debate over internet anonymity will be as anachronistic as an iPod Touch. That’s because Claude Opus 4.7 is here, and last week, I discovered it could identify me from text I had never published, text from when I was in high school, text from genres I have never publicly written in. And if it can identify me, soon, it will be able to identify many of you.”

Kelsey Piper plugged in 125 words from an unpublished essay and asked Opus 4.7 to identify the author. It listed her as the most likely answer.

I was skeptical, so I did the same: a few paragraphs from an essay, which I plugged into an account that isn’t connected to me. Here’s what Claude said:

“Based on the style, themes, and specific concerns in this snippet, my best guess is Ben Werdmüller.

Several signals point this way: the framing of the open social web as a movement rather than a technical project, the explicit linkage between Mastodon/Bluesky, journalism, and broader liberatory politics, the critique of newsroom demographics ("very white, very coastal, wealthy"), and the historical framing of the early web as an anti-gatekeeping movement. Werdmüller writes frequently about all of these topics together — he works at ProPublica on technology, has a long history in the IndieWeb and federated social space (he co-founded Elgg and Known), and his personal blog regularly weaves these exact threads.

The voice also fits: declarative, slightly polemical, comfortable making sweeping movement-level claims, and willing to name class and racial dynamics directly rather than hedging.”

I’ll take that as a compliment! But it’s impressive that it was able to figure it out without searching.

But those are topics I write about regularly. When I gave it a snippet of my short fiction piece Sharing is Caring, it wasn’t able to find a match:

“The passage has hallmarks of contemporary speculative/dark YA or literary sci-fi short fiction — body-swapping or consciousness-transfer premise, a class-inflected ethical horror (poor family selling a daughter's body to a wealthy disabled girl's family), tight close-third POV, terse interior monologue in italics-style cut-ins ("Sure. No. Not a problem."), and the bleak ironic kicker about an eighteenth birthday. That cluster of moves shows up in writers like Ted Chiang, Ken Liu, Carmen Maria Machado, Alice Sola Kim, Karen Russell, or in anthology pieces from venues like Lightspeed, Tor.com, or various YA dystopia collections — but none of those is a confident match.”

Again, I’ll take the comparisons as a compliment, but there isn’t enough of my fiction out there to make a real suggestion. That’s going to be true of most people’s writing — unless they’re publishing really regularly on the web, and have been for a while, the models might not know about them. Kelsey had a slightly different result: a school progress report was still identified as hers. But clearly, the reliability here is shakier.

In other words, we’re a little way’s off from AI being able to identify most people quite yet. But if you’re publishing regularly, out in the open, you should expect your work to be fingerprinted. That does have implications for dissidents and people writing anonymously who have previously done so under their real names.