Alvaro Lopez Ortega / 2025-05-15 Briefing

Created Thu, 15 May 2025 16:50:49 +0000 Modified Thu, 29 May 2025 17:31:33 +0000
2316 Words

Today’s tech landscape highlights resilience and innovation, from a securely backed sabotaged NetBSD server to new performance-boosting AI tools like DeepMind’s AlphaEvolve and Nutanix’s enterprise AI support. Meanwhile, industry delays, security upgrades, and policy shifts underscore the evolving challenges and opportunities in internet infrastructure, open source, and AI development.

▶️ Internet Infrastructure

Resilient Data Backup Saves NetBSD Server Amid Sabotage and Financial Secrets

A NetBSD server with virtualized services was sabotaged to hide financial misconduct; data was securely backed up externally, illustrating the importance of resilient infrastructure and trust issues.

  • The author set up a NetBSD server with multiple VMs, including NAS (Samba) and Archivista, to centralize and secure company data 16 years ago.
  • The server was targeted for shutdown by a malicious individual aiming to hide financial irregularities; the author refused and protected the system.
  • The server was eventually sabotaged—disconnected, with disks stolen—but data was externally backed up on a reliable NetBSD-based device, which remains operational today.

ZJIT Merges into Ruby to Boost Performance with SSA-Based JIT Compiler

ZJIT, a new JIT compiler integrated into Ruby’s YARV, uses SSA-based IR, compiles entire methods, and improves type profiling, aiming to enhance Ruby performance and community contribution.

  • ZJIT has been merged into Ruby following Maxime Chevalier-Boisvert’s presentation at RubyKaigi 2025 and Matz-san’s approval
  • ZJIT is a new JIT compiler built into YARV, using high-level SSA-based IR, compiling entire methods, and reading historical type info from the interpreter
  • It differs from YJIT by employing a modular optimizer on HIR, compiling methods as whole units, and building a more traditional compiler architecture

Databricks Acquires Neon to Power AI-Optimized Serverless Postgres

Databricks plans to deliver open, serverless Postgres for developers and AI agents by acquiring Neon, leveraging Neon’s architecture optimized for AI-driven database creation and experimentation.

  • Databricks announced acquisition of Neon, a developer-first serverless Postgres company, on May 14, 2025
  • Neon engineered a new architecture decoupling storage and compute, enabling speed, elastic scaling, instant forking, and branching
  • Over 80% of Neon databases are created by AI agents, which benefit from Neon’s rapid provisioning, low-cost elastic architecture, and database isolation features

Valkey Fork Releases Version 8.1 Amid License Changes and Future Plans

Valkey, a Redis fork created after Redis’s license change, released version 8.1 and plans for version 9, focusing on stability, community inclusion, and extended support.

  • Valkey released version 8.1, one year after forking from Redis due to license changes
  • The fork was driven by Redis’s license tightening and subsequent switch to GNU AGPL, leading to contributor exodus
  • Valkey emphasizes stability, inclusion, and plans for version 9 with more intrusive changes, supporting at least three years of support per version

Microsoft to Retire Bing Search APIs in 2025, Focus on AI Summaries

Microsoft will retire Bing Search APIs on August 11, 2025, shifting focus to AI-generated summaries and Azure AI Grounding, impacting developers relying on traditional search API services.

  • Microsoft will decommission Bing Search APIs on August 11, 2025, ending support for image, video, news, and web search functionalities.
  • Developers are instructed to replace raw search results with LLM-generated summaries, as the API service will be fully retired.
  • Existing API instances will be completely decommissioned, with Microsoft recommending the use of AI-powered summaries and Azure AI Grounding with Bing Search for real-time web data.

Nutanix Launches SupportGPT and GPT-in-a-Box 2.0 for Enterprise AI Support

Nutanix’s SupportGPT and GPT-in-a-Box 2.0 provide enterprise-ready AI infrastructure with integrated LLMs, supporting secure, scalable deployment and internal support automation, addressing complex IT issues efficiently.

  • Nutanix developed SupportGPT and GPT-in-a-Box 2.0 to enhance AI deployment and support for enterprise IT operations
  • GPT-in-a-Box 2.0 offers a full-stack AI platform with support for LLMs, AIOps, NVIDIA GPUs, and integration with open-source frameworks like PyTorch and KubeFlow
  • SupportGPT improves internal support efficiency by enabling natural language queries, reducing resolution time from hours to seconds

Socket Acquires Coana to Improve Security Alerts and Reduce False Positives

Socket’s acquisition of Coana enhances security alert filtering via reachability analysis, reducing false positives in dependency vulnerability assessments for large-scale, dynamic language applications.

  • Socket acquired Coana, a startup founded in 2022 by Aarhus University researchers, to improve security alert relevance
  • Coana’s reachability analysis determines if vulnerabilities are exploitable, reducing false positives and false negatives
  • Reachability analysis models code as doorways, assessing attack paths; Coana’s static analysis is faster and scalable than competitors
  • Coana’s approach relies on assumptions about coding patterns, enabling efficient analysis of large, dynamic language applications like JavaScript and Python
  • The system filters out vulnerabilities unlikely to be exploited, easing security teams’ workload amid increasing dependency complexity and about 500 malicious packages caught weekly
  • Developers prefer targeted vulnerability insights over exhaustive dependency scans, addressing the median of 683 transitive dependencies in JavaScript applications

▶️ Open Source

$20,000 Bounty for Rust-Based rav1d AV1 Decoder Performance Optimization

The Internet Security Research Group offers a $20,000 bounty to optimize rav1d, a Rust-based AV1 decoder, to match dav1d’s performance, focusing on Rust code improvements.

  • $20,000 bounty offered for performance improvements in rav1d AV1 decoder, written in Rust, aiming for parity with C-based dav1d
  • rav1d currently about 5% slower than dav1d; optimization efforts have not achieved performance parity
  • Contest rules specify improvements must be in Rust code or compiler, with performance gains merged into the project; open to individuals in specified regions

▶️ Software Development

Combating the Scalar Select Anti-Pattern with Event Batching in Async Systems

The article discusses the “Scalar Select” anti-pattern in async event loops, advocating batching events to improve efficiency and reduce overhead in systems like language servers.

  • Describes the “Scalar Select” anti-pattern in event-driven async systems, exemplified by an LSP server handling file modifications, client requests, and background compilation events.
  • Highlights issues with processing a single event at a time, leading to overhead and inefficiencies due to external event streams and processing delays.
  • Recommends batching events with a batch_stream function to process multiple events collectively, reducing overhead and improving load handling.

RPG in a Box: Easy Voxel Game Creation Platform for Windows and Mac

RPG in a Box is a versatile game development tool offering voxel editing, visual scripting, and customizable UI, enabling creation of standalone Windows and MacOS games without programming.

  • RPG in a Box is a game creation software released between 2015-2025, designed for beginner-friendly development without programming or modeling knowledge.
  • Features include voxel-based asset creation with MagicaVoxel (.vox) and Qubicle (.qb) import, map editing, visual scripting with Lua-like language, dialogue system, camera presets, UI customization, item definition, and sound effects generation.
  • The platform supports exporting standalone games for Windows and MacOS and is available on Steam, Epic Games, itch.io, with community links including Discord, Reddit, Patreon, and YouTube.

DeepMind’s AlphaEvolve Boosts Algorithm Optimization and Data Center Efficiency

DeepMind’s AlphaEvolve, an AI-powered evolutionary algorithm optimizer, improves code performance, discovering novel solutions and enhancing Google’s data center and AI training efficiency.

  • DeepMind introduced AlphaEvolve, an evolutionary coding agent powered by large language models, to discover and optimize algorithms.
  • AlphaEvolve improved matrix multiplication for 4×4 complex matrices, achieving 48 scalar multiplications, surpassing Strassen’s 1969 algorithm.
  • It has enhanced data center scheduling, chip design, AI training, and optimized matrix multiplication in Google’s Gemini model training, reducing Pallas kernel time by 23%.
  • Evaluated on over 50 open mathematical problems, AlphaEvolve rediscovered state-of-the-art solutions in 75% of cases and improved solutions in 20%.
  • Google applied AlphaEvolve to optimize Borg cluster management, yielding a heuristic that recovers 0.7% of global compute resources annually.
  • The system focuses on code evaluation rather than natural language hypothesis generation, reducing hallucination risks.
  • The term “evolve” aligns with biological and evolutionary programming concepts, referencing deep-rooted research in genetic programming.
  • Google plans early access for academics, with application available here.

▶️ Management and Leadership

Meta’s Threads app introduces a feature enabling creators to add five links with click analytics, competing with Linktree and enhancing profile monetization and engagement insights.

  • Threads now allows creators to add up to five links in their profile bio
  • Provides link click tracking and insights on link performance
  • Launches as an alternative to Linktree and similar “link-in-bio” services, with over 350 million monthly active users

Trump Urges Apple to Halt India iPhone Manufacturing to Boost US Production

Trump requested Apple to stop expanding iPhone manufacturing in India, advocating for increased US domestic production amid geopolitical and trade considerations.

  • President Donald Trump urged Apple CEO Tim Cook to halt iPhone manufacturing in India to focus on domestic production for the US market
  • Trump emphasized the desire to reduce reliance on China and increase US-based manufacturing
  • India has expressed willingness to charge no tariffs on US goods, aligning with Trump’s push for reshoring production

GAO Estimates Over $100 Billion in Federal Savings from IT Overlap Reduction

GAO’s 15th annual report estimates over $100 billion in federal savings from reducing IT overlap, with $100 million+ achievable by cutting $100 million+ in duplicative IT, highlighting efficiency opportunities.

  • GAO report identifies over $100 million in potential savings from eliminating duplicative IT investments across 24 federal agencies
  • Overall, $100 billion in cost reductions are possible if 589 GAO recommendations are implemented, with 148 new this year
  • Agencies should conduct annual reviews of high-risk IT investments; full report details additional IT-related savings opportunities

Congress Passes Chip Security Act for Enhanced GPU and AI Chip Tracking

Congress supports legislation requiring US-designed high-end GPUs and AI chips to include location verification mechanisms within 180 days to prevent diversion to China and ensure export control compliance.

  • Proposed legislation in Congress, the Chip Security Act, mandates location-tracking safeguards for high-end GPUs and AI chips within 180 days of enactment
  • Exporters must report violations of diversion, misuse, or tampering to the US Bureau of Industry and Security (BIS)
  • The bill aims to prevent rerouting or smuggling of advanced chips, such as Nvidia accelerators, into China, with security measures to be evaluated over the following year

New AI Role: The Machine Learning Administrator Bridges LLM Management and IT

The ML Admin role manages LLM lifecycle, infrastructure sizing, and vendor accounts, bridging AI deployment and IT operations, with Nutanix developing internal training programs.

  • The Machine Learning Administrator (ML Admin) is a new AI-focused IT role responsible for managing large language model (LLM) lifecycle, including sizing, infrastructure matching, uptime, and compliance.
  • ML Admins do not handle model training but oversee infrastructure, workload matching, and vendor account provisioning with companies like OpenAI and Anthropic.
  • Nutanix is developing internal ML Admin training, with current shadow roles training IT staff; the role is emerging mainly within business units, potentially becoming part of IT.

Snowflake Enhances Security After 2024 Data Breaches and Credential Exposures

Snowflake’s CISO Brad Jones discusses transitioning from a shared-security to a shared-destiny security model after 2024 data breaches caused by exposed credentials, emphasizing proactive security measures including MFA, encryption, and dark web credential monitoring.

  • In May 2024, over 160 Snowflake customer accounts were accessed via exposed credentials, leading to data breaches affecting hundreds of millions.
  • The breaches resulted from stolen credentials harvested by malware and lack of multi-factor authentication; Snowflake’s infrastructure was not compromised.
  • Snowflake shifted from a shared-security to a shared-destiny model, implementing mandatory MFA for all new accounts from October 2024, deprecating single-factor logins by November 2025, and enforcing uniform security controls across cloud providers.

▶️ Technology

Coinbase Faces $180-$400 Million Loss After Cyberattack and Staff Bribery

Coinbase reports a $180-$400 million impact from a cyberattack exposing customer data, involving bribed staff, with the company refusing ransom and working with law enforcement.

  • Coinbase forecasts a $180 million to $400 million loss from a cyberattack that exposed account data of a “small subset” of customers
  • Hackers stole names, addresses, and emails but did not access login credentials or passwords; Coinbase will reimburse affected customers
  • Attack involved bribed overseas staff, with Coinbase firing those involved; company refused a $20 million ransom and offers a reward for hacker information

TensorWave Aims to Boost AI Training with AMD GPU Cluster After Software Limitations

TensorWave CEO Darrick Horton cites software limitations as the main obstacle for AMD’s MI300X training performance; the company now aims to scale AI training with an 8,192 MI325X GPU cluster and improved software stack.

  • TensorWave CEO Darrick Horton states AMD’s MI300X training software was underdeveloped in 2024, hampering performance
  • AMD’s MI300X, announced in late 2023, offers 30% higher performance than Nvidia H100, with 192GB HBM3 memory and 60% higher bandwidth
  • TensorWave plans to expand from inference to large-scale AI training, utilizing an 8,192 AMD MI325X GPU cluster with roughly 42 exaFLOPS of sparse FP8 compute

Tencent Secures Sufficient GPUs for AI Development Amid Hardware and Export Challenges

Tencent states it has enough GPUs for future AI training, leveraging software optimization and smaller clusters, countering US chip export restrictions and focusing on hardware and software efficiency.

  • Tencent claims to have a “pretty strong stockpile” of high-end GPUs acquired previously, sufficient for years of AI model training
  • The company is shifting from the “scaling law” approach, achieving good training results with smaller clusters and fewer GPUs
  • Tencent plans to optimize inference efficiency through software improvements, potentially doubling GPU capacity without additional hardware, and exploring alternative chips and ASICs

Meta Delays ‘Behemoth’ AI Launch Amid Industry-Wide Progress Slowdown

Meta is delaying its “Behemoth” AI model’s release due to performance challenges, reflecting industry-wide delays in advancing state-of-the-art large-language models, with potential management changes.

  • Meta delays the release of its large-language model “Behemoth,” originally scheduled for April, now expected in fall or later due to performance issues.
  • Internal concerns arise over whether improvements over previous versions justify public release; staff questions the model’s capabilities.
  • Meta’s AI development faces challenges similar to other top AI firms, with delays at OpenAI’s GPT-5 and Anthropic’s Claude 3.5 Opus, indicating a slowdown in AI progress.
  • Meta’s “Behemoth” was intended to outperform competitors like OpenAI, Google, and Anthropic but is hindered by training difficulties; management may undergo significant changes.
  • The company has publicly claimed “Behemoth” surpasses rivals on some tests, but internal performance has been hampered, reflecting broader industry delays and increased costs.