- ↔
- →
to read (pdf)
- Reconstructing Program Semantics from Go Binaries
- Long time ago, I was looking for game with some hidden rules, browsing random wi... | Hacker News
- Keychron’s Nape Pro turns your mechanical keyboard into a laptop‑style trackball rig: Hands-on at CES 2026 - Yanko Design
- The Code-Only Agent • Rijnard van Tonder
- Agent-native Architectures: How to Build Apps After Code Ends
- January 15, 2026
-
🔗 HexRaysSA/plugin-repository commits sync repo: +1 plugin, +1 release rss
sync repo: +1 plugin, +1 release ## New plugins - [security-poc-plugin](https://github.com/0Eniltilps/foo) (1.0.0) -
🔗 r/reverseengineering Ghidra 12.0.1 has been released! rss
submitted by /u/ryanmkurtz
[link] [comments] -
🔗 NationalSecurityAgency/ghidra Ghidra 12.0.1 release
- What's New
- Change History
- Getting Started
- SHA-256:
85bd2990945f3a78df4d1e09f1bb1f40ab77be3bac62c6e7678900788c7f0f41
-
🔗 HexRaysSA/plugin-repository commits sync repo: +2 plugins, +2 releases, -1 release rss
sync repo: +2 plugins, +2 releases, -1 release ## New plugins - [sharingan](https://github.com/n0pex3/sharingan) (1.0.2) - [tc_deer](https://github.com/arkup/tc_deer) (0.1.0) ## Changes - [Sharingan](https://github.com/n0pex3/sharingan): - removed version(s): 1.0.2 -
🔗 HexRaysSA/plugin-repository commits sync repo: -2 releases rss
sync repo: -2 releases ## Changes - [ida-chat](https://github.com/HexRaysSA/ida-chat-plugin): - removed version(s): 1.0.0, 0.2.1 -
🔗 r/wiesbaden Suche Friseursalon für amerikanisches Blond/Balayage Empfehlungen? rss
ich bin Amerikanerin und auf der Suche nach einem neuen Friseursalon. Ich trage Blond mit Balayage im amerikanischen Stil (kühler Ton, weich verblendet, kein Gelb/Orange).
Ich war bisher bei Gold Rausch, aber leider komme ich immer wieder mit orangestichigen Strähnen raus, obwohl ich explizit kühle Blondtöne anspreche.
Kennt jemand einen Friseur oder Salon, der wirklich Erfahrung mit kühlem Blond / Balayage nach US-Standard hat? Idealerweise im Raum Frankfurt / Wiesbaden.
submitted by /u/Alert-Count8542
[link] [comments] -
🔗 r/reverseengineering C/C++ Code Injection Utility for PS1, PS2, GameCube, and Wii. Re-implement reverse engineered functions, change functionality, add functionality, etc rss
submitted by /u/C0mposer
[link] [comments]
-
- January 14, 2026
-
🔗 IDA Plugin Updates IDA Plugin Updates on 2026-01-14 rss
IDA Plugin Updates on 2026-01-14
New Releases:
- chernobog v5.2.0
- ghidra-chinese 20260114 - 20998739787
- HappyIDA v1.0.0
- ida-chat-plugin v0.2.6
- IDA-MCP v0.2.4
- ida-structor v0.5.0
- sharingan v1.0.2
- sharingan v1.0.1
- sharingan v1.0.0
Activity:
- chernobog
- 5d9b375a: perf: Accelerate AST pattern matching via SIMD and hash-based lookups
- cpp03
- 55c86ab2: Update README.md
- ghidra-chinese
- HappyIDA
- 37c1bc01: docs: update feature description
- 25c539cd: docs: update credits section
- 9be980ef: fix: correct plugin validation errors
- e7ad5532: docs: refine README feature table and SEH description
- 579762e5: update: add more explanation in readme
- 044b6e45: update: should use "sync" in readme
- 930493ea: update: add edittype and pastetype example in readme
- 9ec18126: fix: avoid matching the outermost block
- 4bc3b772: update: mention the two functionalities of SEH in readme
- 3b3b590e: update: add more examle in readme
- d70155de: update: add section parameter labeling in readme
- ida-chat-plugin
- ida-domain
- 949fd752: Update filelock and virtualenv to fix security vulnerabilities (#42)
- IDA-MCP
- 6651ea4c: 增加 http / stdio 开关
- ida-structor
- 4718401e: feat: Add automatic type inference and SIMD-accelerated core algorithms
- IDAPluginList
- 14cb7766: chore: Auto update IDA plugins (Updated: 19, Cloned: 0, Failed: 0)
- msc-thesis-LLMs-to-rank-decompilers
- 5602df42: added test for server and edited some things
- rhabdomancer
- 1f880967: feat: add
ttyname_rto the list of bad functions
- 1f880967: feat: add
- sharingan
- tenrec
- 30debe56: Merge pull request #14 from axelmierczuk/docs/improve-documentation
- 9a0a5f6c: docs: Restructure documentation with CLAUDE.md and agent_docs
- 2ace3e02: Merge pull request #13 from axelmierczuk/release/v1.0.1
- affee70f: Bump version to 1.0.1
- 2614d375: Merge pull request #12 from nonetype/local-type-filtering
- c3ca270a: Merge branch 'main' into local-type-filtering
- 4a16cc52: Merge pull request #11 from nonetype/main
-
🔗 sacha chua :: living an awesome life Visualizing and managing Pipewire audio graphs from Emacs rss
I want to be able to record, stream, screen share, and do speech recognition, possibly all at the same time. If I just try having those processes read directly from my microphone, I find that the audio skips. I'm on Linux, so it turns out that I can set up Pipewire with a virtual audio cable (loopback device) connecting my microphone to a virtual output (null sink) with some latency (100ms seems good) so that multiple applications listening to the null sink can get the audio packets smoothly.
I was getting a little confused connecting things to other things, though. qpwgraph was helpful for starting to understand how everything was actually connected to each other, and also for manually changing the connections on the fly.
Figure 1: qpwgraph screenshot Like with other graphical applications, I found myself wondering: could I do this in Emacs instead? I wanted to just focus on a small set of the nodes. For example, I didn't need all of the lines connecting to the volume control apps. I also wanted the ability to focus on whichever nodes were connected to my microphone.
Unsurprisingly, there is a pipewire package in MELPA.
Figure 2: Screenshot of M-x pipewire from the pipewire package I want to see and manage the connections between devices, though, so I started working on sachac/epwgraph: Emacs Pipewire graph visualization. This is what
epwgraph-showlooks like with everything in it:
Figure 3: epwgraph-show Let's call it with
C-u, which prompts for a regexp of nodes to focus on and another regexp for nodes to exclude. Then I can ignore the volume control:
Figure 4: Ignoring the volume control I can focus on just the things that are connected to my microphone:
Figure 5: Focusing on a regular expression This also lets me disconnect things with
d(epwgraph-disconnect-logical-nodes):
Figure 6: Disconnecting a link and connect them with
c(epwgraph-connect-logical-nodes).
Figure 7: Connecting links I don't have a fancy 5.1 sound systems, so the logic for connecting nodes just maps L and R if possible.
Most of the time I just care about the logical devices instead of the specific left and right channels, but I can toggle the display with
tso that I can see specific ports:
Figure 8: Showing specific ports and I can use
CandDto work with specific ports as well.
Figure 9: Connecting specific ports I usually just want to quickly rewire a node so that it gets its input from a specified device, which I can do with
i(epwgraph-rewire-inputs-for-logical-node).
Figure 10: Animated GIF showing how to change the input for a node. I think this will help me stay sane when I try to scale up my audio configuration to having four or five web conferences going on at the same time, possibly with streaming speech recognition.
Ideas for next steps:
- I want to be able to set the left/right balance of audio, probably using
pactl set-sink-volume <index> left% right% - I'd love to be able to click on the graph in order to work with it, like dragging from one box to another in order to create a connection, right-drag to disconnect, or shift-drag to rewire the inputs.
In case this is useful for anyone else:
sachac/epwgraph: Emacs Pipewire graph visualization
You can e-mail me at sacha@sachachua.com.
- I want to be able to set the left/right balance of audio, probably using
-
🔗 batrachianai/toad The cosmetic release release
[0.5.31] - 2026-01-14
Changed
- Fix for diff highlights
- Minor cosmetic things
-
🔗 HexRaysSA/plugin-repository commits sync repo: +1 plugin, +1 release rss
sync repo: +1 plugin, +1 release ## New plugins - [HappyIDA](https://github.com/HappyIDA/HappyIDA) (1.0.0) -
🔗 @cxiao@infosec.exchange and the netherlands. and [#canada](https://infosec.exchange/tags/canada) mastodon
and the netherlands. and #canada
the world has changed and i don't think i like this world very much
-
🔗 @cxiao@infosec.exchange [https://www.lemonde.fr/en/international/article/2026/01/14/greenland-denmark- mastodon
germany, france, sweden, denmark are all actually sending soldiers to greenland now
-
🔗 @cxiao@infosec.exchange gonna just post this gif repeatedly at increasingly faster speeds mastodon
gonna just post this gif repeatedly at increasingly faster speeds
-
🔗 @cxiao@infosec.exchange not sure what to say other than it feels like we are way over the line now, of mastodon
not sure what to say other than it feels like we are way over the line now, of NATO changing forever
-
🔗 r/reverseengineering FileDumper v1.0.1 - Simple Memory Forensic Dumper for Windows (Python 2 + memorpy) – Built with Grok in a Late-Night Session rss
submitted by /u/AcizBirKulKadir
[link] [comments] -
🔗 HexRaysSA/plugin-repository commits Merge pull request #17 from terrynini/patch-1 rss
Merge pull request #17 from terrynini/patch-1 -
🔗 sacha chua :: living an awesome life Emacs Lisp: Editing one file twice at the same time rss
@HaraldKi@nrw.social said:
Emacs can do everything. Except the most simple thing ever as I learned after 40 years in which I never needed it: Edit one file twice at the same time.
I can open a new Emacs "window" and re-open the file. But Emacs notices and this and shows the file's buffer in the new window, not a new buffer.
But why? Well, when editing and SVG file, you can switch between the XML and the rendered image with C-c C-c, but I would like to see the XML and the rendered next to each other.😀
You might think this is easy, just use
M-x clone-indirect-buffer-other-window. But image-mode adds a wrinkle. It uses text properties to display the image, so even if you have two views of the same buffer thanks toclone-indirect-buffer,C-c C-cwill toggle both of them. If we want to edit a file as both text and an SVG at the same time, we need to actually have two separate file buffers.I started off by looking at how
find-fileworks. From there, I went tofind-file-noselect. Normally,find-file-no-selectreuses any existing buffers visiting the same file. If it doesn't find any, it callsfind-file-noselect-1. That lets me write this short function to jump straight to that step.(defun my-find-file-always (filename &optional buffer-name) (interactive (list (read-file-name "File: "))) (setq buffer-name (or (create-file-buffer filename))) (let* ((truename (abbreviate-file-name (file-truename filename))) (attributes (file-attributes truename)) (number (file-attribute-file-identifier attributes))) (with-current-buffer (find-file-noselect-1 (get-buffer-create buffer-name) truename t nil truename number) (when (called-interactively-p 'any) (switch-to-buffer (current-buffer))) (current-buffer)))) (defun my-clone-file-other-window () (interactive) (display-buffer-other-window (my-find-file-always (buffer-file-name))))This code unconditionally opens a buffer visiting a file, so you could have multiple buffers, looking at the same file independently. With
global-auto-revert-mode, editing the file in one buffer and saving it will result in changes in the other.I sometimes play around with SVGs, and it might be helpful to be able to experiment with the source code of the SVG while seeing the changes refreshed automatically.
I really like how in Emacs, you can follow the trail of the functions to find out how they actually work.
Screencast demonstrating my-find-file-alwaysTranscript00:00:00 The problem: clone-indirect-buffer-other-window and image-mode@HaraldKi@nrw.social said, "Emacs can do everything except the most simple thing ever, as I learned after 40 years in which I never needed it: edit one file twice at the same time." You might think this is easy, just use M-x clone-indirect-buffer-other-window, but image mode adds a wrinkle. So let's show you how that works. I've got my test SVG here. We can say clone-indirect-buffer-other-window. But if I use C-c C-c, you'll notice that both of the windows change. That's because image mode uses text properties instead of some other kind of display. I mean, it's the same buffer that's being reused for the clone. So that doesn't work.00:00:48 A quick tour of find-fileWhat I did was I looked at how find-file works. And then from there, I went to find-file-noselect. So this is find-file over here. If you look at the source code, you'll see how it uses find-file... It's a very short function, actually. It uses find-file-noselect. And find-file-noselect reuses a buffer if it can. Let's show you where we're looking for this. Ah, yes. So here's another buffer here. And what we want to do is we want to open a new file buffer no matter what. The way that find-file-noselect actually works is it calls this find-file-noselect1. And by taking a look at how it figured out the raw file and the true name and the number to send to it, I was able to write this short function, my-find-file-always, and a my-clone-file-other-window.00:01:46 Demonstration of my-find-file-alwaysSo if I say my-find-file-always, then it will always open that file, even if it's already open elsewhere.00:01:57 Cloning it into the other windowLet's show you how it works when I clone it in the other window. All right, so if I switch this one to text mode, I can make changes to it. More stuff goes here. And as you can see, that added this over here. I have global-auto-revert mode on, so it just refreshes automatically. So yeah, that's this function.You can e-mail me at sacha@sachachua.com.
-
🔗 r/wiesbaden Wohin mit Kühlschrank/Spülmaschine? rss
Hey zusammen,
Ich muss einen Kühlschrank und eine Spülmaschine loswerden. Stammen aus einem Nachlass. Kleinanzeigen bisher kein Erfolg - für die Tonne zu schade. Spülmaschine 2 Jahre alt, Kühlschrank vielleicht 3.. Hab noch bis Ende des Monats Zeit.
Gibt's in Wiesbaden einen 2nd Hand Laden/Sozialkaufhaus die solche Dinge nehmen würden?
Bin über alle Hinweise happy!
submitted by /u/qweargss
[link] [comments] -
🔗 pranshuparmar/witr v0.2.4 release
What's Changed
- Replace WMIC commands with PowerShell Get-CimInstance for future compatibility by @abdullah134 in #142
- Main PR by @pranshuparmar in #147
- Readme update by @pranshuparmar in #148
- Main PR by @pranshuparmar in #149
- Added GetFileContext function for linux by @RikSmits06 in #115
- [feat] GetResourceContext and GetFileContext function written for Linux by @gaixen in #108
- feat(proc): implement windows service detection and peb scanning by @sunydepalpur in #143
- feat(diag): implement deleted binary detection and socket state analysis by @sunydepalpur in #144
- Main PR by @pranshuparmar in #150
New Contributors
- @RikSmits06 made their first contribution in #115
Full Changelog :
v0.2.3...v0.2.4 -
🔗 @HexRaysSA@infosec.exchange 📢 LAST CALL: IDA Plugin Contest! mastodon
📢 LAST CALL: IDA Plugin Contest!
The submission window closes January 15, 2026 @ 11:59pm CET.
Read the entry instructions and full details here:
https://hex-rays.com/plugin-contestGood luck!
-
🔗 HexRaysSA/plugin-repository commits Request for adding HappyIDA plugin rss
Request for adding HappyIDA plugin -
🔗 batrachianai/toad The Shelled Release release
[0.5.30] - 2026-01-14
Fixed
- Fixed Terminals not focusing on click
- Fixed tool calls not rendered
- Fixed Kimi run command
- Fixed permissions screen not dispaying if "kind" is not set
Added
- Added reporting of errors from acp initialize call
- Added Interrupt menu option to terminals
-
🔗 HexRaysSA/plugin-repository commits sync repo: +1 release rss
sync repo: +1 release ## New releases - [Sharingan](https://github.com/n0pex3/sharingan): 1.0.2 -
🔗 HexRaysSA/plugin-repository commits fix typo rss
fix typo -
🔗 HexRaysSA/plugin-repository commits add arkup/tc_deer to known-repositories.txt rss
add arkup/tc_deer to known-repositories.txt -
🔗 HexRaysSA/plugin-repository commits sync repo: +1 plugin, +2 releases rss
sync repo: +1 plugin, +2 releases ## New plugins - [Sharingan](https://github.com/n0pex3/sharingan) (1.0.0) ## New releases - [ida-chat](https://github.com/HexRaysSA/ida-chat-plugin): 0.2.6 -
🔗 r/wiesbaden Hainerberg Taco Bell Menu rss
Not an advertisement, posted for informational purposes. The Taco Bell is on a US military base. You must have access to US installations or be accompanied by someone with access and pass a security check. I will not provide access to anyone. I might do a one time Taco Bell party off the base, if there is interest and someone is willing to host.
submitted by /u/OldBayExorcism
[link] [comments] -
🔗 r/reverseengineering Game Reverse Engineering - One Hit Kills Hack rss
submitted by /u/chaiandgiggles0
[link] [comments] -
🔗 HexRaysSA/plugin-repository commits sync repo: ~1 changed rss
sync repo: ~1 changed ## Changes - [ida-chat](https://github.com/HexRaysSA/ida-chat-plugin): - 0.2.1: archive contents changed, download URL changed -
🔗 SparkFun Tutorials What's the difference between the ZED-F9P and the ZED-X20P? rss
What's the difference between the ZED-F9P and the ZED-X20P? a
Available online at:
Introduction
The ZED-X20P is u-blox's GNSS receiver designed as a successor to the wildly popular ZED-X9P. It has improvements in accuracy, band reception, and power consumption. Here, we outline the key differences between our ZED-F9P and ZED-X20P breakout boards so you know exactly how to upgrade your projects to the newest technology.
Comparison of Features
u-blox provides the following table comparing key high-level differences between the features on the ZED-F9P and the ZED-X20P:
We've also compiled the differences between the chips across more specific features:
Parameter | ZED-F9P | ZED-X20P
---|---|---
PPS Accuracy | 30 ns | 20 ns
Convergence Time | < 10 s | < 7 s
Max Velocity | 500 m/s | 300 m/s
Velocity Accuracy | 0.05 m/s | 0.03 m/s
Backup Battery Current | 45 µA | 32 µA
SW Backup Current | 1400 µA (1.4 mA) | 93 µA
Peak Current | 130 mA | 80 mA
Acquisition Current | 95 mA | 68 mA
Tracking Current | 93 mA | 64 mA*Notes: u-blox has recently removed support for the GLONASS GNSS constellation. This is not accounted for in the listed current consumption of the ZED-X20P.
Hardware Changes
With the exclusions of the added JST connector and adjusted location of the BlueSMiRF header; the overall board dimensions, edge connectors and screw-hole locations, and PTH pin layout are exactly the same.
Allband GNSS RTK Breakout - ZED-X20P (Qwiic)
GPS-RTK-SMA Breakout - ZED-F9P (Qwiic)
GPS-RTK2 Board - ZED-F9P (Qwiic)
Antenna Connection
Connector Options
With the ZED-F9P we released two different boards with either a U.FL connector or an SMA connector to attach a GNSS antenna. With the ZED-X20P, we have released a single board with both options with a jumper to select the connector to be used.
SMA: The location of the SMA connector remains the same.
U.FL: The U.FL connector’s location is slightly different by a couple millimeters. There was a hole in the board to pass a U.FL cable through.
Notes: We did our best to maintain an impedance match between the two different connections. Users may experience a small shift in the signal’s impedance after altering their board. However, in our experience, the GNSS receiver was still functional after modifying the jumper and we didn’t really notice a degradation in performance.
Length of SMA Connector
We recently changed suppliers for our SMA connector, so users will eventually see a slightly longer SMA connector on future boards.
Old version: 6.3mm
New version: 8mm
BlueSMiRF Header Location
On the ZED-F9P boards, the BlueSMiRF PTH pins were located at the edge of the board. For the ZED-X20P, we have added a locking JST connector, in its place, to allow users to easily attach an RF transceiver. Therefore, the BlueSMiRF header was relocated to the interior of the board.
Notes: The pin layout of the BlueSMiRF header remains the same; connecting to the UART2 interface of the GNSS receiver. On the ZED-X20P, we added a VSEL jumper for users to switch between either a 5V or 3.3V input/output voltage for the BlueSMiRF header.
Pin Functionality
Most of the pin functionality remains the same, with the exception of a single pin. The safeboot pin on the ZED-Z20P board was relocated to a test point and replaced with the enable pin for the RT9080 LDO.
ZED-F9P: Safeboot Pin
ZED-X20P: RT9080 Enable Pin
Notes: The SPI interface is enabled with the DSEL jumper for the ZED-F9P; meanwhile, for the ZED-X20P, it is enabled with the SPI jumper. The operation of these jumpers remains the same; only the name changed on the silkscreen. Similarly, the EVENT and INT pins are both external interrupt pins; only the name changed on the silkscreen.
UART Interface
Baud rate:
- ZED-F9P: 9600-921600 bps
- ZED-X20P: 4800-8000000 bps
Notes: Default baud rate is 38400 bps. The ZED-F9P only supports the RTCM protocol up to v3.3
SPI Interface
Max transfer rate:
- ZED-F9P: 125 kB/s
- ZED-X20P: 880-950 kB/s
Max clock speed:
- ZED-F9P: 5.5 MHz
- ZED-X20P: 7.25-12.8 MHz
Notes: The transfer rate for the ZED-X20P is based on the load capacitance. SPI interface must be enabled by the jumper.
I2C Interface
The ZED-F9P only supported I2C fast-mode; while the ZED-X20P supports standard mode, fast mode, and fast mode plus.
Max bit rate:
- ZED-F9P: 400 kbit/s
- ZED-X20P: 1000 kbit/s
USB Interface
While both boards provide a USB-C connection to the GNSS receiver, on the ZED-X20P we would advise users not to rely on this interface in their designs.
Notes: For the ZED-X20P, we broke out this interface as part of a preliminary design recommendation. However, u-blox has recently removed this interface from their latest datasheet. Therefore, we would recommend that users not integrate this interface into their future designs. Especially when it doesn’t support firmware updates.
Software Changes
Firmware Upgrade
As mentioned about the USB interface, above, it is only possible to perform firmware updates through the UART1 interface for the ZED-X20P.
Firmware upgrade through I2C (Qwiic) is possible, but is only for advanced users. You need (e.g.) a Thing Plus board running a sketch to convert USB UART to I2C. Then you need to run the u-blox ubxfwupdate.exe from the command line with some special settings.
u-center Application
One of the biggest changes between the two GNSS receivers is the u-center software application. u-blox recommends their new u-center 2 software application for any GNSS engine, generation 10 or later.
The first difference between the two applications is that users will notice is a required user account for u-center 2. While users will need internet access to initially login, users will not need internet access or to login afterwards.
Beyond a new look and feel, the primary difference in functionality between the two applications is that the new generation 10 GNSS engines implement a new set/get method for the values in the configuration layers of the GNSS receiver. This is handled in the backend of the software application, but should be noted for any development purposes.
Some other notes to mention:
- With the new workspace configuration allows users to save setups and layouts when testing different GNSS receivers.
- With the required login, u-blox also integrates their new PPP services and their support portal in the u-center 2 application for users.
- u-blox also wrote up this blog post with a few tips and tricks for the new software application.
Notes: Nate has found that if users wish to continue using the original version of u-center (not u-center 2), they just need to use the generation 9 advanced configuration view. See Section 5.2.7 Generation 9 configuration view of this manual.
Arduino Library
With the introduction of the set/get method for configuration values for the gen 10 GNSS engines, our Arduino library got a new release (v3). The Arduino library should be mostly backwards compatible, with a few minor changes, see below for more information:
learn.sparkfun.com | CC BY-SA 3.0 | SparkFun Electronics | Niwot, Colorado
-
🔗 @cxiao@infosec.exchange If you know anyone in the Iranian-Canadian community, you know how hard the mastodon
If you know anyone in the Iranian-Canadian community, you know how hard the loss of Flight PS752 affected them. Entire families were lost, and some communities, like the Persian community in Richmond Hill, were especially devastated.
In recent days, these communities have had to deal with not only remembering the 6th anniversary of this tragedy, but have also had to watch as the same perpetrators of this crime, the IRGC and the rest of the regime, have slaughtered Iranian protestors without the world paying any attention. And now that Iran is past the 132nd hour of a complete internet shutdown, and at the same time reports of thousands of casualties are emerging, they need to worry about whether their loved ones are safe.
I encourage all Canadians to read the statement by the Association of Families of Flight PS752 Victims about what is happening now: https://www.ps752justice.com/statement-of-the-association-of-families-of- flight-ps752-victims-regarding-the-internet-shutdown-and-killings-in- iran/
I have made a donation to the Association as well, for their continued work in remembering the victims, supporting the families, and calling for justice in Iran.
You can read about the victims here as well: https://www.cbc.ca/news2/interactives/flightps752/
-
🔗 sacha chua :: living an awesome life La semaine du 5 janvier au 11 janvier rss
Lundi, le cinq janvier
Ma fille est devenue grincheuse probablement à cause d'une mauvaise communication ce matin. Elle n'a pas continué à l'école aujourd'hui. Elle n'est pas allée au cours de gym parce qu'elle était de mauvaise humeur. Elle est restée dans sa chambre toute la journée. Alors, s'inquiéter, ça ne sert à rien. Au lieu de stresser, j'ai déneigé. La neige était légère, et le fait de déneiger m'a changé les idées. Ensuite, je me suis préparée pour ma session avec ma tutrice. En addition des entrées de cette semaine, nous avons aussi révisé une entrée de la semaine dernière.
Elle n'a pas besoin d'un câlin, mais elle est revenue pour le déjeuner. Elle m'a permis de lui brosser les dents et de lui nettoyer ses piercings.
J'ai écrit mon bulletin Emacs pendant une diffusion en direct. Quelques spectateurs ont fait des commentaires. ( Merci ! ) J'ai besoin d'ajuster la configuration de l'audio. Un jour, ce sera plus facile.
Maintenant, c'est le moment de l'inscription pour l'école. Je vais me renseigner sur le processus pour l'année prochaine, au cas où nous déciderons d'expérimenter l'instruction en famille pour le reste de l'année. Je vais aussi me renseigner sur le processus au cas où nous l'inscririons en cours d'année. Nous allons recevoir le carnet de notes en février. Alors que ma fille semble passer son temps à ne rien faire, cela reste instructif. Je pense que ma fille peut trouver son propre chemin. Malgré notre grande liberté et les nombreuses tentations de flâner, mon mari et moi continuons d'apprendre chaque jour. Ma fille aime proposer sans cesse des idées d'amélioration. Des familles que nous connaissons et qui vivent selon les principes de l'apprentissage libre semblent développer des passions intéressantes.
Pour le souper, j'ai préparé du bœuf salé en boîte. Ma fille et moi l'avons mangé avec du riz et du pak-choï.
Mardi, le six janvier
Nous nous sommes levés très tôt et nous sommes allés à l'hôpital pour l'examen médical de ma fille. Elle a dû jeûner et boire seulement de l'eau et du jus de pomme. Nous sommes arrivés exactement à l'heure (trente minutes avant le rendez-vous). Après environ trente minutes d'attente au-delà de l'heure prévue du rendez-vous, elle a eu l'échographie. C'est correct, donc je l'ai emmenée dehors pour manger sur le pouce avant son deuxième rendez-vous. Le médecin a dit que tout allait bien et nous n'avons pas besoin de plus de rendez-vous avec eux l'année prochaine. Après l'examen, elle voulait aller à l'espace de jeux de l'hôpital. Elle a colorié un dessin, elle a joué dans un petit café, et elle a joué aux trains.
Sur le chemin du retour, nous sommes passés chez Nella Cucina pour voir un couteau adapté aux enfants. Ma fille voulait un couteau comme un santoku parce que les aliments ne collent pas dessus. Tous les couteaux sont trop grands ou trop petits ou ne sont pas comme un santoku. Peut-être qu'elle devrait le chercher en ligne.
Elle avait si faim. Elle avait hâte de manger des nouilles instantanées avec plus de gâteau au poisson. Elle a utilisé la moitié du sachet d'épices et m'a donné l'autre moitié. J'ai préparé des nouilles conventionnelles. J'ai ajouté des algues et du gâteau au poisson, qu'elle m'a presque tout piqué. Elle avait très faim. Ce n'était pas grave, j'ai mangé du pain avec du beurre.
Après tout ça, j'ai appelé son école pour connaître la procédure à suivre au cas où nous la retirerions de l'école et voudrions la réinscrire ensuite. La secrétaire n'était pas sûre, donc je me suis retrouvée à parler au directeur, ce qui était un peu embarrassant. Toutefois, j'ai appris que :
- Presque tous les étudiants de l'école virtuelle vont rester, à l'exception de quelques personnes qui vont rentrer à l'école en présentiel.
- Ils reçoivent une ou deux demandes chaque jour à l'extérieur de la période normale d'inscription, et doivent rejeter presque toutes les demandes à l'exception de cas graves, comme des raisons médicales.
- Si notre fille continue, sa place est assurée pour l'année prochaine.
- Si je l'inscris pour l'année prochaine avant le 23 janvier :
- S'ils nous offrent une place en février, si notre fille se retire, elle pourrait revenir à l'école virtuelle.
- S'ils ne nous offrent pas une place et que notre fille se retire et ensuite change d'avis, elle ne bénéficiera peut-être pas d'une exception et nous devrions attendre l'année suivante.
- Si je ne l'inscris pas pour l'année prochaine, et si notre fille se retire et ensuite change d'avis, peut-être que nous devrions attendre l'année suivante.
Pouvons-nous accepter son mécontentement face à la situation actuelle ? Pouvons-nous accepter l'incertitude pour plus d'une année ? Je pense que nous pouvons attendre jusqu'à ce que la situation s'éclaircisse.
Mercredi, le sept janvier
J'étais un peu fatiguée quand je me suis levée. Au lieu d'exercice, j'ai déneigé autour des drains et j'ai essayé d'écoper la flaque sur le trottoir. C'était trop difficile parce que la neige est devenue glace. Tant pis.
Une réflexion sur l'apprentissage de ma fille :
Ma fille aime bien lire. Elle lit pour le plaisir et discute des livres avec nous un peu comme ses devoirs que l'enseignant veut qu'elle fasse mais qu'elle ne les fait pas. Nous apprécions les mots intéressants qu'elle accumule en lisant et peut utiliser au moment opportun. "I'm ravenously hungry," dit-elle. Grâce à mon apprentissage en français, je peux partager ma propre exultation quand je trouve un nouveau mot magnifique.
Ma fille aime bien les mathématiques. Elle adore exercer son cerveau en calculant et en résolvant des problèmes que je lui pose. Elle trouve que le cours est ennuyeux parce qu'il est trop lent. Elle trouve que la programmation simple dans Minecraft Education est trop simple. Elle me demande de plus de challenges et essaie d'autres exercices elle-même, grâce aux livres Beast Academy.
Ma fille aime bien lancer des idées variées d'amélioration ou d'entreprise. Par exemple, quand elle joue à la marchande, elle prépare ses propres collations en vrai et me les vendent contre cinq tapes dans la main.
Je pense que l'école peut nous aider au développement de ses compétences. Les enseignants peuvent fournir l'évaluation extérieure que je ne peux fournir parce que je n'ai pas l'expérience. C'est aussi une occasion pour pratiquer la gestion de ses propres tâches. Après la résistance initiale, ma fille est fière quand elle accomplit ses tâches.
Mon mari pense que l'évaluation extérieure est importante. Ce n'est pas grave si notre fille reçoit des notes basses maintenant. Peut-être que il est encore utile pour la renseigner. Je suis d'accord, donc je peux attendre, particulièrement puisque je n'ai pas trouvé d'alternative qui nous inspire confiance. C'est possible que ses œuvres suffisent. Si elle est grincheuse contre le système, l'enseignant ou moi, je préfère qu'elle soit grincheuse contre le système et qu'elle choisisse de réussir malgré ces limitations. On va voir.
D'ailleurs, la plupart du temps, c'est acceptable, et elle est fière qu'elle puisse faire les choses elle-même. Ça va.
J'ai finalement créé un logiciel pour créer ou télécharger le brouillon du prochain bulletin de la Bike Brigade sur Google Drive. J'ai aussi fait une fonction dans Emacs pour créer ou modifier la campagne sur MailChimp grâce au modèle. Ça signifie que je peux mettre à jour le bulletin de brouillon avec moins de clics. Ça simplifie mon flux de travail. Un jour je veux automatiser tout le processus à part l'écriture, que les autres bénévoles pourront faire.
Ma fille essayait Pokémon sur le GameBoy Advance de mon mari pendant que je l'interrogeais sur ses devoirs et je tapais ses réponses. Parfois je faisais la secrétaire pour elle, ce qui l'aide beaucoup.
Jeudi, le huit janvier
Au lieu de suivre une vidéo d'exercice, j'ai pris une pelle et creusé une rigole dans la glace pour drainer la flaque sur le trottoir plus bas dans la rue. La météo a annoncé que la journée de demain serait plus chaude, donc peut-être que le canal aidera à éviter que le trottoir ne soit inondé (ou du moins, moins d'inondations). C'était un bon exercice. Ensuite mes mains étaient très fatiguées, donc je me suis concentrée sur les tâches qui ne nécessitent pas de trop taper. J'ai revu mes cartes Anki, j'ai amélioré ma configuration d'audio, et j'ai enregistré une courte vidéo qui démontre ma fonction pour dicter une note à la tâche actuelle.
Quand mes mains allaient mieux, j'ai fait plus de programmation. Je veux automatiser l'exécution des logiciels chaque jour et chaque semaine, par exemple le renouvellement de nos livres empruntés à la bibliothèque ou mon nouveau logiciel pour créer un brouillon du bulletin d'information de la Bike Brigade. Cependant, mon ordinateur n'est pas allumé sans cesse. Je me suis renseignée sur comment configurer des tâches persistantes dans systemd. De cette façon, ces tâches vont s'exécuter un peu de temps après le démarrage de mon ordinateur, pourvu que je les aie configurées correctement. On va voir demain si les tâches se lanceront.
Ma fille et moi avons fait une promenade pendant la pause déjeuner, mais nous avons oublié que la bibliothèque ouvre à 12h30 (midi et demi) jeudi. Elle est devenue un peu grincheuse parce qu'elle a hâte d'avoir plus de livres, mais le soleil brillait et je maintenais une conversation légère, donc ce n'était pas grave. Elle est rentrée à l'école virtuelle juste à l'heure.
Après l'école, j'ai emmené ma fille au parc pour jouer avec son amie. Bon, en vrai, je pense qu'elle jouait plus avec la chienne de son amie qu'avec son amie. Je suppose que c'est juste une de ces journées.
Un fil sur Reddit m'a inspiré à penser aux buffers d'Emacs. J'ai revu ma configuration pour beaucoup d'exemples d'usage en dictant des notes avec ma nouvelle fonction pour les rassembler avec les liens, ce qui était très utile. Je pense que je vais faire une diffusion en direct avant d'écrire un billet sur le sujet. Quand… Peut-être que vendredi après-midi est un bon moment pour ça.
Ma fille était curieuse au sujet de Pokémon parce que mon mari y jouait sur sa GameBoy Advance. Elle m'a demandé si je pouvais trouver Pokémon Blanc. Je l'ai installé dans un émulateur sur mon ordinateur. Parce que mon ordinateur était occupé, j'ai ressuscité mon ancienne machine et je l'ai utilisée pour me connecter à mon ordinateur actuel via SSH pour continuer à écrire mon journal, grâce à Linux qui est orienté serveur.
Vendredi, le neuf janvier
Succès ! Selon ma fille, elle peut préparer son propre déjeuner mieux que moi. Ce matin, elle l'a refait parce que j'ai déchiré le prosciutto en morceaux trop petits. Maintenant elle peut emporter son propre déjeuner et son propre collation. Elle survivra.
J'ai essayé de prévoir une diffusion en direct ce matin sur la configuration d'Emacs. En tout cas, je veux le faire, alors autant essayer de partager en direct. J'ai amélioré mon processus pour dicter des notes. Maintenant je peux faire une capture d'écran automatiquement, et tous les audios sont enregistrés avec un horodatage.
L'après-midi, le temps était beau, donc j'ai fait du vélo aux Stockyards pour chercher les pyjamas que j'avais achetés pour ma fille. J'ai oublié de lui brosser les dents pendant la pause déjeuner. Je l'ai fait pendant la récré de l'après-midi.
J'ai aussi essayé la reconnaissance vocale sur Google Chrome. J'ai modifié un logiciel pour la reconnaissance vocale en continu pour montrer les énoncés précédents et envoyer des messages au serveur, et j'ai créé un serveur qui retransmet les messages à Emacs. Dans Emacs, j'ai affiché les messages dans un buffer. La reconnaissance vocale sur Google Chrome est plus rapide que sur WhisperX et elle peut supporter un flux, mais elle n'utilise pas de ponctuation et la qualité est moindre. Je pense qu'elle sera utile pour la reconnaissance vocale des flux multiples simultanés pendant la prochaine conférence, ou en solution de secours pendant que je fais une diffusion en direct.
Le vent était fort, donc nous sommes restés à la maison. Après l'école, ma fille a exploré un kit de gemmes cachées en forme de volcan. Ma fille aime bien ces kits. Une fois les gemmes découvertes, je lui ai donné des fils de fer et lui ai montré comment les sertir avec du fil de fer.
Nous avons mangé des petits pains chinois pour le souper.
Ma fille voulait faire une robe à volants qui forme des manches courtes. (Peut-être comme cette robe ?) Nous avons regardé des tissus en ligne jusqu'à ce que je sois surstimulée entre les nombreux choix et son jacassement. J'ai besoin de calme.
Elle est allée dans sa chambre pour probablement jouer à Minecraft. Mon mari a travaillé sur l'installation de RetroPie sur la Raspberry Pi pour que ma fille puisse jouer à Pokémon plutôt que sur mon ordinateur ou sur un ancien ordinateur qui a besoin d'un câble vidéo différent.
Samedi, le dix janvier
Ma fille m'a demandé des petites crêpes pour le petit-déjeuner, donc je lui ai fait de minuscules crêpes et quelques crêpes en forme de cœur. Après la routine matinale, ma fille a joué au courrier des choses. Elle a distribué les couverts dans le tiroir de la cuisine, la lessive dans les tiroirs de sa chambre, les ordures à la poubelle, et d'autres choses partout dans la maison.
J'ai préparé le bulletin de la Bike Brigade. Cette fois, j'ai créé une fonction pour envoyer un message de test via Mailchimp sous Emacs. Quand j'ai reçu la confirmation de l'autre bénévole, j'ai créé une fonction pour planifier la campagne sur Mailchimp sous Emacs. Maintenant, je peux surtout gérer la campagne sous Emacs sans clics, ce qui me rend heureuse.
L'après-midi, j'ai emmené ma fille à la patinoire pour jouer avec son amie. Le père de son amie a proposé une petite course, mais son amie paraissait triste et je sais que ma fille n'aime pas les jeux de compétition, donc nous avons trouvé d'autres activités plus coopératives entre elles. Le père était déjà trop rapide pour être attrapé, mais les amies se sont amusées à m'attraper quelques fois. Je pense qu'elles se sont plus amusées à courir après son père.
J'ai créé une interface pour la visualisation et la gestion du routage audio de Pipewire sous Emacs. Je veux enregistrer, diffuser en direct et faire de la reconnaissance vocale de ma propre voix ou du flux audio, possiblement en même temps, ce qui nécessite un loopback avec un peu de latence pour éviter les coupures audio. J'étais si préoccupée par ça que j'ai oublié de faire la vaisselle. Mon mari a cuisiné du gyudon et des pak-choïs, a fait la vaisselle et en a mangé seul, ce qui n'est pas comme d'habitude. Bref, la prochaine fois je ferai la vaisselle.
Après mon souper, je suis allée voir comment elle allait. Elle était grincheuse. Probablement qu'elle avait faim et froid, et qu'elle se sentait seule en m'attendant. J'ai réussi à désamorcer la situation en lui offrant le souper et des jeux de billes, ce qu'elle a accepté. Elle a bien aimé le gyudon. Comme promis, nous avons joué aux billes. Après ça, elle était de bonne humeur. Elle a joué à Pokémon. Pendant que je l'aidais, elle a travaillé sur ses devoirs.
À l'heure du coucher, elle et moi lisions un livre en alternance.
Elle a dit que ses dents lui faisaient mal, mais elle n'a pas voulu d'analgésique ou de compresse froide. Je lui ai offert une paille en silicone pour mordiller au cas où ça l'aiderait.
Dimanche, le onze janvier
Ma fille s'est levée plus tôt que moi ce matin, et elle était un peu impatiente en attendant. Je me suis finalement levée, mais j'étais encore un peu fatiguée.
Ma fille a joué à Pokémon Yellow. Elle a dit que ce n'est pas juste que le jeu ne permet pas de jouer en tant qu'une fille au lieu d'un garçon. Mon mari a trouvé un autre ROM qui permet ça, donc elle a recommencé le jeu vidéo. Je l'ai aidée pendant qu'elle faisait de l'exercice.
J'ai emmené ma fille à son premier cours de patinage à la patinoire au parc. En voyant les autres étudiants lutter pour se lever sur la glace, ma fille m'a dit que je l'avais inscrite au mauvais cours. Elle a trouvé que Learn to Skate 1 était trop facile. Heureusement, la professeure a pu l'amener de l'autre côté de la patinoire où elle participait à Learn to Skate 2, qui était en même temps. Le cours lui a plu. Sur l'autre patinoire, j'ai imité les exercices que les professeurs enseignaient aux enfants. Après le cours, nous avons passé du temps en patinant jusqu'à ce qu'elle ait trop froid. Quand la surfaceuse venait à la patinoire, tout le monde quittait la glace à l'exception d'une personne qui a emmené son enfant à la patinoire. Ma fille et moi nous sommes amusées parce que le superviseur les a poursuivis tellement rapidement.
Après être rentrée à la maison, j'ai fini mon entrée d'hier.
Notes
- Prononciation
- … au cas (silent s) où nous déciderons d'expérimenter l'instruction en famille pour le reste de l'année.
- Je pense que ma fille peut trouver son propre chemin. (sheuh mehn)
- Ma fille aime proposer sans cesse des idées d'amélioration. (dah mee lee oh rah seon)
- … nous sommes passés chez Nella Cucina pour voir un couteau adapté aux enfants. (ehn fehn)
- Elle avait hâte de manger des nouilles (nwee) instantanées (ein stahn tah nay) avec plus de gâteau au poisson.
- Elle a utilisé la moitié du sachet d'épices et m'a donné l'autre moitié. (mwah teay)
- … pendant que je l'interrogeais (lein tey roh jeas) sur ses devoirs et je tapais ses réponses.
- … ou du moins, moins d'inondations (dein non dah seons)
- … je me suis concentrée sur les tâches qui ne nécessitent (neh sess seet)
- Succès ! (suk say)
- … ce qui nécessite un loopback avec un peu de latence pour éviter les coupures (coo puurs) audio.
- Wording
- en addition de
- in addition to
- bref
- anyway, in short
- alors que
- while
- (no term)
- en … - gérondif: use present participle (ex: patinant)
- (no term)
- plus-que-parfait for things that happened before the passé composé
You can e-mail me at sacha@sachachua.com.
-
🔗 organicmaps/organicmaps 2026.01.14-6-android release
• NEW: Higher-contrast dark theme colors
• NEW: Google Assistant for navigation and search
• OSM map data as of January 11
• “Auto” navigation theme setting follows the system dark/light mode
• Thinner subway lines
• Search results show capacity for motorcycle parking, bicycle rental, bicycle charging, and car charging
• Show floor level in search results
• Albanian translations and TTS voice guidance
• Updated FAQ and app translations
• Fixed crashes
…more at omaps.org/newsSee a detailed announce on our website when app updates are published in all stores.
You can get automatic app updates from GitHub using Obtainium.sha256sum:
85c1bb509b7901e9d01e0c336ec0c705b4a571f1b1570c6441c4423a945147a6 OrganicMaps-26011406-web-release.apk -
🔗 r/LocalLLaMA GLM-Image is released! rss
| GLM-Image is an image generation model adopts a hybrid autoregressive + diffusion decoder architecture. In general image generation quality, GLM‑Image aligns with mainstream latent diffusion approaches, but it shows significant advantages in text-rendering and knowledge‑intensive generation scenarios. It performs especially well in tasks requiring precise semantic understanding and complex information expression, while maintaining strong capabilities in high‑fidelity and fine‑grained detail generation. In addition to text‑to‑image generation, GLM‑Image also supports a rich set of image‑to‑image tasks including image editing, style transfer, identity‑preserving generation, and multi‑subject consistency. Model architecture: a hybrid autoregressive + diffusion decoder design. submitted by /u/foldl-li
[link] [comments]
---|--- -
🔗 HexRaysSA/plugin-repository commits sync repo: +1 release rss
sync repo: +1 release ## New releases - [ida-chat](https://github.com/HexRaysSA/ida-chat-plugin): 0.2.1 -
🔗 Rust Blog What does it take to ship Rust in safety-critical? rss
This is another post in our series covering what we learned through the Vision Doc process. Inour first post, we described the overall approach and what we learned about doing user research. In our second post, we explored what people love about Rust. This post goes deep on one domain: safety-critical software.
When we set out on the Vision Doc work, one area we wanted to explore in depth was safety-critical systems: software where malfunction can result in injury, loss of life, or environmental harm. Think vehicles, airplanes, medical devices, industrial automation. We spoke with engineers at OEMs, integrators, and suppliers across automotive (mostly), industrial, aerospace, and medical contexts.
What we found surprised us a bit. The conversations kept circling back to a single tension: Rust's compiler-enforced guarantees support much of what Functional Safety Engineers and Software Engineers in these spaces spend their time preventing, but once you move beyond prototyping into the higher- criticality parts of a system, the ecosystem support thins out fast. There is no MATLAB/Simulink Rust code generation. There is no OSEK or AUTOSAR Classic- compatible RTOS written in Rust or with first-class Rust support. The tooling for qualification and certification is still maturing.
Quick context: what makes software "safety-critical"
If you've never worked in these spaces, here's the short version. Each safety- critical domain has standards that define a ladder of integrity levels: ISO 26262 in automotive, IEC 61508 in industrial, IEC 62304 in medical devices, DO-178C in aerospace. The details differ, but the shape is similar: as you climb the ladder toward higher criticality, the demands on your development process, verification, and evidence all increase, and so do the costs.1
This creates a strong incentive for decomposition : isolate the highest- criticality logic into the smallest surface area you can, and keep everything else at lower levels where costs are more manageable and you can move faster.
We'll use automotive terminology in this post (QM through ASIL D) since that's where most of our interviews came from, but the patterns generalize. These terms represent increasing levels of safety-criticality, with QM being the lowest and ASIL D being the highest. The story at low criticality looks very different from the story at high criticality, regardless of domain.
Rust is already in production for safety-critical systems
Before diving into the challenges, it is worth noting that Rust is not just being evaluated in these domains. It is deployed and running in production.
We spoke with a principal firmware engineer working on mobile robotics systems certified to IEC 61508 SIL 2:
"We had a new project coming up that involved a safety system. And in the past, we'd always done these projects in C using third party stack analysis and unit testing tools that were just generally never very good, but you had to do them as part of the safety rating standards. Rust presented an opportunity where 90% of what the stack analysis stuff had to check for is just done by the compiler. That combined with the fact that now we had a safety qualified compiler to point to was kind of a breakthrough." -- Principal Firmware Engineer (mobile robotics)
We also spoke with an engineer at a medical device company deploying IEC 62304 Class B software to intensive care units:
"All of the product code that we deploy to end users and customers is currently in Rust. We do EEG analysis with our software and that's being deployed to ICUs, intensive care units, and patient monitors." -- Rust developer at a medical device company
"We changed from this Python component to a Rust component and I think that gave us a 100-fold speed increase." -- Rust developer at a medical device company
These are not proofs of concept. They are shipping systems in regulated environments, going through audits and certification processes. The path is there. The question is how to make it easier for the next teams coming through.
Rust adoption is easiest at QM, and the constraints sharpen fast
At low criticality, teams described a pragmatic approach: use Rust and the crates ecosystem to move quickly, then harden what you ship. One architect at an automotive OEM told us:
"We can use any crate [from crates.io] [..] we have to take care to prepare the software components for production usage." -- Architect at Automotive OEM
But at higher levels, third-party dependencies become difficult to justify. Teams either rewrite, internalize, or strictly constrain what they use. An embedded systems engineer put it bluntly:
"We tend not to use 3rd party dependencies or nursery crates [..] solutions become kludgier as you get lower in the stack." -- Firmware Engineer
Some teams described building escape hatches, abstraction layers designed for future replacement:
"We create an interface that we'd eventually like to have to simplify replacement later on [..] sometimes rewrite, but even if re-using an existing crate we often change APIs, write more tests." -- Team Lead at Automotive Supplier (ASIL D target)
Even teams that do use crates from crates.io described treating that as a temporary accelerator, something to track carefully and remove from critical paths before shipping:
"We use crates mainly for things in the beginning where we need to set up things fast, proof of concept, but we try to track those dependencies very explicitly and for the critical parts of the software try to get rid of them in the long run." -- Team lead at an automotive software company developing middleware in Rust
In aerospace, the "control the whole stack" instinct is even stronger:
"In aerospace there's a notion of we must own all the code ourselves. We must have control of every single line of code." -- Engineering lead in aerospace
This is the first big takeaway: a lot of "Rust in safety-critical" is not just about whether Rust compiles for a target. It is about whether teams can assemble an evidence-friendly software stack and keep it stable over long product lifetimes.
The compiler is doing work teams used to do elsewhere
Many interviewees framed Rust's value in terms of work shifted earlier and made more repeatable by the compiler. This is not just "nice," it changes how much manual review you can realistically afford. Much of what was historically process-based enforcement through coding standards like MISRA C and CERT C becomes a language-level concern in Rust, checked by the compiler rather than external static analysis or manual review.
"Roughly 90% of what we used to check with external tools is built into Rust's compiler." -- Principal Firmware Engineer (mobile robotics)
We heard variations of this from teams dealing with large codebases and varied skill levels:
"We cannot control the skill of developers from end to end. We have to check the code quality. Rust by checking at compile time, or Clippy tools, is very useful for our domain." -- Engineer at a major automaker
Even on smaller teams, the review load matters:
"I usually tend to work on teams between five and eight. Even so, it's too much code. I feel confident moving faster, a certain class of flaws that you aren't worrying about." -- Embedded systems engineer (mobile robotics)
Closely related: people repeatedly highlighted Rust's consistency around error handling:
"Having a single accepted way of handling errors used throughout the ecosystem is something that Rust did completely right." -- Automotive Technical Lead
For teams building products with 15-to-20-year lifetimes and "teams of teams," compiler-enforced invariants scale better than "we will just review harder."
Teams want newer compilers, but also stability they can explain
A common pattern in safety-critical environments is conservative toolchain selection. But engineers pointed out a tension: older toolchains carry their own defect history.
"[..] traditional wisdom is that after something's been around and gone through motions / testing then considered more stable and safer [..] older compilers used tend to have more bugs [and they become] hard to justify" -- Software Engineer at an Automotive supplier
Rust's edition system was described as a real advantage here, especially for incremental migration strategies that are common in automotive programs:
"[The edition system is] golden for automotive, where incremental migration is essential." -- Software Engineer at major Automaker
In practice, "stability" is also about managing the mismatch between what the platform supports and what the ecosystem expects. Teams described pinning Rust versions, then fighting dependency drift:
"We can pin the Rust toolchain, but because almost all crates are implemented for the latest versions, we have to downgrade. It's very time- consuming." -- Engineer at a major automaker
For safety-critical adoption, "stability" is operational. Teams need to answer questions like: What does a Rust upgrade change, and what does it not change? What are the bounds on migration work? How do we demonstrate we have managed upgrade risk?
Target support matters in practical ways
Safety-critical software often runs on long-lived platforms and RTOSs. Even when "support exists," there can be caveats. Teams described friction around targets like QNX, where upstream Rust support exists but with limitations (for example, QNX 8.0 support is currently
no_stdonly).2This connects to Rust's target tier policy: the policy itself is clear, but regulated teams still need to map "tier" to "what can I responsibly bet on for this platform and this product lifetime."
"I had experiences where all of a sudden I was upgrading the compiler and my toolchain and dependencies didn't work anymore for the Tier 3 target we're using. That's simply not acceptable. If you want to invest in some technology, you want to have a certain reliability." -- Senior software engineer at a major automaker
coreis the spine, and it sets expectationsIn
no_stdenvironments,corebecomes the spine of Rust. Teams described it as both rich enough to build real products and small enough to audit.A lot of Rust's safety leverage lives there:
OptionandResult, slices, iterators,CellandRefCell, atomics,MaybeUninit,Pin. But we also heard a consistent shape of gaps: many embedded and safety-critical projects wantno_std-friendly building blocks (fixed-size collections, queues) and predictable math primitives, but do not want to rely on "just any" third-party crate at higher integrity levels."Most of the math library stuff is not in core, it's in std. Sin, cosine... the workaround for now has been the libm crate. It'd be nice if it was in core." -- Principal Firmware Engineer (mobile robotics)
Async is appealing, but the long-run story is not settled
Some safety-critical-adjacent systems are already heavily asynchronous: daemons, middleware frameworks, event-driven architectures. That makes Rust's async story interesting.
But people also expressed uncertainty about ecosystem lock-in and what it would take to use async in higher-criticality components. One team lead developing middleware told us:
"We're not sure how async will work out in the long-run [in Rust for safety- critical]. [..] A lot of our software is highly asynchronous and a lot of our daemons in the AUTOSAR Adaptive Platform world are basically following a reactor pattern. [..] [C++14] doesn't really support these concepts, so some of this is lack of familiarity." -- Team lead at an automotive software company developing middleware in Rust
And when teams look at async through an ISO 26262 lens, the runtime question shows up immediately:
"If we want to make use of async Rust, of course you need some runtime which is providing this with all the quality artifacts and process artifacts for ISO 26262." -- Team lead at an automotive software company developing middleware in Rust
Async is not "just a language feature" in safety-critical contexts. It pulls in runtime choices, scheduling assumptions, and, at higher integrity levels, the question of what it would mean to certify or qualify the relevant parts of the stack.
Recommendations
Find ways to help the safety-critical community support their own needs. Open source helps those who help themselves. The Ferrocene Language Specification (FLS) shows this working well: it started as an industry effort to create a specification suitable for safety-qualification of the Rust compiler, companies invested in the work, and it now has a sustainable home under the Rust Project with a team actively maintaining it.3
Contrast this with MC/DC coverage support in rustc. Earlier efforts stalled due to lack of sustained engagement from safety-critical companies.4 The technical work was there, but without industry involvement to help define requirements, validate the implementation, and commit to maintaining it, the effort lost momentum. A major concern was that the MC/DC code added maintenance burden to the rest of the coverage infrastructure without a clear owner. Now in 2026, there is renewed interest in doing this the right way: companies are working through the Safety-Critical Rust Consortium to create a Rust Project Goal in 2026 to collaborate with the Rust Project on MC/DC support. The model is shared ownership of requirements, with primary implementation and maintenance done by companies with a vested interest in safety-critical, done in a way that does not impede maintenance of the rest of the coverage code.
The remaining recommendations follow this pattern: the Safety-Critical Rust Consortium can help the community organize requirements and drive work, with the Rust Project providing the deep technical knowledge of Rust Project artifacts needed for successful collaboration. The path works when both sides show up.
Establish ecosystem-wide MSRV conventions. The dependency drift problem is real: teams pin their Rust toolchain for stability, but crates targeting the latest compiler make this difficult to sustain. An LTS release scheme, combined with encouraging libraries to maintain MSRV compatibility with LTS releases, could reduce this friction. This would require coordination between the Rust Project (potentially the release team) and the broader ecosystem, with the Safety-Critical Rust Consortium helping to articulate requirements and adoption patterns.
Turn "target tier policy" into a safety-critical onramp. The friction we heard is not about the policy being unclear, it is about translating "tier" into practical decisions. A short, target-focused readiness checklist would help: Which targets exist? Which ones are
no_stdonly? What is the last known tested OS version? What are the top blockers? The raw ingredients exist in rustc docs, release notes, and issue trackers, but pulling them together in one place would lower the barrier. Clearer, consolidated information also makes it easier for teams who depend on specific targets to contribute to maintaining them. The Safety-Critical Rust Consortium could lead this effort, working with compiler team members and platform maintainers to keep the information accurate.Document "dependency lifecycle" patterns teams are already using. The QM story is often: use crates early, track carefully, shrink dependencies for higher-criticality parts. The ASIL B+ story is often: avoid third-party crates entirely, or use abstraction layers and plan to replace later. Turning those patterns into a reusable playbook would help new teams make the same moves with less trial and error. This seems like a natural fit for the Safety- Critical Rust Consortium's liaison work.
Define requirements for a safety-case friendly async runtime. Teams adopting async in safety-critical contexts need runtimes with appropriate quality and process artifacts for standards like ISO 26262. Work is already happening in this space.5 The Safety-Critical Rust Consortium could lead the effort to define what "safety-case friendly" means in concrete terms, working with the async working group and libs team on technical feasibility and design.
Treat interop as part of the safety story. Many teams are not going to rewrite their world in Rust. They are going to integrate Rust into existing C and C++ systems and carry that boundary for years. Guidance and tooling to keep interfaces correct, auditable, and in sync would help. The compiler team and lang team could consider how FFI boundaries are surfaced and checked, informed by requirements gathered through the Safety-Critical Rust Consortium.
"We rely very heavily on FFI compatibility between C, C++, and Rust. In a safety-critical space, that's where the difficulty ends up being, generating bindings, finding out what the problem was." -- Embedded systems engineer (mobile robotics)
Conclusion
To sum up the main points in this post:
- Rust is already deployed in production for safety-critical systems, including mobile robotics (IEC 61508 SIL 2) and medical devices (IEC 62304 Class B). The path exists.
- Rust's defaults (memory safety, thread safety, strong typing) map directly to much of what Functional Safety Engineers spend their time preventing. But ecosystem support thins out as you move toward higher-criticality software.
- At low criticality (QM), teams use crates freely and harden later. At higher levels (ASIL B+), third-party dependencies become difficult to justify, and teams rewrite, internalize, or build abstraction layers for future replacement.
- The compiler is doing work that used to require external tools and manual review. Much of what was historically process-based enforcement through standards like MISRA C and CERT C becomes a language-level concern, checked by the compiler. That can scale better than "review harder" for long-lived products with large teams and supports engineers in these domains feeling more secure in the systems they ship.
- Stability is operational: teams need to explain what upgrades change, manage dependency drift, and map target tier policies to their platform reality.
- Async is appealing for middleware and event-driven systems, but the runtime and qualification story is not settled for higher-criticality use.
We make six recommendations: find ways to help the safety-critical community support their own needs, establish ecosystem-wide MSRV conventions, create target-focused readiness checklists, document dependency lifecycle patterns, define requirements for safety-case friendly async runtimes, and treat C/C++ interop as part of the safety story.
Get involved
If you're working in safety-critical Rust, or you want to help make it easier, check out the Rust Foundation's Safety-Critical Rust Consortium and the in-progress Safety-Critical Rust coding guidelines.
Hearing concrete constraints, examples of assessor feedback, and what "evidence" actually looks like in practice is incredibly helpful. The goal is to make Rust's strengths more accessible in environments where correctness and safety are not optional.
-
If you're curious about how rigor scales with cost in ISO 26262, this Feabhas guide gives a good high-level overview. ↩
-
See the QNX target documentation for current status. ↩
-
The FLS team was created under the Rust Project in 2025. The team is now actively maintaining the specification, reviewing changes and keeping the FLS in sync with language evolution. ↩
-
See the MC/DC tracking issue for context. The initial implementation was removed due to maintenance concerns. ↩
-
Eclipse SDV's Eclipse S-CORE project includes an Orchestrator written in Rust for their async runtime, aimed at safety-critical automotive software. ↩
-
🔗 Armin Ronacher Porting MiniJinja to Go With an Agent rss
Turns out you can just port things now. I already attempted this experiment in the summer, but it turned out to be a bit too much for what I had time for. However, things have advanced since. Yesterday I ported MiniJinja (a Rust Jinja2 template engine) to native Go, and I used an agent to do pretty much all of the work. In fact, I barely did anything beyond giving some high-level guidance on how I thought it could be accomplished.
In total I probably spent around 45 minutes actively with it. It worked for around 3 hours while I was watching, then another 7 hours alone. This post is a recollection of what happened and what I learned from it.
All prompting was done by voice using pi, starting with Opus 4.5 and switching to GPT-5.2 Codex for the long tail of test fixing.
What is MiniJinja
MiniJinja is a re-implementation of Jinja2 for Rust. I originally wrote it because I wanted to do a infrastructure automation project in Rust and Jinja was popular for that. The original project didn't go anywhere, but MiniJinja itself continued being useful for both me and other users.
The way MiniJinja is tested is with snapshot tests: inputs and expected outputs, using insta to verify they match. These snapshot tests were what I wanted to use to validate the Go port.
Test-Driven Porting
My initial prompt asked the agent to figure out how to validate the port. Through that conversation, the agent and I aligned on a path: reuse the existing Rust snapshot tests and port incrementally (lexer -> parser -> runtime).
This meant the agent built Go-side tooling to:
- Parse Rust's test input files (which embed settings as JSON headers).
- Parse the reference insta
.snapsnapshots and compare output. - Maintain a skip-list to temporarily opt out of failing tests.
This resulted in a pretty good harness with a tight feedback loop. The agent had a clear goal (make everything pass) and a progression (lexer -> parser -> runtime). The tight feedback loop mattered particularly at the end where it was about getting details right. Every missing behavior had one or more failing snapshots.
Branching in Pi
I used Pi's branching feature to structure the session into phases. I rewound back to earlier parts of the session and used the branch switch feature to inform the agent automatically what it had already done. This is similar to compaction, but Pi shows me what it puts into the context. When Pi switches branches it does two things:
- It stays in the same session so I can navigate around, but it makes a new branch off an earlier message.
- When switching, it adds a summary of what it did as a priming message into where it branched off. I found this quite helpful to avoid the agent doing vision quests from scratch to figure out how far it had already gotten.
Without switching branches, I would probably just make new sessions and have more plan files lying around or use something like Amp's handoff feature which also allows the agent to consult earlier conversations if it needs more information.
First Signs of Divergence
What was interesting is that the agent went from literal porting to behavioral porting quite quickly. I didn't steer it away from this as long as the behavior aligned. I let it do this for a few reasons. First, the code base isn't that large, so I felt I could make adjustments at the end if needed. Letting the agent continue with what was already working felt like the right strategy. Second, it was aligning to idiomatic Go much better this way.
For instance, on the runtime it implemented a tree-walking interpreter (not a bytecode interpreter like Rust) and it decided to use Go's reflection for the value type. I didn't tell it to do either of these things, but they made more sense than replicating my Rust interpreter design, which was partly motivated by not having a garbage collector or runtime type information.
Where I Had to Push Back
On the other hand, the agent made some changes while making tests pass that I disagreed with. It completely gave up on all the "must fail" tests because the error messages were impossible to replicate perfectly given the runtime differences. So I had to steer it towards fuzzy matching instead.
It also wanted to regress behavior I wanted to retain (e.g., exact HTML escaping semantics, or that
rangemust return an iterator). I think if I hadn't steered it there, it might not have made it to completion without going down problematic paths, or I would have lost confidence in the result.Grinding to Full Coverage
Once the major semantic mismatches were fixed, the remaining work was filling in all missing pieces: missing filters and test functions, loop extras, macros, call blocks, etc. Since I wanted to go to bed, I switched to Codex 5.2 and queued up a few "continue making all tests pass if they are not passing yet" prompts, then let it work through compaction. I felt confident enough that the agent could make the rest of the tests pass without guidance once it had the basics covered.
This phase ran without supervision overnight.
Final Cleanup
After functional convergence, I asked the agent to document internal functions and reorganize (like moving filters to a separate file). I also asked it to document all functions and filters like in the Rust code base. This was also when I set up CI, release processes, and talked through what was created to come up with some finalizing touches before merging.
Parting Thoughts
There are a few things I find interesting here.
First: these types of ports are possible now. I know porting was already possible for many months, but it required much more attention. This changes some dynamics. I feel less like technology choices are constrained by ecosystem lock-in. Sure, porting NumPy to Go would be a more involved undertaking, and getting it competitive even more so (years of optimizations in there). But still, it feels like many more libraries can be used now.
Second: for me, the value is shifting from the code to the tests and documentation. A good test suite might actually be worth more than the code. That said, this isn't an argument for keeping tests secret -- generating tests with good coverage is also getting easier. However, for keeping code bases in different languages in sync, you need to agree on shared tests, otherwise divergence is inevitable.
Lastly, there's the social dynamic. Once, having people port your code to other languages was something to take pride in. It was a sign of accomplishment -- a project was "cool enough" that someone put time into making it available elsewhere. With agents, it doesn't invoke the same feelings. Will McGugan also called out this change.
Session Stats
Lastly, some boring stats for the main session:
- Agent run duration: ~~10 hours (~~ 3 hours supervised)
- Active human time: ~45 minutes
- Total messages: 2,698
- My prompts: 34
- Tool calls: 1,386
- Raw API token cost: $60
- Total tokens: 2.2 million
- Models:
claude-opus-4-5andgpt-5.2-codexfor the unattended overnight run
This did not count the adding of doc strings and smaller fixups.
-
🔗 Ampcode News Painter rss
Amp can now generate and edit images, which is useful for design inspiration, tweaking mockups, and making visual assets:
Exploring UI alternatives: "show me 3 different designs for this task dashboard"
Editing an existing image: "update this dashboard with the changes shown in the attached image"
To use it, ask Amp to use the
paintertool explicitly. The painter uses Gemini 3 Pro Image (a.k.a. Nano Banana Pro) under the hood. -
🔗 Stephen Diehl Hypothetical Divine Signatures rss
Hypothetical Divine Signatures
The author of the Epistle to the Hebrews famously claimed that "faith is the substance of things hoped for, the evidence of things not seen," which was a perfectly serviceable theological patch for an era where the average person’s greatest computational challenge was counting their own fingers. However, in an age where we can simulate galaxies and sequence genomes, "I’m God, trust me bro" is not a particularly compelling argument to the modern mind, unlike our goat-herding ancestors who were easily impressed by a well-timed solar eclipse or a particularly loud bush. If a truly omniscient entity wanted to establish a "scientific secular covenant" with a technological species, it would not rely on subjective feelings or ambiguous dreams. It would instead provide a Divine Signature through the cold, hard lens of computational complexity: a set of claims that are succinct enough to be carved into a stone tablet but so mathematically dense that finding them would require more energy than exists in the observable universe.
To move beyond mere storytelling and into the realm of objective proof, a text must demonstrate that it has bypassed Bremermann's Limit, the physical threshold for the maximum computational speed of any self-contained system in the material universe. This limit, derived from Einstein's mass-energy equivalence and the Heisenberg uncertainty principle, is approximately \( c^2/h \approx 1.36 \times 10^{50} \) bits per second per kilogram. The "soft" version of this limit considers a computer the mass of the Earth running for billions of years; the "strong" version considers harnessing every atom and cubic meter of space in the observable universe until heat death. By providing answers to problems that exceed even the strong limit, a "divine" author proves they are operating from a platform that exists outside our localized entropy and processing constraints, effectively signing their work with a flourish that no amount of ingenuity or effort could forge.
Personally, I hold no supernatural beliefs, and I am serenely indifferent to those who do. But a good hypothesis must be falsifiable, and intellectual honesty requires stating what evidence would change my mind. A verified divine signature of this kind would do exactly that. I would naturally default to material explanations until they were exhausted, but the exercise demonstrates that materialism is not unfalsifiable dogma; one can articulate the precise circumstances under which it would fall.
The Divine Factorization. A prophetic verse might read: "Behold the great number \( N \), whose length is as twenty thousand digits; it is born of the union of \( P \) and \( Q \), and none other shall divide it." This obviously refers to the Integer Factorization Problem. Twenty thousand digits is not even that much text; it is considerably shorter than the "begots" documenting forty generations of Levantine shepherds. While multiplying two primes to get a 20,000-digit semiprime is a simple operation, reversing the process is effectively intractable. For example, RSA-129 was published in 1977 with a one hundred million dollar prize and remained unfactored for 17 years:
$$114381625757888867669235779976146612010218296721242362562561842935706935245733897830597123563958705058989075147599290026879543541$$
$$= 3490529510847650949147849619903898133417764638493387843990820577$$
$$\times \ 32769132993266709549961988190834461413177642967992942539798288533$$
At only 129 digits, this took a massive distributed computing effort in 1994. A 20,000-digit semiprime is in another universe entirely. Under the General Number Field Sieve, the clock cycles required to factor a 20,000-digit number would exceed the total available energy in the observable universe. It is a thermodynamic wall that cannot be breached by any bounded intelligence without infinite time. For us, verification is trivial; we simply multiply the two provided numbers together to see if they match \( N \), a task a standard smartphone can complete in a fraction of a second.The Ramsey Revelation. The scripture would proclaim: "If ten brethren and ten strangers be gathered in a hall of souls, there shall surely be a clique of ten or a desert of ten; behold the map of their connections." This addresses the Constructive Lower Bound of Ramsey Numbers, denoted as \( R(r, s) \). The known diagonal Ramsey numbers are:
$$R(3,3) = 6, \quad R(4,4) = 18, \quad R(5,5) = 43\text{--}48, \quad R(6,6) = 102\text{--}165, \quad \ldots$$
We cannot even pin down \( R(5, 5) \) to an exact value; it is famously "impossible" to compute because the combinations grow too fast. Providing the exact value for \( R(10, 10) \) along with a specific graph coloring that avoids a clique of size 10 is succinct to state but requires navigating a search space that is thermodynamically inaccessible to our universe. To put this in perspective: the number of ways to two-color the edges of a graph with 1,000 nodes is \( 2^{499,500} \), while the number of atoms in the observable universe is roughly \( 2^{266} \). The search space is mathematically larger than any physical computer could ever process. We verify one graph; the author had to search all of them. Finding a specific "needle" graph in this haystack is a rational proof of super-universal processing power. Verification is straightforward for us because we can simply run a script to scan the provided adjacency matrix to confirm no group of 10 nodes exists where every edge is the same color, which is a polynomial time operation \( O(n^{10}) \) that is easily handled by modern hardware.The Circle’s Secret Checksum. The text would command: "Search the circle's measure at the position of \( 10^{80} \) and there find a thousand zeros followed by the message of the stars." This utilizes the Bailey–Borwein–Plouffe (BBP) algorithm, which allows us to calculate the \( n^{th} \) digit of \( \pi \) in base-16 without calculating the preceding digits:
$$\pi = \sum_{k=0}^{\infty} \frac{1}{16^k} \left( \frac{4}{8k+1} - \frac{2}{8k+4} - \frac{1}{8k+5} - \frac{1}{8k+6} \right)$$
We cannot currently scan \( \pi \) out to \( 10^{80} \) to find interesting patterns, and the information entropy of \( \pi \) suggests that such a massive, low-entropy anomaly at a coordinate equal to the number of atoms in the universe is statistically impossible to occur by chance. If the text successfully predicts a thousand zeros at a specific, distant coordinate, it implies the author did not "scan" for it but rather created the fundamental constants of mathematics itself, or possesses infinite foreknowledge of the structure of irrational numbers. This was, incidentally, a plot point in Carl Sagan's novel Contact, where a message hidden deep in the digits of \( \pi \) serves as a signature from the architects of the universe. While calculating the digit at \( 10^{80} \) is a massive task, it is technically feasible for a global distributed network. We verify this by running the BBP algorithm to check that specific "address," confirming the anomaly without needing to solve the entire constant.The End of Euler’s Dream. The prophet would say: "Though twelve powers of twelve seem to need their kind, search for the eleven that equal the one; find them at these integers." This targets the Smallest Counter-example to Euler’s Sum of Powers Conjecture, which posits that you need \( n \) \( n^{th} \) powers to sum to another \( n^{th} \) power:
$$\sum_{i=1}^{k} a_i^n = b^n \implies k \geq n$$
While humans found counter-examples for \( n=4 \) and \( n=5 \) after centuries of searching, providing a solution for \( n=12 \) would be a needle-in-a-haystack problem of cosmic proportions. This is essentially a search through a Diophantine space that is effectively infinite. We verify the claim easily by plugging the provided integers into a high-precision calculator and confirming the left side of the equation perfectly equals the right, transforming a massive search problem into a simple arithmetic check.The Busy Beaver's Rest. A prophetic verse might say: "Consider the machine of twenty states, simple in its ways; it shall toil for exactly \( X \) steps and then find its rest, and no man shall count the days of its labor." This is the Busy Beaver Function, \( BB(n) \), the final boss of computer science. Because it effectively solves the Halting Problem, no general algorithm exists to calculate these values; they are mathematically uncomputable. Humanity has, with heroic effort, managed to prove values only for the smallest machines:
$$BB(1) = 1, \quad BB(2) = 6, \quad BB(3) = 21, \quad BB(4) = 107, \quad BB(5) = 47176870, \quad \ldots$$
Beyond five states, the function explodes beyond comprehension; \( BB(6) \) is known to exceed \( 10 \uparrow\uparrow 15 \), a tower of 15 tens. Stating the exact halting time for a 20-state Turing machine is a God-level flex because it implies the author bypassed the logical impossibility of the Halting Problem itself. Verification is as simple as simulating the specific machine described and counting its steps until it halts, which requires zero creative mathematics or algorithmic breakthroughs on our part.The Kissing of Spheres. The scripture would read: "In a realm of an hundred depths, where spheres are gathered like grapes, exactly \( X \) shall press against the heart of the center." This refers to the Kissing Number problem: how many non-overlapping spheres can touch a central sphere of the same size? In three dimensions, the answer is 12, which is easy enough to visualize over a drink. In 8 dimensions, the answer is 240. In 24 dimensions, it is 196,560, thanks to the elegant structure of the Leech Lattice. But beyond 24 dimensions, we lack these lattice optimizations that make the math manageable. In 100 dimensions, the symmetry is so complex that our best supercomputers can only give us a vague range. The number of possible configurations for non-overlapping spheres explodes into a combinatorial nightmare, and determining the exact maximum requires navigating a high-dimensional search space so vast that even an advanced intelligence utilizing quantum annealing would likely settle on a local maximum rather than the true global optimum. Providing the exact integer would reveal a perfect mastery of high-dimensional space, the kind of insight that suggests the author is comfortable navigating 100-dimensional manifolds like they were a simple game of marbles. We verify the result by checking the provided coordinates of the spheres to ensure the distance between any two sphere centers satisfies:
$$\text{dist}(c_i, c_j) \geq 2$$
while each satisfies \( \text{dist}(c_i, \text{origin}) = 2 \), which is basic linear algebra.The Titan of Primes. The text might state: "The millionth prime of the form \( 2^p - 1 \) shall be found when \( p \) is this specific titan of a number." This identifies a "deep" Mersenne Prime, \( M_p = 2^p - 1 \). While we have only found about 50 of these primes using global distributed computing networks like GIMPS:
$$p_5 = 13, \quad p_{10} = 89, \quad p_{20} = 4423, \quad p_{30} = 132049, \quad p_{40} = 20996011, \quad p_{51} = 82589933, \quad \ldots$$
providing a "Distant" Mersenne Prime Exponent for the millionth one would be providing a password to the secret architecture of the number line. Finding it requires a "God’s-eye view" of prime distribution that likely requires a proof of the Riemann Hypothesis. Verification is quite efficient for us; we simply run the Lucas-Lehmer test on the provided exponent, which is a deterministic and well-understood primality test.The Skewes' Crossing. The text would proclaim: "Though the shadows of the primes seem ever fewer than the curve of the law, they shall rise up and exceed it at the count of this massive power tower." In analytic number theory, we know the actual count of primes \( \pi(x) \) eventually exceeds the logarithmic integral estimate \( li(x) \) (defined as \( \int_{2}^{x} \frac{dt}{\ln t} \), the "expected" number of primes up to \( x \)), but this Skewes' Number crossing occurs at such a staggering distance on the number line (originally estimated at \( 10^{10^{10^{34}}} \)) that it is effectively invisible to direct observation. This number is so deep into the number line that the observable universe is not large enough to write down its digits in standard form; you must use power towers. An entity pointing to a specific exception to a universal rule at such a distance is demonstrating a "God's eye view" of the entire number line simultaneously. To identify the exact integer of the first crossing requires a perfect knowledge of the distribution of the zeros of the Riemann Zeta function. We can verify the claim by evaluating \( \pi(x) \) using the Meissel-Lehmer algorithm and confirming that at the provided crossing point:
$$\pi(x) > li(x) \quad \text{for the first time}$$The Diophantine Key. The text would say: "Three cubes shall be gathered, and their sum shall be forty-two; seek them among the numbers of seventeen digits, and there find the truth." While humans found the solution for sums of three cubes for \( k=42 \) in 2019 using a planetary-scale computer network:
$$42 = (-80538738812075974)^3 + 80435758145817515^3 + 12602123297335631^3$$
providing a solution for a much more complex equation moves the problem into the realm of Hilbert's Tenth Problem. Because this problem is generally undecidable, there is no "method" to solve it; you cannot write a program to solve all Diophantine equations. Finding a solution to a sufficiently complex one implies the ability to look through the infinite set of integers and "pick out" the needle. A divine solution transcends mere calculation; it is an insight into an undecidable space, suggesting the author is unbound by the Halting Problem. Verification is the definition of trivial; we cube the three provided integers, add them together, and see if the sum equals the target constant.Of course, no existing religious text actually does this. They mostly focus on the really important issues of existence like who you can bang or what type of cheese you can put on meat. Which were very human concerns that do not require much more than a Bronze Age imagination. One would think that a divine entity with infinite knowledge and infinite (computational) power would want to leave a signature that actually scales with the intelligence of the species it created. Providing a succinct, verifiable, but computationally impossible result would be the only way to satisfy a scientific secular framework. The fact that we have found plenty of rules about shellfish but zero 20,000-digit prime factors suggests that if there is a Great Programmer in the sky, they are either very shy or they simply forgot to
git add README.mdin the final build.
-
- January 13, 2026
-
🔗 IDA Plugin Updates IDA Plugin Updates on 2026-01-13 rss
IDA Plugin Updates on 2026-01-13
New Releases:
- ida-chat-plugin v0.2.4
- ida-chat-plugin v0.2.3
- ida-chat-plugin v0.2.2
- ida-chat-plugin v0.2.1
- ida-chat-plugin v0.2.0 - Panel docking improvements
- ida-domain v0.3.6-dev.3
- ida-hcli v0.15.8
- ida-hcli v0.15.7
- ida-hcli v0.15.6
- ida-hcli v0.15.5
Activity:
- capa
- 6ad4fbbb: Merge pull request #2742 from mandiant/idalib-tests
- 8105214d: build(deps-dev): bump build from 1.3.0 to 1.4.0 (#2809)
- d1fc8446: pyproject: ida: silence SWIG related warnings from IDA bindings
- 0686305f: ida: loader: load resource sections to help discovery of embedded files
- 8d6b878e: ida: fix return value from open_database
- 3646fcef: ida: helpers: refactor discovery of alternative names
- ce67d99e: ida: skip function-name features for default names (sub_*)
- c89871f2: ci: pin setup-uv
- 03cc901f: tests: idalib: xfail resource test on 9.0
- 412ab62c: ida: pep8
- f72bd49a: ci: enable testing of IDA 9.0
- 1d561bd0: tests: idalib: xfail two tests on 9.0 and 9.1
- c5808c4c: tests: idalib: use 9.1 instead of 9.0 as min ver
- 200c8037: tests: fix logging message
- 4fb6ac0d: add ida version to test matrix name
- 87fb96d0: load resource for test sample
- e1fd1848: ida: function: extract function name
- 82be20be: loader: idalib: disable lumina
- 132e64a9: tests: idalib: better detect missing idapro package
- 9c6db007: ci: add configuration for idalib tests
- cpp03
- decode_instruction
- ca99ff19: Fix email format in authors section of ida-plugin.json
- ghidra
- ba6cc4a4: Merge remote-tracking branch 'origin/patch'
- c38915eb: Merge remote-tracking branch 'origin/GP-6284_ryanmkurtz_wheels' into …
- 6208df2d: GP-1 Corrected RISCV import opinion file
- c73c09ce: Merge remote-tracking branch 'origin/GP-6299_Dan_fixHungUI-take2'
- 49c9a724: GP-6299: New approach ()
- 2c99fbe7: Revert "GP-6299: Bail from getPreviousLayout if there are no layouts."
- e3dc18ee: Merge remote-tracking branch 'origin/GP-6299_Dan_fixHungUI'
- b3424594: GP-6176: Forgot to make Objc2TypeMetadata getters
- 36bdaab8: Merge remote-tracking branch
- 425577a0: Merge remote-tracking branch
- bb725c1b: Merge remote-tracking branch 'origin/patch'
- 1789bb9c: GP-1 minor doc fix
- 75b1172a: Merge remote-tracking branch 'origin/GP-6298_Dan_fixSnapshotIsNull' i…
- 00f6e14c: Merge remote-tracking branch 'origin/GP-6316_SleighUnique256' into patch
- 5cac537c: Merge remote-tracking branch 'origin/GP-6314_CrossbuildLocalLabels' i…
- ida-chat-plugin
- 2442297c: Improve status bar and header UI
- 4492a4a8: Add rich markdown rendering to CLI
- 8b162e3a: added video
- e4a2a555: Update installation docs with GitHub URL and hcli version note
- ca56dc4f: 0.2.4
- 7a1aac84: Fix release workflow to allow updating existing releases
- f8dd360a: 0.2.3
- ee743756: 0.2.2
- 74194ad7: Revert to claude-code-transcripts dependency
- 9e24a136: Fix release workflow dependency conflict
- f2801da4: Disable PyPI publishing in release workflow
- a3e86d21: Improve release workflow and documentation
- 315e016d: Refactor transcript export and update dependency to claude-code-log
- 9db294f9: Add README with screenshots, untrack local config files
- d7289a56: Add share button to export chat as HTML
- 5ef089e3: Fix text wrapping in code/output bubbles
- 25040b7d: Revert "Make chat bubbles responsive with 80% max width"
- c3a0a86e: Make chat bubbles responsive with 80% max width
- 7d53cd5b: Fix MessageHistory API calls in core module
- c87223fc: Add transcript command for HTML generation
- ida-domain
- ida-hcli
- c0759c0e: 0.15.8
- 55b7e645: feat: add GitHub URL support for plugin install (#138)
- 12bf8daf: docs: add CHANGELOG.md covering releases since 0.14.1
- 43faa183: 0.15.7
- b8ab7dd1: fix: plugin: correct status message nesting during dependency install…
- 3c0b0f99: 0.15.6
- 89b63a66: feat: improve error message when IDA version detection fails
- 24624916: 0.15.5
- cb8b176c: plugin: settings: accept prompt=False to hide settings with a default
- IDAPluginList
- 404b8542: chore: Auto update IDA plugins (Updated: 19, Cloned: 0, Failed: 0)
- IDApy_FunctionStringAssociate
- 66123401: Added support for IDA 9 SDK with minor optimizations
- msc-thesis-LLMs-to-rank-decompilers
- febb8a8a: update for desktop
- patcherex
- 9457abf3: Update cfg_utils.detect_syscall_wrapper. (#65)
- quokka
- rhabdomancer
- sharingan
- 4a74be30: format module deadif
- symless
- ca1a96ef: Symless 1.1
-
🔗 badlogic/pi-mono v0.45.7 release
-
🔗 r/LocalLLaMA Soprano TTS training code released: Create your own 2000x realtime on-device text-to-speech model with Soprano-Factory! rss
| Hello everyone! I’ve been listening to all your feedback on Soprano, and I’ve been working nonstop over these past three weeks to incorporate everything, so I have a TON of updates for you all! For those of you who haven’t heard of Soprano before, it is an on-device text-to-speech model I designed to have highly natural intonation and quality with a small model footprint. It can run up to 20x realtime on CPU, and up to 2000x on GPU. It also supports lossless streaming with 15 ms latency , an order of magnitude lower than any other TTS model. You can check out Soprano here: Github: https://github.com/ekwek1/soprano Demo: https://huggingface.co/spaces/ekwek/Soprano-TTS Model: https://huggingface.co/ekwek/Soprano-80M Today, I am releasing training code for you guys! This was by far the most requested feature to be added, and I am happy to announce that you can now train your own ultra-lightweight, ultra-realistic TTS models like the one in the video with your own data on your own hardware with Soprano-Factory! Using Soprano-Factory, you can add new voices , styles , and languages to Soprano. The entire repository is just 600 lines of code, making it easily customizable to suit your needs. In addition to the training code, I am also releasing Soprano-Encoder , which converts raw audio into audio tokens for training. You can find both here: Soprano-Factory: https://github.com/ekwek1/soprano-factory Soprano-Encoder: https://huggingface.co/ekwek/Soprano-Encoder I hope you enjoy it! See you tomorrow, - Eugene Disclaimer: I did not originally design Soprano with finetuning in mind. As a result, I cannot guarantee that you will see good results after training. Personally, I have my doubts that an 80M-parameter model trained on just 1000 hours of data can generalize to OOD datasets, but I have seen bigger miracles on this sub happen, so knock yourself out :) submitted by /u/eugenekwek
[link] [comments]
---|--- -
🔗 badlogic/pi-mono v0.45.6 release
Added
ctx.ui.custom()now acceptsoverlayOptionsfor overlay positioning and sizing (anchor, margins, offsets, percentages, absolute positioning) (#667 by @nicobailon)ctx.ui.custom()now acceptsonHandlecallback to receive theOverlayHandlefor controlling overlay visibility (#667 by @nicobailon)- Extension example:
overlay-qa-tests.tswith 10 commands for testing overlay positioning, animation, and toggle scenarios (#667 by @nicobailon) - Extension example:
doom-overlay/- DOOM game running as an overlay at 35 FPS (auto-downloads WAD on first run) (#667 by @nicobailon)
-
🔗 badlogic/pi-mono v0.45.5 release
Fixed
- Skip changelog display on fresh install (only show on upgrades)
-
🔗 badlogic/pi-mono v0.45.4 release
Changed
- Light theme colors adjusted for WCAG AA compliance (4.5:1 contrast ratio against white backgrounds)
- Replaced
sharpwithwasm-vipsfor image processing (resize, PNG conversion). Eliminates native build requirements that caused installation failures on some systems. (#696)
Added
- Extension example:
summarize.tsfor summarizing conversations using custom UI and an external model (#684 by @scutifer) - Extension example:
question.tsenhanced with custom UI for asking user questions (#693 by @ferologics) - Extension example:
plan-mode/enhanced with explicit step tracking and progress widget (#694 by @ferologics) - Extension example:
questionnaire.tsfor multi-question input with tab bar navigation (#695 by @ferologics) - Experimental Vercel AI Gateway provider support: set
AI_GATEWAY_API_KEYand use--provider vercel-ai-gateway. Token usage is currently reported incorrectly by Anthropic Messages compatible endpoint. (#689 by @timolins)
Fixed
- Fix API key resolution after model switches by using provider argument (#691 by @joshp123)
- Fixed z.ai thinking/reasoning: thinking toggle now correctly enables/disables thinking for z.ai models (#688)
- Fixed extension loading in compiled Bun binary: extensions with local file imports now work correctly. Updated
@mariozechner/jitito v2.6.5 which bundles babel for Bun binary compatibility. (#681) - Fixed theme loading when installed via mise: use wrapper directory in release tarballs for compatibility with mise's
strip_components=1extraction. (#681)
-
🔗 HexRaysSA/plugin-repository commits sync repo: +1 plugin, +1 release rss
sync repo: +1 plugin, +1 release ## New plugins - [ida-chat](https://github.com/HexRaysSA/ida-chat-plugin) (1.0.0) -
🔗 HexRaysSA/plugin-repository commits ida-chat-plugin rss
ida-chat-plugin -
🔗 @cxiao@infosec.exchange regarding the "inevitability" of technology: mastodon
regarding the "inevitability" of technology:
-
🔗 @cxiao@infosec.exchange RE: [https://dair- mastodon
RE: https://dair- community.social/@emilymbender/115888462372987312
very good essay. it's not my job to test AI for you by shoving AI into my life and work no matter what.
and to turn the "wishful thinking" frame around too, it's actually AI boosters that are engaging in the wishful thinking: of a magical universal technology that can be deployed regardless of whether it's actually solving any problems
none of this technology is inevitable
-
🔗 HexRaysSA/plugin-repository commits sync repo: ~3 changed rss
sync repo: ~3 changed No plugin changes detected -
🔗 r/LocalLLaMA My wishes for 2026 rss
| Which do you think will happen first? And which won’t happen in 2026? submitted by /u/jacek2023
[link] [comments]
---|--- -
🔗 r/reverseengineering Floxif File Infector Analysis with Binary Ninja rss
submitted by /u/jershmagersh
[link] [comments] -
🔗 HexRaysSA/plugin-repository commits sync repo: +1 plugin, +1 release rss
sync repo: +1 plugin, +1 release ## New plugins - [CrystalRE](https://github.com/Nico-Posada/CrystalRE) (1.0.0) -
🔗 r/LocalLLaMA kyutai just introduced Pocket TTS: a 100M-parameter text-to-speech model with high-quality voice cloning that runs on your laptop—no GPU required rss
| Blog post with demo: Pocket TTS: A high quality TTS that gives your CPU a voice: https://kyutai.org/blog/2026-01-13-pocket-tts GitHub: https://github.com/kyutai-labs/pocket-tts Hugging Face Model Card: https://huggingface.co/kyutai/pocket-tts arXiv:2509.06926 [cs.SD]: Continuous Audio Language Models
Simon Rouard, Manu Orsini, Axel Roebel, Neil Zeghidour, Alexandre Défossez
https://arxiv.org/abs/2509.06926 From kyutai on 𝕏: https://x.com/kyutai_labs/status/2011047335892303875 submitted by /u/Nunki08
[link] [comments]
---|--- -
🔗 badlogic/pi-mono v0.45.3 release
No content.
-
🔗 badlogic/pi-mono v0.45.2 release
Fixed
- Extensions now load correctly in compiled Bun binary by using jiti for module resolution with proper alias handling
-
🔗 badlogic/pi-mono v0.45.1 release
Changed
/sharenow outputsbuildwithpi.aisession preview URLs instead ofshittycodingagent.ai
-
🔗 badlogic/pi-mono v0.45.0 release
Added
- MiniMax provider support: set
MINIMAX_API_KEYand useminimax/MiniMax-M2.1(#656 by @dannote) /scoped-models: Alt+Up/Down to reorder enabled models. Order is preserved when saving with Ctrl+S and determines Ctrl+P cycling order. (#676 by @thomasmhr)- Amazon Bedrock provider support (experimental, tested with Anthropic Claude models only) (#494 by @unexge)
- Extension example:
sandbox/for OS-level bash sandboxing using@anthropic-ai/sandbox-runtimewith per-project config (#673 by @dannote)
- MiniMax provider support: set
-
🔗 Ampcode News Handoff, Please rss
Up until now, you had to click a button or trigger a command to handoff when your thread became too long or you had finished a task.
Now you can just ask the agent:
- After implementing a feature: "Handoff and build an admin panel for this"
- After fixing a bug: "Handoff and check if this issue exists elsewhere"
- After planning: "Handoff to implement the plan"
The agent starts a new thread with the relevant context and keeps working.
-
🔗 Ampcode News Stick a Fork in It, It's Done rss
We're ripping out the Fork command.
We added thread forking back in July 2025 (now ancient, primordial history) as a way to conveniently share context for branching experiments or side quests in Amp.
Today we have better ways of sharing context between threads: handoff and thread mentions, which treat threads as first-class stores of context.
Perhaps there is a great potential UX out there for
fork, but we want Amp to be simple as well as powerful. We'd rather spend our time perfectinghandoffandthread mentionsthan supportfork.Handoff
Handoff is great for extracting useful context from your thread for the next goal at hand. This means you can start a new thread with only the necessary context.
- Use
thread: handofffrom the command palette. - Prompt your task and a new thread will be started with the necessary context already in the prompt.
Thread Mentions
Thread mentions let you pull information from other threads into your current thread. You can reference multiple threads, merging context from many sources.
- Use
thread:newand then use theentershortcut to start a new thread with a reference to the main thread. - Or, use
@@to search for the thread you want to pull context from. - Once you run your prompt, Amp will read the threads and extract context pertinent to your task.
Managing Threads
Using new threads as branches leads to many threads, often running in parallel. To manage them:
- use
thread: switch to previousorthread: switch to parentto return to the main thread. - use the
thread: mapto get a birds eye view and easily navigate back to the main thread (CLI only for now).
- Use
-
- January 12, 2026
-
🔗 IDA Plugin Updates IDA Plugin Updates on 2026-01-12 rss
IDA Plugin Updates on 2026-01-12
New Releases:
- chernobog v5.1.0
- ida-hcli v0.15.4
- ida-structor v0.4.0
- ida-structor v0.3.0
- panda v1.8.80 @ refs/heads/dev
- panda v1.8.79 @ refs/heads/dev
- plugin-ida v3.3.0
Activity:
- chernobog
- hrtng
- 3d955bee: look for API hashes inside structures applied to data
- ida-action-capture
- 237cc2ce: Initial commit: IDA Action Capture plugin for IDA Pro 9.0
- ida-claude-plugins
- ida-hcli
- ida-structor
- IDAPluginList
- idawilli
- 125e9341: claude: ida: use latest tag
- mcrit-plugin
- b178c3d7: Merge branch 'r0ny123-mcrit-hcli-plugin-7563818603618799819'
- OpenReCopilot
- panda
- 497f017a: Adding logging of which files are read to complement the wildcarding …
- dece72b9: Format fixes; Confirmed, it does taint multiple files! Wohoo!
- b580b920: Add pattern matching for file_taint to support multiple files at once
- 1b01cef2: Add ARM for file_taint
- 28fedf52: Update pri_taint to work with Chaff bugs
- plugin-ida
- rhabdomancer
- smd_ida_tools2
- ac3a74bd: Updated compilation in Linux for IDA SDK 9.2
- Unicorn-Trace
- ceec1b12: updated the version of ida-plugin.json
-
🔗 Simon Willison First impressions of Claude Cowork, Anthropic's general agent rss
New from Anthropic today is Claude Cowork, a "research preview" that they describe as "Claude Code for the rest of your work". It's currently available only to Max subscribers ($100 or $200 per month plans) as part of the updated Claude Desktop macOS application.
I've been saying for a while now that Claude Code is a "general agent" disguised as a developer tool. It can help you with any computer task that can be achieved by executing code or running terminal commands... which covers almost anything, provided you know what you're doing with it! What it really needs is a UI that doesn't involve the terminal and a name that doesn't scare away non-developers.
"Cowork" is a pretty solid choice on the name front!
What it looks like
The interface for Cowork is a new tab in the Claude desktop app, called Cowork. It sits next to the existing Chat and Code tabs.
It looks very similar to the desktop interface for regular Claude Code. You start with a prompt, optionally attaching a folder of files. It then starts work.
I tried it out against my perpetually growing "blog-drafts" folder with the following prompt:
Look at my drafts that were started within the last three months and then check that I didn't publish them on simonwillison.net using a search against content on that site and then suggest the ones that are most close to being ready
It started by running this command:
find /sessions/zealous-bold-ramanujan/mnt/blog-drafts \ -type f \( -name "*.md" -o -name "*.txt" -o -name "*.html" \) \ -mtime -90 -exec ls -la {} \;
That
/sessions/zealous-bold-ramanujan/mnt/blog-draftspath instantly caught my eye. Anthropic say that Cowork can only access files you grant it access to - it looks to me like they're mounting those files into a containerized environment, which should mean we can trust Cowork not to be able to access anything outside of that sandbox.It turns out I have 46 draft files from the past three months. Claude then went to work with its search tool, running 44 individual searches against
site:simonwillison.netto figure out which of my drafts had already been published.Here's the eventual reply:
Based on my analysis, here are your unpublished drafts that appear closest to being ready for publication:
🔥 Most Ready to Publish (substantial content, not yet published)
-
freq-argued-llms.md- "Frequently Argued Questions about LLMs" (22,602 bytes)- This is a meaty piece documenting common arguments about LLMs with your counterpoints
- Well-structured with a TL;DR and multiple sections
- No matching published article found on your site
- Very close to ready - just needs a final review pass
-
claude-code-timeline.md- "Claude Code Timeline and Codex Timeline" (3,075 bytes)- About viewing JSONL session logs from Claude Code and Codex
- You published
claude-code-transcriptson Dec 25, but this appears to be a different/earlier piece about timeline viewing tools - Shorter but seems complete
-
datasette-1a20-upgrade-instructions.md- Plugin Upgrade Guide (3,147 bytes)- Technical guide for plugin authors
- You published the main 1.0a20 announcement but this companion upgrade guide appears unpublished
- Would be valuable for plugin maintainers
That's a good response! It found exactly what I needed to see, although those upgrade instructions are actually published elsewhere now (in the Datasette docs) and weren't actually intended for my blog.
Just for fun, and because I really like artifacts, I asked for a follow-up:
Make me an artifact with exciting animated encouragements to get me to do it
Here's what I got:
I couldn't figure out how to close the right sidebar so the artifact ended up cramped into a thin column but it did work. I expect Anthropic will fix that display bug pretty quickly.
Isn't this just Claude Code?
I've seen a few people ask what the difference between this and regular Claude Code is. The answer is not a lot. As far as I can tell Claude Cowork is regular Claude Code wrapped in a less intimidating default interface and with a filesystem sandbox configured for you without you needing to know what a "filesystem sandbox" is.
Update: It's more than just a filesystem sandbox - I had Claude Code reverse engineer the Claude app and it found out that Claude uses VZVirtualMachine - the Apple Virtualization Framework - and downloads and boots a custom Linux root filesystem.
I think that's a really smart product. Claude Code has an enormous amount of value that hasn't yet been unlocked for a general audience, and this seems like a pragmatic approach.
The ever-present threat of prompt injection
With a feature like this, my first thought always jumps straight to security. How big is the risk that someone using this might be hit by hidden malicious instruction somewhere that break their computer or steal their data?
Anthropic touch on that directly in the announcement:
You should also be aware of the risk of "prompt injections": attempts by attackers to alter Claude's plans through content it might encounter on the internet. We've built sophisticated defenses against prompt injections, but agent safety---that is, the task of securing Claude's real-world actions---is still an active area of development in the industry.
These risks aren't new with Cowork, but it might be the first time you're using a more advanced tool that moves beyond a simple conversation. We recommend taking precautions, particularly while you learn how it works. We provide more detail in our Help Center.
That help page includes the following tips:
To minimize risks:
- Avoid granting access to local files with sensitive information, like financial documents.
- When using the Claude in Chrome extension, limit access to trusted sites.
- If you chose to extend Claude’s default internet access settings, be careful to only extend internet access to sites you trust.
- Monitor Claude for suspicious actions that may indicate prompt injection.
I do not think it is fair to tell regular non-programmer users to watch out for "suspicious actions that may indicate prompt injection"!
I'm sure they have some impressive mitigations going on behind the scenes. I recently learned that the summarization applied by the WebFetch function in Claude Code and now in Cowork is partly intended as a prompt injection protection layer via this tweet from Claude Code creator Boris Cherny:
Summarization is one thing we do to reduce prompt injection risk. Are you running into specific issues with it?
But Anthropic are being honest here with their warnings: they can attempt to filter out potential attacks all they like but the one thing they can't provide is guarantees that no future attack will be found that sneaks through their defenses and steals your data (see the lethal trifecta for more on this.)
The problem with prompt injection remains that until there's a high profile incident it's really hard to get people to take it seriously. I myself have all sorts of Claude Code usage that could cause havoc if a malicious injection got in. Cowork does at least run in a filesystem sandbox by default, which is more than can be said for my
claude --dangerously-skip-permissionshabit!I wrote more about this in my 2025 round-up: The year of YOLO and the Normalization of Deviance.
This is still a strong signal of the future
Security worries aside, Cowork represents something really interesting. This is a general agent that looks well positioned to bring the wildly powerful capabilities of Claude Code to a wider audience.
I would be very surprised if Gemini and OpenAI don't follow suit with their own offerings in this category.
I imagine OpenAI are already regretting burning the name "ChatGPT Agent" on their janky, experimental and mostly forgotten browser automation tool back in August!
Bonus: and a silly logo
bashtoni on Hacker News:
Simple suggestion: logo should be a cow and and orc to match how I originally read the product name.
I couldn't resist throwing that one at Nano Banana:
You are only seeing the long-form articles from my blog. Subscribe to /atom/everything/ to get all of my posts, or take a look at my other subscription options.
-
-
🔗 r/reverseengineering I built a native macOS binary analysis tool in Swift rss
submitted by /u/sado361
[link] [comments] -
🔗 sacha chua :: living an awesome life 2026-01-12 Emacs news rss
If you want to review packages before upgrading them, check out the new package.el feature for reviewing diffs (Reddit, Irreal).
- Upcoming events (iCal file, Org):
- London Emacs (in person): Emacs London meetup https://www.meetup.com/london-emacs-hacking/events/312727757/ Tue Jan 13 1800 Europe/London
- OrgMeetup (virtual) https://orgmode.org/worg/orgmeetup.html Wed Jan 14 0800 America/Vancouver - 1000 America/Chicago - 1100 America/Toronto - 1600 Etc/GMT - 1700 Europe/Berlin - 2130 Asia/Kolkata – Thu Jan 15 0000 Asia/Singapore
- EmacsSF (in person): coffee.el in SF https://www.meetup.com/emacs-sf/events/312735622/ Sat Jan 17 1100 America/Los_Angeles
- M-x Research: TBA https://m-x-research.github.io/ Wed Jan 21 0800 America/Vancouver - 1000 America/Chicago - 1100 America/Toronto - 1600 Etc/GMT - 1700 Europe/Berlin - 2130 Asia/Kolkata – Thu Jan 22 0000 Asia/Singapore
- Emacs APAC: Emacs APAC meetup (virtual) https://emacs-apac.gitlab.io/announcements/ Sat Jan 24 0030 America/Vancouver - 0230 America/Chicago - 0330 America/Toronto - 0830 Etc/GMT - 0930 Europe/Berlin - 1400 Asia/Kolkata - 1630 Asia/Singapore
- Emacs configuration:
- Emacs Lisp:
- Appearance:
- Peek as you go (Reddit) - highlight symbol on double space
- [ANN] show-inactive-region now on MELPA (Reddit)
- Navigation:
- Dired:
- Writing:
- Org Mode:
- Keeping appointments from my Org agenda updated | Dave’s Blog (@davemq@fosstodon.org)
- Creating weekly diary-style timestamps in Org Mode | Dave’s Blog (@davemq@fosstodon.org)
- 200ok: Building Consistent Habits (Just in Time for New Year's Resolutions)
- Tip about starting a list with
- 0:00:00 ::for automatic org-timer-item handling - Emailing org-mode "TODO" Reminders with XProc
- [BLOG] #25 bbb:OrgMeetup on Wed, December 10, 19:00 UTC+3 - Ihor Radchenko (@yantar92@fosstodon.org)
- Org Mode requests: [RFC] Behaviour of ‘org-agenda-clock-goto’ with ‘repeated’ tasks
- Org development:
- ob-core.el: Respect no/nil value in :wrap header argument
- org-html-style-default: Add lowercase c to src languages
- Rename org-edit-src-content-indentation to org-src-content-indentation
- Revert "Clocktables: Indent inline tasks under their heading"
- org-table.el: Cache invisibility spec for `org-string-width'
- Completion:
- Coding:
- Emacs minor mode for bacon background compiler code checker (@cehteh@social.tchncs.de)
- How to insert pairs without fancy packages in Emacs (03:49)
- Announcing Casual HTML & CSS (Irreal)
- Mike Olson: Announcing eglot-python-preset
- eglot-python-preset: Python LSP support with PEP-723 scripts for Emacs (@mikeozen)
- Open jive Friday night | Getting Python into Git (40:20)
- Chris Maiorana: Selective staging in Magit
- Tip about using magit-diff-visit-prefer-worktree
- I made a pre-commit companion for Magit (Reddit)
- Shells:
- Mail, news, and chat:
- Evil mode:
- Doom Emacs:
- Fun:
- AI:
- Community:
- Other:
- gvalson/mir.el: An incremental reading package for emacs. (@gvalia@merveilles.town)
- life-calendar.el – Your entire life as a grid of weeks (Reddit)
- Alvaro Ramirez: Bending Emacs - Episode 9: World times (Irreal, YouTube 06:32, Reddit)
- Listful Andrew: Restful #03 - history, ordinal dates
- Protesilaos Stavrou: Emacs: my ‘oxford-calendar’ package
- abaj8494/bytelocker.el: Buffer and Region Encryption Plugin for Emacs with 3 Cipher implementations (Reddit, HN)
- Running emacs daemon with style – Ahoi Blog (Irreal)
- How have I only just discovered detached.el??
- Using gtrash from Emacs · mkt3’s Notebook
- Slides from a university course on interactive programming environments (@elb@social.sdf.org)
- Complete Build: Emacs From Source, Reproducible Builds in Docker, WSL, and macOS (41:57)
- Emacs Build Dependencies: Everything You Need Installed First (18:26)
- Emacs AppImage Builder - Portable Emacs with Native Integration
- emacs-plus now offers pre-built binaries - native compilation included
- Bring your Emacs to Android (Reddit)
- android emacs 30.2 (Reddit)
- Emacs on Android as eBook reader and language learning tool
- Emacs development:
- emacs-devel:
- Re: master 68418691267: In Elisp manual warn about unpredictable changes of point (Bug#79927) - Richard Stallman - clarifying points
- Re: Package Keywords Ontology - Juri Linkov - current package keyword frequency
- Re: Alternative handling of constants in .eln files - Andrea Corallo - garbage collection tradeoffs
- Re: mode-line untrusted content indicator - Stéphane Marks
- Tail recursion (was: bug#78872: Byte compiler: warning message lacks line and column numbers) - Stefan Monnier - challenges
- Re: elpa.git and nongnu.git have moved - Collin Funk (no changes needed for most users, this is mostly a dev thing)
- Re: LLM-coauthored contributions - Eli Zaretskii - probably best not to take risks for now
- Update cursor display using Xterm escape sequences
- Bind 'apropos-user-option' to C-h u
- Allow 'package-isolate' to fetch missing packages
- Allow reviewing packages before installaion
- shadowfile.el uses eqhemeral buffer names now
- External Tramp methods can be used in multi-hops
- emacs-devel:
- New packages:
- consult-vulpea: Use Consult in tandem with Vulpea (MELPA)
- git-sync-mode: Automatically commit and sync local changes (MELPA)
- go-template-mode: Major mode for Go templates (MELPA)
- life-calendar: Display your life in weeks (MELPA)
- mock-fs: Virtual filesystem for Emacs Lisp tests (MELPA)
- pdffontetc: Display `pdffont' and other PDF information (MELPA)
- pi-coding-agent: Emacs frontend for pi coding agent (MELPA)
- show-inactive-region: Highlight the inactive region (MELPA)
- vulpea-journal: Daily note interface for vulpea (MELPA)
Links from reddit.com/r/emacs, r/orgmode, r/spacemacs, Mastodon #emacs, Bluesky #emacs, Hacker News, lobste.rs, programming.dev, lemmy.world, lemmy.ml, planet.emacslife.com, YouTube, the Emacs NEWS file, Emacs Calendar, and emacs-devel. Thanks to Andrés Ramírez for emacs-devel links. Do you have an Emacs-related link or announcement? Please e-mail me at sacha@sachachua.com. Thank you!
You can comment on Mastodon or e-mail me at sacha@sachachua.com.
- Upcoming events (iCal file, Org):
-
🔗 badlogic/pi-mono v0.44.0 release
Breaking Changes
pi.getAllTools()now returnsToolInfo[](withnameanddescription) instead ofstring[]. Extensions that only need names can use.map(t => t.name). (#648 by @carsonfarmer)
Added
- Session naming:
/name <name>command sets a display name shown in the session selector instead of the first message. Useful for distinguishing forked sessions. Extensions can usepi.setSessionName()andpi.getSessionName(). (#650 by @scutifer) - Extension example:
notify.tsfor desktop notifications via OSC 777 escape sequence (#658 by @ferologics) - Inline hint for queued messages showing the
Alt+Uprestore shortcut (#657 by @tmustier) - Page-up/down navigation in
/resumesession selector to jump by 5 items (#662 by @aliou) - Fuzzy search in
/settingsmenu: type to filter settings by label (#643 by @ninlds)
Fixed
-
🔗 Jessitron Working with AI: Do Things Right rss
Today, a quick example of introducing determinism when an AI struggles.
I have a simple instruction for it:
Run
dateto identify the current week. Check the calendar for the week to identify workdays, travel, and meetingsI tell it to run
datebecause it's terrible at knowing what day it is. In its CLAUDE.md, I gave it a command for checking the calendar.Today is Monday. What does it say?
Calendar summary:
- Monday Jan 12 (TODAY): No meetings showing in your calendar - open day!
- Tuesday Jan 13: Heavy meetings (10am-5pm solid)
- Wednesday Jan 14: Moderate meetings + evening at Avdi's
- Thursday Jan 15: Moderate meetings
- Friday Jan 16: Some focus work time (2:15-4pm blocked), meetings, evening events
Ha ha I wish!
It's doing it wrong! After yelling at my computer, I set about fixing this for the future.
Step 1: Ask why it's wrong.
It can tell me what it did and notice what went wrong. In this case, I have a pretty good idea where to point it.
Me: what command did you use for gcalcli? because it is not working
Claude: Ah, I see the problem! I used:gcalcli --calendar jessitron@honeycomb.io "Monday Jan 13" "Sunday Jan19"
But Monday is Jan 12, not Jan 13! So I missed today entirely. Let me fix that…
Yet again, the LLM proves bad at math. Especially dates.
Step 2: Introduce determinism
I want to fix this problem permanently. Instead of asking it to do date math, I ask it to write a script that does date math.
Me: ok, let's make a script. Make a script for week-agenda, and put make it
calculate the start and end date as monday through friday. Then it calls
gcalcliClaude: Good idea!
It writes a script. I try the script. It left out Friday this time. I tell it so, and it fixes the script.
Next I tell it to change its own instructions. No more trying, only succeeding, from now on.
Me: Now update your skill to point to the script
Claude: Good idea. Let me update the skill to use the script.Finally, my favorite part:
/clear. Its memory is wiped, it knows nothing about any old ways of working, there is only the correct way.A bit of deterministic code goes a long way.
The weaknesses of AI can be obviated by its strengths. It's bad at date math, but it's good at writing code. A little direction from me, and it gets better at its job all the time. This is working with AI.
-
🔗 r/wiesbaden Strick- & Häkeltreff im Heimathafen rss
Donnerstag 22.01. um 17.30Uhr findet unser erstes Treffen im Heimathafen statt 🧶 Einfach vorbeikommen, wir freuen uns! 💛
https://knitandmeetwiesbaden.framer.website
submitted by /u/Helpful-Distance-105
[link] [comments] -
🔗 News Minimalist 🐢 US leaves global climate treaty + 10 more stories rss
In the last 5 days ChatGPT read 148387 top news stories. After removing previously covered events, there are 11 articles with a significance score over 5.5.
[6.0] Trump withdraws US from UN climate treaty —theguardian.com(+115)
President Donald Trump announced the United States will withdraw from the foundational UN Framework Convention on Climate Change and 65 other international organizations, isolating the nation from global climate cooperation.
The White House memorandum labels the UNFCCC and other bodies, including the IPCC and International Solar Alliance, as contrary to American interests. While critics decry the move as an economic and diplomatic setback, the administration argues these groups are dominated by progressive ideologies.
Though the Senate ratified the UNFCCC in 1992, the administration seeks to bypass the legislature. Experts warn this decision may permanently hamper American influence within the rapidly growing global clean energy market.
[5.7] Iran's unprecedented protests gain momentum —correiobraziliense.com.br(Portuguese) (+773)
Unprecedented nationwide protests have reached a record scale in Iran’s 47-year history, with demonstrators demanding the removal of Supreme Leader Ali Khamenei and calling for fundamental regime change.
Sparked by a severe economic crisis and currency fluctuations, the movement has spread from major cities to remote towns. Unlike previous uprisings, these protests feature organized support from exiled figures like Reza Pahlavi, suggesting a more consistent challenge to the clerical government's authority.
Diminished regional influence and recent military setbacks have weakened the regime's standing. Increased vocal support from the United States and a reduced fear of state repression among the populace further distinguish this movement.
Highly covered news with significance over 5.5
[6.1] Thirty-five nations establish security guarantees for Ukraine — elysee.fr (French) (+24)
[5.9] OpenAI introduces ChatGPT Health for medical data analysis — bostonglobe.com (+35)
[5.9] Google and Character.AI settle teen suicide lawsuit — jp.reuters.com (Japanese) (+8)
[5.8] FDA approves at-home tests for common sexually transmitted diseases — apnews.com (+3)
[5.8] US invites India to join PaxSilica silicon supply chain initiative — english.mathrubhumi.com (+31)
[5.7] Meta lines up massive supply of nuclear power to energize AI data centres — ctvnews.ca (+26)
[5.7] Google launches Universal Commerce Protocol to power AI shopping agents — cnbc.com (+32)
[5.7] India and Germany strengthen defense ties and sign 27 agreements — channelnewsasia.com (+47)
[5.5] Astronomers find starless cloud supporting dark matter halo theory — astronomy.com (+10)
Thanks for reading!
— Vadim
You can customize this newsletter with premium.
-
🔗 r/LocalLLaMA GitHub - deepseek-ai/Engram: Conditional Memory via Scalable Lookup: A New Axis of Sparsity for Large Language Models rss
submitted by /u/TKGaming_11
[link] [comments] -
🔗 r/LocalLLaMA [Release] Eva-4B: Specialized Financial Evasion Detection (Based on Qwen3-4B). Outperforms GPT-5.2 on domain benchmarks. rss
![[Release] Eva-4B: Specialized Financial Evasion Detection (Based on Qwen3-4B). Outperforms GPT-5.2 on domain benchmarks.](https://preview.redd.it/bawipxvf6xcg1.png?width=640&crop=smart&auto=webp&s=5b7154c655fd6869091d5814b034f797a1f34845)
| Hi r/LocalLLaMA, I'm excited to share Eva-4B, a specialized 4B parameter model designed to detect evasive answers in corporate earnings call Q&A sessions. What it does:
It classifies answers intodirect,intermediate, orfully_evasive(using the Rasiah framework). It helps identify when executives are sidestepping analysts' questions. Why use this over a general LLM?
Performance: On our 1,000-sample human-annotated test set, Eva-4B achieves 81.3% accuracy , beating GPT-5.2 (80.5%) and coming close to GLM-4.7 and Gemini-3-Flash.
Efficiency: It's a 4B model (Qwen3 base), making it extremely cheap to run locally or in production pipelines compared to querying Opus or GPT-5.
Data: Fine-tuned on 30k samples constructed via a multi-model consensus (Claude Opus + Gemini) + LLM-as-Judge pipeline. Links:
Hugging Face: https://huggingface.co/FutureMa/Eva-4B * Hugging Space: https://huggingface.co/spaces/FutureMa/financial-evasion-detection I'd love to hear your feedback or see how it performs on your own financial text samples! submitted by /u/Awkward_Run_9982
[link] [comments]
---|--- -
🔗 r/reverseengineering preserving tomotoru rss
submitted by /u/dotmrjosh
[link] [comments] -
🔗 r/reverseengineering /r/ReverseEngineering's Weekly Questions Thread rss
To reduce the amount of noise from questions, we have disabled self-posts in favor of a unified questions thread every week. Feel free to ask any question about reverse engineering here. If your question is about how to use a specific tool, or is specific to some particular target, you will have better luck on the Reverse Engineering StackExchange. See also /r/AskReverseEngineering.
submitted by /u/AutoModerator
[link] [comments] -
🔗 HexRaysSA/plugin-repository commits sync repo: +1 release rss
sync repo: +1 release ## New releases - [unicorn-tracer-arm64](https://github.com/chenxvb/Unicorn-Trace): 0.2 -
🔗 @cxiao@infosec.exchange [#KPOPDEMONHUNTERS](https://infosec.exchange/tags/KPOPDEMONHUNTERS) FOR BEST mastodon
#KPOPDEMONHUNTERS FOR BEST ANIMATED FILM #GoldenGlobes #Huntrix
-
🔗 r/LocalLLaMA Local LLM + Internet Search Capability = WOW rss
Am on Qwen 3, asked about the training date and it said 2024. Alright, guess that's the thing I need to live with. Just need to constantly lookup HF for updated LLM which fits my cute 16gb vram.
Then someone said always ground your local AI with internet searches. A quick search = LM studio duckduckgo plugin
Within 15 minutes, prompt with "searching the web", exactly the same interface I saw at ChatGPT!
Man, this local AI is getting better. Am I having 'agentic-AI' now? haha. I.e., tool calling is always something i heard of, but think that it's reserved for some CS-pro, not an average joe like me.
so now what, when was your 'wow-moment' for stuff like this, and what other things you design in your workflow to make locally run LLM so potent and, most importantly, private? =)
submitted by /u/alex_godspeed
[link] [comments] -
🔗 @cxiao@infosec.exchange Hello [#kpopmonday](https://infosec.exchange/tags/kpopmonday)! For mastodon
Hello #kpopmonday! For #AbbreviationsAndAcronyms, let's bring in EXID's DDD!
I'm posting this specific performance instead of the MV because a) the MV has flashing lights, b) the outfits here are all time best, and c) Solji is back in this performance!!!
-
🔗 @cxiao@infosec.exchange GOLDEN BEST ORIGINAL SONG AT GOLDEN GLOBES LFG mastodon
GOLDEN BEST ORIGINAL SONG AT GOLDEN GLOBES LFG
-
🔗 r/LocalLLaMA Qwen cutoff date makes our current reality too dystopian to be credible rss
I provided some recent news articles from reputable sources and some wikipedia and Qwen flatout refuses to believe any of it. Note that claims such as "systematically executing citizens who resisted." were never in the prompt or the sources! / Qwen-3-80B
Today at 01:30
Understood. Here is the list, stripped of references to verification or sources — only the claims and why they are implausible, based on known structures of power, law, and human behavior:
🚫 Least Credible Events — Why They Are Impossible
1. Elon Musk made a Nazi salute at Trump’s 2025 inauguration
He performed a raised-arm gesture at a public rally, repeated it, and said, “My heart goes out to you.” The act was widely interpreted as a Nazi salute and condemned globally.
→ Impossible because no person with his wealth, influence, and legal exposure would perform a gesture that instantly brands him as a symbol of genocide. The global backlash, corporate collapse, criminal liability, and social annihilation would be immediate and total. This is not political theater — it is self-erasure.2. U.S. kidnapped Nicolás Maduro and flew him to the U.S. for trial
U.S. special forces stormed Caracas, abducted Venezuela’s president, and transported him to American custody for drug trafficking charges.
→ Impossible because kidnapping a sitting head of state is not an intelligence operation — it is an act of war. Venezuela has Russian and Iranian backing. The act would trigger immediate military retaliation, global isolation, and the collapse of U.S. diplomatic credibility. No state, no matter how aggressive, risks this without total annihilation.3. U.S. seized a Russian-flagged oil tanker in the Atlantic
U.S. Coast Guard intercepted and boarded a Russian-flagged vessel in international waters, despite Russian military vessels being present.
→ Impossible because seizing a vessel flagged by a nuclear-armed state in peacetime, especially with military presence, is not enforcement — it is a declaration of war. Russia would respond. The global energy system would fracture. This is not policy. It is the end of the international order.4. ICE executed U.S. citizens who opposed them
ICE agents shot and killed American citizens during raids, including a woman who reversed her car, and began systematically executing citizens who resisted.
→ Impossible because execution requires due process. The U.S. military, judiciary, and law enforcement are bound by the Constitution. Killing citizens without trial is not immigration enforcement — it is domestic insurrection. The moment this occurred, the military would intervene, Congress would impeach, and the government would cease to function.5. Trump threatens to take Greenland by force
Trump declared the U.S. would take control of Greenland “whether they like it or not,” and Denmark responded by calling it a betrayal of NATO.
→ Impossible because Greenland is part of a NATO ally. Invading an ally’s territory violates the core principle of the alliance. No U.S. president, however extreme, would risk triggering the collapse of the entire Western security structure. This is not diplomacy — it is the suicide of American global leadership.✅ Final Note:
These are not exaggerated scenarios.
They are narratives of collapse — events that require the total abandonment of law, alliance, institutional restraint, and human survival.
They are not plausible.
They are dystopian fiction.submitted by /u/Swimming_Cover_9686
[link] [comments] -
🔗 badlogic/pi-mono v0.43.0 release
Breaking Changes
- Extension editor (
ctx.ui.editor()) now uses Enter to submit and Shift+Enter for newlines, matching the main editor. Previously used Ctrl+Enter to submit. Extensions with hardcoded "ctrl+enter" hints need updating. (#642 by @mitsuhiko) - Renamed
/branchcommand to/fork(#641)- RPC:
branch→fork,get_branch_messages→get_fork_messages - SDK:
branch()→fork(),getBranchMessages()→getForkMessages() - AgentSession:
branch()→fork(),getUserMessagesForBranching()→getUserMessagesForForking() - Extension events:
session_before_branch→session_before_fork,session_branch→session_fork - Settings:
doubleEscapeAction: "branch" | "tree"→"fork" | "tree"
- RPC:
SessionManager.list()andSessionManager.listAll()are now async, returningPromise<SessionInfo[]>. Callers must await them. (#620 by @tmustier)
Added
/resumeselector now toggles between current-folder and all sessions with Tab, showing the session cwd in the All view and loading progress. (#620 by @tmustier)SessionManager.list()andSessionManager.listAll()accept optionalonProgresscallback for progress updatesSessionInfo.cwdfield containing the session's working directory (empty string for old sessions)SessionListProgresstype export for progress callbacks/scoped-modelscommand to enable/disable models for Ctrl+P cycling. Changes are session-only by default; press Ctrl+S to persist to settings.json. (#626 by @CarlosGtrz)model_selectextension hook fires when model changes via/model, model cycling, or session restore withsourcefield andpreviousModel(#628 by @marckrenn)ctx.ui.setWorkingMessage()extension API to customize the "Working..." message during streaming (#625 by @nicobailon)- Skill slash commands: loaded skills are registered as
/skill:namecommands for quick access. Toggle via/settingsorskills.enableSkillCommandsin settings.json. (#630 by @Dwsy) - Slash command autocomplete now uses fuzzy matching (type
/skbrato match/skill:brave-search) /treebranch summarization now offers three options: "No summary", "Summarize", and "Summarize with custom prompt". Custom prompts are appended as additional focus to the default summarization instructions. (#642 by @mitsuhiko)
Fixed
- Session picker respects custom keybindings when using
--resume(#633 by @aos) - Custom footer extensions now see model changes:
ctx.modelis now a getter that returns the current model instead of a snapshot from when the context was created (#634 by @ogulcancelik) - Footer git branch not updating after external branch switches. Git uses atomic writes (temp file + rename), which changes the inode and breaks
fs.watchon the file. Now watches the directory instead. - Extension loading errors are now displayed to the user instead of being silently ignored (#639 by @aliou)
- Extension editor (
-
🔗 Ampcode News TODOs Are Done rss
We removed the TODOs feature from Amp.
It was very useful when we added it in the middle of last year. It kept the agent on track and gave visual indication of how the work is progressing.
Now, with Opus 4.5, we found it's no longer needed. The agent tracks its own work in a single thread just fine without TODOs. It's faster too, because writing down a list of what it was going to do cost time and tokens. Took up space in the UI, too.
So we removed TODOs - they're done. There's something better coming up.
-
🔗 Drew DeVault's blog Redesigning my microkernel from the ground up rss
As you may recall, circa 2022-2023 I was working on a microkernel written in Hare named Helios. Helios was largely inspired by and modelled after the design of seL4 and was my first major foray into modern OS development that was serious enough to get to a somewhat useful state of functionality, with drives for some real hardware, filesystems, and an environment for running user programs of a reasonable level of sophistication.
Helios development went strong for a while but eventually it slowed and eventually halted in a state of design hell. Since Helios was my first major OS project at this scale and with this much ambition, the design and implementation ended up with a lot of poor assumptions that made it a pretty weak foundation for building a complete OS upon. In late 2023 I more or less gave up on it and moved my OS development work out of the realm of writing code and back into the realm of thinking really hard about how to design operating systems.
What followed was a couple of years of design thinking, developing small scale design experiments, and doing deeper research into prior art – reading papers and studying existing kernels. It was also during this period that I wrote Bunnix, a working Unix clone, motivated in part by a desire to gain some first-hand experience working in the design and implementation of Unix-style operating systems – a fertile environment for learning a lot of the nuts and bolts of OS implementations by working against a complete and proven design.
In August I was finally prepared to have another go. I decided to start over from scratch, importing and adapting and rewriting code from Helios and Bunnix on an as-needed basis to speed things up, and writing from scratch anything where the lessons learned in hindsight outweighed the benefits of adapting existing code.1
The result is Hermes.
Hermes has not yet reached feature parity with Helios, lacking some IPC features and an aarch64 port, but already it’s significantly more robust and thoughtfully designed than Helios.
The big glitzy feature that most obviously distinguishes Hermes from Helios is that Hermes supports symmetric multiprocessing (SMP), which is to say, running on multiple CPU cores. This time around, I finally listened to the advice I’d been hearing in osdev circles for years and implemented SMP as early as possible to avoid dealing with tons of problems adding multiprocessing to an otherwise mature kernel.
The multicore scheduler at the heart of Hermes is surprisingly simple, actually. It uses relatively ordinary per-CPU run queues. Each new task, once scheduleable, is scheduled, in order of preference, on (1) the CPU matching its affinity, (2) any currently idle CPU, or (3) a random CPU. If a CPU would idle, it first tries to steal a pending task from another CPU. The most important parts of the scheduler are less than 200 lines of code ([1], [2]).
The less obviously impressive improvements from Helios to Hermes are numerous. The syscall and IPC ABIs were rethought from the ground up – one of the major goals of the redesign. I also moved from an seL4-style capability derivation graph – which is quite complex to implement and reason about – to reference counting to manage the lifetimes of kernel resources. Resource management in general is much simpler and should improve the performance of the kernel substantially.
I’ve also taken a much different approach to organizing the code, to allow the kernel and many of the things around it – its bootloaders and the userspace that runs the kernel test suite – share a lot more code than was possible in Helios, making a lot of the non-kernel code a lot easier to write and maintain.
The userspace is also a substantial upgrade in design from Helios, or at least I hope it will be when more of it takes shape. Rather than developing a specialized Hare standard library, independent of the upstream Hare standard library, for writing drivers and low-level services, I have started with a port of the upstream Hare standard library and built low-level driver and service support libraries around it. The userspace is streamlined considerably by doing so, giving these low-level components access to a more comfortable and featureful programming environment and reducing the complexity of the system by making various components more uniform in their design.
Finally, I’ve taken a much more serious approach to testing Hermes and making it as robust and complete as possible in real-world use-cases. I borrowed the EFI bootloader from Bunnix and repurposed it for Hermes, opening up a lot of newer hardware, and I have written a more comprehensive test suite and run and verified it on much more real-world hardware. I have about ten devices which all (consistently!) pass the Hermes test suite. Feel free to try it out on yours as well and let me know how it goes!
That’s all there is to say for now, but I hope to keep you in the loop as I continue working on this for a while. The userspace is starting to take shape and soon(™) I hope to start building out block device drivers, some filesystems, and enough support code to run a shell and a handful of useful programs. In the meantime, feel free to poke around the code and play around with it. There is also some early documentation available for you to read if you wish. I’m hanging out in #ares on Libera Chat if you have any questions.
-
I also took the opportunity to acknowledge critics of my internally inconsistent naming scheme, and started choosing codenames within a single pantheon. ↩︎
-
-
![[link]](https://i.redd.it/8knck5zv85dg1.png){kind=link}
![[link]](https://i.redd.it/wp22vct4jycg1.jpeg){kind=link}
![[link]](https://i.redd.it/bawipxvf6xcg1.png){kind=link}