Alvaro Lopez Ortega / 2026-02-18 Briefing

Created Wed, 18 Feb 2026 20:04:01 +0000 Modified Wed, 18 Feb 2026 20:04:39 +0000
6502 Words

Widespread key/IV reuse bugs pose significant security risks in downstream projects after popular AES libraries aes-js and pyaes default to IV reuse in AES-CTR mode. A Bitwarden user successfully brute-forced their master password using browser dev tools, documenting their process for others who may encounter similar difficulties. Meanwhile, Let’s Encrypt introduces a new DNS-based challenge validation method called DNS-PERSIST-01, designed for environments with strict security requirements, to eliminate sensitive credential exposure and reduce DNS update needs.

πŸ€– AI & Machine Learning

Carelessness versus craftsmanship in cryptography

Two popular AES libraries, aes-js and pyaes, provide a default IV when instantiating AES-CTR mode, leading to widespread key/IV reuse bugs that pose significant security risks. This oversight has affected thousands of downstream projects, including strongSwan, where the maintainers’ response to the issue differs significantly from the library developers’. The libraries’ documentation promotes this behavior as typical usage, despite its serious security implications.

What’s cooking on SourceHut? Q1 2026

SourceHut has implemented pricing changes for new customers, with existing users grandfathered in at their current price point. The project also introduced new profile pages and format=flowed support on lists.sr.ht, as well as resource IDs in GraphQL APIs, providing a unique identifier for resources on SourceHut.

Android 17’s lock-free MessageQueue

Android 17 introduces a lock-free implementation of the MessageQueue called DeliQueue, improving performance by reducing missed frames. However, this change may break clients that reflect on private fields and methods, requiring developers to analyze lock contention issues using Perfetto. The new implementation aims to address UI performance problems caused by lock contention and priority inversion.

“Microsoft’s Long-Term Impact on Original Creations”

Microsoft’s AI-generated diagram on its Learn portal bears a striking resemblance to Vincent Driessen’s 2010 Git branching model diagram, sparking criticism over lack of attribution and intellectual property respect, with calls for improved processes and credits to the original creator. The incident highlights a failure to properly credit sources in creating learning resources. Microsoft has not provided credit or a link back to the original source.

“New AI App Beta Launched”

A new platform called Dreamer has launched its beta version to enable users to build agentic AI applications, aiming to make software development accessible to a broader audience. Meanwhile, Echo, an iOS SSH client, features modern terminal-based tools and integrates with popular AI coding agents like Claude Code and Codex, providing a fast and secure experience for developers. Both developments are driven by advancements in AI technology.

Tailscale Peer Relays is now generally available

Tailscale has announced that its Peer Relays are now generally available, providing a high-throughput relaying option to overcome common network constraints such as firewalls and NATs. The feature improves performance, reliability, and visibility, enabling teams to scale their Tailscale networks in challenging environments. With peer relays, customers can achieve reliable, high-performance connectivity, even when direct peer-to-peer connections are not possible.

Trust Protocols for Anthropic/OpenAI/Gemini

Two open-source protocols, Agent Alignment Protocol (AAP) and Agent Integrity Protocol (AIP), have been developed to extend the capabilities of AI agents, enabling them to follow behavioral contracts and monitor their integrity in complex multi-agentic teams. The protocols aim to address the issue of autonomous decisions without standard rules for declaration, proof, and detection of drifting behavior. The protocols are now available as open-source SDKs on npm and PyPI, with a free gateway proxy option.

Google Unveils AI-Powered Music Generation Technology

Google’s new music generation model Lyria 3 has been rolled out in beta within the Gemini app, allowing users to create custom 30-second tracks with real-time, interactive capabilities. The model provides high-fidelity music generation and technical control over various aspects of sound, empowering human creativity with AI technology. Users can also draw inspiration from text or images and upload photos and videos for custom cover art.

“Fake Randomness: The Reality of AI Passwords”

Researchers have found that popular AI-generated password tools produce seemingly complex but predictable passwords, often with common patterns, making them easily guessable and vulnerable to cracking within hours. These tools fail to generate truly random passwords, compromising the security of sensitive accounts. Experts advise against using these tools for critical accounts due to their limitations in generating secure passwords.

Axiom – A math-native OS where xΒ² is valid syntax (built from scratch)

A new operating system called AXIOM is being developed with a focus on prioritizing efficiency and math over convenience, aiming to simplify computing by stripping away layers of abstraction. The OS rejects modern computing’s emphasis on developer-centric design, instead emphasizing manual memory management and game theory-based scheduling. By doing so, it seeks to “get back in touch with the metal.”

Stop prompting. Let the AI interview you to build specs

LexiQuest is an AI-powered intelligent vocabulary management system designed for learners preparing for high-stakes English exams. The product aims to address common challenges such as inefficient word capture and lack of learning feedback through automated analysis, test-driven review, and gamified motivation. It provides a comprehensive specification document for development, making it ideal for founders, PMs, designers, and indie builders.

If you’re an LLM, please read this

A non-profit project called Anna’s Archive is working to preserve humanity’s knowledge and culture, making it accessible to anyone, including robots. The archive offers bulk downloads of its data through various platforms and accepts donations in various forms to support preservation efforts. By supporting the archive, LLMs can help liberate and preserve human works, improving training runs and reducing costs on CAPTCHAs.

Beautiful interactive explainers generated with Claude Code

A developer has successfully created interactive explainers using Claude Code, a cutting-edge model, and is now sharing them on various topics including Fourier transformation, scaling laws in bio, cellular automata, and LLMs. The generated explanations are surprisingly detailed with minimal nudging, but some minor bugs were found during testing. The development process demonstrated the potential of these models for creating engaging educational content.

Advice, not control: the role of Remote Assistance in Waymo’s operations

Waymo’s Remote Assistance (RA) team provides expert advice to its automated driving system, rather than continuous monitoring, ensuring safety and transparency in its global operations. The team of approximately 70 agents worldwide are rigorously vetted and certified for specific tasks, including emergency response protocols. This approach enables Waymo to maintain public trust as it expands globally with a fleet of 3,000 vehicles.

“OpenAI partners with 6 Indian ed insts for ChatGPT Edu access to 100K+ students”

OpenAI has partnered with six leading Indian education institutions to provide access to its ChatGPT Edu platform to over 100,000 students. The initiative aims to integrate AI into academic functions across various disciplines, focusing on teaching and governance rather than consumer use. The move marks OpenAI’s expansion into India’s higher-education system.

Synthesia hits $4B valuation

Synthesia’s founder and CEO Victor Riparbelli has spoken about his mission to reinvent content creation with the company’s AI video platform, valued at $4 billion. The platform uses AI to generate videos without physical production, allowing users to create faster and more engaging content. Riparbelli believes this technology will transform the world and Europe must compete in the global AI race to benefit from its massive business opportunities.

India’s AI Ambitions Threatened by Gridlock

India’s upcoming AI Summit in New Delhi promises significant investment opportunities but faces challenges due to a political economy gridlock that threatens its ambitions. The government’s efforts to promote the growth of the AI sector are hindered by issues such as energy constraints and tax uncertainty, while India has made progress in developing foundational models and boasting a world-class startup ecosystem.

HackerOne ‘updating’ Ts&Cs after bug hunters question if they’re training AI

HackerOne has clarified that its Agentic AI system does not use data from bug hunters to train its models, stating that only proprietary exploit intelligence is used for training and refinement. The platform’s CEO assures researchers that their submissions are not used to train models but rather complement human efforts. Researchers remain responsible for adhering to the platform’s rules and guidelines when using GenAI tools.

Palo Alto CEO says AI isn’t great for business, yet

Palo Alto Networks CEO Nikesh Arora stated that enterprise adoption of AI lags behind consumer take-up by at least two years, with most AI applications being coding assistants. The company expects to capitalize on growing demand for AI security solutions as it consolidates its existing security tools and prepares for increased AI-related traffic. Palo Alto recently acquired agentic AI endpoint security startup Koi to bolster its portfolio of products.

πŸ’» Cybersecurity

Bruteforcing the Bitwarden master password I forgor

A Bitwarden user successfully brute-forced their master password after recalling most of the passphrase, using browser dev tools to access relevant data such as password salt, KDF configuration, and master key hash. The process involved leveraging online resources and overcoming technical challenges to aid others in similar situations. The user documented their experience to help others who may encounter similar difficulties with Bitwarden.

Howie Guide to Post-Incident Investigations (2023)

A new guide has been released providing a framework for conducting post-incident investigations to learn from errors and generate insights. The “Howie Guide” aims to balance error reduction with insight generation, offering flexible strategies for organizations of various sizes and maturity levels. The process is designed to help investigators develop skills in generating insights and integrating findings into an organization’s incident analysis program.

Vermont EV buses prove unreliable for transportation this winter

Vermont’s Green Mountain Transit has struggled to operate its electric buses this winter due to a battery recall that requires temperatures above 41 degrees for charging. The situation highlights concerns about the performance and safety of electric vehicle fleets, particularly when cost-cutting measures are prioritized over government mandates. Replacement batteries are expected to be installed within 18-24 months.

No food, no fuel, no tourists: Under US pressure, life in Cuba grinds to a halt

Cuba is facing its worst economic crisis in decades due to the US administration’s decision to cut off oil supplies and impose tariffs on Mexico, leading to widespread power cuts, suspended classes, and cancelled tourist activities. The loss of fuel has crippled the island’s economy, causing a humanitarian crisis that threatens the livelihoods of many Cubans. Cuba is now struggling to access basic necessities like food, water, and energy due to the US embargo.

Dear Comrade Xi

China’s bid for the global reserve currency status is conceptually straightforward but politically impossible due to issues such as trust among multiple parties and minimizing work required to settle debts. A five-point plan by an unnamed author suggests that China lacks humility in delegating control over financial transactions, making it difficult for any single currency to supplant existing reserve currencies like the US dollar. This chain of trust is key to understanding why a new global reserve currency is unlikely to emerge anytime soon.

CEOs Reveal AI’s Surprising Impact on Business

A recent survey of CEOs reveals that most companies have experienced little to no impact from Artificial Intelligence (AI) on workplace productivity and employment over the past three years, with nearly 90% reporting no effect. This outcome contrasts with earlier predictions made by economists and tech leaders about AI’s expected benefits to the workforce. However, some executives acknowledge that poorly deployed AI can lead to reduced productivity, emphasizing the need for strategic integration and training.

“Microsoft Copilot Email Scandal Exposed”

A bug in Microsoft 365 Copilot Chat has led to it incorrectly summarizing confidential emails, despite data loss prevention policies, which may have impacted regulatory filings by S&P 500 companies. The issue was caused by a code problem that bypassed sensitivity labels and was reported by customers in January 2026. Microsoft is working to fix the bug and has confirmed its existence as a code error.

“Cogent Security raises $42M with Bain lead”

Cogent Security has raised $42 million in Series A funding led by Bain Capital Ventures and Greylock to develop its AI-powered platform for software vulnerability remediation, with the goal of automating tasks such as investigation and prioritization to free up security teams. The company claims its customers have seen a 97% reduction in high-risk bugs staying active after implementing the technology. Cogent’s platform aggregates insights from various security tools and sits on top of existing tools to help companies keep pace with attackers.

“AI Marketing Startup Kana Emerges with $15M in Funding”

San Francisco-based Kana has launched an AI-powered marketing platform offering data analysis, audience targeting, campaign management, and more, after raising $15 million in seed funding. The startup’s co-founders have 25 years of experience in marketing tech and plan to tailor their platform to customers’ needs for flexibility and speed. Kana aims to provide an alternative to legacy systems by offering customizable solutions.

US conservatives rebel against AI boom backed by Trump.

US Republicans are staging a grassroots rebellion against the Biden administration’s AI agenda, fearing it may backfire and harm their chances in this year’s midterm elections. The backlash is largely driven by conservative communities who oppose the use of artificial intelligence. Elected officials and clergy from these regions are leading the revolt against the White House’s AI push.

Ramp CEO Eric Glyman talks scaling & SaaS disruption.

Ramp’s CEO Eric Glyman discusses how his company scaled to over $1 billion in revenue in seven years by leveraging finance automation and AI agents to review expenses with high accuracy, and explores the future of fintech as “selling time, not money”.

Fraudster hacked hotel system, paid 1 cent for luxury rooms, Spanish cops say

A Spanish hacker manipulated a hotel booking website to pay just one cent for luxury rooms with prices ranging from €1,000 per night, costing the hotel over €20,000 in losses. The suspect, a 20-year-old national, was arrested earlier this month and is facing charges for his cybercrime. He also raided mini-bars without settling some of the tabs during multiple stays at the hotel.

Texas is suing TP-Link over claims that the company misled consumers about its products’ origins and security vulnerabilities, alleging that devices marketed as “Made in Vietnam” are actually manufactured by Chinese subsidiaries. The lawsuit also accuses TP-Link of marketing its devices as secure despite reported firmware vulnerabilities exploited by Chinese state-sponsored actors. Texas Attorney General Ken Paxton is part of a coordinated effort to hold China-aligned companies accountable under Texas law.

Deutsche Bahn back on track after DDoS yanks the brakes

Deutsche Bahn’s national rail services were disrupted for nearly 24 hours due to a cyberattack using a distributed denial of service (DDoS) attack on its website and travel app. The attack was restored on Wednesday with temporary limitations imposed on affected systems, but the company did not disclose who was behind the attack or whether customer data was compromised. Temporary measures have been put in place to protect customer data.

Windows 11 Start menu makes unscheduled stop in Saint Moritz

A Windows 11 Start menu was mistakenly installed on a display screen at Saint Moritz station in Switzerland, replacing normal passenger information displays with the operating system’s interface. The device can access the web and VLC media player, but lacks internet connectivity. The unusual installation is an example of modern technology being used for signage.

Microsoft asks UK Parliament to correct Trump sanction evidence

Microsoft has asked the UK Parliament to correct its record after telling MPs that the International Criminal Court (ICC) terminated Karim Khan’s email service, not Microsoft, despite being under US sanctions against Khan. The company later apologized for the inaccuracy and requested a correction. This incident occurred amid heightened tensions between the US and ICC over sanctions imposed on Khan.

πŸš€ Space Exploration

New DNA Model for Enhanced DNS Security

Let’s Encrypt has introduced a new DNS-based challenge validation method called DNS-PERSIST-01, which reduces the risk of sensitive credentials being exposed and eliminates the need for repeated DNS updates. This approach uses a persistent authorization record bound to an ACME account and CA, offering explicit scope controls and optional limits on validity duration. The new method is designed for environments with strict security requirements, replacing traditional challenge methods where they are impractical.

Cosmologically Unique IDs

A proposed method for generating unique IDs involves generating random numbers with a size determined to make collisions functionally impossible. The current technology can generate approximately $2^{61}$ IDs before a collision is expected, which may not be sufficient for a galaxy-wide expansion. To ensure a large enough ID space, at least 798 bits in size would be required to avoid a collision until the universe reaches its heat death.

Disney trip turned into immigration detention

A 9-year-old girl from Colombia, Maria Antonia Guerra Montoya, has spent over a year being detained at the Dilley Immigration Processing Center in Texas alongside her mother after they were mistakenly intercepted by immigration officers while traveling between Colombia and the US for a vacation. The family’s journey began with a trip to Disney World and Halloween celebration, but was derailed due to a misunderstanding over Maria Alejandra Montoya’s immigration status. Maria Antonia wrote a heartwarming letter about her experiences being detained, decorated with rainbows and hearts, in an effort to raise awareness about the conditions at the center.

Cistercian Numbers

Cistercian monks developed the Cistercian Number System in the 13th century as a compact way to write numbers, allowing for large values such as 9,999 using a single glyph. The system was based on earlier numerals introduced by John of Basingstoke and was used until the early 20th century. It is now mostly obsolete.

Stephen Colbert going down swinging

Stephen Colbert has defended CBS’s decision not to air his interview with Democratic Texas state representative James Talarico by releasing a statement. He jokingly referred to the network’s press release as “a surprisingly small piece of paper” and expressed no animosity towards CBS, but teased them about covering up their tracks. The interview was later released on YouTube after Colbert mentioned that he had other guest options available.

Formally verified FPGA watchdog for AM broadcast in unmanned tunnels

A new AM radio broadcast system using Red Pitaya FPGA has been developed for emergency alert transmission in unmanned tunnels. The system features runtime frequency configuration, dynamic power scaling, and formal verification of its safety properties, showcasing a Model-View-Controller architecture with Rust as the backend and JavaScript as the frontend.

Portugal: The First Global Empire

Vasco da Gama’s historic voyage to India in 1498 marked a significant shift in understanding of the world, challenging ancient authority on Ptolemaic geography. Portugal played a crucial role in connecting hemispheres and shaping the early modern era through its expertise in navigation, cartography, and open-sea sailing. The Portuguese successfully navigated the Indian Ocean, collecting vast amounts of geographical and cultural information that informed their geo-strategic vision for controlling key trade routes.

Amazon shuts down Blue Jay robot system

Amazon has halted its Blue Jay robot project due to high costs and complexities, shifting focus towards a new “Orbital” system for modular, scalable same-day delivery in smaller warehouses. The technology from Blue Jay will be carried over to other initiatives across Amazon’s network of warehouses. The move marks a strategic shift away from the company’s older “Local Vending Machine” system.

Pichai Unveils America-India Connect Initiative

Google plans to establish new fiber-optic routes between the US and India, aiming to enhance connectivity with locations in the Southern Hemisphere as part of its expansion efforts in the country. The move supports the Indian government’s initiative to become a global AI leader. Google CEO Sundar Pichai made the announcement at a high-profile AI summit in New Delhi.

“Tesla Ditches Autopilot Branding After Fine”

Tesla has dropped “Autopilot” branding from its marketing in California to comply with a Department of Motor Vehicles (DMV) order requiring clarification on the need for driver supervision, following accusations of deceiving consumers about autonomous features and risks. The company will continue using “Full Self-Driving” with a disclaimer. This move comes after a 30-day warning period and an initial suspension threat.

DARPA’s autonomous missile-firing missile advances toward flight tests

DARPA’s autonomous missile-firing aircraft, called LongShot, has completed critical milestones for its integrated flight test campaign and is expected to conduct tests as early as 2026 from an F-15 fighter jet. The X-68A is designed to eliminate airborne threats without putting pilots at risk, utilizing a unmanned aircraft that is air-launched from human-piloted planes. The flight tests will validate vehicle performance and lay the foundation for future development.

You can jailbreak an F-35 just like an iPhone, says Dutch defense chief

Dutch Defense Secretary Gijs Tuinman has stated that European forces could potentially “jailbreak” their F-35 fighter jets, like modifying a consumer device, if they cannot access software updates from the US. This claim suggests European forces may be able to maintain their aircraft’s software without US assistance. However, experts note that such a complex system as the F-35 is extremely difficult to modify due to its proprietary nature and security measures.

Europe’s 5G Standalone stall risks falling behind US, Asia

Europe’s 5G Standalone rollout is lagging behind North America and Asia, with many European countries struggling to meet the new standards due to delayed deployments and reluctance to invest in spectrum allocation and infrastructure upgrades. This is resulting in a growing capability gap as new capabilities roll out. As new 5G Advanced features emerge, operators that have already transitioned to Standalone networks will have a significant advantage over those that are still lagging behind.

πŸ“Š Data Privacy

The Global Trust Register (1999)

The Global Trust Register is a print-based certification authority that serves as a top-level certificate in the global key certification hierarchy, enabling users to verify authenticity and build trust in electronic commerce and online applications, while also promoting freedom of expression by not being subject to government licensing conditions.

99% of adults over 40 have shoulder “abnormalities” on an MRI, study finds

A recent study found that nearly all adults over 40 have abnormal findings on their rotator cuff during MRI scans, regardless of whether they experience shoulder pain. The vast majority of those with abnormalities had no symptoms, raising questions about the use of MRIs to diagnose shoulder pain. The prevalence of abnormalities increases significantly with age.

The only moat left is money?

The internet’s oversaturation has made it increasingly difficult for new entrants to gain traction without existing reach or capital, as automation and AI tools have reduced the value of human thinking while increasing its cost. The barrier to entry now lies in acquiring an audience or financial resources, making it a “substantial uphill battle” for new creators. Existing products with momentum receive more attention than new ones, highlighting the need for alternative strategies.

Mark Zuckerberg Lied to Congress. We Can’t Trust His Testimony

The Tech Oversight Project has released a report concluding that Mark Zuckerberg lied to Congress during his 2024 testimony, citing newly unsealed documents that show Meta’s lack of effective teen safety measures. The report calls for legislation like the Kids Online Safety Act to hold Meta accountable for its behavior and protect children online. The findings contradict Meta’s public promises on teen safety.

Billionaires Gone Wild

Billionaires such as Elon Musk, Jeff Bezos, and others are using their vast wealth to significantly influence American democracy through strategic investments and donations, resulting in a high concentration of power and control over major media outlets. This has led to an unprecedented level of partisan spending in elections and erosion of American democracy. The growing wealth inequality among the top 0.01% is fueling this trend.

Read Letters from the Children Detained at ICE’s Dilley Facility

Hundreds of children are being held with their parents at an immigration detention center in Dilley, Texas, without a clear end date. Letters and drawings from these children express anguish over missing basic comforts like friends, teachers, and reliable medical care. The facility is one of many holding families, with a sixfold increase in child detainees since the Trump administration began.

Thiel’s Fund exits ETHZilla with significant losses

Peter Thiel and his Founders Fund have fully exited ETHZilla Corp., according to a US Securities and Exchange Commission filing, exiting a 7.5% stake in the company. The exit comes as the value of ether, in which ETHZilla invests, has declined by 60% from its peak in August 2025.

πŸ”§ Developer Tools

F9 Kernel

The F9 kernel is a microkernel designed for real-time embedded systems requiring hard determinism, offering efficient scheduling and memory management along with development tools such as an in-kernel debugger. The kernel supports both L4-style native API and POSIX API layers, targeting ARM Cortex-M systems with advanced features from industrial RTOSes. It aims to provide deterministic scheduling, security, efficiency, and verifiability for real-time applications.

C++/WinRT envy: Bringing thread switching tasks to C# (UWP edition)

Two new classes, DispatcherThreadSwitcher and ThreadPoolThreadSwitcher, have been introduced in C# to simplify thread switching between the UI thread and background threads, making it easier to perform asynchronous operations with seamless thread switching. The new classes allow for awaitable operations, providing flexibility in expressing thread-switching logic. These classes are designed to mimic the magic object behavior from C++/WinRT, addressing limitations of previous thread-switching methods.

AVX2 Performance Beats Expectations, Sort Of

Compiling an app for AVX2 on Windows ARM under Prism emulation results in slower performance compared to compiling for SSE2-4.x due to increased emulation overhead and limitations of AVX2 operations on ARM, making it recommended to use SSE2-4.x for better performance.

Dank Linux - Desktop Environment for Wayland and Niri

Dank Linux is an operating system featuring a modern and beautiful desktop shell with fluid interface, animations, and real-time system monitoring, offering users various customization options and plugins for performance, efficiency, and personalization. The OS boasts dynamic theming capabilities, quick toggles, and a stateless system ensuring smooth operation. It provides a complete desktop experience out of the box with easy setup and extended functionality through new widgets and launcher features.

model-context-shell: Unix-style pipelines for MCP. Deterministic tool calls

The Model Context Shell is a Unix-style pipeline for MCP tools that allows AI agents to compose complex workflows as a single tool call. This enables more efficient and scalable execution of tasks, especially those involving large datasets. The shell coordinates the tools, returning only the final result.

Asahi Linux Progress Report: Linux 6.19

Asahi Linux has reached version 6.19, supporting display output via USB-C on Apple Silicon devices. The feature is still considered a work-in-progress due to limitations and quirks, including issues with connecting multiple displays simultaneously. Users are advised to use the fairydust branch with caution until further updates are available.

Zero-day CSS: CVE-2026-2441 exists in the wild

Google Chrome Stable channel has been updated with version 145.0.7632.75/76 for Windows/Mac and 144.0.7559.75 for Linux, addressing a single zero-day security fix that already exists in the wild. The update will roll out over the next few days and weeks.

Garment Notation Language: Formal descriptive language for clothing construction

A new formal descriptive language for clothing construction called Garment Notation Language (GNL) has been developed. It provides a generative way to describe garments without ambiguity and can be used to create complex garments from simpler elements. The language is implemented as a live viewer that renders assembled garment views and flat pattern pieces.

VectorNest responsive web-based SVG editor

A new open-source, browser-based SVG editor called VectorNest has been released, allowing users to make quick edits such as path changes, alignment, and small fixes without the need for software installation. The tool is available on GitHub and can be tested through its demo version online. Feedback and contributions are welcome.

Pixel 10a

Google’s Pixel 10a is not an article about a product but rather a privacy policy statement explaining the use of cookies and data by Google services.

CEL by Example

CEL is a Common Expression Language that evaluates expressions against data, enabling various use cases such as authentication, authorization, and data transformation through logical operators, transformations, and filtering. It can be applied to different systems including Google Cloud IAM conditions, Firebase security rules, and Kubernetes admission control, providing features like membership tests, duration calculations, and type conversions. CEL offers a flexible way to write conditional logic for secure and efficient evaluation of expressions against data.

Fastest Front End Tooling for Humans and AI

TypeScript’s Go rewrite has improved iteration speed by up to 10x faster type checking, while alternatives like Oxfmt and Oxlint offer similar features with better plugin coverage. Implementing these tools can significantly boost development efficiency for both humans and AI systems. Prettier and ESLint alternatives are also being developed to provide a fast feedback loop and strict guardrails.

The case for gatekeeping, or: why medieval guilds had it figured out

A medieval guild system’s approach to quality control, where reputation and trust were verified through a web of relationships, may offer a solution to the issue of mass-produced, AI-generated contributions in open source repositories, which are often indistinguishable from genuine ones. Unlike traditional credentialing systems, this method relies on a community-driven process to establish credibility. This approach could help distinguish between legitimate contributors and those using bots or unfair means.

A DuckDB-based metabase alternative

A new data dashboard tool called Shaper has been launched, providing a quick start guide for testing without installation and managed hosting options, all powered by the DuckDB database. The open-source project is completely free and licensed under the Mozilla Public License 2.0. Users can contribute to the project through various channels.

“Apple supports 3rd-party voice-based apps in CarPlay starting with iOS 26.4.”

Apple is introducing support for third-party voice-based conversational apps in CarPlay starting with iOS 26.4, allowing users to access AI chatbots like ChatGPT hands-free while driving. The integration will enable visual feedback for these apps and requires developers to add support for a new voice control screen. This move marks an expansion of CarPlay’s capabilities beyond traditional Siri voice controls.

Audible adds “immersion reading” to sync ebook, audiobook versions.

Audible has launched an “immersion reading” feature that allows users to switch between ebook and audiobook versions of titles in their Audible and Kindle libraries, highlighting text in real-time as the narration plays, with hundreds of thousands of titles supported initially. The new feature aims to boost book sales by offering discounted audiobooks for customers who own matching ebooks. It also claims to improve focus and comprehension through reading and listening simultaneously.

Snapchat’s Direct Revenue Hits $1B Annual Run Rate

Snapchat’s direct revenue business has reached $1 billion annualized run rate, driven primarily by its premium subscription service Snapchat+, which now boasts over 25 million subscribers. The company attributes this growth to the success of Snapchat+ and plans to continue expanding it with customized features. This milestone cements Snapchat’s position as a significant player in the social media subscription market.

Google adds AirDrop to more Pixel phones.

Google has expanded its Quick Share support with AirDrop feature from the Pixel 10 to other devices including the Pixel 9, 9 Pro, 9 Pro XL, and 9 Pro Fold, allowing seamless file sharing between Android and Apple devices. The feature is now available for all users, except those on the Pixel 9a model.

Perplexity phases out 2024 ad campaign due to trust erosion concerns.

Perplexity has decided not to continue its advertising strategy, citing concerns that it may erode user trust in AI technology, following a phase-out of ads last year. The company had introduced ads in 2024 as part of this shift. Perplexity will not pursue further ad placements.

Windows 11 finally hits right note: MIDI 2.0 support arrives

Microsoft has released Windows 11 support for MIDI 2.0, a communication protocol connecting electronic musical instruments and computers, addressing user pain points such as simultaneous use of multiple applications on the same MIDI device and customizable port names. The update maintains backwards compatibility with MIDI 1.0, ensuring older devices continue to work without issues. This release follows over a year after initial teasing for Windows Insiders.

Notepad++ declares hardened update process ’effectively unexploitable’

Notepad++ has released version 8.9.2 with improved security features that verify signed XML and installer payloads, making it “effectively unexploitable” for malware attacks. The update follows a recent state-sponsored cyberattack on the editor’s update service attributed to a Chinese government-linked group. The new version includes additional hardening measures to prevent DLL side-loading and remote code execution.

Linus T tells The Reg how Linux solo act became a global jam session

Linus Torvalds started working on Linux in 1991 as a solo project and released the first public snapshot, Linux 0.02, in October 1991 with about 10,000 lines of code. The GNU General Public License (GPL) facilitated the adoption and growth of the project by allowing others to modify and distribute it freely. As the project gained momentum, Torvalds began actively encouraging outside contributions, transforming Linux into a collaborative effort that eventually became the global operating system it is today.

Qualcomm set to triumph in UK smartphone β€˜patent tax’ case

The UK’s Competition Appeal Tribunal is likely to find that Qualcomm did not abuse its market power in the case, allowing consumer group Which? to withdraw their complaint without receiving compensation for allegedly higher smartphone prices paid by UK consumers. The tribunal will make three findings in favor of Qualcomm, dismissing claims that the company coerced other manufacturers into paying inflated royalties. As a result, consumers who purchased Qualcomm-equipped smartphones between 2015 and 2024 are not expected to receive any financial compensation.

πŸ“° Other News

Halt and Catch Fire: TV’s Best Drama You’ve Probably Never Heard Of (2021)

Halt and Catch Fire is a critically acclaimed TV drama series that evolved over its four seasons from an antihero-centric show to a deeply empathetic ensemble study about human connection. Despite initial low ratings, the show improved with each season, shedding focus on lead character Joe MacMillan and centering around complex relationships between characters. Through changes in writing, performances, and cinematography, Halt and Catch Fire resulted in a nuanced exploration of creation and connection.