Shellsharks Blogroll - BlogFlock

52 actionable posts about building a culture of innovation - Werd I/O

2026-05-14T12:25:20.000Z

Link: The First Year, by Corey Ford at Point C

I could include Corey’s posts in my link roundups every single week. Each one is genuinely gold — and I’ve had the pleasure of knowing and working with Corey in various ways for over a decade, so I also know they work. I use many of them in my own day-to-day practice, and I’ll have them front of mind as I move on to my next chapter later this year.

I also want to say: posting every week on the same day, at the same time, for a whole year is an achievement in itself. I’ve been blogging since 1998 and I’m not convinced I’ve ever been that consistent. As he says, consistency compounds:

“I embraced constraints and forced myself to ship every week, without a long-term plan. Half sheet by half sheet. The first few posts felt like shouting into the void. (And if I'm being honest, I sometimes still wonder whether anyone has time to read these long posts at all.) But then I would run into someone in person at a conference. Or I would catch up with an old student on Zoom. And I would hear the same thing, over and over: Thank you for sharing these frameworks. I just sent our latest one to my team.”

I’ve been quietly sharing his posts in our internal #product-reads channel on Slack, which I set up to share links that I think are either inspiring or will be useful in our work. I’ve been in board meetings at other orgs where his work has come up organically and I’ve been able to enthusiastically +1. If you’re not following him, there’s still time to correct that. He’s the real deal, has changed my life multiple times, and has been similarly influential for others. And if you get a chance to work with him, including as a coach or a consultant for your team and culture — run at it.

A nice surprise in Things - Johnny.Decimal

2026-05-14T03:22:32.000Z

After 6 months of following the process from the Task and Project Management course, the only item in my Things Today view was my start-the-day routine. No category reviews or other cruft. A treat. 😃

I've been diligent about pushing less-important category reviews out to a longer repeat interval. They must have 'shaken out' to the right cadence now. I didn't want to get review fatigue – I'd rather see them less, but spend quality time when we're together.

And I'm getting better at not dumping tasks in Today and letting them pile up because everything is urgent (it's not) and I'll do it all today (I won't). I'm careful with Today now and try to schedule achievable to-dos so it (me) doesn't get sad.

It's weird that I don't have any to-dos in there though. But we just finished a big project so I'm being nice to myself this week.

Figure 0196A. An almost-empty Today view in Lucy's Things app - what a treat.

This left me feeling organised and smug

Until I went to join our first Small Business Zoom call at 6am. And Zoom wouldn't let me in until I'd done a large software update that took ages. And made me late and feel unprofessional. Now I'm the annoying person on Zoom who isn't organised (my sincere apologies to Lyra).

And so I return to my Things-safety-net with my tail between my legs and add a new repeating task in 14 Technology so it won't happen again.¹

Figure 0196B. A new repeating task to ensure Zoom stays up to date.

Note that this repeating task will always appear in Today even if the overall category-review interval for 14 Technology isn't as often. ↩

How Many Mildliner Colours Are There, Really? - Robb Knight • Posts • Atom Feed

2026-05-13T19:03:06.000Z

This is, in fact, another post about how many colours of Mildliners there are but it should be the final one of this format. Last week I posted about the Mildliner mix colours in which I said I was going to look into redoing my Mildliner reference site and I've done just that with version two.

That right there is the mildliner colours. Now let's talk about the mildliner colours. Can we talk about the mildliner colours please, Mac? I've been dying to talk about the mildliner colours with you all day, okay?

Version two of the site includes:

The colours and sets for all Mildliner types: standard, brush, fine, mix, dot, stamp, and fragrance
SVGs of every pen type — the clips and length are different on all of them
New SVG logos for all the pen types because Zebra don't appear to have these anywhere
Icons for the pen types to use with the colour list
All 42 colours (more on that below) with indicators of which types they are available with
Print stylesheets for printing checklists of sets

While looking for something else I noticed on this page on Zebra's website^[1] that they say there are 42 colours which is one less than the 41 I was aware of. I looked through the list and none of them seemed unfamiliar so I started writing them out one by one until I found it — deep gray, which I had overlooked on my first pass, is a new colour that only exists in the Mildliner fine pens. I had misidentified the deep gray as dark gray in my review — I got really close to noticing and then didn't:

[...] all the cap colours match with the exception of dark grey where the cap is much darker on the fine one than it's standard counterpart.

Version two of the site has been a bunch of work to find out all the information - Zebra has different information depending on the country so it's been hard to trakc down some of it. I'm still looking to find out the Japanese product codes of the Mix colours but I'm hoping I'll have mine by next week to confirm that. I also believe the Dot and Stamp markers don't exist in the Japanese market so they don't have the product codes.

I'm pretty happy with the whole site but the "All Colours" section is my favourite — each colour shows, with custom icons, which pen type the colour is available with. Fun fact: Gold and Apricot are the only two colours that are available in every pen type.

Mildliner Reference Version Two

Notice the hilarious -new on the slug and the title of the page is "Copy of Discover Mildliners". The old page still exists ⤾

AI may be the new gatekeepers, but human connection is more needed than ever - Werd I/O

2026-05-13T12:15:16.000Z

Link: After the Feed, by New_ Public

I think this research-based presentation about the future of the information ecosystem in the age of AI is important for publishers, product leaders, and social platform builders to read and understand. If you assume that AI will dominate how people receive their information, its conclusions are sensible, well thought-through, and even optimistic in some ways. I think all signs — AI adoption curves, data about social media use, qualitative evidence about how people are using AI to gather information today — point to the fact that it will.

This is the crux:

“Agentic interfaces are the new intermediaries for information about the world around you. This looks like a chat with Claude or a briefing from your personal AI agent — an interface built for an audience of one.

These agentic interfaces will increasingly become the nexus through which you access information and connection.”

For me, the framing of AI’s effects on existing information ecosystems while it establishes a new one was helpful. It’s, frankly, brutal: social networks, other online spaces, and the web itself are getting filled with bots and slop as people compete for engagement and eyeballs. In these spaces, AI-powered harassment, doxxing, and cheap, automated content are becoming more prevalent, while AI models are simultaneously making it easier to extract signal from those same spaces.

AI vendors are clearly the “new new gatekeepers”. Like the previous ones, they will dominate how we learn about the world even while some of us turn to open source and liberatory alternatives. But they may not dominate how we connect and share our experiences of the world, and that’s the core of the opportunity: how do we design pro-social frameworks and spaces that sit alongside an agentic information ecosystem?

I’m biased towards New_ Public’s point of view: pro-social spaces, pro-democracy technology, and community as an ingredient for trust are all my jam. But everything laid out in this presentation is already happening. People are already getting AI-generated information summaries; they are already retreating into trust-based group chats and small spaces; much more software is already being produced, straining platforms like GitHub; social platforms are already declining. But the opportunities are genuinely emerging too: I’ve written before about the opportunity for open protocols as building a foundation for bespoke micro-communities, and the core need on the internet has always been to connect with other people.

How this plays out is not yet written, although new defaults are currently being established by the AI vendors. We need more research, more experimentation, and more dedicated space to explore pro-social spaces, trust, and connection. And we need builders. Communities and trust are going to be very central to my work and research over the next year; I’m grateful for this encapsulated research, which I think will help to guide us all.

Stupidly Simple SVG Sparklines - Terence Eden’s Blog

2026-05-13T11:34:01.000Z

A sparkline is a little line-graph with no axes or other unnecessary details. They're useful for getting quick understanding of what the data is showing.

They're also really easy to create programmatically.

This uses the SVG "polyline" which takes a list of x,y co-ordinate pairs. But can you spot the small problem?

<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 1024 124">
    <polyline fill="none" stroke="#0074D955" stroke-width="3" 
        points="12,48 83,84 154,79 226,90 297,79 369,65 440,78 512,80 583,88 654,12 726,56 797,92 869,93 940,97 1012,106"></polyline>
</svg>

The SVG co-ordinate system has position 0,0 at the top left. Most graphics formats are like that. That's fine for our x value - but it means higher y values will appear lower on the graph.

Getting the x co-ordinate of each data point is easy. Take the width of the SVG image and divide it by the number of data-points.

The y co-ordinate is harder. The algorithm is:

Find the height of the SVG.
Find the maximum value in the data.
Find the minimum value in the data.
Divide the maximum value by the height of the graph.
For each data point, either:
- To have the lowest value at the bottom of the graph, subtract the minimum from the value, then multiply by the ratio in (4).
- Or, to retain the gap between zero and the lowest value, multiply the value by the ratio in (4).
The y co-ordinate is calculated by subtracting the value in (5) from the height in (1).

Here's some code showing how it works. I've added a little padding to the inside of the graph - you'll see why later:

//  Max and min of views.
$max_views = max( $svg_views_data );
$min_views = min( $svg_views_data );
$svg_data_length = sizeof( $svg_dates_data ) - 1;

//  SVG details for scaling.
$svg_padding = 12;
$svg_width_graph  = 1000;
$svg_width  = $svg_width_graph + ( $svg_padding * 2 );
$svg_height_graph = 100;
$svg_height = $svg_height_graph + ( $svg_padding * 2 );

//  Calculate where each point should be.
$x_per = $svg_width_graph / ( $svg_data_length );
$y_per = $svg_height_graph / $max_views;

//  Loop through the data.
foreach ( $svg_views_data as $index=>$views ) {
    //  X is from the left.
    $x_pos = intval( $x_per * $index ) + $svg_padding;
    //  Y is from the top.
    $y_pos = $svg_height - intval( $y_per * $views ) - $svg_padding;

    //  Add a point to the line.
    $polyline_points .= "{$x_pos},{$y_pos}\n";
}

echo <<< SVG
<svg xmlns="http://www.w3.org/2000/svg"
    viewBox="0 0 $svg_width $svg_height" class="chart">
    <polyline
        fill="none"
        stroke="#F00"
        stroke-width="3"
        points="{$polyline_points}"/>
</svg>
SVG;

Suppose someone suggests stupidly simple sparklines suffer seriously so someone should supplement statistics several circles?

Using the same co-ordinates, we can place an SVG circle on top of the point. Give it a "title" attribute and you have a little bit of interactivity.

<circle cx="12" cy="48" r="5" fill="#0074D955"><title>4,707 Views</title></circle>

Here's how it looks (view source to understand how it is constructed).

Hover over any of those little circles and you'll see some pop-up text giving you information about that datapoint.

…that's it! If you have an array of data points, you can easily create a graph with no graphing library, no plugins, no 3rd party dependencies. Just super simple SVG.

New bike, childhood movies, and origami for once! - Joel's Log Files

2026-05-13T03:10:40.000Z

This week was definitely characterized by a return to a lot of nostalgic things. No complaining, you will see what I mean as you read :P

🤱 It was Mother’s Day in México! I feel bad because I didn’t do breakfast for my mom. But the rest of the day was good nonetheless. It was on Sunday so my church had a special events to honour all the mothers. Kids, teens and youth all participated, be it in choir, and there was also a play! Of course everyone helped prepare lunch and help in any way so the moms could just relax and chats. My siblings called later and we had our own fun too talking with mom.
🚲 I have a new bike, used from a local bike repair shop. There were many options but I went for a hybrid (a Fuji Traverse 1.6 for those curious), fit for city but with slightly wider wheels that can handle light dirt and gravel paths. I got it after work, stepping off the bus transport much earlier than usual since the shop was halfway through. They let me do a test ride around the block and it was love at first sight. Since I had no car I had to ride all the way home from there! It was 7 kilometer journey and I actually pulled it off very easily. Since then I’ve just been having fun riding on my patio, but I am yet to bike through the city again. I am considering commuting to work with it, but I’ll have to write down some thoughts about all this later.
🚗 My parents went on a trip last weekend and returned right after I had purchased the bike, I didn’t want to not tell them about it so I brought it up and they were a bit confused as to where a bike would fit in my daily life. Again, I’ll write about that later, the point is they didn’t get mad lol.
📷 I returned to do an actual origami for no particular reason, for the first time in a while. I folded a “Dollar Camera”—a camera model that can be made with a dollar bill—by Won Park. The model is incredibly simple and very fun to do, I had it memorized for years and as soon as I started following the diagram it all rushed back to me. I should upload a pic to the website soon.
🛡️ I got an unexpected gift from Limited Run Games/Falcom. Since the physical release of Trails in the Sky 1st Chapter was delayed when I preordered it. They gave a pin to every buyer! I actually wasn’t expecting something so cool to show up.

Watching

As I said, this was a week full of nostalgia, and as such, I decided to revisit three films that were a part of my childhood and even teenage years. I am a huge fan of this franchise and I will probably write a long blogpost about it because Max Steel is the best action figure ever, and one of my favorite heroes of all time.

Max Steel: Endangered Species - The first animated film of the franchise, featuring worse graphics than early PS2 cutscenes, a soundtrack by Brian Carston that goes way too hard for a movie made to sell toys, a hero that needs to inject himself with some drug to survive, and some incredible scenes for fans of the series, the two main villains of the TV show, Biocon and Psycho, team up to destroy the world, there’s a chase down an ice peak at night, and an epic final fight on top of Mayan ruins. I have to be honest, even though the graphics are dated, the animation quality, mostly done with motion capture, is really amazing, especially that fight choreography with that epic music, the voice acting of the Latino dub is awesome as well!
Max Steel: Forces of Nature - The previous movie teased Max Steel’s upcoming villain, and this guy is genuinely terrifying. Elementor, a clone of Biocon, has the ability to control the Elements: Water, Earth, Wind, Fire and Metal—this guy showed up before Avatar The Last Airbender, by the way. And wants to terraform the world to his will. Max Steel must do everything he can to stop him from acquiring full strength, but is bested at every moment. There are revelations, there is betrayal, and there’s an epic moment surfing the eye of a tornado.
Max Steel: Countdown - This was the last movie I watched, but the first I ever saw as a child. Elementor is back, and this time he has divided itself into five, one for each element! As they attach to the planet’s core, the terraformation is already in progress, and Earth won’t be able to sustain life in a matter of hours. Max Steel will challenge them one more time, will he be able to defeat them? Yes, with a bicycle kick of all things!

I have so much more to say about these films, but I’ll just write a separate post to be honest. Absolute childhood nostalgia.

Gaming

🥐 CrossCode - Finally had time to return to this gem of a game, I have been playing the last of three dungeons in the current chapter I’m playing. I’ve managed to get the key to the boss room now, after some very very complicated looking puzzles. I had a lot of fun! The block puzzles and pinball style mechanics continue to amuse me to no end here
👾 UFO 50 - I “returned” Barbuta, unable to beat it in time. I think it’s a great game with some neat elements going for it, but I am just too used to the easy life of modern titles! Anyway, now I am playing Bug Hunter, it’s a title that reminds me of a very bare-bones Into The Breach, killing bugs in a grid using a limited set of actions. I can get more actions by getting energy, but killing enemies doesn’t give energy, so I have to choose the path and order of things, be smart about it. It’s challenging! But I’ll keep trying.
🐉 Monster Hunter Freedom Unite - For the same childhood nostalgia I felt inclined to go for a Tigrex hunt on my PSP! I just chose the village quest and went with my G rank gear because I just wanted to have some easy fun avoiding attacks without having to get carted due to a simple mistake. In any case this game remains extremely fun!
🏝️ Tomodachi Life: Living the Dream - I’ve been leveling up Miis and having some fun keeping them in check. Not a lot of updates but I’ve seen some new scenes and funny moments showing up, as well as the news everyday which are always pretty entertaining.

Reading

Tiamat’s Wrath - I finally finished… the prologue. And a bit of the first chapter!
Heavenly Delusion - Up to chapter 53. The protagonists met some of the other protagonists at once, gave closure to some mysteries, and are about to face a giant monster heading to a city of survivors getting by.
Shikimori’s Not Just A Cutie - Up to chapter 108.
Spy x Family - Up to chapter 134.
Blue Lock - Up to chapter 345.

Around the Web

Blogposts

Writing a blog post without a screen - I’ve written a blogposts by hand in cursive but this is kinda crazy.
We got a new bike! - I was not the only one purchasing a bike! This one is pretty cool with lots of space to carry things (and kids!)
Spicing Up My Website - Wooo, always nice when a friend adds some to his blog. Pixel bear yay!
Another Triumph For Blogging - Wouter met a fellow blogger IRL, that is super cool.

YouTube

Casually Explained: Cycling - A short animation comedy about cycling and commuting and the like, kinda funny but with some edgy humor
I Tried Mountain Bike Commuting - How Does it Compare to a Road Bike? - This was actually a very relaxing video to watch, just a POV of a commute! It has some cuts but it’s pretty nice. Japan is cool.
Are you bike commuting wrong? Fitness vs transportation explained - Neat tips to take. I am worried about commuting to work and especially sweat on my back but maybe it’s not so bad.
Every Reason to Hate Cars - This is a long one, Not Just Bikes is a great channel that I’ve shared videos of before.
What a Bicycle Shop in Japan is Like - A fun tour on a bike shop in Japan, I love the variety and the types there are over there. Very interesting.
I Built a Bike Out Of Home Depot Supplies - Now this was such a silly project, and yet it worked. It’s wild how things worked out in the end.

This is day 64 of #100DaysToOffload

Reply to this post via email | Reply on Fediverse

Position statement: AI-generated apps - Johnny.Decimal

2026-05-13T02:41:53.000Z

So that I have an artefact that I can send to people, or link to when I want to explain my position, here's how I feel about AI-generated apps. If I've sent you this link, it isn't personal. Please don't take it as such (even though I've written it with a heavy dose of snark). :-)

Before now

Before, nobody could make an app. Well, a handful of really specialised software engineers could. But you couldn't.

So, apps were special. An app that did a thing that you needed it to do was probably worthy of attention. Maybe it wasn't any good, but still: an app! Someone spent hundreds of hours making it. Worth a look.

Everyone can make an app

Now, essentially anyone can make an app. Hey Claude, make an app.

What does that mean for your app, that you made? It means that I'm probably not going to look at it, and you shouldn't expect anyone else to care either. Sorry.

This might be unfair! You might have made The Best App. But so has everyone else. And everyone else wants people to check out their app and, well, you can see how that doesn't scale.

Enjoy your own app

I'm not criticising AI-generated apps. It's amazing that you can make an app. What a time we live in.

But don't expect anyone else to care. They're busy. Making apps.

Spend time with your own words - Johnny.Decimal

2026-05-13T01:39:10.000Z

Yesterday me and Lucy spent the day going through categories 21 Products (etc.) and 31 Marketing (etc.) in our own small business JDex. They're where the bulk of our stuff is, and they'd been neglected as we spent a few months with our heads down rebuilding this site.

There's about 23,000 words across those two folders in maybe 100 separate notes. It was a bit of a chore, honestly. But it needed doing, and I'm glad we did it. Because that's my business in there. Ideas that I've had, patterns, thoughts, notes-for-future-me. Yesterday morning I didn't really know what was in there. Now I do.

I don't think there's a way to shortcut that work. I know it can be tempting to get the machine to do it for you, but would that move you forward? Would you now be in a better situation than we were yesterday morning? I don't think you would be.

They're your words. They're thoughts that came out of your brain. If they're worth anything at all, spend some time with them.

Growing with my website - James' Coffee Blog

2026-05-13T00:00:00.000Z

At this evening’s Homebrew Website Club, I asked: What was the biggest change in our websites since we started them? This question was inspired in part by Paul saying something to the effect of how we build our websites and, in the process, figure out what we want our websites to be.

There are many lenses through which to think about the question – the technology behind a website, the design of a website ¹, the philosophies and goals behind our website, and more. My answer was that a few years ago I started worrying less about posting on lots of different topics, and accepted the joy of putting all my writing in one place.

The back story is that when I started blogging more about coffee a few years ago, I worried that posts about technology would detract from the coffee posts, and vice versa. I knew people who liked specialty coffee looked at my website and I didn’t want the site to look confusing for someone not interested in technology. I started wondering if I should have a home page that was split with two lists: one for technology posts and another for coffee posts. ² Should I have two different websites?

I can’t remember the exact moment when things changed, but at some point I realised it was okay to put my writing on many subjects in one place ³. I also started to feel more confident in writing about more topics, too. This was a process that unraveled with time and experimentation and play. Part of the fun of having a website is in the growing – of trying new things and realising that there’s even more you can do and continuing to play and experiment. And a lot of that was possible because I saw many other lovely websites and spoke with people who had websites – every website expands my understanding of what a website can be.

I want my blog to be a slice of my life, and my life is multi-faceted. I love writing and playing guitar and Nature and poetry and listening to Taylor Swift music and writing about technology and thinking about the future of the web and writing down ideas I have and so much more. That is me. And so, a mix of things is what I want my website to be.

At the time of writing this post, my home page lists posts on walking, museums, Nature, writing a blog post without a screen, ideas for web readers, how I use my phone, and more – many of my interests and thoughts and observations and dreams, sitting side by side.

I do wish I could remember when I realised it was okay to put everything together, but all I can say is that I’m glad I arrived at where I am. I don’t want my blog to be any other way.

I am curious: What has been the biggest change to your website since you started it? Or, alternatively: how have you changed since you started your website?

This encouraged me to look up when I last redesigned my website. The current design is based on the theme I made in my 2024 redesign. It seems like just yesterday that I redesigned my website. Maybe we need a concept of “website time” to refer to how time feels in relation to our websites.

[↩]

Back then my blog was mostly about technology and the web and coffee.

[↩]

My blog is called James’ Coffee Blog because I loved coffee when I gave it that name (and still do, but I drink a lot more tea at the present moment; my website and I both change) and wrote a lot about coffee, but the site grew into so much more. I still like the name because I have been using it for so long, and it represents a slight separation between me and my blog: my blog is part of me, but not all of me.

[↩]

Homebrew Website Club museums how I use my phone ideas for web readers writing a blog post without a screen Nature walking 1 2 3 [↩] [↩] [↩] Paul

Upgrading My Home Internet to Full Fibre - Kev Quirk

2026-05-12T18:19:00.000Z

As many regular readers know, we live in the North Wales countryside, which means it can take time to get the latest and greatest when it comes to technology.

As a result, we were previously "limited" to FTTC (fibre to the cabinet) which had a max speed of 70Mbps. As a result, we got okay internet speeds:

But then I saw the ISP vans in the village, and I asked them what they were doing - "oh, we're upgrading the village to full fibre" she said.

I had to have it!

As soon as FTTP (fibre to the premises) was available, I placed the order with my ISP (who offered me a great deal that's only £5 per month more), and this is the result:

Is it worth it?

In all honesty, I haven't noticed the difference. We didn't have any buffering issues when watching things like Netflix or Apple TV, so I'm not really sure why I upgraded in hindsight.

I thought it would be this incredible difference where my internet would then be rapid, but the truth is, it's complete imperceptible. I remember when I upgraded from a 56k MODEM, to ~2Mbps broadband and it blew my mind. I was thinking this would be the same, but no.

I do think the increased upload speed is going to come in handy when it comes to things like syncing my private git repos back to my Synology, but aside from that, there's not much in it.

Had I paid full price (~£20 more per month) I don't think I'd have been too happy, but since I got a good deal, I'm not too bothered.

Thanks for reading this post via RSS. RSS is ace, and so are you. ❤️

You can reply to this post by email, or leave a comment.

Go fuzzing was missing half the toolkit. We forked the toolchain to fix it. - Trail of Bits Blog

2026-05-12T11:00:00.000Z

Go’s native fuzzing is useful, but it stands far behind state-of-the-art tooling that the Rust, C, and C++ ecosystems offer with LibAFL and AFL++. Path constraints are hard to solve. Structured inputs usually need handmade parsing. It doesn’t even detect several common bug classes, such as integer overflows, goroutine leaks, data races, and execution timeouts. So to make it better, we built <a href="https://github.com/trailofbits/gosentry">gosentry</a>, a fuzzing-oriented fork of the Go toolchain that keeps the standard <code>testing.F</code> workflow while using a stronger fuzzing stack underneath to tackle those issues. With gosentry, <code>go test -fuzz</code> uses LibAFL by default. It can fuzz structs natively, run grammar-based fuzzing with Nautilus, detect bug classes that it couldn’t detect before, and create a fuzzing campaign coverage report in one command. If you already have Go fuzz harnesses, you don’t need to rewrite them. Point them at gosentry’s binary and you get all of the above through the same <code>go test -fuzz</code> interface, with a few new flags: <figure class="highlight"> <pre tabindex="0" class="chroma"><code class="language-shell" data-lang="shell">./bin/go test -fuzz=FuzzHarness --focus-on-new-code=false --catch-races=true --catch-leaks=true</code></pre> <figcaption>Figure 1: Basic gosentry usage</figcaption> </figure> gosentry keeps the harness API and changes the engine and the surrounding tooling — you just tweak the CLI. You can also generate coverage reports from an existing campaign with <code>--generate-coverage</code>. Run it from the same package with the same <code>-fuzz</code> target, and no corpus path is needed; gosentry stores the campaign state under Go’s fuzz cache index by package and fuzz target, so restarting the campaign resumes from the existing corpus. <h2 id="why-we-built-gosentry">Why we built gosentry</h2> We started this project after we released <a href="https://blog.trailofbits.com/2025/12/31/detect-gos-silent-arithmetic-bugs-with-go-panikint/">go-panikint</a> to improve Go fuzzing’s integer overflow detection. We realized that integer overflow detection wasn’t enough. Go’s fuzzing ecosystem was still missing techniques that Rust, C, and C++ researchers already use every day. We often faced these gaps in our own security work using Go’s vanilla fuzzer: <ul> <li>Program comparisons (path constraints) were impossible to solve: one complex <code>if</code> branch, and the Go fuzzer could stay stuck forever.</li> <li>Grammar-based fuzzing was never an option.</li> <li>Structure-aware fuzzing required additional manual work.</li> <li>Several Go bug classes would not crash by default or would depend on external libraries, so the fuzzer could reach insecure target behaviors without reporting them.</li> <li>Generating coverage reports from a fuzzing campaign was cumbersome.</li> <li>Making the fuzzer crash on critical error logs required manual code changes.</li> </ul> <h2 id="same-harness-stronger-engine">Same harness, stronger engine</h2> Gosentry keeps the parts Go developers already know: <ul> <li>Write a fuzz target with <code>testing.F</code>, as usual.</li> <li>Create your initial corpus with <code>f.Add</code>.</li> <li>Pass the input into <code>f.Fuzz</code>.</li> </ul> Under the hood, gosentry captures the fuzz callback, builds a Go archive with libFuzzer-style entry points, and runs it in-process through a Rust-based LibAFL runner. The API stays familiar, but gosentry enhances the engine, scheduling, detectors, and much more. We designed it this way to avoid friction for developers and security researchers adopting a new tool. Existing Go harnesses do not need to be ported to a new framework. And since the Go toolchain documentation and usage are already widely integrated into LLM pre-training datasets, an agent can easily use gosentry, as it is a fork of the Go toolchain. <h2 id="more-bugs-become-visible">More bugs become visible</h2> Another added value of gosentry is its capacity to turn more bad behaviors into failures that the vanilla Go fuzzer wouldn’t report. It includes compiler-inserted integer overflow checks by default and optional truncation checks through the <a href="https://blog.trailofbits.com/2025/12/31/detect-gos-silent-arithmetic-bugs-with-go-panikint/">go-panikint</a> integration. It also lets you choose function calls that should stop the fuzzer. For example, you can use the <code>--panic-on</code> flag to stop fuzzing when <code>log.Fatal</code> is called. This flag is useful for codebases that log critical errors and keep going instead of panicking and reporting the bug to the user. It can also catch data race issues using the native Go race detector (<code>--catch-races</code>), and goroutine leaks through its <a href="https://github.com/uber-go/goleak">goleak</a> integration (<code>--catch-leaks</code>). Finally, timeouts can be caught at fuzz-time to help detect issues like infinite loops. <h2 id="better-inputs">Better inputs</h2> Gosentry improves input quality in two different ways, which solve different problems. <h3 id="struct-aware-fuzzing">Struct-aware fuzzing</h3> Go’s native fuzzing accepts only a small set of parameter types, which doesn’t include composite types, such as structs, slices, arrays, and pointers. Gosentry supports fuzzing of these types.  <figure class="highlight"> <pre tabindex="0" class="chroma"><code class="language-go" data-lang="go">type Input struct { Data []byte S string N int } func FuzzStructInput(f *testing.F) { f.Add(Input{Data: []byte("hello"), S: "world", N: 42}) f.Fuzz(func(t *testing.T, in Input) { Process(in) }) }</code></pre> <figcaption>Figure 2: Supported gosentry harness with structured input</figcaption> </figure>  Under the hood, gosentry still mutates bytes. The difference is that it encodes and decodes the composite value for you in a proper way, so you don’t have to invent a custom wire format just to fuzz typed Go inputs. <h3 id="grammar-based-fuzzing">Grammar-based fuzzing</h3> In this mode, gosentry uses <a href="https://github.com/nautilus-fuzz/nautilus">Nautilus</a> to generate and mutate grammar-valid inputs while LibAFL still drives the coverage-guided loop. Let’s imagine you want to fuzz a homemade JSON parser. Without a grammar, most of the time you would generate junk input that wouldn’t even pass the first branches. For example, the fuzzer would mutate <code>{"postOfficeBox": 123}</code> to <code>{postOfficeBox"": """"&%}</code>, while a more interesting generated input of <code>postOfficeBox</code> would be a much larger number like <code>u64.MAX</code>, giving <code>{"postOfficeBox": 18446744073709551615}</code>. In that case, you need grammar-based fuzzing. You define what the structure should be, and the fuzzer generates inputs accordingly. You could write a harness like this:  <figure class="highlight"> <pre tabindex="0" class="chroma"><code class="language-go" data-lang="go">func FuzzGrammarJSON(f *testing.F) { f.Add(`{"postOfficeBox":123}`) f.Fuzz(func(t *testing.T, jsonInput string) { ParseJSONFromString(jsonInput) }) }</code></pre> <figcaption>Figure 3: Grammar-based harness for our JSON parser</figcaption> </figure>  The grammar format is a JSON array of rules: <figure class="highlight"> <pre tabindex="0" class="chroma"><code class="language-json" data-lang="json"> [ ["Json", "\\{\"postOfficeBox\":{Number}\\}"], ["Number", "{Digit}"], ["Number", "{Digit}{Number}"], ["Digit", "0"], ["Digit", "1"], ["Digit", "2"], ["Digit", "3"], ["Digit", "4"], ["Digit", "5"], ["Digit", "6"], ["Digit", "7"], ["Digit", "8"], ["Digit", "9"] ]</code></pre> <figcaption>Figure 4: Definition of our postOfficeBox JSON grammar</figcaption> </figure> Just note that grammar mode still feeds bytes or strings to the harness. So your target needs to be able to parse either strings or bytes. <h2 id="what-it-has-found-already">What it has found already</h2> We’ve been running gosentry on a bunch of targets using grammar-based differential fuzzing campaigns and found a number of bugs. We have disclosed some of these issues to Optimism and Revm: <ul> <li><a href="https://github.com/ethereum-optimism/optimism/issues/19334">Unknown batch type panics and causes denial of service in kona-protocol</a></li> <li><a href="https://github.com/ethereum-optimism/optimism/issues/19333">Kona and op-node can disagree on brotli channels</a></li> <li><a href="https://github.com/ethereum-optimism/optimism/issues/19335">Kona frame parsing mismatch against op-node and OP Stack Specs</a></li> <li><a href="https://github.com/bluealloy/revm/issues/3458">Failed deposit in op-revm stopping with <code>OutOfFunds</code> does not bump nonce, leading to a state root mismatch against other clients</a></li> </ul> Those are exactly the kinds of bugs we wanted Go fuzzing to expose. They wouldn’t have been easy to find via the native Go fuzzer, but our grammar-based fuzzer via gosentry was able to easily detect them. Now, see what you can find. If you already have a Go fuzz target, run it under gosentry and see what it can reach compared to the native Go fuzzer. The project is available on <a href="https://github.com/trailofbits/gosentry">GitHub</a> and includes documentation for each feature described above. If you’d like to read more about fuzzing, check out the following resources: <ul> <li>Our <a href="https://appsec.guide/docs/fuzzing/">fuzzing chapter</a> in the Testing Handbook</li> <li><a href="https://blog.trailofbits.com/2024/02/23/continuously-fuzzing-python-c-extensions/">Continuously fuzzing Python C extensions</a></li> <li><a href="https://blog.trailofbits.com/2020/06/05/breaking-the-solidity-compiler-with-a-fuzzer/">Breaking the Solidity Compiler with a Fuzzer</a></li> </ul> As always, <a href="https://trailofbits.com/contact/">contact us</a> if you need help with your next Go project or fuzzing campaign.

Position or Perish: The Narrative Blueprint - Westenberg

2026-05-12T10:15:17.000Z

Avis was losing $3.2 million a year; and they'd been unprofitable for thirteen straight.

In 1962, they sat at number two in American car rental, well behind Hertz, with no plausible path to catching up. Robert Townsend, the new president, hired Doyle Dane Bernbach and asked them to do something useful with the worst hand in the industry.

The campaign DDB produced ran a single line:

"Avis is only No. 2 in rent a cars. So we try harder."

Within a year, Avis had moved from $3.2 million in losses to $1.2 million in profit. The cars hadn't changed. The locations hadn't changed. The pricing hadn't changed; but the story they told about themselves had, and they let that story do the work.

What positioning is

Positioning is the answer to a question every customer asks before they decide whether to care about your product: "What is this, and why should it matter to me right now?"

Before you have a product, and well before you have an investor, you need to have an answer to that question - and you need it in a single // simple sentence. Nobody is going to do the cognitive work for you; they'll categorise your product based on whatever signal they catch in the first three seconds, and the category, once set, is near-impossible to dislodge.

The category - the box they put you in - determines who you compete with, what price they expect to pay, what features they expect you to have, and what story you're allowed to tell. Get the category right and you set the terms; get it wrong and you spend the rest of your life arguing with the market about who and what you are.

Al Ries and Jack Trout published Positioning: The Battle for Your Mind in 1981. The book makes a forty-year-old argument that the war is fought in the customer's head, where there's no spare room and no patience for new claims.

The most expensive mistake founders make

The vast majority of founding teams treat positioning as a marketing exercise: Something the marketing team does after the product is built; something you put on the homepage when you're ready to launch.

This is both wrong - and expensive.

Positioning is upstream of marketing. It's upstream of product, pricing, hiring, fundraising, and PR. It determines what you build, who you sell to, what you charge, and what investors think you are. A company with clear positioning ships faster and raises at higher multiples because every decision flows from the same understood centre.

A company without clear positioning ships features that contradict each other and hires people who can't agree on what the company does.

I've worked with companies that had product-market fit and were still failing because no two people inside the building could finish the sentence: "We are the _____ for _____." When the founders can't agree, the sales team improvises, and the marketing team writes copy that doesn't ladder up to anything coherent.

The messaging spine

Every positioning piece should open with a messaging spine. It's the series of claims and narrative touchpoints that hold up an entire company. Decks, websites, sales scripts, hiring materials etc all come later.

A spine has four parts.

The first is the category. What kind of thing are you? What bucket do you belong in? A category is a shortcut, telling the customer how to think about you in a half-second of attention. If your category is wrong or fuzzy, every downstream message leaks energy trying to fix it.
The second is the audience. Who is this for, in specifics? "Businesses," "developers," and "creators" are broad nouns that fall apart under any pressure. A real audience description names a role and a moment. "Heads of compliance at mid-market fintechs trying to pass their first SOC 2" is an audience. "Modern professionals" is a hallucination.
The third is the alternative. What are they doing today instead of using you? This is the question most founders skip, and it's the one that matters most. Customers don't compare you to nothing. They compare you to the spreadsheet they've used for eight years, to the agency they hired last quarter, to the open-source tool they already know, or to the colleague who handled it last month. Until you name the alternative, you can't claim the wedge.
The fourth is the wedge. What's the single sharp thing you do better than the alternative? One thing, expressed so cleanly that a customer can repeat it back to a colleague without stumbling.

When the spine is right, every other piece of copy in the company writes itself.

Narrative is positioning told over time

Positioning is the static claim, but narrative is the moving picture.

A company can hold a single positioning statement for years, and most should; but the narrative around that statement has to evolve, because the world evolves and your competition evolves with it.

Stripe's positioning has been close to constant since 2010: payment infrastructure for the internet. The narrative around it has cycled through a dozen variations; in the early years they talked to developers about seven lines of code. By 2015 they were talking to CFOs about reducing fraud and reconciliation overhead. By 2020 they were telling Fortune 500 boards that they were the operating system for global commerce. But the spine held steady across each story.

Most companies get this backwards; they keep the narrative fixed and let the positioning drift. The pitch deck still says what it said three years ago, while the product has wandered into a new category and the leadership team is pretending it hasn't.

The remedy is to write the spine down, share it with everyone who joins the company, and revisit it once a year with the discipline of a financial audit.

Position against something specific

Every position works through contrast. The claim says you're better than something, simpler than something, more honest than something, or designed for someone the alternative ignores.

When Salesforce launched in 2000, they positioned themselves against “software” itself. "No software." Every piece of collateral pointed at the same enemy: installed enterprise software that took twelve months to deploy and cost millions in services. Customers didn't have to understand SaaS as a category. They had to understand they were tired of waiting for IT to install Siebel.

Pick your enemy with care. It should be big enough to matter, recognisable enough that customers already have an opinion about it, beatable enough that your wedge works against it, and unable to follow you into the corner you're claiming.

The wrong enemy is another startup nobody's heard of. The wrong enemy is the abstract status quo of "manual processes," because nobody buys against an abstraction. The right enemy has either a name and a market cap, or a behavioural pattern your audience can picture without effort.

The category gambit

Sometimes the right move is to claim an existing category.

Sometimes the right move is to invent a new one.

Inventing a category is harder and more expensive than founders think. The standard venture advice is to "create a new category and dominate it," and most who try this fail because they don't have the budget, the airtime, the patience, or the distribution to teach the market a new word.

When category creation works, it's because someone with serious distribution put their full weight behind a single term until the market repeated it back. HubSpot did this with inbound marketing. Drift did it with conversational marketing. Gong did it with revenue intelligence. Datadog did it with observability. Each company spent years publishing books and running conferences under a single banner until journalists and analysts stopped questioning whether the category was real.

If you're a seed-stage company with $2 million in the bank, you can't afford to create a category; but you can afford to claim a corner of an existing one, and own it harder than anyone else does. This is the Avis play: you don't need to invent the rental car. You need to be the company that tries harder than Hertz.

The category gambit gets misread because the visible examples are the winners. The failed attempts at category creation don't get studied. For every Drift, there are twenty companies that tried to coin a term, ran out of money before the market adopted it, pivoted into someone else's category, and disappeared from view.

What investors actually buy

Founders raising venture money tend to treat the pitch deck as a product spec. The deck explains what the product does, how the technology works, why the team is qualified to build it, and how the market is large enough to matter.

This is also wrong.

Investors fund stories about products. The deck is a narrative artefact, and its job is to make a partner at a fund repeat your story in a Monday morning meeting without garbling it. If the story collapses when an underprepared partner retells it on three hours of sleep, the deck has failed at the only thing decks exist for.

The best decks I've worked on open with a claim about the world. The product comes in around slide six, after the world has been described in a way that makes the product feel inevitable. Something has changed, something is broken, and the audience half-believes it already but hasn't seen it written down with any precision.

Founders skip this because they think the world-claim is obvious. It rarely is, even to the founders who built the company. The investor sees fifteen decks a week and starts each one cold. The first three slides install the worldview that makes everything that follows feel like the logical conclusion of a premise they've already accepted.

Copy as evidence

Every word on the homepage either confirms the positioning or contradicts it. There's no such thing as neutral copy and there should be no such thing as filler. A hero headline that says "Empower your team" contradicts the positioning of every company that uses it, because the words do no work and the customer has read the same line on a hundred other websites that week.

Specific words confirm positioning; vague words dissolve it. "We process two billion dollars a year in same-day payouts for marketplaces" is a positioning sentence. "We make payments easy" is a marketing hallucination that any company in the category could have written.

A good test: take your homepage copy, swap your company name for a competitor's, and see if the sentences still make sense.

If they do, you've written wallpaper.

The same test applies to investor decks, sales scripts, hiring pages, and press releases. If a competitor could lift your copy verbatim and use it without changing anything, you've written nothing of your own.

The pricing tell

A consultancy charging $4,000 a month is in a different category from one charging $40,000 a month, regardless of what either website claims. A SaaS product priced at $19 a seat competes in a different market from one priced at $19,000 a year, even when the feature lists overlap. The price tells the customer which competitive set you're in, and the customer believes the price more than they believe the copy.

Founders who underprice are doing it because they don't trust their own positioning. They worry that customers will balk, so they hedge by setting a number nobody could object to. The result is that nobody treats them as serious peers, because cheap reads as low-stakes, and low-stakes products don't get bought by buyers with real budget authority.

The correction is to price for the position you want, and let the positioning catch up to the number. If the plan is to sell to enterprise, an SMB price contradicts the plan on contact.

The number itself is a positioning claim, and underpricing is a way of telling the market you don't believe what your own homepage says.

Hiring is downstream of narrative

People want to work for companies whose story they can repeat at a dinner party without sounding ridiculous. If your narrative is sharp, you can hire above your weight class. If it's muddy, every hire becomes a war.

I've watched companies with worse products win senior hires from companies with better products, because the narrative was clearer and the candidates could picture themselves inside it. The folks who are actually in demand evaluate the story before the feature set. They want to know whether the story they'll tell their next employer about this job will sound impressive or embarrassing. We’re all climbing the ladder. Your story has to place you one rung up.

The same logic applies to retention. The best people leave when they can no longer explain what the company is doing. They leave before the bad ones do, because the bad ones don't have other options, and the good ones run the calculation every six months.

A clear positioning is a retention tool. It tells your best engineers why their work matters at the scale of the company, and it lets them say something coherent at parties when someone asks where they work.

When to reposition

Repositioning is the most dangerous play in the manual. Done well, it can rescue a stalled company in a quarter; done badly, it can torch ten years of accumulated meaning in a week.

A company should reposition when one of four things happens.

The market has moved underneath the original claim, and the position now describes a world that no longer exists.
The product has expanded into territory the original claim can't cover, and customers are confused about what they're actually buying.
A competitor has captured the language you used to own, and the contrast has stopped doing the work it used to do. Or,
the founders have learned something material about who their best customers are, and the original audience description has stopped matching the people writing the cheques.

Repositioning that happens because the founders are bored with their own message will always fail; personal boredom is not a strategic signal. The customer hasn't heard the message yet. The customer is just starting to remember it. Throwing it out because the founders have repeated it a thousand times is throwing out the only thing the market has begun to recognise.

Most repositioning attempts try to rewrite everything, and most fail because the new version has no equity, no recognition, and no proof points. A surgical change at the wedge or the alternative is easier to absorb than a full rebrand of the category and audience.

Founders as narrators

Every founder is the chief narrator of the company, whether they want the role or not. Investors read founders; hires read founders; and customers read founders. The way the founders talk about the company in informal settings tells the market more than any campaign ever will.

The founders who win at this discipline share two habits.

They use the same vocabulary to describe the company across every audience, so the deck, the all-hands speech, the analyst briefing, and the dinner-table answer to a stranger all sound like they came from the same head.
They resist the temptation to update the story every time a journalist asks a clever question, because they understand that the question is a test of conviction, not an invitation to redesign the company in real time.

Founders who lose at this discipline tend to do the opposite. They tailor the story to whoever's in the room. The deck says one thing, the all-hands says another, the analyst briefing says a third, and the dinner-table answer says a fourth. Over time the company loses the ability to say anything at all, because nobody inside it can agree on what the company is.

The fix is the spine again. Write it down, read it out loud, and use the words themselves. The discipline is to bore yourself with your own message a decade before the market starts repeating it back, and to keep saying the same true thing while competitors burn their oxygen on rebrands every eighteen months.

What to do this week

Skip the rebrand for now. Sit five people in a room and finish the sentence: "We are the _____ for _____ who want to _____ instead of _____."

The blanks are the spine: category, audience, outcome, alternative.

If everyone in the room agrees on the completed sentence, the company has working positioning. If the sentence doesn't read cleanly to everyone, no amount of homepage redesign or paid advertising will fix the underlying problem, because the underlying problem is that the company doesn't know what it is.

Run the exercise this week. Don't leave the room until the sentence reads cleanly. Then check it against the homepage, the deck, the sales script, and the latest job posting. Anything that contradicts the sentence is a leak in the spine. Patch the leaks one by one, and don't open a new marketing channel until they're closed.

The longer game

Positioning is a posture you hold for years, not a campaign you run for a quarter. Companies that hold a clear posture for a decade compound advantages that companies running a fresh campaign every quarter never accumulate.

Berkshire Hathaway's annual letter has said the same things, with the same vocabulary, since the 1970s. Buy good businesses at fair prices, hold them forever, trust the underlying math, and ignore the short-term noise. The letter doesn't change because the position doesn't change. The position doesn't change because Warren Buffett worked out what he believed early and refused to negotiate with the market about it.

You don’t have fifty years. At most, at the absolute stretch, you have 2-3 before the company either compounds into something or doesn't.

Pick the claim, hold the claim, write everything else from the claim, and let competitors burn their oxygen on rebrands every eighteen months while you keep saying the same, damned, true ~thing.

Announcing Wonders of Web Weaving - James' Coffee Blog

2026-05-12T00:00:00.000Z

If you have ever spoken to me, you may have heard me express a meandering interest in doing something with audio. I think the heart of this interest is that I love conversations and storytelling. I love hearing people talk about the things that make them light up. I love asking questions. I enjoy the feeling where you feel like you see the world in a new light after having spoken with someone.

With all that in mind, a few weeks ago I had an idea: I could interview people who love the web and chat about all things indie web. This coalesced into an outline for a podcast, which then became Wonders of Web Weaving.

Every Tuesday for the next fifteen or so weeks, I am going to be releasing an episode of the show. The first episode is with Adam, the creator of omg.lol and maintainer of many wonderful web projects.

I named the podcast the way I did because web weaving – making websites and the community around doing making websites – really is wonderful. After the first interview, I felt I had made the right choice in the name – the magic of the web permeates through so much of the indie web.

The show has its own website, which has an RSS feed you can use to follow along with episodes. Each episode will be accompanied by a hand-written transcription, available on the web page for each episode.

I am thinking of the next fifteen weeks as either season one, or the entirety of the show. Whether there will be another season, I’m not sure. For now, I’m challenging myself to commit to fifteen conversations. Having a clear goal towards which I can strive makes the project more sustainable than committing to a recurring show.

I hope that you all enjoy the show as much as I enjoy recording it. The first episode is ready for you.

Wonders of Web Weaving The first episode is ready for you. The first episode is with Adam, the creator of omg.lol and maintainer of many wonderful web projects RSS feed you can use to follow along with episodes

Bridging feels seamless. Behind the scenes, it's a technical marvel - Werd I/O

2026-05-11T22:29:51.000Z

Link: Bridging on a budget, by Ryan Barrett at A New Social

I’ve been in awe of Ryan Barrett since I first met him over a decade ago. He cofounded Google App Engine and led engineering at Color Health. His Bridgy tool, which allows people on different protocols and networks to follow and converse with each other, is now the basis of A New Social, the open social web non-profit that he runs with Anuj Ahooja. (Disclosure: I’m on the board.)

This post about how he reduced Bridgy costs is brilliantly detailed. It’s a good look into what’s involved when you need to refactor and reduce cost at scale — and what’s remarkable is how effective this work actually was.

“The end result of all of this is that we grew from 2k users to almost 150k, added a ton of heavy new functionality, and still managed to optimize and cut down costs from $.15 per active user per month to just $.03 or so.”

But it didn’t come easily. When you’re connected to the kinds of firehoses that Bridgy needs to be, and serving the kind of traffic it’s starting to handle, every optimization really counts. Because it’s open-source, you can dig down into individual optimizations and follow along each exploration. It’s painstaking work and a demonstration of their commitment to financial responsibility. Try vibe coding that.

Bridgy (and its parent A New Social) exists to help make the individual protocols less important: everyone should be able to collaborate with everyone else regardless of which platform they’re using. It’s the kind of thing that feels easy in the moment — but as this post proves, it’s far from simple under the hood.

To maintain their independence, publishers are fleeing Substack - Werd I/O

2026-05-11T21:58:25.000Z

Link: Writers are fleeing the Substack Tax, by Emma Roth in The Verge

If you weren’t all that bothered about Substack platforming and compensating Nazis, The Verge reports that there’s a new reason to be worried: it costs more and its much-touted network doesn’t count for much if you’re not one of its featured writers.

Sean Highkin of The Rose Garden Report is quoted in the piece:

““When I first joined up, [Substack] gave me a big push and featured me and funneled a lot of traffic to me, which led to a good amount of growth,” Highkin says. “But once I wasn’t one of the ‘new recruited talent’ they could tout, they stopped featuring me and I saw my growth stagnate.””

Ghost (with Ryan Singel’s Outpost) cost less than half and drove a significant increase in subscribers. It’s mentioned here alongside Beehiiv and Kit, but is the only truly open-source alternative. That means you can use Ghost’s services (as I do), but if you’re dissatisfied, you can move to another provider.

This is in stark contrast with Substack, which has been promoting social media style following relationships over true subscriptions, and only allows creators to export their subscribers should they choose to move. Similarly, Beehiiv starts with open protocols like RSS switched off by default, locking readers into its ecosystem.

That freedom is important. As Casey Newton says in the piece:

“The more important thing is that we have a home on the open web that we control, and whatever anti-creator changes Substack is forced to make in the future to live up to its valuation we won’t be affected by.”

Every media company, publisher, and individual creator needs to maintain their platform independence if they want to make independent business decisions. It’s good to see more people taking this step, and it’s good to see that they have options.

Asking platforms to do better won't work. We need to force their hands - Werd I/O

2026-05-11T14:31:51.000Z

Link: You couldn't create a more anti-news internet if you tried, by Matt Pearce

Matt Pearce, Director of Policy for Rebuild Local News, writes a behavioral economics inspired take on why our current embodiment of the internet is so bad for news and information.

In particular, he sees the introduction of “nudges” as being a pro-information feature that search engines, LLM interfaces, and social media platforms could introduce:

“Social media, too, could choose to feature quality news outlets as “defaults” or provide subtle “nudges” on content that prompt users to donate or subscribe to the news outlets providing high quality news videos on platforms like Instagram, which don’t pay for themselves.”

I happen to particularly agree with his implied criticism of newsrooms going deep on Instagram, which usually leads to vanity metrics going up and to the right but not necessarily to conversions, impact, or revenue. And I think it’s true that nudges across all these platforms would have the effect he’s hoping for. But I think the tragedy is that there’s no real reason why any of these platforms would actually do it.

The internet as it stands is perfectly optimized for the needs of these platforms: engagement, advertising revenue, and rapid growth. Adding pro-social nudges would add friction to their well-oiled loops and take users off-platform. That’s exactly why Google has moved from leading people to the best websites for a query to answering those questions on-page: its own needs are best served by keeping users in one place. For them to make different choices, they would need to be far more benevolent architects than they are.

So, one path forward is that they need to be forced to do it. This would need regulations to govern the features an information platform can provide, and could have very adverse side effects. We’re seeing increased regulations with respect to things like age verification, so introducing regulation is possible — but that age verification tech has become a surveillance layer that impacts freedom of speech for vulnerable groups. And if publishers go too far in that direction, for example by dictating that platforms share more ad revenue, the networks might simply stop supporting news content at all, as we’ve seen in places like Canada.

Another is to build new platforms that make better choices for the whole ecosystem: more interesting for readers, more supportive of publishers. We’re already seeing a resurgence in new open social web platforms as well as a regrowth in older technologies like RSS. But the incumbent platforms aren’t going to simply go away; any new pro-social platform has to directly compete with them while also building an ecosystem. Still, I think it’s more promising, particularly in a world where incumbent platforms are losing goodwill with the public. The kind of thinking that Matt’s done here is very useful in helping to design what those new platforms might look like.

We’re not in a great place and there’s a hard road ahead. I’m sure of one thing: asking existing platforms to do better is not going to work. So we need to take matters into our own hands.

WordPress powers 47% of the web. Now it's more social, too - Werd I/O

2026-05-11T13:31:54.000Z

Link: Radical Speed Month — The Reader Meets the Fediverse, by Mattias Pfefferle

We’re closer to the entire web being a social environment than ever before. That’s very exciting to me on two fronts. The first is that it’s always been the promise of the web that anyone could publish and be heard, and baking in social functionality is a huge part of that. The second is that it undermines the stranglehold that traditional social media platforms have had on the public discourse and democracy itself. We need movements like these to grow.

So I think it’s cool that WordPress.com just shipped some major improvements to its core reader:

“The Radical Speed Month bet: ship three protocol adapters in four weeks, and prove the Reader can become a universal aggregator. RSS / Google Reader API (so any reader app can use WordPress.com as a sync backend), ActivityPub (so Mastodon, Pixelfed, and friends show up natively), and ATProto / Bluesky (because that’s where a real chunk of the social-web conversation has gone). One Reader, every protocol you care about.”

In practice, that means that you can read updated content from the web via RSS, the Fediverse, and ATproto from the WordPress dashboard — and connect any compatible reader app to that dashboard to make reading more seamless. (I’m a die-hard fan of Reeder Classic, and it sounds like that works.) WordPress is now compatible with reading the whole open social web.

But, of course, it’s WordPress, which is a publishing environment at its heart. It’s supported RSS forever, and has supported the Fediverse for a while. Now it supports Bluesky, too. Unlike most readers, which are read-only environments, you can interact with those sources right from your feed, including by publishing posts and replying to other people’s.

That’s something the indie web community has been thinking about forever: people like Aaron Parecki have been building their own interactive readers using open web standards, and I remember working on a simple prototype at an IndieWebCamp in Portland.

But it’s also an idea that has become more powerful as the open social web has grown. There are millions of people to interact with – all of whom might be publishing from their own websites, on their terms, free from intermediation. May it continue to grow and spread.

Find blog posts with missing featured images - and missing alt text - without a plugin - Terence Eden’s Blog

2026-05-11T11:34:39.000Z

WordPress has the concept of "Featured Images". They are the images which show up when you share a blog post on social media or, on some themes, as the "hero" image.

How can you quickly and easily find any posts which don't have a featured image?

For this, I use WP CLI - it allows you to run complex WordPress actions and queries using the command line. After you have installed WP CLI you can get started.

Missing Images

On the command line, run:

wp eval 'foreach(get_posts(array("post_type"=>"post","post_status"=>array("publish"),"posts_per_page"=>-1,)) as $post){if(get_the_post_thumbnail($post)==""){$post_type_object=get_post_type_object($post->post_type);$link=admin_url(sprintf($post_type_object->_edit_link . "&action=edit", $post->ID));echo $post->post_date . " " . $link . " " . $post->post_title . "\n";}}'

Here's the code in a slightly more readable format:

foreach ( 
   get_posts( 
       array( "post_type"      => "post", 
              "post_status"    => array("publish"), 
              "posts_per_page" => -1,
       ) 
   ) as $post) { 
      if( get_the_post_thumbnail( $post)== "" ) { 
         $post_type_object = get_post_type_object( $post->post_type ); 
         $link = admin_url( sprintf( $post_type_object->_edit_link . "&action=edit", $post->ID ) ) ;
         echo $post->post_date . " " . $link . " " . $post->post_title . "\n";
      } 
}

That will print out:

2024-05-02 12:34:11 https://example.com/wp-admin/post.php?post=123&action=edit "A post about sausages" 
2023-09-13 20:55:52 https://example.com/wp-admin/post.php?post=456&action=edit "I like cheese"
2021-12-31 15:43:33 https://example.com/wp-admin/post.php?post=789&action=edit "Touching computers"

You can then go and edit each of those posts to add a featured image.

Missing Alt Text

Adding alt text means that people who can't see images will still be able to understand what the picture represents. Here's another one-lines to find all featured images with missing alt text:

wp eval 'foreach (get_posts(array("post_type"=>"post","post_status"=>array("publish"),"posts_per_page" => -1,)) as $post){if(simplexml_load_string(get_the_post_thumbnail($post))["alt"]==""){$post_type_object=get_post_type_object($post->post_type);$link=admin_url(sprintf($post_type_object->_edit_link . "&action=edit",$post->ID));echo $post->post_date . " " . $link . " " . $post->post_title . "\n";}}'

And, in slightly more readable form:

foreach (
   get_posts( 
      array( "post_type"      => "post", 
             "post_status"    => array("publish"), 
             "posts_per_page" => -1,
           ) 
   ) as $post) { 
      if( simplexml_load_string( get_the_post_thumbnail( $post ) )["alt"] == "") { 
         $post_type_object = get_post_type_object( $post->post_type ); 
         $link = admin_url( sprintf( $post_type_object->_edit_link . "&action=edit", $post->ID ) ) ;
         echo $post->post_date . " " . $link . " " . $post->post_title . "\n"; 
      } 
}

Again, that lists the datetime of the post, its edit link, and its title.

No, if you'll excuse me, I have about 873 posts which need updating 🤯

Hey you, start communicating! - Kev Quirk

2026-05-11T08:25:00.000Z

Hey you, start communicating!

by David Jamieson

David talks about why it's good to reach out to authors when you read their content. Even if it's just to say hi.

Read post ➡

Hard agree with David's comments here - he and I regularly exchange emails, actually. I try to reach out to authors whenever I read something that resonates with me. I'll also try to share their work via posts like this too.

For me, blogging is the original social network; just because we're on our own spaces doesn't mean we can't be socially connected. That's why I offer comments, and a reply by email link on all posts, including my RSS feed.

So yeah, start communicating! 🙃

Thanks for reading this post via RSS. RSS is ace, and so are you. ❤️

You can reply to this post by email, or leave a comment.

Fear is information. - Westenberg

2026-05-11T03:52:45.000Z

The motivational industry has built any number of small empires on the notion that fear is a problem to be either managed, suppressed or out-manoeuvred. Fight the fear, etc. The language is typically martial - as if fear were a hostile enemy, camped at the gates of your better self.

But this is sloppy thinking that comes at a cost.

When the body floods with adrenaline // the mind locks onto a single threat, the system is doing what it evolved to do: reporting on the state of whatever it is you care about. The signal bypasses the conscious mind almost entirely; which is why you can spend years lying to yourself about what you want and still flinch at the wrong moment when the thing you value comes under threat.

My basic claim is this. When someone (anyone, everyone) is afraid, they're telling you what they actually value. Their fear is a noisy, but no less precise indicator of both the surface threat and their underlying stake. A founder who keeps delaying their launch has a private worry that has almost nothing to do with the launch itself; they're deathly afraid of the dissonance between who they've been telling people (and themselves) they are and who the market will reveal them to be. The surface object of the fear is misdirection; the actual content is a value statement signed in the writer's own hand.

You can argue with the rationalisations that get layered on top of the stake, but you can't argue with the signal itself.

People will lie to you about what they want, and they'll lie to themselves with even greater conviction. But their fear won't lie, because it can't. It's older than language and it runs on a circuit that doesn't consult the part of the mind responsible for maintaining a neat // tidy story.

If you want to know what someone actually values, pay attention to what they protect.

A client who keeps fixating on the timeline is afraid of something other than the difference between three weeks and four. Their fear is tied to a board meeting, or a budget cycle, or personal pressure. A prospect who keeps circling back to price is using the price as a placeholder for a deeper fear about whether they'll be able to defend their decision if it all goes sideways.

If you read the fear correctly, you can stop arguing with the placeholder and start addressing the actual stake.

Your own fear works in much the same way; it's drawn from a part of you that doesn't bother with self-deception. When you flinch at sending an email, you're exporting data about that relationship. When a project keeps slipping in your calendar - whether or not you've admitted to deprioritising it - your behaviour is an indicator. The thought of having that one conversation you've been putting off makes your stomach turn because you're responding to a real assessment of the stakes that the "refined" part of your brain has refused to acknowledge.

I've caught myself avoiding decisions for weeks at a time, generating elaborate justifications for the delay, when the actual reason was a single, one-line fear I would've been utterly embarrassed to say out loud.

But the fear is almost always right.

Even if it's usually wrong about what to do with the information…

Fear is excellent intelligence, but it's not much of a strategy. It tells you what's at risk with high fidelity, and what to do about that risk with all the sophistication of a small mammal in a patch of tall grass; the amygdala, after all, rarely understands either long games or leverage. If you let the part of you that knows what's at stake dictate your response to that stake, you'll spend your life flinching away from the things that matter to you and into the things that look superficially safer.

This is why so much of the advice we give // receive about fear is suspicious of the concept without quite understanding why. People do get controlled by their fear, and that control does produce bad outcomes; but it's a mistake to conclude that fear is therefore a corrupting influence and that it has to be smothered. The fear is fine - useful, even. The problem is letting an instrument designed for tactical reflexes write the plan.

Acknowledge the fear and read it carefully; and refuse to be moved by it until you've understood what it's telling you.

Then decide whether the information changes the plan.

But stop treating fear as either a master or an enemy. It's an instrument, and like any instrument, you have to read it and you have to choose what to do with the data it offers.

The list of things you're afraid to lose is the most accurate map you have of whatever you've built your life around. If you want to know what actually matters to you, watch what your nervous system does when something’s threatened. The list might not match the vision document you'd recite on a podcast, but it's much closer to a source of truth.

I find that clarifying rather than depressing.

The world is not as opaque as the official explanations make it look. People are constantly broadcasting what they value, in a frequency older than speech, on a channel they can't turn off. You only have to learn to listen to it, and be willing to listen to yourself.

The discipline is the same in both directions; read the signal carefully, and then decide what to do with the information, free of any pressure to obey it.